本文整理汇总了C++中ibuf_data函数的典型用法代码示例。如果您正苦于以下问题:C++ ibuf_data函数的具体用法?C++ ibuf_data怎么用?C++ ibuf_data使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了ibuf_data函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: cipher_init
void
cipher_init(struct iked_cipher *encr, int enc)
{
EVP_CipherInit_ex(encr->encr_ctx, encr->encr_priv, NULL,
ibuf_data(encr->encr_key), ibuf_data(encr->encr_iv), enc);
EVP_CIPHER_CTX_set_padding(encr->encr_ctx, 0);
}
示例2: ikev2_msg_auth
struct ibuf *
ikev2_msg_auth(struct iked *env, struct iked_sa *sa, int response)
{
struct ibuf *authmsg = NULL, *nonce, *prfkey, *buf;
uint8_t *ptr;
struct iked_id *id;
size_t tmplen;
/*
* Create the payload to be signed/MAC'ed for AUTH
*/
if (!response) {
if ((nonce = sa->sa_rnonce) == NULL ||
(sa->sa_iid.id_type == 0) ||
(prfkey = sa->sa_key_iprf) == NULL ||
(buf = sa->sa_1stmsg) == NULL)
return (NULL);
id = &sa->sa_iid;
} else {
if ((nonce = sa->sa_inonce) == NULL ||
(sa->sa_rid.id_type == 0) ||
(prfkey = sa->sa_key_rprf) == NULL ||
(buf = sa->sa_2ndmsg) == NULL)
return (NULL);
id = &sa->sa_rid;
}
if ((authmsg = ibuf_dup(buf)) == NULL)
return (NULL);
if (ibuf_cat(authmsg, nonce) != 0)
goto fail;
if ((hash_setkey(sa->sa_prf, ibuf_data(prfkey),
ibuf_size(prfkey))) == NULL)
goto fail;
if ((ptr = ibuf_advance(authmsg,
hash_length(sa->sa_prf))) == NULL)
goto fail;
hash_init(sa->sa_prf);
hash_update(sa->sa_prf, ibuf_data(id->id_buf), ibuf_size(id->id_buf));
hash_final(sa->sa_prf, ptr, &tmplen);
if (tmplen != hash_length(sa->sa_prf))
goto fail;
log_debug("%s: %s auth data length %zu",
__func__, response ? "responder" : "initiator",
ibuf_size(authmsg));
print_hex(ibuf_data(authmsg), 0, ibuf_size(authmsg));
return (authmsg);
fail:
ibuf_release(authmsg);
return (NULL);
}
示例3: ikev2_validate_xform
int
ikev2_validate_xform(struct iked_message *msg, size_t offset, size_t total,
struct ikev2_transform *xfrm)
{
u_int8_t *msgbuf = ibuf_data(msg->msg_data);
size_t xfrm_length;
if (total < sizeof(*xfrm)) {
log_debug("%s: payload malformed: too short for header "
"(%zu < %zu)", __func__, total, sizeof(*xfrm));
return (-1);
}
memcpy(xfrm, msgbuf + offset, sizeof(*xfrm));
xfrm_length = betoh16(xfrm->xfrm_length);
if (xfrm_length < sizeof(*xfrm)) {
log_debug("%s: payload malformed: shorter than minimal header "
"(%zu < %zu)", __func__, xfrm_length, sizeof(*xfrm));
return (-1);
}
if (total < xfrm_length) {
log_debug("%s: malformed payload: too long for payload size "
"(%zu < %zu)", __func__, total, xfrm_length);
return (-1);
}
return (0);
}
示例4: ikev2_msg_send
int
ikev2_msg_send(struct iked *env, struct iked_message *msg)
{
struct ibuf *buf = msg->msg_data;
u_int32_t natt = 0x00000000;
struct ike_header *hdr;
if (buf == NULL || (hdr = ibuf_seek(msg->msg_data,
msg->msg_offset, sizeof(*hdr))) == NULL)
return (-1);
log_info("%s: %s from %s to %s, %ld bytes", __func__,
print_map(hdr->ike_exchange, ikev2_exchange_map),
print_host(&msg->msg_local, NULL, 0),
print_host(&msg->msg_peer, NULL, 0),
ibuf_length(buf));
if (msg->msg_natt || (msg->msg_sa && msg->msg_sa->sa_natt)) {
if (ibuf_prepend(buf, &natt, sizeof(natt)) == -1) {
log_debug("%s: failed to set NAT-T", __func__);
return (-1);
}
}
if ((sendto(msg->msg_fd, ibuf_data(buf), ibuf_size(buf), 0,
(struct sockaddr *)&msg->msg_peer, msg->msg_peerlen)) == -1) {
log_warn("%s: sendto", __func__);
return (-1);
}
return (0);
}
示例5: ikev2_msg_retransmit_timeout
void
ikev2_msg_retransmit_timeout(struct iked *env, void *arg)
{
struct iked_message *msg = arg;
struct iked_sa *sa = msg->msg_sa;
if (msg->msg_tries < IKED_RETRANSMIT_TRIES) {
if (sendtofrom(msg->msg_fd, ibuf_data(msg->msg_data),
ibuf_size(msg->msg_data), 0,
(struct sockaddr *)&msg->msg_peer, msg->msg_peerlen,
(struct sockaddr *)&msg->msg_local,
msg->msg_locallen) == -1) {
log_warn("%s: sendtofrom", __func__);
sa_free(env, sa);
return;
}
/* Exponential timeout */
timer_add(env, &msg->msg_timer,
IKED_RETRANSMIT_TIMEOUT * (2 << (msg->msg_tries++)));
} else {
log_debug("%s: retransmit limit reached for msgid %u",
__func__, msg->msg_msgid);
sa_free(env, sa);
}
}
示例6: ikev1_recv
void
ikev1_recv(struct iked *env, struct iked_message *msg)
{
struct ike_header *hdr;
if (ibuf_size(msg->msg_data) <= sizeof(*hdr)) {
log_debug("%s: short message", __func__);
return;
}
hdr = (struct ike_header *)ibuf_data(msg->msg_data);
log_debug("%s: header ispi %s rspi %s"
" nextpayload %u version 0x%02x exchange %u flags 0x%02x"
" msgid %u length %u", __func__,
print_spi(betoh64(hdr->ike_ispi), 8),
print_spi(betoh64(hdr->ike_rspi), 8),
hdr->ike_nextpayload,
hdr->ike_version,
hdr->ike_exchange,
hdr->ike_flags,
betoh32(hdr->ike_msgid),
betoh32(hdr->ike_length));
log_debug("%s: IKEv1 not supported", __func__);
}
示例7: ca_x509_subjectaltname_cmp
int
ca_x509_subjectaltname_cmp(X509 *cert, struct iked_static_id *id)
{
struct iked_id sanid;
char idstr[IKED_ID_SIZE];
int ret = -1;
bzero(&sanid, sizeof(sanid));
if (ca_x509_subjectaltname(cert, &sanid) != 0)
return (-1);
ikev2_print_id(&sanid, idstr, sizeof(idstr));
/* Compare id types, length and data */
if ((id->id_type != sanid.id_type) ||
((ssize_t)ibuf_size(sanid.id_buf) !=
(id->id_length - id->id_offset)) ||
(memcmp(id->id_data + id->id_offset,
ibuf_data(sanid.id_buf),
ibuf_size(sanid.id_buf)) != 0)) {
log_debug("%s: %s mismatched", __func__, idstr);
goto done;
}
ret = 0;
done:
ibuf_release(sanid.id_buf);
return (ret);
}
示例8: ikev2_validate_auth
int
ikev2_validate_auth(struct iked_message *msg, size_t offset, size_t left,
struct ikev2_payload *pld, struct ikev2_auth *auth)
{
u_int8_t *msgbuf = ibuf_data(msg->msg_data);
size_t pld_length;
pld_length = betoh16(pld->pld_length);
if (pld_length < sizeof(*pld) + sizeof(*auth)) {
log_debug("%s: malformed payload: specified length smaller "
"than minimum size (%zu < %zu)", __func__, pld_length,
sizeof(*pld) + sizeof(*auth));
return (-1);
}
/* This will actually be caught by earlier checks. */
if (left < sizeof(*auth)) {
log_debug("%s: malformed payload: too short for header "
"(%zu < %zu)", __func__, left, sizeof(*auth));
return (-1);
}
memcpy(auth, msgbuf + offset, sizeof(*auth));
return (0);
}
示例9: ikev2_msg_send
int
ikev2_msg_send(struct iked *env, struct iked_message *msg)
{
struct iked_sa *sa = msg->msg_sa;
struct ibuf *buf = msg->msg_data;
u_int32_t natt = 0x00000000;
int isnatt = 0;
struct ike_header *hdr;
struct iked_message *m;
if (buf == NULL || (hdr = ibuf_seek(msg->msg_data,
msg->msg_offset, sizeof(*hdr))) == NULL)
return (-1);
isnatt = (msg->msg_natt || (msg->msg_sa && msg->msg_sa->sa_natt));
log_info("%s: %s from %s to %s, %ld bytes%s", __func__,
print_map(hdr->ike_exchange, ikev2_exchange_map),
print_host(&msg->msg_local, NULL, 0),
print_host(&msg->msg_peer, NULL, 0),
ibuf_length(buf), isnatt ? ", NAT-T" : "");
if (isnatt) {
if (ibuf_prepend(buf, &natt, sizeof(natt)) == -1) {
log_debug("%s: failed to set NAT-T", __func__);
return (-1);
}
msg->msg_offset += sizeof(natt);
}
if ((sendto(msg->msg_fd, ibuf_data(buf), ibuf_size(buf), 0,
(struct sockaddr *)&msg->msg_peer, msg->msg_peerlen)) == -1) {
log_warn("%s: sendto", __func__);
return (-1);
}
if (!sa)
return (0);
if ((m = ikev2_msg_copy(env, msg)) == NULL) {
log_debug("%s: failed to copy a message", __func__);
return (-1);
}
m->msg_exchange = hdr->ike_exchange;
if (hdr->ike_flags & IKEV2_FLAG_RESPONSE) {
TAILQ_INSERT_TAIL(&sa->sa_responses, m, msg_entry);
timer_initialize(env, &m->msg_timer,
ikev2_msg_response_timeout, m);
timer_register(env, &m->msg_timer, IKED_RESPONSE_TIMEOUT);
} else {
TAILQ_INSERT_TAIL(&sa->sa_requests, m, msg_entry);
timer_initialize(env, &m->msg_timer,
ikev2_msg_retransmit_timeout, m);
timer_register(env, &m->msg_timer, IKED_RETRANSMIT_TIMEOUT);
}
return (0);
}
示例10: ikev2_pld_id
int
ikev2_pld_id(struct iked *env, struct ikev2_payload *pld,
struct iked_message *msg, size_t offset, size_t left, u_int payload)
{
u_int8_t *ptr;
struct ikev2_id id;
size_t len;
struct iked_id *idp, idb;
struct iked_sa *sa = msg->msg_sa;
u_int8_t *msgbuf = ibuf_data(msg->msg_data);
char idstr[IKED_ID_SIZE];
if (ikev2_validate_id(msg, offset, left, pld, &id))
return (-1);
bzero(&idb, sizeof(idb));
/* Don't strip the Id payload header */
ptr = msgbuf + offset;
len = betoh16(pld->pld_length) - sizeof(*pld);
idb.id_type = id.id_type;
idb.id_offset = sizeof(id);
if ((idb.id_buf = ibuf_new(ptr, len)) == NULL)
return (-1);
if (ikev2_print_id(&idb, idstr, sizeof(idstr)) == -1) {
log_debug("%s: malformed id", __func__);
return (-1);
}
log_debug("%s: id %s length %zu", __func__, idstr, len);
if (!ikev2_msg_frompeer(msg)) {
ibuf_release(idb.id_buf);
return (0);
}
if (!((sa->sa_hdr.sh_initiator && payload == IKEV2_PAYLOAD_IDr) ||
(!sa->sa_hdr.sh_initiator && payload == IKEV2_PAYLOAD_IDi))) {
log_debug("%s: unexpected id payload", __func__);
return (0);
}
idp = &msg->msg_parent->msg_id;
if (idp->id_type) {
log_debug("%s: duplicate id payload", __func__);
return (-1);
}
idp->id_buf = idb.id_buf;
idp->id_offset = idb.id_offset;
idp->id_type = idb.id_type;
return (0);
}
示例11: ikev2_msg_integr
int
ikev2_msg_integr(struct iked *env, struct iked_sa *sa, struct ibuf *src)
{
int ret = -1;
size_t integrlen, tmplen;
struct ibuf *integr, *prf, *tmp = NULL;
u_int8_t *ptr;
log_debug("%s: message length %d", __func__, ibuf_size(src));
print_hex(ibuf_data(src), 0, ibuf_size(src));
if (sa == NULL ||
sa->sa_integr == NULL) {
log_debug("%s: invalid SA", __func__);
return (-1);
}
if (sa->sa_hdr.sh_initiator) {
integr = sa->sa_key_iauth;
prf = sa->sa_key_iprf;
} else {
integr = sa->sa_key_rauth;
prf = sa->sa_key_rprf;
}
integrlen = hash_length(sa->sa_integr);
log_debug("%s: integrity checksum length %d", __func__,
integrlen);
/*
* Validate packet checksum
*/
if ((tmp = ibuf_new(NULL, hash_keylength(sa->sa_integr))) == NULL)
goto done;
hash_setkey(sa->sa_integr, ibuf_data(integr), ibuf_size(integr));
hash_init(sa->sa_integr);
hash_update(sa->sa_integr, ibuf_data(src),
ibuf_size(src) - integrlen);
hash_final(sa->sa_integr, ibuf_data(tmp), &tmplen);
if (tmplen != integrlen) {
log_debug("%s: hash failure", __func__);
goto done;
}
if ((ptr = ibuf_seek(src,
ibuf_size(src) - integrlen, integrlen)) == NULL)
goto done;
memcpy(ptr, ibuf_data(tmp), tmplen);
print_hex(ibuf_data(tmp), 0, ibuf_size(tmp));
ret = 0;
done:
ibuf_release(tmp);
return (ret);
}
示例12: ikev2_pld_certreq
int
ikev2_pld_certreq(struct iked *env, struct ikev2_payload *pld,
struct iked_message *msg, size_t offset, size_t left)
{
struct iked_sa *sa = msg->msg_sa;
struct ikev2_cert cert;
u_int8_t *buf;
ssize_t len;
u_int8_t *msgbuf = ibuf_data(msg->msg_data);
if (ikev2_validate_certreq(msg, offset, left, pld, &cert))
return (-1);
offset += sizeof(cert);
buf = msgbuf + offset;
len = betoh16(pld->pld_length) - sizeof(*pld) - sizeof(cert);
log_debug("%s: type %s length %zd",
__func__, print_map(cert.cert_type, ikev2_cert_map), len);
/* This will actually be caught by earlier checks. */
if (len < 0) {
log_debug("%s: invalid certificate request length", __func__);
return (-1);
}
print_hex(buf, 0, len);
if (!ikev2_msg_frompeer(msg))
return (0);
if (cert.cert_type == IKEV2_CERT_X509_CERT) {
if (!len || (len % SHA_DIGEST_LENGTH) != 0) {
log_debug("%s: invalid certificate request", __func__);
return (-1);
}
}
if (msg->msg_sa == NULL)
return (-1);
/* Optional certreq for PSK */
if (sa->sa_hdr.sh_initiator)
sa->sa_stateinit |= IKED_REQ_CERT;
else
sa->sa_statevalid |= IKED_REQ_CERT;
ca_setreq(env, &sa->sa_hdr, &sa->sa_policy->pol_localid,
cert.cert_type, buf, len, PROC_CERT);
return (0);
}
示例13: ikev2_msg_retransmit_response
int
ikev2_msg_retransmit_response(struct iked *env, struct iked_sa *sa,
struct iked_message *msg)
{
if ((sendto(msg->msg_fd, ibuf_data(msg->msg_data),
ibuf_size(msg->msg_data), 0, (struct sockaddr *)&msg->msg_peer,
msg->msg_peerlen)) == -1) {
log_warn("%s: sendto", __func__);
return (-1);
}
timer_add(env, &msg->msg_timer, IKED_RESPONSE_TIMEOUT);
return (0);
}
示例14: ikev2_validate_attr
int
ikev2_validate_attr(struct iked_message *msg, size_t offset, size_t total,
struct ikev2_attribute *attr)
{
u_int8_t *msgbuf = ibuf_data(msg->msg_data);
if (total < sizeof(*attr)) {
log_debug("%s: payload malformed: too short for header "
"(%zu < %zu)", __func__, total, sizeof(*attr));
return (-1);
}
memcpy(attr, msgbuf + offset, sizeof(*attr));
return (0);
}
示例15: ikev2_pld_attr
int
ikev2_pld_attr(struct iked *env, struct ikev2_transform *xfrm,
struct iked_message *msg, size_t offset, size_t total)
{
struct ikev2_attribute attr;
u_int type;
u_int8_t *msgbuf = ibuf_data(msg->msg_data);
int ret = 0;
size_t attr_length;
if (ikev2_validate_attr(msg, offset, total, &attr))
return (-1);
type = betoh16(attr.attr_type) & ~IKEV2_ATTRAF_TV;
log_debug("%s: attribute type %s length %d total %zu",
__func__, print_map(type, ikev2_attrtype_map),
betoh16(attr.attr_length), total);
if (betoh16(attr.attr_type) & IKEV2_ATTRAF_TV) {
/* Type-Value attribute */
offset += sizeof(attr);
total -= sizeof(attr);
if (type == IKEV2_ATTRTYPE_KEY_LENGTH)
msg->msg_attrlength = betoh16(attr.attr_length);
} else {
/* Type-Length-Value attribute */
attr_length = betoh16(attr.attr_length);
if (total < attr_length) {
log_debug("%s: payload malformed: attribute larger "
"than actual payload (%zu < %zu)", __func__,
total, attr_length);
return (-1);
}
print_hex(msgbuf, offset + sizeof(attr),
attr_length - sizeof(attr));
offset += attr_length;
total -= attr_length;
}
if (total > 0) {
/* Next attribute */
ret = ikev2_pld_attr(env, xfrm, msg, offset, total);
}
return (ret);
}