自学教程：C++ ssl_read函数代码示例

/* * Do the handshaking from the beginning. */int do_client_connect(SSL *ssl){    int ret = SSL_OK;    send_client_hello(ssl);                 /* send the client hello */    ssl->bm_read_index = 0;    ssl->next_state = HS_SERVER_HELLO;    ssl->hs_status = SSL_NOT_OK;            /* not connected */    /* sit in a loop until it all looks good */    if (!IS_SET_SSL_FLAG(SSL_CONNECT_IN_PARTS))    {        while (ssl->hs_status != SSL_OK)        {            ret = ssl_read(ssl, NULL);                        if (ret < SSL_OK)                break;        }        ssl->hs_status = ret;            /* connected? */        }    return ret;}

STATIC mp_uint_t socket_read(mp_obj_t o_in, void *buf, mp_uint_t size, int *errcode) {    mp_obj_ssl_socket_t *o = MP_OBJ_TO_PTR(o_in);    while (o->bytes_left == 0) {        mp_int_t r = ssl_read(o->ssl_sock, &o->buf);        if (r == SSL_OK) {            // SSL_OK from ssl_read() means "everything is ok, but there's            // not user data yet. So, we just keep reading.            continue;        }        if (r < 0) {            if (r == SSL_CLOSE_NOTIFY || r == SSL_ERROR_CONN_LOST) {                // EOF                return 0;            }            *errcode = r;            return MP_STREAM_ERROR;        }        o->bytes_left = r;    }    if (size > o->bytes_left) {        size = o->bytes_left;    }    memcpy(buf, o->buf, size);    o->buf += size;    o->bytes_left -= size;    return size;}

/* * Do the handshaking from the beginning. */int ICACHE_FLASH_ATTR do_client_connect(SSL *ssl){    int ret = SSL_OK;	    send_client_hello(ssl);                 /* send the client hello */    ssl->bm_read_index = 0;    ssl->next_state = HS_SERVER_HELLO;    ssl->hs_status = SSL_NOT_OK;            /* not connected */    /* sit in a loop until it all looks good */    if (!IS_SET_SSL_FLAG(SSL_CONNECT_IN_PARTS))    {        while (ssl->hs_status != SSL_OK)        {//        	esp_ssl_sleep(100);            ret = ssl_read(ssl, NULL);            ssl_printf("%s %d %d/n", __func__, __LINE__,ret);            if (ret < SSL_OK)                break;        }        ssl->hs_status = ret;            /* connected? */        }    return ret;}

/* * This function is called after the TCP connect has completed. Setup the TLS * layer and do all necessary magic for a blocking connect. */CURLcodeCurl_axtls_connect(struct connectdata *conn,                  int sockindex){  CURLcode conn_step = connect_prep(conn, sockindex);  int ssl_fcn_return;  SSL *ssl = conn->ssl[sockindex].ssl;  if(conn_step != CURLE_OK) {    Curl_axtls_close(conn, sockindex);    return conn_step;  }  /* Check to make sure handshake was ok. */  while(ssl_handshake_status(ssl) != SSL_OK) {    ssl_fcn_return = ssl_read(ssl, NULL);    if(ssl_fcn_return < 0) {      Curl_axtls_close(conn, sockindex);      ssl_display_error(ssl_fcn_return); /* goes to stdout. */      return map_error_to_curl(ssl_fcn_return);    }    usleep(10000);  }  infof (conn->data, "handshake completed successfully/n");  conn_step = connect_finish(conn, sockindex);  if(conn_step != CURLE_OK) {    Curl_axtls_close(conn, sockindex);    return conn_step;  }  return CURLE_OK;}

/* *  call-seq: *      read( length ) -> string or raises * *  Reads +length+ bytes from the SSL connection or raises PolarSSL::SSL::Error. */static VALUE R_ssl_read( VALUE self, VALUE length ){    ssl_context *ssl;    VALUE result;    int buffer_size = NUM2INT( length );    unsigned char buffer[buffer_size];    int length_to_read;    int length_read;    Check_Type( length, T_FIXNUM );    Data_Get_Struct( self, ssl_context, ssl );    length_to_read = sizeof( buffer ) - 1;    length_read = ssl_read( ssl, buffer, length_to_read );    if ( length_read == 0 || length_read == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY )    {        result = Qnil;    }    else if (length_read < 0)    {        rb_raise( e_SSLError, "-0x%x", -length_read );    }    else    {        result = rb_str_new2( (char *)buffer );    }    return result;}

static ioa_socket_handle dtls_accept_client_connection(				dtls_listener_relay_server_type* server,				SSL *ssl,				ioa_addr *remote_addr, ioa_addr *local_addr,				u08bits *s, int len){	FUNCSTART;	if (!ssl)		return NULL;	int rc = ssl_read(server->udp_listen_s->fd, ssl, (s08bits*)s, ioa_network_buffer_get_capacity(), server->verbose, &len);	if (rc < 0)		return NULL;	addr_debug_print(server->verbose, remote_addr, "Accepted connection from");	ioa_socket_handle ioas = create_ioa_socket_from_ssl(server->e, server->udp_listen_s, ssl, DTLS_SOCKET, CLIENT_SOCKET, remote_addr, local_addr);	if(ioas) {		ioas->listener_server = server;		addr_cpy(&(server->sm.m.sm.nd.src_addr),remote_addr);		server->sm.m.sm.nd.recv_ttl = TTL_IGNORE;		server->sm.m.sm.nd.recv_tos = TOS_IGNORE;		server->sm.m.sm.s = ioas;	} else {		TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "Cannot create ioa_socket from SSL/n");	}	FUNCEND	;	return ioas;}

static ssize_t polarssl_recv(struct connectdata *conn,                             int num,                             char *buf,                             size_t buffersize,                             CURLcode *curlcode){  struct ssl_connect_data *connssl = &conn->ssl[num];  int ret = -1;  ssize_t len = -1;  memset(buf, 0, buffersize);  ret = ssl_read(&BACKEND->ssl, (unsigned char *)buf, buffersize);  if(ret <= 0) {    if(ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY)      return 0;    *curlcode = (ret == POLARSSL_ERR_NET_WANT_READ) ?      CURLE_AGAIN : CURLE_RECV_ERROR;    return -1;  }  len = ret;  return len;}

static intpolarssl_read(tcpcon_t *tc, void *buf, size_t len, int all){  int ret, tot = 0;  if(!all) {    ret = ssl_read(tc->ssl, buf, len);    return ret > 0 ? ret : -1;  }  while(tot != len) {    ret = ssl_read(tc->ssl, buf + tot, len - tot);    if(ret < 0)       return -1;    tot += ret;  }  return tot;}

/* * Use axTLS's non-blocking connection feature to open an SSL connection. * This is called after a TCP connection is already established.*/CURLcode Curl_axtls_connect_nonblocking(    struct connectdata *conn,    int sockindex,    bool *done){  CURLcode conn_step;  int ssl_fcn_return; *done = FALSE;  /* connectdata is calloc'd and connecting_state is only changed in this     function, so this is safe, as the state is effectively initialized. */  if(conn->ssl[sockindex].connecting_state == ssl_connect_1) {    conn_step = connect_prep(conn, sockindex);    if(conn_step != CURLE_OK) {      Curl_axtls_close(conn, sockindex);      return conn_step;    }    conn->ssl[sockindex].connecting_state = ssl_connect_2;  }  if(conn->ssl[sockindex].connecting_state == ssl_connect_2) {    /* Check to make sure handshake was ok. */    if(ssl_handshake_status(conn->ssl[sockindex].ssl) != SSL_OK) {      ssl_fcn_return = ssl_read(conn->ssl[sockindex].ssl, NULL);      if(ssl_fcn_return < 0) {        Curl_axtls_close(conn, sockindex);        ssl_display_error(ssl_fcn_return); /* goes to stdout. */        return map_error_to_curl(ssl_fcn_return);      }      else {        return CURLE_OK; /* Return control to caller for retries */      }    }    infof (conn->data, "handshake completed successfully/n");    conn->ssl[sockindex].connecting_state = ssl_connect_3;  }  if(conn->ssl[sockindex].connecting_state == ssl_connect_3) {    conn_step = connect_finish(conn, sockindex);    if(conn_step != CURLE_OK) {      Curl_axtls_close(conn, sockindex);      return conn_step;    }    /* Reset connect state */    conn->ssl[sockindex].connecting_state = ssl_connect_1;    *done = TRUE;    return CURLE_OK;  }  /* Unrecognized state.  Things are very bad. */  conn->ssl[sockindex].state  = ssl_connection_none;  conn->ssl[sockindex].connecting_state = ssl_connect_1;  /* Return value perhaps not strictly correct, but distinguishes the issue.*/  return CURLE_BAD_FUNCTION_ARGUMENT;}

static int write_ssl_and_get_response( ssl_context *ssl, unsigned char *buf, size_t len ){    int ret;    unsigned char data[128];    char code[4];    size_t i, idx = 0;    printf("/n%s", buf);    while( len && ( ret = ssl_write( ssl, buf, len ) ) <= 0 )    {        if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )        {            printf( " failed/n  ! ssl_write returned %d/n/n", ret );            return -1;        }    }    do    {        len = sizeof( data ) - 1;        memset( data, 0, sizeof( data ) );        ret = ssl_read( ssl, data, len );        if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE )            continue;        if( ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY )            return -1;        if( ret <= 0 )        {            printf( "failed/n  ! ssl_read returned %d/n/n", ret );            return -1;        }        printf("/n%s", data);        len = ret;        for( i = 0; i < len; i++ )        {            if( data[i] != '/n' )            {                if( idx < 4 )                    code[ idx++ ] = data[i];                continue;            }            if( idx == 4 && code[0] >= '0' && code[0] <= '9' && code[3] == ' ' )            {                code[3] = '/0';                return atoi( code );            }            idx = 0;        }    }    while( 1 );}

/** * This function reads all the data from a connection into a buffer. * * @param s32 connection The connection identifier to suck the response out of * @return bool True if data downloaded succesfully. */bool tcp_readData(const s32 connection, u8 **buffer, const u32 length){	u8 *p;	u32 left, block, received;	s64 t;	s32 res;	p = *buffer;	left = length;	received = 0;	t = gettime ();	while (left)	{		if (ticks_to_millisecs (diff_ticks (t, gettime ())) > TCP_BLOCK_RECV_TIMEOUT)			break;		// Update the progress bar		if(displayProgressWindow)		{			ShowProgress(received, length);			if(ProgressCanceled())			{				ProgressStop();				break;			}		}		// Get next block size		block = left;		if (block > TCP_BLOCK_SIZE)			block = TCP_BLOCK_SIZE;		if(http_port == 443)			res = ssl_read (connection, p, block);		else			res = net_read (connection, p, block);		if ((res == 0) || (res == -EAGAIN))		{			usleep (20 * 1000);			continue;		}		if (res < 0) break;		received += res;		left -= res;		p += res;		// update timing after each downloaded block		t = gettime ();	}	return left == 0;}

int SSL_accept(SSL *ssl){    while (ssl_read(ssl, NULL) == SSL_OK)    {        if (ssl->next_state == HS_CLIENT_HELLO)            return 1;   /* we're done */    }    return -1;}

gint sock_read(SockInfo *sock, gchar *buf, gint len){	g_return_val_if_fail(sock != NULL, -1);#if USE_SSL	if (sock->ssl)		return ssl_read(sock->ssl, buf, len);#endif	return fd_read(sock->sock, buf, len);}

static SQRESULT sq_ssl_read(HSQUIRRELVM v){    SQ_FUNC_VARS(v);    GET_ssl_INSTANCE();    SQ_OPT_INTEGER(v, 2, count, 0);	uint8_t *in_data = NULL;	int result = ssl_read(self, &in_data, count);	if (result > SSL_OK) sq_pushstring(v, (const SQChar*)in_data, result);	else sq_pushinteger(v, result);	return 1;}

int32_t bctbx_ssl_read(bctbx_ssl_context_t *ssl_ctx, unsigned char *buf, size_t buf_length) {	int ret = ssl_read(&(ssl_ctx->ssl_ctx), buf, buf_length);	/* remap some output code */	if (ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY) {		ret = BCTBX_ERROR_SSL_PEER_CLOSE_NOTIFY;	}	if (ret == POLARSSL_ERR_NET_WANT_READ) {		ret = BCTBX_ERROR_NET_WANT_READ;	}	return ret;}

static ssize_t ssl_recv(IOBuf *iob, char *buffer, int len){    check(iob->use_ssl, "IOBuf not set up to use ssl");    if(!iob->handshake_performed) {        int rcode = ssl_do_handshake(iob);        check(rcode == 0, "handshake failed");    }    return ssl_read(&iob->ssl, (unsigned char*) buffer, len);error:    return -1;}

static intpolarssl_read(tcpcon_t *tc, void *buf, size_t len, int all,	      net_read_cb_t *cb, void *opaque){  int ret, tot = 0;  if(!all) {    ret = ssl_read(tc->ssl, buf, len);    return ret > 0 ? ret : -1;  }  while(tot != len) {    ret = ssl_read(tc->ssl, buf + tot, len - tot);    if(ret < 0)       return -1;    tot += ret;    if(cb != NULL)      cb(opaque, tot);  }  return tot;}

int Sys_recv(int sockfd, char* buffer, int nbytes){    if (g_enableSSL)    {        return ssl_read(sockfd, buffer, nbytes);    }    else    {        return recv(sockfd, buffer, nbytes, 0);    }}

    void connect(ClientContext* ctx, const char* hostName, uint32_t timeout_ms) {        _ssl = ssl_client_new(_ssl_ctx, reinterpret_cast<int>(ctx), nullptr, 0, hostName);        uint32_t t = millis();        while (millis() - t < timeout_ms && ssl_handshake_status(_ssl) != SSL_OK) {            uint8_t* data;            int rc = ssl_read(_ssl, &data);            if (rc < SSL_OK) {                break;            }        }    }

intftp_read_data(const struct vsf_session* p_sess, char* p_buf, unsigned int len){  if (p_sess->data_use_ssl)  {    return ssl_read(p_sess->p_data_ssl, p_buf, len);  }  else  {    return vsf_sysutil_read(p_sess->data_fd, p_buf, len);  }}

/* * This function is called to shut down the SSL layer but keep the * socket open (CCC - Clear Command Channel) */int Curl_axtls_shutdown(struct connectdata *conn, int sockindex){  /* Outline taken from ssluse.c since functions are in axTLS compat layer.     axTLS's error set is much smaller, so a lot of error-handling was removed.   */  int retval = 0;  struct ssl_connect_data *connssl = &conn->ssl[sockindex];  struct SessionHandle *data = conn->data;  uint8_t *buf;  ssize_t nread;  infof(conn->data, "  Curl_axtls_shutdown/n");  /* This has only been tested on the proftpd server, and the mod_tls code     sends a close notify alert without waiting for a close notify alert in     response. Thus we wait for a close notify alert from the server, but     we do not send one. Let's hope other servers do the same... */  /* axTLS compat layer does nothing for SSL_shutdown, so we do nothing too  if(data->set.ftp_ccc == CURLFTPSSL_CCC_ACTIVE)      (void)SSL_shutdown(connssl->ssl);  */  if(connssl->ssl) {    int what = Curl_socket_ready(conn->sock[sockindex],                                 CURL_SOCKET_BAD, SSL_SHUTDOWN_TIMEOUT);    if(what > 0) {      /* Something to read, let's do it and hope that it is the close         notify alert from the server.  buf is managed internally by         axTLS and will be released upon calling ssl_free via         free_ssl_structs. */      nread = (ssize_t)ssl_read(connssl->ssl, &buf);      if(nread < SSL_OK) {        failf(data, "close notify alert not received during shutdown");        retval = -1;      }    }    else if(0 == what) {      /* timeout */      failf(data, "SSL shutdown timeout");    }    else {      /* anything that gets here is fatally bad */      failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);      retval = -1;    }    free_ssl_structs(connssl);  }  return retval;}

const int IRCClientThread::SocketReceive(){	dlib::auto_mutex guard(m_buffermutex);	if(IsConnected() && m_contype==IRCClientConnection::CON_UNSECURE)	{		int rval=recv(m_socket,&m_tempbuffer[0],m_tempbuffer.size(),0);		if(rval>0)		{			m_receivebuffer.insert(m_receivebuffer.end(),m_tempbuffer.begin(),m_tempbuffer.begin()+rval);			//while(HandleReceivedData())			{			}		}		else if(rval==0)		{			Disconnect();			m_log->Info("IRCClientThread::SocketReceive remote host closed connection");		}		else if(rval==-1)		{			Disconnect();			m_log->Error("IRCClientThread::SocketReceive recv returned -1.  Closing connection.");		}		return rval;	}	else if(IsConnected() && m_contype==IRCClientConnection::CON_SSL)	{		int rval=ssl_read(&(m_ssl->m_ssl),(unsigned char *)&m_tempbuffer[0],m_tempbuffer.size());		if(rval>0)		{			m_receivebuffer.insert(m_receivebuffer.end(),m_tempbuffer.begin(),m_tempbuffer.begin()+rval);			//while(HandleReceivedData())			{			}		}		else if(rval==0)		{			Disconnect();			m_log->Error("IRCClientThread::SocketReceive ssl_read returned 0.  Closing connection.");		}		else if(rval<0)		{			Disconnect();			m_log->Error("IRCClientThread::SocketReceive ssl_read returned < 0.  Closing connection.");		}		return rval;	}	else	{		return -1;	}}

/* SSL_read is opied from axTLS compat layer */static int SSL_read(SSL *ssl, void *buf, int num){  uint8_t *read_buf;  int ret;  while((ret = ssl_read(ssl, &read_buf)) == SSL_OK);  if(ret > SSL_OK) {    memcpy(buf, read_buf, ret > num ? num : ret);  }  return ret;}

static intpolarssl_read(tcpcon_t *tc, void *buf, size_t len, int all){  int ret, tot = 0;  TRACE(TRACE_INFO, "SSL", "Read %d bytes %d", len, all);  if(!all) {    ret = ssl_read(tc->ssl, buf, len);    TRACE(TRACE_INFO, "SSL", "Read -> 0x%x", ret);    if(ret >= 0)       return ret;    return -1;  }  while(tot != len) {    ret = ssl_read(tc->ssl, buf + tot, len - tot);    TRACE(TRACE_INFO, "SSL", "Read -> 0x%x", ret);    if(ret < 0)       return -1;    tot += ret;  }  return tot;}

/* Read data from SSL connection */int ssl_receive(ssl_context *ssl, char *buffer, unsigned int maxlength) {	int result;	do {		result = ssl_read(ssl, (unsigned char*)buffer, maxlength);	} while (result == POLARSSL_ERR_NET_WANT_READ);	if (result < 0) {		return -1;	}	return result;}

ScmObj Scm_TLSRead(ScmTLS* t){#if defined(GAUCHE_USE_AXTLS)    context_check(t, "read");    close_check(t, "read");    int r; uint8_t* buf;    while ((r = ssl_read(t->conn, &buf)) == SSL_OK);    if (r < 0) Scm_SysError("ssl_read() failed");    return Scm_MakeString((char*) buf, r, r, SCM_STRING_INCOMPLETE);#else  /*!GAUCHE_USE_AXTLS*/    return SCM_FALSE;#endif /*!GAUCHE_USE_AXTLS*/}

HOOK_T ast_tcptls_server_read(struct ast_tcptls_session_instance *tcptls_session, void *buf, size_t count){	if (tcptls_session->fd == -1) {		ast_log(LOG_ERROR, "server_read called with an fd of -1/n");		errno = EIO;		return -1;	}#ifdef DO_SSL	if (tcptls_session->ssl)		return ssl_read(tcptls_session->ssl, buf, count);#endif	return read(tcptls_session->fd, buf, count);}

__hidden int __ustream_ssl_read(struct ustream_ssl *us, char *buf, int len){    int ret = ssl_read(us->ssl, (unsigned char *) buf, len);    if (ret < 0) {        if (ssl_do_wait(ret))            return U_SSL_PENDING;        ustream_ssl_error(us, ret);        return U_SSL_ERROR;    }    return ret;}

intssl_read_into_str(struct vsf_session* p_sess, void* p_ssl, struct mystr* p_str){  unsigned int len = str_getlen(p_str);  int ret = ssl_read(p_sess, p_ssl, (char*) str_getbuf(p_str), len);  if (ret >= 0)  {    str_trunc(p_str, (unsigned int) ret);  }  else  {    str_empty(p_str);  }  return ret;}