自学教程：C++ BIO_ctrl函数代码示例

int dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority){    DTLS1_RECORD_DATA *rdata;    pitem *item;    /* Limit the size of the queue to prevent DOS attacks */    if (pqueue_size(queue->q) >= 100)        return 0;    rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));    item = pitem_new(priority, rdata);    if (rdata == NULL || item == NULL) {        if (rdata != NULL)            OPENSSL_free(rdata);        if (item != NULL)            pitem_free(item);        SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);        return -1;    }    rdata->packet = s->rlayer.packet;    rdata->packet_length = s->rlayer.packet_length;    memcpy(&(rdata->rbuf), &s->rlayer.rbuf, sizeof(SSL3_BUFFER));    memcpy(&(rdata->rrec), &s->rlayer.rrec, sizeof(SSL3_RECORD));    item->data = rdata;#ifndef OPENSSL_NO_SCTP    /* Store bio_dgram_sctp_rcvinfo struct */    if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&        (s->state == SSL3_ST_SR_FINISHED_A         || s->state == SSL3_ST_CR_FINISHED_A)) {        BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_GET_RCVINFO,                 sizeof(rdata->recordinfo), &rdata->recordinfo);    }#endif    s->rlayer.packet = NULL;    s->rlayer.packet_length = 0;    memset(&s->rlayer.rbuf, 0, sizeof(SSL3_BUFFER));    memset(&s->rlayer.rrec, 0, sizeof(SSL3_RECORD));    if (!ssl3_setup_buffers(s)) {        SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);        if (rdata->rbuf.buf != NULL)            OPENSSL_free(rdata->rbuf.buf);        OPENSSL_free(rdata);        pitem_free(item);        return (-1);    }    /* insert should not fail, since duplicates are dropped */    if (pqueue_insert(queue->q, item) == NULL) {        SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);        if (rdata->rbuf.buf != NULL)            OPENSSL_free(rdata->rbuf.buf);        OPENSSL_free(rdata);        pitem_free(item);        return (-1);    }    return (1);}

int vc_create_dtls_connection(struct vContext *C){	struct VC_CTX *vc_ctx = CTX_client_ctx(C);	struct VSession *vsession = CTX_current_session(C);	struct VDgramConn *dgram_conn = CTX_current_dgram_conn(C);	struct timeval timeout;	int ret = 0;	v_print_log(VRS_PRINT_DEBUG_MSG, "Try to do DTLS handshake at UDP socket: %d/n",			dgram_conn->io_ctx.sockfd);	/* Create ssl for new connection */	if( (dgram_conn->io_ctx.ssl = SSL_new(vc_ctx->dtls_ctx)) == NULL) {		v_print_log(VRS_PRINT_ERROR, "SSL_new(%p)/n", (void*)vc_ctx->dtls_ctx);		return 0;	}	/* Set state of bio as connected */	if(dgram_conn->io_ctx.peer_addr.ip_ver == IPV4) {		ret = BIO_ctrl(dgram_conn->io_ctx.bio, BIO_CTRL_DGRAM_SET_CONNECTED, 0, &dgram_conn->io_ctx.peer_addr.addr.ipv6);	} else if(dgram_conn->io_ctx.peer_addr.ip_ver == IPV6) {		ret = BIO_ctrl(dgram_conn->io_ctx.bio, BIO_CTRL_DGRAM_SET_CONNECTED, 0, &dgram_conn->io_ctx.peer_addr.addr.ipv4);	}	/* When BIO_ctrl was called with bad arguments, then it returns 0 */	if(ret==0) {		v_print_log(VRS_PRINT_ERROR, "BIO_ctrl()/n");		SSL_free(dgram_conn->io_ctx.ssl);		return 0;	}	/* Set and activate timeouts */	timeout.tv_sec = 1;	timeout.tv_usec = 0;	BIO_ctrl(dgram_conn->io_ctx.bio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);	BIO_ctrl(dgram_conn->io_ctx.bio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);	/* Bind ssl and bio */	SSL_set_bio(dgram_conn->io_ctx.ssl, dgram_conn->io_ctx.bio, dgram_conn->io_ctx.bio);	/* Try to do DTLS handshake */again:	if ((ret = SSL_connect(dgram_conn->io_ctx.ssl)) <= 0) {		int err = SSL_get_error(dgram_conn->io_ctx.ssl, ret);		if(err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) {			gettimeofday(&timeout, NULL);			if((timeout.tv_sec - vsession->peer_token.tv.tv_sec) > VRS_TIMEOUT) {				v_print_log(VRS_PRINT_ERROR, "Token timed out/n");				return 0;			}			usleep(1000);			goto again;		}		ERR_print_errors_fp(stderr);		v_print_log(VRS_PRINT_ERROR, "SSL_connect() failed: %d -> %d/n", ret, err);		SSL_free(dgram_conn->io_ctx.ssl);		dgram_conn->io_ctx.ssl = NULL;		dgram_conn->io_ctx.bio = NULL;		return 0;	} else {		v_print_log(VRS_PRINT_DEBUG_MSG, "DTLS handshake finished/n");		v_print_log(VRS_PRINT_DEBUG_MSG, "Current cipher: %s/n",				SSL_CIPHER_get_name(SSL_get_current_cipher(dgram_conn->io_ctx.ssl)));	}	return 1;}

long BIO_get_mem_data(BIO *bio, char **contents) {  return BIO_ctrl(bio, BIO_CTRL_INFO, 0, (char *) contents);}

static long enc_ctrl(BIO *b, int cmd, long num, void *ptr)  {  BIO *dbio;  BIO_ENC_CTX *ctx,*dctx;  long ret=1;  int i;  EVP_CIPHER_CTX **c_ctx;  ctx=(BIO_ENC_CTX *)b->ptr;  switch (cmd)    {  case BIO_CTRL_RESET:    ctx->ok=1;    ctx->finished=0;    EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL,      ctx->cipher.encrypt);    ret=BIO_ctrl(b->next_bio,cmd,num,ptr);    break;  case BIO_CTRL_EOF:  /* More to read */    if (ctx->cont <= 0)      ret=1;    else      ret=BIO_ctrl(b->next_bio,cmd,num,ptr);    break;  case BIO_CTRL_WPENDING:    ret=ctx->buf_len-ctx->buf_off;    if (ret <= 0)      ret=BIO_ctrl(b->next_bio,cmd,num,ptr);    break;  case BIO_CTRL_PENDING: /* More to read in buffer */    ret=ctx->buf_len-ctx->buf_off;    if (ret <= 0)      ret=BIO_ctrl(b->next_bio,cmd,num,ptr);    break;  case BIO_CTRL_FLUSH:    /* do a final write */again:    while (ctx->buf_len != ctx->buf_off)      {      i=enc_write(b,NULL,0);      if (i < 0)        return i;      }    if (!ctx->finished)      {      ctx->finished=1;      ctx->buf_off=0;      ret=EVP_CipherFinal_ex(&(ctx->cipher),        (unsigned char *)ctx->buf,        &(ctx->buf_len));      ctx->ok=(int)ret;      if (ret <= 0) break;      /* push out the bytes */      goto again;      }        /* Finally flush the underlying BIO */    ret=BIO_ctrl(b->next_bio,cmd,num,ptr);    break;  case BIO_C_GET_CIPHER_STATUS:    ret=(long)ctx->ok;    break;  case BIO_C_DO_STATE_MACHINE:    BIO_clear_retry_flags(b);    ret=BIO_ctrl(b->next_bio,cmd,num,ptr);    BIO_copy_next_retry(b);    break;  case BIO_C_GET_CIPHER_CTX:    c_ctx=(EVP_CIPHER_CTX **)ptr;    (*c_ctx)= &(ctx->cipher);    b->init=1;    break;  case BIO_CTRL_DUP:    dbio=(BIO *)ptr;    dctx=(BIO_ENC_CTX *)dbio->ptr;    memcpy(&(dctx->cipher),&(ctx->cipher),sizeof(ctx->cipher));    dbio->init=1;    break;  default:    ret=BIO_ctrl(b->next_bio,cmd,num,ptr);    break;    }  return(ret);  }

size_t BIO_ctrl_wpending(BIO *bio)	{	return BIO_ctrl(bio, BIO_CTRL_WPENDING, 0, NULL);	}

static long md_ctrl(BIO *b, int cmd, long num, void *ptr){    EVP_MD_CTX *ctx, *dctx, **pctx;    const EVP_MD **ppmd;    EVP_MD *md;    long ret = 1;    BIO *dbio, *next;    ctx = BIO_get_data(b);    next = BIO_next(b);    switch (cmd) {    case BIO_CTRL_RESET:        if (BIO_get_init(b))            ret = EVP_DigestInit_ex(ctx, ctx->digest, NULL);        else            ret = 0;        if (ret > 0)            ret = BIO_ctrl(next, cmd, num, ptr);        break;    case BIO_C_GET_MD:        if (BIO_get_init(b)) {            ppmd = ptr;            *ppmd = ctx->digest;        } else            ret = 0;        break;    case BIO_C_GET_MD_CTX:        pctx = ptr;        *pctx = ctx;        BIO_set_init(b, 1);        break;    case BIO_C_SET_MD_CTX:        if (BIO_get_init(b))            BIO_set_data(b, ptr);        else            ret = 0;        break;    case BIO_C_DO_STATE_MACHINE:        BIO_clear_retry_flags(b);        ret = BIO_ctrl(next, cmd, num, ptr);        BIO_copy_next_retry(b);        break;    case BIO_C_SET_MD:        md = ptr;        ret = EVP_DigestInit_ex(ctx, md, NULL);        if (ret > 0)            BIO_set_init(b, 1);        break;    case BIO_CTRL_DUP:        dbio = ptr;        dctx = BIO_get_data(dbio);        if (!EVP_MD_CTX_copy_ex(dctx, ctx))            return 0;        BIO_set_init(b, 1);        break;    default:        ret = BIO_ctrl(next, cmd, num, ptr);        break;    }    return ret;}

/*- * Return up to 'len' payload bytes received in 'type' records. * 'type' is one of the following: * *   -  SSL3_RT_HANDSHAKE (when ssl3_get_message calls us) *   -  SSL3_RT_APPLICATION_DATA (when ssl3_read calls us) *   -  0 (during a shutdown, no data has to be returned) * * If we don't have stored data to work from, read a SSL/TLS record first * (possibly multiple records if we still don't have anything to return). * * This function must handle any surprises the peer may have for us, such as * Alert records (e.g. close_notify) or renegotiation requests. ChangeCipherSpec * messages are treated as if they were handshake messages *if* the |recd_type| * argument is non NULL. * Also if record payloads contain fragments too small to process, we store * them until there is enough for the respective protocol (the record protocol * may use arbitrary fragmentation and even interleaving): *     Change cipher spec protocol *             just 1 byte needed, no need for keeping anything stored *     Alert protocol *             2 bytes needed (AlertLevel, AlertDescription) *     Handshake protocol *             4 bytes needed (HandshakeType, uint24 length) -- we just have *             to detect unexpected Client Hello and Hello Request messages *             here, anything else is handled by higher layers *     Application data protocol *             none of our business */int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,                     int len, int peek){    int al, i, j, ret;    unsigned int n;    SSL3_RECORD *rr;    void (*cb) (const SSL *ssl, int type2, int val) = NULL;    if (!SSL3_BUFFER_is_initialised(&s->rlayer.rbuf)) {        /* Not initialized yet */        if (!ssl3_setup_buffers(s))            return (-1);    }    if ((type && (type != SSL3_RT_APPLICATION_DATA) &&         (type != SSL3_RT_HANDSHAKE)) ||        (peek && (type != SSL3_RT_APPLICATION_DATA))) {        SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);        return -1;    }    /*     * check whether there's a handshake message (client hello?) waiting     */    if ((ret = have_handshake_fragment(s, type, buf, len))) {        *recvd_type = SSL3_RT_HANDSHAKE;        return ret;    }    /*     * Now s->rlayer.d->handshake_fragment_len == 0 if     * type == SSL3_RT_HANDSHAKE.     */    if (!ossl_statem_get_in_handshake(s) && SSL_in_init(s))    {        /* type == SSL3_RT_APPLICATION_DATA */        i = s->handshake_func(s);        if (i < 0)            return (i);        if (i == 0) {            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);            return (-1);        }    } start:    s->rwstate = SSL_NOTHING;    /*-     * s->s3->rrec.type         - is the type of record     * s->s3->rrec.data,    - data     * s->s3->rrec.off,     - offset into 'data' for next read     * s->s3->rrec.length,  - number of bytes.     */    rr = s->rlayer.rrec;    /*     * We are not handshaking and have no data yet, so process data buffered     * during the last handshake in advance, if any.     */    if (SSL_is_init_finished(s) && SSL3_RECORD_get_length(rr) == 0) {        pitem *item;        item = pqueue_pop(s->rlayer.d->buffered_app_data.q);        if (item) {#ifndef OPENSSL_NO_SCTP            /* Restore bio_dgram_sctp_rcvinfo struct */            if (BIO_dgram_is_sctp(SSL_get_rbio(s))) {                DTLS1_RECORD_DATA *rdata = (DTLS1_RECORD_DATA *)item->data;                BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_SET_RCVINFO,                         sizeof(rdata->recordinfo), &rdata->recordinfo);//.........这里部分代码省略.........

MSG_PROCESS_RETURN tls_process_change_cipher_spec(SSL *s, PACKET *pkt){    int al;    long remain;    remain = PACKET_remaining(pkt);    /*     * 'Change Cipher Spec' is just a single byte, which should already have     * been consumed by ssl_get_message() so there should be no bytes left,     * unless we're using DTLS1_BAD_VER, which has an extra 2 bytes     */    if (SSL_IS_DTLS(s)) {        if ((s->version == DTLS1_BAD_VER                        && remain != DTLS1_CCS_HEADER_LENGTH + 1)                    || (s->version != DTLS1_BAD_VER                        && remain != DTLS1_CCS_HEADER_LENGTH - 1)) {                al = SSL_AD_ILLEGAL_PARAMETER;                SSLerr(SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC,                       SSL_R_BAD_CHANGE_CIPHER_SPEC);                goto f_err;        }    } else {        if (remain != 0) {            al = SSL_AD_ILLEGAL_PARAMETER;            SSLerr(SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC,                   SSL_R_BAD_CHANGE_CIPHER_SPEC);            goto f_err;        }    }    /* Check we have a cipher to change to */    if (s->s3->tmp.new_cipher == NULL) {        al = SSL_AD_UNEXPECTED_MESSAGE;        SSLerr(SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC, SSL_R_CCS_RECEIVED_EARLY);        goto f_err;    }    s->s3->change_cipher_spec = 1;    if (!ssl3_do_change_cipher_spec(s)) {        al = SSL_AD_INTERNAL_ERROR;        SSLerr(SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);        goto f_err;    }    if (SSL_IS_DTLS(s)) {        dtls1_reset_seq_numbers(s, SSL3_CC_READ);        if (s->version == DTLS1_BAD_VER)            s->d1->handshake_read_seq++;#ifndef OPENSSL_NO_SCTP        /*         * Remember that a CCS has been received, so that an old key of         * SCTP-Auth can be deleted when a CCS is sent. Will be ignored if no         * SCTP is used         */        BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD, 1, NULL);#endif    }    return MSG_PROCESS_CONTINUE_READING; f_err:    ssl3_send_alert(s, SSL3_AL_FATAL, al);    ossl_statem_set_error(s);    return MSG_PROCESS_ERROR;}

int dtls1_accept(SSL *s)	{	BUF_MEM *buf;	unsigned long Time=(unsigned long)time(NULL);	void (*cb)(const SSL *ssl,int type,int val)=NULL;	unsigned long alg_k;	int ret= -1;	int new_state,state,skip=0;	int listen;#ifndef OPENSSL_NO_SCTP	unsigned char sctpauthkey[64];	char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];#endif	RAND_add(&Time,sizeof(Time),0);	ERR_clear_error();	clear_sys_error();	if (s->info_callback != NULL)		cb=s->info_callback;	else if (s->ctx->info_callback != NULL)		cb=s->ctx->info_callback;		listen = s->d1->listen;	/* init things to blank */	s->in_handshake++;	if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);	s->d1->listen = listen;#ifndef OPENSSL_NO_SCTP	/* Notify SCTP BIO socket to enter handshake	 * mode and prevent stream identifier other	 * than 0. Will be ignored if no SCTP is used.	 */	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE, s->in_handshake, NULL);#endif	if (s->cert == NULL)		{		SSLerr(SSL_F_DTLS1_ACCEPT,SSL_R_NO_CERTIFICATE_SET);		return(-1);		}#ifndef OPENSSL_NO_HEARTBEATS	/* If we're awaiting a HeartbeatResponse, pretend we	 * already got and don't await it anymore, because	 * Heartbeats don't make sense during handshakes anyway.	 */	if (s->tlsext_hb_pending)		{		dtls1_stop_timer(s);		s->tlsext_hb_pending = 0;		s->tlsext_hb_seq++;		}#endif	for (;;)		{		state=s->state;		switch (s->state)			{		case SSL_ST_RENEGOTIATE:			s->renegotiate=1;			/* s->state=SSL_ST_ACCEPT; */		case SSL_ST_BEFORE:		case SSL_ST_ACCEPT:		case SSL_ST_BEFORE|SSL_ST_ACCEPT:		case SSL_ST_OK|SSL_ST_ACCEPT:			s->server=1;			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);			if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00))				{				SSLerr(SSL_F_DTLS1_ACCEPT, ERR_R_INTERNAL_ERROR);				return -1;				}			s->type=SSL_ST_ACCEPT;			if (s->init_buf == NULL)				{				if ((buf=BUF_MEM_new()) == NULL)					{					ret= -1;					goto end;					}				if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))					{					ret= -1;					goto end;					}				s->init_buf=buf;				}			if (!ssl3_setup_buffers(s))				{				ret= -1;//.........这里部分代码省略.........

int eHttpStream::openUrl(const std::string &url, std::string &newurl){	int port;	std::string hostname;	std::string uri = url;	std::string request;	size_t buflen = 1024;	char *linebuf = NULL;	int result;	char proto[100];	int statuscode = 0;	char statusmsg[100];	bool playlist = false;	bool contenttypeparsed = false;	close();	std::string user_agent = "Enigma2 HbbTV/1.1.1 (+PVR+RTSP+DL;openNFR;;;)";	std::string extra_headers = "";	size_t pos = uri.find('#');	if (pos != std::string::npos)	{		extra_headers = uri.substr(pos + 1);		uri = uri.substr(0, pos);		pos = extra_headers.find("User-Agent=");		if (pos != std::string::npos)		{			size_t hpos_start = pos + 11;			size_t hpos_end = extra_headers.find('&', hpos_start);			if (hpos_end != std::string::npos)				user_agent = extra_headers.substr(hpos_start, hpos_end - hpos_start);			else				user_agent = extra_headers.substr(hpos_start);		}	}	int pathindex = uri.find("/", 7);	if (pathindex > 0)	{		hostname = uri.substr(7, pathindex - 7);		uri = uri.substr(pathindex, uri.length() - pathindex);	}	else	{		hostname = uri.substr(7, uri.length() - 7);		uri = "/";	}	int authenticationindex = hostname.find("@");	if (authenticationindex > 0)	{		BIO *mbio, *b64bio, *bio;		char *p = (char*)NULL;		int length = 0;		authorizationData = hostname.substr(0, authenticationindex);		hostname = hostname.substr(authenticationindex + 1);		mbio = BIO_new(BIO_s_mem());		b64bio = BIO_new(BIO_f_base64());		bio = BIO_push(b64bio, mbio);		BIO_write(bio, authorizationData.c_str(), authorizationData.length());		BIO_flush(bio);		length = BIO_ctrl(mbio, BIO_CTRL_INFO, 0, (char*)&p);		authorizationData = "";		if (p && length > 0)		{			/* base64 output contains a linefeed, which we ignore */			authorizationData.append(p, length - 1);		}		BIO_free_all(bio);	}	int customportindex = hostname.find(":");	if (customportindex > 0)	{		port = atoi(hostname.substr(customportindex + 1, hostname.length() - customportindex - 1).c_str());		hostname = hostname.substr(0, customportindex);	}	else if (customportindex == 0)	{		port = atoi(hostname.substr(1, hostname.length() - 1).c_str());		hostname = "localhost";	}	else	{		port = 80;	}	streamSocket = Connect(hostname.c_str(), port, 10);	if (streamSocket < 0)		goto error;	request = "GET ";	request.append(uri).append(" HTTP/1.1/r/n");	request.append("Host: ").append(hostname).append("/r/n");	request.append("User-Agent: ").append(user_agent).append("/r/n");	if (authorizationData != "")	{		request.append("Authorization: Basic ").append(authorizationData).append("/r/n");	}	pos = 0;//.........这里部分代码省略.........

static long asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2){    BIO_ASN1_BUF_CTX *ctx;    BIO_ASN1_EX_FUNCS *ex_func;    long ret = 1;    BIO *next;    ctx = BIO_get_data(b);    if (ctx == NULL)        return 0;    next = BIO_next(b);    switch (cmd) {    case BIO_C_SET_PREFIX:        ex_func = arg2;        ctx->prefix = ex_func->ex_func;        ctx->prefix_free = ex_func->ex_free_func;        break;    case BIO_C_GET_PREFIX:        ex_func = arg2;        ex_func->ex_func = ctx->prefix;        ex_func->ex_free_func = ctx->prefix_free;        break;    case BIO_C_SET_SUFFIX:        ex_func = arg2;        ctx->suffix = ex_func->ex_func;        ctx->suffix_free = ex_func->ex_free_func;        break;    case BIO_C_GET_SUFFIX:        ex_func = arg2;        ex_func->ex_func = ctx->suffix;        ex_func->ex_free_func = ctx->suffix_free;        break;    case BIO_C_SET_EX_ARG:        ctx->ex_arg = arg2;        break;    case BIO_C_GET_EX_ARG:        *(void **)arg2 = ctx->ex_arg;        break;    case BIO_CTRL_FLUSH:        if (next == NULL)            return 0;        /* Call post function if possible */        if (ctx->state == ASN1_STATE_HEADER) {            if (!asn1_bio_setup_ex(b, ctx, ctx->suffix,                                   ASN1_STATE_POST_COPY, ASN1_STATE_DONE))                return 0;        }        if (ctx->state == ASN1_STATE_POST_COPY) {            ret = asn1_bio_flush_ex(b, ctx, ctx->suffix_free,                                    ASN1_STATE_DONE);            if (ret <= 0)                return ret;        }        if (ctx->state == ASN1_STATE_DONE)            return BIO_ctrl(next, cmd, arg1, arg2);        else {            BIO_clear_retry_flags(b);            return 0;        }    default:        if (next == NULL)            return 0;        return BIO_ctrl(next, cmd, arg1, arg2);    }    return ret;}

//.........这里部分代码省略.........		{		BIO_printf(bio_err,"connect:errno=%d/n",get_last_socket_error());		SHUTDOWN(s);		goto end;		}	BIO_printf(bio_c_out,"CONNECTED(%08X)/n",s);#ifdef FIONBIO	if (c_nbio)		{		unsigned long l=1;		BIO_printf(bio_c_out,"turning on non blocking io/n");		if (BIO_socket_ioctl(s,FIONBIO,&l) < 0)			{			ERR_print_errors(bio_err);			goto end;			}		}#endif                                              	if (c_Pause & 0x01) con->debug=1;	if ( SSL_version(con) == DTLS1_VERSION)		{		sbio=BIO_new_dgram(s,BIO_NOCLOSE);		if (getsockname(s, &peer, (void *)&peerlen) < 0)			{			BIO_printf(bio_err, "getsockname:errno=%d/n",				get_last_socket_error());			SHUTDOWN(s);			goto end;			}		(void)BIO_ctrl_set_connected(sbio, 1, &peer);		if ( enable_timeouts)			{			timeout.tv_sec = 0;			timeout.tv_usec = DGRAM_RCV_TIMEOUT;			BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);						timeout.tv_sec = 0;			timeout.tv_usec = DGRAM_SND_TIMEOUT;			BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);			}		if (socket_mtu > 28)			{			SSL_set_options(con, SSL_OP_NO_QUERY_MTU);			SSL_set_mtu(con, socket_mtu - 28);			}		else			/* want to do MTU discovery */			BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);		}	else		sbio=BIO_new_socket(s,BIO_NOCLOSE);	if (nbio_test)		{		BIO *test;		test=BIO_new(BIO_f_nbio_test());		sbio=BIO_push(test,sbio);		}

static longlinebuffer_ctrl(BIO *b, int cmd, long num, void *ptr){	BIO *dbio;	BIO_LINEBUFFER_CTX *ctx;	long ret = 1;	char *p;	int r;	int obs;	ctx = (BIO_LINEBUFFER_CTX *)b->ptr;	switch (cmd) {	case BIO_CTRL_RESET:		ctx->obuf_len = 0;		if (b->next_bio == NULL)			return (0);		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);		break;	case BIO_CTRL_INFO:		ret = (long)ctx->obuf_len;		break;	case BIO_CTRL_WPENDING:		ret = (long)ctx->obuf_len;		if (ret == 0) {			if (b->next_bio == NULL)				return (0);			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);		}		break;	case BIO_C_SET_BUFF_SIZE:		obs = (int)num;		p = ctx->obuf;		if ((obs > DEFAULT_LINEBUFFER_SIZE) && (obs != ctx->obuf_size)) {			p = malloc(num);			if (p == NULL)				goto malloc_error;		}		if (ctx->obuf != p) {			if (ctx->obuf_len > obs) {				ctx->obuf_len = obs;			}			memcpy(p, ctx->obuf, ctx->obuf_len);			free(ctx->obuf);			ctx->obuf = p;			ctx->obuf_size = obs;		}		break;	case BIO_C_DO_STATE_MACHINE:		if (b->next_bio == NULL)			return (0);		BIO_clear_retry_flags(b);		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);		BIO_copy_next_retry(b);		break;	case BIO_CTRL_FLUSH:		if (b->next_bio == NULL)			return (0);		if (ctx->obuf_len <= 0) {			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);			break;		}		for (;;) {			BIO_clear_retry_flags(b);			if (ctx->obuf_len > 0) {				r = BIO_write(b->next_bio,				    ctx->obuf, ctx->obuf_len);				BIO_copy_next_retry(b);				if (r <= 0)					return ((long)r);				if (r < ctx->obuf_len)					memmove(ctx->obuf, ctx->obuf + r,					    ctx->obuf_len - r);				ctx->obuf_len -= r;			} else {				ctx->obuf_len = 0;				ret = 1;				break;			}		}		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);		break;	case BIO_CTRL_DUP:		dbio = (BIO *)ptr;		if (!BIO_set_write_buffer_size(dbio, ctx->obuf_size))			ret = 0;		break;	default:		if (b->next_bio == NULL)			return (0);		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);		break;	}	return (ret);malloc_error:	BIOerror(ERR_R_MALLOC_FAILURE);	return (0);}

/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */int dtls1_do_write(SSL *s, int type)	{	int ret;	int curr_mtu;	unsigned int len, frag_off;	/* AHA!  Figure out the MTU, and stick to the right size */	if ( ! (SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))		{		s->d1->mtu = 			BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);		/* I've seen the kernel return bogus numbers when it doesn't know		 * (initial write), so just make sure we have a reasonable number */		if ( s->d1->mtu < dtls1_min_mtu())			{			s->d1->mtu = 0;			s->d1->mtu = dtls1_guess_mtu(s->d1->mtu);			BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SET_MTU, 				s->d1->mtu, NULL);			}		}#if 0 	mtu = s->d1->mtu;	fprintf(stderr, "using MTU = %d/n", mtu);	mtu -= (DTLS1_HM_HEADER_LENGTH + DTLS1_RT_HEADER_LENGTH);	curr_mtu = mtu - BIO_wpending(SSL_get_wbio(s));	if ( curr_mtu > 0)		mtu = curr_mtu;	else if ( ( ret = BIO_flush(SSL_get_wbio(s))) <= 0)		return ret;	if ( BIO_wpending(SSL_get_wbio(s)) + s->init_num >= mtu)		{		ret = BIO_flush(SSL_get_wbio(s));		if ( ret <= 0)			return ret;		mtu = s->d1->mtu - (DTLS1_HM_HEADER_LENGTH + DTLS1_RT_HEADER_LENGTH);		}	OPENSSL_assert(mtu > 0);  /* should have something reasonable now */#endif	if ( s->init_off == 0  && type == SSL3_RT_HANDSHAKE)		OPENSSL_assert(s->init_num == 			(int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);	frag_off = 0;	while( s->init_num)		{		curr_mtu = s->d1->mtu - BIO_wpending(SSL_get_wbio(s)) - 			DTLS1_RT_HEADER_LENGTH;		if ( curr_mtu <= DTLS1_HM_HEADER_LENGTH)			{			/* grr.. we could get an error if MTU picked was wrong */			ret = BIO_flush(SSL_get_wbio(s));			if ( ret <= 0)				return ret;			curr_mtu = s->d1->mtu - DTLS1_RT_HEADER_LENGTH;			}		if ( s->init_num > curr_mtu)			len = curr_mtu;		else			len = s->init_num;		/* XDTLS: this function is too long.  split out the CCS part */		if ( type == SSL3_RT_HANDSHAKE)			{			if ( s->init_off != 0)				{				OPENSSL_assert(s->init_off > DTLS1_HM_HEADER_LENGTH);				s->init_off -= DTLS1_HM_HEADER_LENGTH;				s->init_num += DTLS1_HM_HEADER_LENGTH;				/* write atleast DTLS1_HM_HEADER_LENGTH bytes */				if ( len <= DTLS1_HM_HEADER_LENGTH)  					len += DTLS1_HM_HEADER_LENGTH;				}			dtls1_fix_message_header(s, frag_off, 				len - DTLS1_HM_HEADER_LENGTH);			dtls1_write_message_header(s, (unsigned char *)&s->init_buf->data[s->init_off]);			OPENSSL_assert(len >= DTLS1_HM_HEADER_LENGTH);			}		ret=dtls1_write_bytes(s,type,&s->init_buf->data[s->init_off],			len);		if (ret < 0)			{//.........这里部分代码省略.........

static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr){    BIO_ZLIB_CTX *ctx;    int ret, *ip;    int ibs, obs;    BIO *next = BIO_next(b);    if (next == NULL)        return 0;    ctx = BIO_get_data(b);    switch (cmd) {    case BIO_CTRL_RESET:        ctx->ocount = 0;        ctx->odone = 0;        ret = 1;        break;    case BIO_CTRL_FLUSH:        ret = bio_zlib_flush(b);        if (ret > 0)            ret = BIO_flush(next);        break;    case BIO_C_SET_BUFF_SIZE:        ibs = -1;        obs = -1;        if (ptr != NULL) {            ip = ptr;            if (*ip == 0)                ibs = (int)num;            else                obs = (int)num;        } else {            ibs = (int)num;            obs = ibs;        }        if (ibs != -1) {            OPENSSL_free(ctx->ibuf);            ctx->ibuf = NULL;            ctx->ibufsize = ibs;        }        if (obs != -1) {            OPENSSL_free(ctx->obuf);            ctx->obuf = NULL;            ctx->obufsize = obs;        }        ret = 1;        break;    case BIO_C_DO_STATE_MACHINE:        BIO_clear_retry_flags(b);        ret = BIO_ctrl(next, cmd, num, ptr);        BIO_copy_next_retry(b);        break;    default:        ret = BIO_ctrl(next, cmd, num, ptr);        break;    }    return ret;}

int dtls1_connect(SSL *s)	{	BUF_MEM *buf=NULL;	unsigned long Time=(unsigned long)time(NULL);	void (*cb)(const SSL *ssl,int type,int val)=NULL;	int ret= -1;	int new_state,state,skip=0;#ifndef OPENSSL_NO_SCTP	unsigned char sctpauthkey[64];	char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];#endif	RAND_add(&Time,sizeof(Time),0);	ERR_clear_error();	clear_sys_error();	if (s->info_callback != NULL)		cb=s->info_callback;	else if (s->ctx->info_callback != NULL)		cb=s->ctx->info_callback;		s->in_handshake++;	if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); #ifndef OPENSSL_NO_SCTP	/* Notify SCTP BIO socket to enter handshake	 * mode and prevent stream identifier other	 * than 0. Will be ignored if no SCTP is used.	 */	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE, s->in_handshake, NULL);#endif#ifndef OPENSSL_NO_HEARTBEATS	/* If we're awaiting a HeartbeatResponse, pretend we	 * already got and don't await it anymore, because	 * Heartbeats don't make sense during handshakes anyway.	 */	if (s->tlsext_hb_pending)		{		dtls1_stop_timer(s);		s->tlsext_hb_pending = 0;		s->tlsext_hb_seq++;		}#endif	for (;;)		{		state=s->state;		switch(s->state)			{		case SSL_ST_RENEGOTIATE:			s->renegotiate=1;			s->state=SSL_ST_CONNECT;			s->ctx->stats.sess_connect_renegotiate++;			/* break */		case SSL_ST_BEFORE:		case SSL_ST_CONNECT:		case SSL_ST_BEFORE|SSL_ST_CONNECT:		case SSL_ST_OK|SSL_ST_CONNECT:			s->server=0;			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);			if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00) &&			    (s->version & 0xff00 ) != (DTLS1_BAD_VER & 0xff00))				{				SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR);				ret = -1;				goto end;				}							/* s->version=SSL3_VERSION; */			s->type=SSL_ST_CONNECT;			if (s->init_buf == NULL)				{				if ((buf=BUF_MEM_new()) == NULL)					{					ret= -1;					goto end;					}				if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))					{					ret= -1;					goto end;					}				s->init_buf=buf;				buf=NULL;				}			if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }			/* setup buffing BIO */			if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; }			/* don't push the buffering BIO quite yet */			s->state=SSL3_ST_CW_CLNT_HELLO_A;			s->ctx->stats.sess_connect++;//.........这里部分代码省略.........

static long rdg_bio_ctrl(BIO* bio, int cmd, long arg1, void* arg2){	int status = -1;	rdpRdg* rdg = (rdpRdg*) BIO_get_data(bio);	rdpTls* tlsOut = rdg->tlsOut;	rdpTls* tlsIn = rdg->tlsIn;	if (cmd == BIO_CTRL_FLUSH)	{		(void)BIO_flush(tlsOut->bio);		(void)BIO_flush(tlsIn->bio);		status = 1;	}	else if (cmd == BIO_C_SET_NONBLOCK)	{		status = 1;	}	else if (cmd == BIO_C_READ_BLOCKED)	{		BIO* bio = tlsOut->bio;		status = BIO_read_blocked(bio);	}	else if (cmd == BIO_C_WRITE_BLOCKED)	{		BIO* bio = tlsIn->bio;		status = BIO_write_blocked(bio);	}	else if (cmd == BIO_C_WAIT_READ)	{		int timeout = (int) arg1;		BIO* bio = tlsOut->bio;		if (BIO_read_blocked(bio))			return BIO_wait_read(bio, timeout);		else if (BIO_write_blocked(bio))			return BIO_wait_write(bio, timeout);		else			status = 1;	}	else if (cmd == BIO_C_WAIT_WRITE)	{		int timeout = (int) arg1;		BIO* bio = tlsIn->bio;		if (BIO_write_blocked(bio))			status = BIO_wait_write(bio, timeout);		else if (BIO_read_blocked(bio))			status = BIO_wait_read(bio, timeout);		else			status = 1;	}	else if (cmd == BIO_C_GET_EVENT || cmd == BIO_C_GET_FD)	{		/*		 * A note about BIO_C_GET_FD:		 * Even if two FDs are part of RDG, only one FD can be returned here.		 *		 * In FreeRDP, BIO FDs are only used for polling, so it is safe to use the outgoing FD only		 *		 * See issue #3602		 */		status = BIO_ctrl(tlsOut->bio, cmd, arg1, arg2);	}	return status;}

int BIO_set_conn_hostname(BIO *bio, const char *name) {  return BIO_ctrl(bio, BIO_C_SET_CONNECT, 0, (void*) name);}

static long ok_ctrl(BIO *b, int cmd, long num, void *ptr){    BIO_OK_CTX *ctx;    EVP_MD *md;    const EVP_MD **ppmd;    long ret = 1;    int i;    BIO *next;    ctx = BIO_get_data(b);    next = BIO_next(b);    switch (cmd) {    case BIO_CTRL_RESET:        ctx->buf_len = 0;        ctx->buf_off = 0;        ctx->buf_len_save = 0;        ctx->buf_off_save = 0;        ctx->cont = 1;        ctx->finished = 0;        ctx->blockout = 0;        ctx->sigio = 1;        ret = BIO_ctrl(next, cmd, num, ptr);        break;    case BIO_CTRL_EOF:         /* More to read */        if (ctx->cont <= 0)            ret = 1;        else            ret = BIO_ctrl(next, cmd, num, ptr);        break;    case BIO_CTRL_PENDING:     /* More to read in buffer */    case BIO_CTRL_WPENDING:    /* More to read in buffer */        ret = ctx->blockout ? ctx->buf_len - ctx->buf_off : 0;        if (ret <= 0)            ret = BIO_ctrl(next, cmd, num, ptr);        break;    case BIO_CTRL_FLUSH:        /* do a final write */        if (ctx->blockout == 0)            if (!block_out(b))                return 0;        while (ctx->blockout) {            i = ok_write(b, NULL, 0);            if (i < 0) {                ret = i;                break;            }        }        ctx->finished = 1;        ctx->buf_off = ctx->buf_len = 0;        ctx->cont = (int)ret;        /* Finally flush the underlying BIO */        ret = BIO_ctrl(next, cmd, num, ptr);        break;    case BIO_C_DO_STATE_MACHINE:        BIO_clear_retry_flags(b);        ret = BIO_ctrl(next, cmd, num, ptr);        BIO_copy_next_retry(b);        break;    case BIO_CTRL_INFO:        ret = (long)ctx->cont;        break;    case BIO_C_SET_MD:        md = ptr;        if (!EVP_DigestInit_ex(ctx->md, md, NULL))            return 0;        BIO_set_init(b, 1);        break;    case BIO_C_GET_MD:        if (BIO_get_init(b)) {            ppmd = ptr;            *ppmd = EVP_MD_CTX_md(ctx->md);        } else            ret = 0;        break;    default:        ret = BIO_ctrl(next, cmd, num, ptr);        break;    }    return ret;}

int BIO_set_conn_port(BIO *bio, const char *port_str) {  return BIO_ctrl(bio, BIO_C_SET_CONNECT, 1, (void*) port_str);}

static long bsegs_ctrl(BIO *b, int cmd, long arg1, void *arg2){	return BIO_ctrl(b->next_bio, cmd, arg1, arg2);}

int BIO_set_nbio(BIO *bio, int on) {  return BIO_ctrl(bio, BIO_C_SET_NBIO, on, NULL);}

int DTLSv1_listen(SSL *s, BIO_ADDR *client){    int next, n, ret = 0, clearpkt = 0;    unsigned char cookie[DTLS1_COOKIE_LENGTH];    unsigned char seq[SEQ_NUM_SIZE];    const unsigned char *data;    unsigned char *p, *buf;    unsigned long reclen, fragoff, fraglen, msglen;    unsigned int rectype, versmajor, msgseq, msgtype, clientvers, cookielen;    BIO *rbio, *wbio;    BUF_MEM *bufm;    BIO_ADDR *tmpclient = NULL;    PACKET pkt, msgpkt, msgpayload, session, cookiepkt;    /* Ensure there is no state left over from a previous invocation */    if (!SSL_clear(s))        return -1;    ERR_clear_error();    rbio = SSL_get_rbio(s);    wbio = SSL_get_wbio(s);    if (!rbio || !wbio) {        SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_BIO_NOT_SET);        return -1;    }    /*     * We only peek at incoming ClientHello's until we're sure we are going to     * to respond with a HelloVerifyRequest. If its a ClientHello with a valid     * cookie then we leave it in the BIO for accept to handle.     */    BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_PEEK_MODE, 1, NULL);    /*     * Note: This check deliberately excludes DTLS1_BAD_VER because that version     * requires the MAC to be calculated *including* the first ClientHello     * (without the cookie). Since DTLSv1_listen is stateless that cannot be     * supported. DTLS1_BAD_VER must use cookies in a stateful manner (e.g. via     * SSL_accept)     */    if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00)) {        SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_UNSUPPORTED_SSL_VERSION);        return -1;    }    if (s->init_buf == NULL) {        if ((bufm = BUF_MEM_new()) == NULL) {            SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_MALLOC_FAILURE);            return -1;        }        if (!BUF_MEM_grow(bufm, SSL3_RT_MAX_PLAIN_LENGTH)) {            BUF_MEM_free(bufm);            SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_MALLOC_FAILURE);            return -1;        }        s->init_buf = bufm;    }    buf = (unsigned char *)s->init_buf->data;    do {        /* Get a packet */        clear_sys_error();        /*         * Technically a ClientHello could be SSL3_RT_MAX_PLAIN_LENGTH         * + DTLS1_RT_HEADER_LENGTH bytes long. Normally init_buf does not store         * the record header as well, but we do here. We've set up init_buf to         * be the standard size for simplicity. In practice we shouldn't ever         * receive a ClientHello as long as this. If we do it will get dropped         * in the record length check below.         */        n = BIO_read(rbio, buf, SSL3_RT_MAX_PLAIN_LENGTH);        if (n <= 0) {            if (BIO_should_retry(rbio)) {                /* Non-blocking IO */                goto end;            }            return -1;        }        /* If we hit any problems we need to clear this packet from the BIO */        clearpkt = 1;        if (!PACKET_buf_init(&pkt, buf, n)) {            SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_INTERNAL_ERROR);            return -1;        }        /*         * Parse the received record. If there are any problems with it we just         * dump it - with no alert. RFC6347 says this "Unlike TLS, DTLS is         * resilient in the face of invalid records (e.g., invalid formatting,         * length, MAC, etc.).  In general, invalid records SHOULD be silently         * discarded, thus preserving the association; however, an error MAY be         * logged for diagnostic purposes."         *///.........这里部分代码省略.........

int BIO_do_connect(BIO *bio) {  return BIO_ctrl(bio, BIO_C_DO_STATE_MACHINE, 0, NULL);}

static longbuffer_ctrl(BIO *b, int cmd, long num, void *ptr){	BIO *dbio;	BIO_F_BUFFER_CTX *ctx;	long ret = 1;	char *p1, *p2;	int r, i, *ip;	int ibs, obs;	ctx = (BIO_F_BUFFER_CTX *)b->ptr;	switch (cmd) {	case BIO_CTRL_RESET:		ctx->ibuf_off = 0;		ctx->ibuf_len = 0;		ctx->obuf_off = 0;		ctx->obuf_len = 0;		if (b->next_bio == NULL)			return (0);		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);		break;	case BIO_CTRL_INFO:		ret = (long)ctx->obuf_len;		break;	case BIO_C_GET_BUFF_NUM_LINES:		ret = 0;		p1 = ctx->ibuf;		for (i = 0; i < ctx->ibuf_len; i++) {			if (p1[ctx->ibuf_off + i] == '/n')				ret++;		}		break;	case BIO_CTRL_WPENDING:		ret = (long)ctx->obuf_len;		if (ret == 0) {			if (b->next_bio == NULL)				return (0);			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);		}		break;	case BIO_CTRL_PENDING:		ret = (long)ctx->ibuf_len;		if (ret == 0) {			if (b->next_bio == NULL)				return (0);			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);		}		break;	case BIO_C_SET_BUFF_READ_DATA:		if (num > ctx->ibuf_size) {			p1 = malloc(num);			if (p1 == NULL)				goto malloc_error;			free(ctx->ibuf);			ctx->ibuf = p1;		}		ctx->ibuf_off = 0;		ctx->ibuf_len = (int)num;		memcpy(ctx->ibuf, ptr, num);		ret = 1;		break;	case BIO_C_SET_BUFF_SIZE:		if (ptr != NULL) {			ip = (int *)ptr;			if (*ip == 0) {				ibs = (int)num;				obs = ctx->obuf_size;			}			else /* if (*ip == 1) */			{				ibs = ctx->ibuf_size;				obs = (int)num;			}		} else {			ibs = (int)num;			obs = (int)num;		}		p1 = ctx->ibuf;		p2 = ctx->obuf;		if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size)) {			p1 = malloc(num);			if (p1 == NULL)				goto malloc_error;		}		if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size)) {			p2 = malloc(num);			if (p2 == NULL) {				if (p1 != ctx->ibuf)					free(p1);				goto malloc_error;			}		}		if (ctx->ibuf != p1) {			free(ctx->ibuf);			ctx->ibuf = p1;			ctx->ibuf_off = 0;			ctx->ibuf_len = 0;			ctx->ibuf_size = ibs;		}//.........这里部分代码省略.........

static long md_ctrl(BIO *b, int cmd, long num, void *ptr)	{	EVP_MD_CTX *ctx,*dctx,**pctx;	const EVP_MD **ppmd;	EVP_MD *md;	long ret=1;	BIO *dbio;	ctx=b->ptr;	switch (cmd)		{	case BIO_CTRL_RESET:		if (b->init)			ret = EVP_DigestInit_ex(ctx,ctx->digest, NULL);		else			ret=0;		if (ret > 0)			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);		break;	case BIO_C_GET_MD:		if (b->init)			{			ppmd=ptr;			*ppmd=ctx->digest;			}		else			ret=0;		break;	case BIO_C_GET_MD_CTX:		pctx=ptr;		*pctx=ctx;		break;	case BIO_C_SET_MD_CTX:		if (b->init)			b->ptr=ptr;		else			ret=0;		break;	case BIO_C_DO_STATE_MACHINE:		BIO_clear_retry_flags(b);		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);		BIO_copy_next_retry(b);		break;	case BIO_C_SET_MD:		md=ptr;		ret = EVP_DigestInit_ex(ctx,md, NULL);		if (ret > 0)			b->init=1;		break;	case BIO_CTRL_DUP:		dbio=ptr;		dctx=dbio->ptr;		EVP_MD_CTX_copy_ex(dctx,ctx);		b->init=1;		break;	default:		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);		break;		}	return(ret);	}

//.........这里部分代码省略.........		if(sockfd != -1) {			close(sockfd);		}		freeaddrinfo(result);		goto end;	}	/* Set socket to reuse address */	flag = 1;	if( setsockopt(dgram_conn->io_ctx.sockfd, SOL_SOCKET, SO_REUSEADDR, &flag, sizeof(flag)) == -1) {		v_print_log(VRS_PRINT_ERROR, "setsockopt(): %s/n", strerror(errno));		free(dgram_conn);		if(sockfd != -1) {			close(sockfd);		}		dgram_conn = NULL;		goto end;	}	/* Set address of peer and host */	if(rp->ai_family==AF_INET) {		/* Address type of client */		dgram_conn->io_ctx.host_addr.ip_ver = IPV4;		dgram_conn->io_ctx.host_addr.protocol = UDP;		/* Address of peer */		dgram_conn->io_ctx.peer_addr.ip_ver = IPV4;		dgram_conn->io_ctx.peer_addr.protocol = UDP;		dgram_conn->io_ctx.peer_addr.port = ntohs(((struct sockaddr_in*)rp->ai_addr)->sin_port);		memcpy(&dgram_conn->io_ctx.peer_addr.addr.ipv4, rp->ai_addr, rp->ai_addrlen);		/* Address of peer (reference in connection) */		dgram_conn->peer_address.ip_ver = IPV4;		dgram_conn->peer_address.protocol = UDP;		dgram_conn->peer_address.port = ntohs(((struct sockaddr_in*)rp->ai_addr)->sin_port);		memcpy(&dgram_conn->peer_address.addr.ipv4, rp->ai_addr, rp->ai_addrlen);	}	else if(rp->ai_family==AF_INET6) {		/* Address type of client */		dgram_conn->io_ctx.host_addr.ip_ver = IPV6;		dgram_conn->io_ctx.host_addr.protocol = UDP;		/* Address of peer */		dgram_conn->io_ctx.peer_addr.ip_ver = IPV6;		dgram_conn->io_ctx.peer_addr.protocol = UDP;		dgram_conn->io_ctx.peer_addr.port = ntohs(((struct sockaddr_in6*)rp->ai_addr)->sin6_port);		memcpy(&dgram_conn->io_ctx.peer_addr.addr.ipv6, rp->ai_addr, rp->ai_addrlen);		/* Address of peer (reference in connection) */		dgram_conn->peer_address.ip_ver = IPV6;		dgram_conn->peer_address.protocol = UDP;		dgram_conn->peer_address.port = ntohs(((struct sockaddr_in6*)rp->ai_addr)->sin6_port);		memcpy(&dgram_conn->peer_address.addr.ipv6, rp->ai_addr, rp->ai_addrlen);	}	freeaddrinfo(result);	/* When DTLS was negotiated, then set flag */	if(url.security_protocol == VRS_SEC_DATA_TLS) {#if (defined WITH_OPENSSL) && OPENSSL_VERSION_NUMBER>=0x10000000		dgram_conn->io_ctx.flags |= SOCKET_SECURED;#else		v_print_log(VRS_PRINT_ERROR,					"Server tries to force client to use secured connection, but it is not supported/n");		goto end;#endif	}#ifdef WITH_OPENSSL	/* Create BIO, connect and set to already connected */	if( (dgram_conn->io_ctx.bio = BIO_new_dgram(dgram_conn->io_ctx.sockfd, BIO_CLOSE)) == NULL) {		v_print_log(VRS_PRINT_ERROR, "BIO_new_dgram()/n");		goto end;	}	/* Try to do PMTU discovery */	if( BIO_ctrl(dgram_conn->io_ctx.bio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL) < 0) {		v_print_log(VRS_PRINT_ERROR, "BIO_ctrl()/n");		goto end;	}	/* Try to get MTU from the bio */	ret = BIO_ctrl(dgram_conn->io_ctx.bio, BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);	if(ret > 0) {		dgram_conn->io_ctx.mtu = ret;		v_print_log(VRS_PRINT_DEBUG_MSG, "PMTU: %d/n", dgram_conn->io_ctx.mtu);	} else {		dgram_conn->io_ctx.mtu = DEFAULT_MTU;		v_print_log(VRS_PRINT_DEBUG_MSG, "Default MTU: %d/n", dgram_conn->io_ctx.mtu);	}#else	dgram_conn->io_ctx.mtu = DEFAULT_MTU;#endif	/* Set up necessary flag for V_CTX (client will be able to send and receive packets only to/from server) */	dgram_conn->io_ctx.flags |= SOCKET_CONNECTED;	dgram_conn->host_id = (unsigned int)rand();end:	v_url_clear(&url);		return dgram_conn;}

static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)	{	SSL **sslp,*ssl;	BIO_SSL *bs;	BIO *dbio,*bio;	long ret=1;	bs=(BIO_SSL *)b->ptr;	ssl=bs->ssl;	if ((ssl == NULL)  && (cmd != BIO_C_SET_SSL))		return(0);	switch (cmd)		{	case BIO_CTRL_RESET:		SSL_shutdown(ssl);		if (ssl->handshake_func == ssl->method->ssl_connect)			SSL_set_connect_state(ssl);		else if (ssl->handshake_func == ssl->method->ssl_accept)			SSL_set_accept_state(ssl);		SSL_clear(ssl);		if (b->next_bio != NULL)			ret=BIO_ctrl(b->next_bio,cmd,num,ptr);		else if (ssl->rbio != NULL)			ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);		else			ret=1;		break;	case BIO_CTRL_INFO:		ret=0;		break;	case BIO_C_SSL_MODE:		if (num) /* client mode */			SSL_set_connect_state(ssl);		else			SSL_set_accept_state(ssl);		break;	case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT:		ret=bs->renegotiate_timeout;		if (num < 60) num=5;		bs->renegotiate_timeout=(unsigned long)num;		bs->last_time=(unsigned long)time(NULL);		break;	case BIO_C_SET_SSL_RENEGOTIATE_BYTES:		ret=bs->renegotiate_count;		if ((long)num >=512)			bs->renegotiate_count=(unsigned long)num;		break;	case BIO_C_GET_SSL_NUM_RENEGOTIATES:		ret=bs->num_renegotiates;		break;	case BIO_C_SET_SSL:		if (ssl != NULL)			{			ssl_free(b);			if (!ssl_new(b))				return 0;			}		b->shutdown=(int)num;		ssl=(SSL *)ptr;		((BIO_SSL *)b->ptr)->ssl=ssl;		bio=SSL_get_rbio(ssl);		if (bio != NULL)			{			if (b->next_bio != NULL)				BIO_push(bio,b->next_bio);			b->next_bio=bio;			CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO);			}		b->init=1;		break;	case BIO_C_GET_SSL:		if (ptr != NULL)			{			sslp=(SSL **)ptr;			*sslp=ssl;			}		else			ret=0;		break;	case BIO_CTRL_GET_CLOSE:		ret=b->shutdown;		break;	case BIO_CTRL_SET_CLOSE:		b->shutdown=(int)num;		break;	case BIO_CTRL_WPENDING:		ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);		break;	case BIO_CTRL_PENDING:		ret=SSL_pending(ssl);		if (ret == 0)			ret=BIO_pending(ssl->rbio);		break;	case BIO_CTRL_FLUSH:		BIO_clear_retry_flags(b);		ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);		BIO_copy_next_retry(b);//.........这里部分代码省略.........

int BIO_get_mem_ptr(BIO *bio, BUF_MEM **out) {  return BIO_ctrl(bio, BIO_C_GET_BUF_MEM_PTR, 0, (char *) out);}

int BIO_ctrl_reset_read_request(BIO *bio)	{	return (BIO_ctrl(bio, BIO_C_RESET_READ_REQUEST, 0, NULL) != 0);	}