自学教程：C++ Curl_socket_ready函数代码示例

int Curl_qsossl_shutdown(struct connectdata * conn, int sockindex){  struct ssl_connect_data * connssl = &conn->ssl[sockindex];  struct SessionHandle *data = conn->data;  ssize_t nread;  int what;  int rc;  char buf[120];  if(!connssl->handle)    return 0;  if(data->set.ftp_ccc != CURLFTPSSL_CCC_ACTIVE)    return 0;  if(Curl_qsossl_close_one(connssl, data))    return -1;  rc = 0;  what = Curl_socket_ready(conn->sock[sockindex],                           CURL_SOCKET_BAD, SSL_SHUTDOWN_TIMEOUT);  for(;;) {    if(what < 0) {      /* anything that gets here is fatally bad */      failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);      rc = -1;      break;    }    if(!what) {                                /* timeout */      failf(data, "SSL shutdown timeout");      break;    }    /* Something to read, let's do it and hope that it is the close       notify alert from the server. No way to SSL_Read now, so use read(). */    nread = read(conn->sock[sockindex], buf, sizeof(buf));    if(nread < 0) {      failf(data, "read: %s", strerror(errno));      rc = -1;    }    if(nread <= 0)      break;    what = Curl_socket_ready(conn->sock[sockindex], CURL_SOCKET_BAD, 0);  }  return rc;}

/* * Curl_pp_multi_statemach() * * called repeatedly until done when the multi interface is used. */CURLcode Curl_pp_multi_statemach(struct pingpong *pp){  struct connectdata *conn = pp->conn;  curl_socket_t sock = conn->sock[FIRSTSOCKET];  int rc;  struct SessionHandle *data=conn->data;  CURLcode result = CURLE_OK;  long timeout_ms = Curl_pp_state_timeout(pp);  if(timeout_ms <= 0) {    failf(data, "server response timeout");    return CURLE_OPERATION_TIMEDOUT;  }  rc = Curl_socket_ready(pp->sendleft?CURL_SOCKET_BAD:sock, /* reading */                         pp->sendleft?sock:CURL_SOCKET_BAD, /* writing */                         0);  if(rc == -1) {    failf(data, "select/poll error");    return CURLE_OUT_OF_MEMORY;  }  else if(rc != 0)    result = pp->statemach_act(conn);  /* if rc == 0, then select() timed out */  return result;}

static enum chkconn_tcheckconnect(curl_socket_t sockfd){  int rc;#ifdef mpeix  /* Call this function once now, and ignore the results. We do this to     "clear" the error state on the socket so that we can later read it     reliably. This is reported necessary on the MPE/iX operating system. */  (void)verifyconnect(sockfd, NULL);#endif  rc = Curl_socket_ready(CURL_SOCKET_BAD, sockfd, 0);  if(-1 == rc)    /* error, no connect here, try next */    return CHKCONN_SELECT_ERROR;  else if(rc & CURL_CSELECT_ERR)    /* error condition caught */    return CHKCONN_FDSET_ERROR;  else if(rc)    return CHKCONN_CONNECTED;  return CHKCONN_IDLE;}

staticint waitconnect(curl_socket_t sockfd, /* socket */                long timeout_msec){  int rc;#ifdef mpeix  /* Call this function once now, and ignore the results. We do this to     "clear" the error state on the socket so that we can later read it     reliably. This is reported necessary on the MPE/iX operating system. */  (void)verifyconnect(sockfd, NULL);#endif  /* now select() until we get connect or timeout */  rc = Curl_socket_ready(CURL_SOCKET_BAD, sockfd, (int)timeout_msec);  if(-1 == rc)    /* error, no connect here, try next */    return WAITCONN_SELECT_ERROR;  else if(0 == rc)    /* timeout, no connect today */    return WAITCONN_TIMEOUT;  if(rc & CSELECT_ERR)    /* error condition caught */    return WAITCONN_FDSET_ERROR;  /* we have a connect! */  return WAITCONN_CONNECTED;}

/* * Curl_pp_statemach() */CURLcode Curl_pp_statemach(struct pingpong *pp, bool block){  struct connectdata *conn = pp->conn;  curl_socket_t sock = conn->sock[FIRSTSOCKET];  int rc;  long interval_ms;  long timeout_ms = Curl_pp_state_timeout(pp);  struct Curl_easy *data=conn->data;  CURLcode result = CURLE_OK;  if(timeout_ms <=0) {    failf(data, "server response timeout");    return CURLE_OPERATION_TIMEDOUT; /* already too little time */  }  if(block) {    interval_ms = 1000;  /* use 1 second timeout intervals */    if(timeout_ms < interval_ms)      interval_ms = timeout_ms;  }  else    interval_ms = 0; /* immediate */  if(Curl_pp_moredata(pp))    /* We are receiving and there is data in the cache so just read it */    rc = 1;  else if(!pp->sendleft && Curl_ssl_data_pending(conn, FIRSTSOCKET))    /* We are receiving and there is data ready in the SSL library */    rc = 1;  else    rc = Curl_socket_ready(pp->sendleft?CURL_SOCKET_BAD:sock, /* reading */                           pp->sendleft?sock:CURL_SOCKET_BAD, /* writing */                           interval_ms);  if(block) {    /* if we didn't wait, we don't have to spend time on this now */    if(Curl_pgrsUpdate(conn))      result = CURLE_ABORTED_BY_CALLBACK;    else      result = Curl_speedcheck(data, Curl_tvnow());    if(result)      return result;  }  if(rc == -1) {    failf(data, "select/poll error");    result = CURLE_OUT_OF_MEMORY;  }  else if(rc)    result = pp->statemach_act(conn);  return result;}

/* * This function is called to shut down the SSL layer but keep the * socket open (CCC - Clear Command Channel) */int Curl_axtls_shutdown(struct connectdata *conn, int sockindex){  /* Outline taken from curl_ssluse.c since functions are in axTLS compat     layer.  axTLS's error set is much smaller, so a lot of error-handling     was removed.   */  int retval = 0;  struct ssl_connect_data *connssl = &conn->ssl[sockindex];  struct SessionHandle *data = conn->data;  char buf[120]; /* We will use this for the OpenSSL error buffer, so it has                    to be at least 120 bytes long. */  ssize_t nread;  infof(conn->data, "  Curl_axtls_shutdown/n");  /* This has only been tested on the proftpd server, and the mod_tls code     sends a close notify alert without waiting for a close notify alert in     response. Thus we wait for a close notify alert from the server, but     we do not send one. Let's hope other servers do the same... */  /* axTLS compat layer does nothing for SSL_shutdown, so we do nothing too  if(data->set.ftp_ccc == CURLFTPSSL_CCC_ACTIVE)      (void)SSL_shutdown(connssl->ssl);  */  if(connssl->ssl) {    int what = Curl_socket_ready(conn->sock[sockindex],                                 CURL_SOCKET_BAD, SSL_SHUTDOWN_TIMEOUT);    if(what > 0) {      /* Something to read, let's do it and hope that it is the close         notify alert from the server */      nread = (ssize_t)SSL_read(conn->ssl[sockindex].ssl, buf,                                sizeof(buf));      if(nread < SSL_OK) {        failf(data, "close notify alert not received during shutdown");        retval = -1;      }    }    else if(0 == what) {      /* timeout */      failf(data, "SSL shutdown timeout");    }    else {      /* anything that gets here is fatally bad */      failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);      retval = -1;    }    ssl_free (connssl->ssl);    connssl->ssl = NULL;  }  return retval;}

/* * Helper read-from-socket functions. Does the same as Curl_read() but it * blocks until all bytes amount of buffersize will be read. No more, no less. * * This is STUPID BLOCKING behaviour which we frown upon, but right now this * is what we have... */int Curl_blockread_all(struct connectdata *conn, /* connection data */                       curl_socket_t sockfd,     /* read from this socket */                       char *buf,                /* store read data here */                       ssize_t buffersize,       /* max amount to read */                       ssize_t *n,               /* amount bytes read */                       long conn_timeout)        /* timeout for data wait                                                    relative to                                                    conn->created */{  ssize_t nread;  ssize_t allread = 0;  int result;  struct timeval tvnow;  long conntime;  *n = 0;  for(;;) {    tvnow = Curl_tvnow();    /* calculating how long connection is establishing */    conntime = Curl_tvdiff(tvnow, conn->created);    if(conntime > conn_timeout) {      /* we already got the timeout */      result = CURLE_OPERATION_TIMEDOUT;      break;    }    if(Curl_socket_ready(sockfd, CURL_SOCKET_BAD,                   (int)(conn_timeout - conntime)) <= 0) {      result = ~CURLE_OK;      break;    }    result = Curl_read_plain(sockfd, buf, buffersize, &nread);    if(CURLE_AGAIN == result)      continue;    else if(result)      break;    if(buffersize == nread) {      allread += nread;      *n = allread;      result = CURLE_OK;      break;    }    if(!nread) {      result = ~CURLE_OK;      break;    }    buffersize -= nread;    buf += nread;    allread += nread;  }  return result;}

staticint waitconnect(struct connectdata *conn,                curl_socket_t sockfd, /* socket */                long timeout_msec){    int rc;#ifdef mpeix    /* Call this function once now, and ignore the results. We do this to       "clear" the error state on the socket so that we can later read it       reliably. This is reported necessary on the MPE/iX operating system. */    (void)verifyconnect(sockfd, NULL);#endif    for(;;) {        /* now select() until we get connect or timeout */        rc = Curl_socket_ready(CURL_SOCKET_BAD, sockfd, (int)(timeout_msec>1000?                               1000:timeout_msec));        if(Curl_pgrsUpdate(conn))            return CURLE_ABORTED_BY_CALLBACK;        if(-1 == rc)            /* error, no connect here, try next */            return WAITCONN_SELECT_ERROR;        else if(0 == rc) {            /* timeout */            timeout_msec -= 1000;            if(timeout_msec <= 0)                return WAITCONN_TIMEOUT;            continue;        }        if(rc & CURL_CSELECT_ERR)            /* error condition caught */            return WAITCONN_FDSET_ERROR;        break;    }    return WAITCONN_CONNECTED;}

/* * Curl_pp_easy_statemach() * * called repeatedly until done when the easy interface is used. */CURLcode Curl_pp_easy_statemach(struct pingpong *pp){  struct connectdata *conn = pp->conn;  curl_socket_t sock = conn->sock[FIRSTSOCKET];  int rc;  long interval_ms;  long timeout_ms = Curl_pp_state_timeout(pp);  struct SessionHandle *data=conn->data;  CURLcode result;  if(timeout_ms <=0 ) {    failf(data, "server response timeout");    return CURLE_OPERATION_TIMEDOUT; /* already too little time */  }  interval_ms = 1000;  /* use 1 second timeout intervals */  if(timeout_ms < interval_ms)    interval_ms = timeout_ms;  rc = Curl_socket_ready(pp->sendleft?CURL_SOCKET_BAD:sock, /* reading */                         pp->sendleft?sock:CURL_SOCKET_BAD, /* writing */                         (int)interval_ms);  if(Curl_pgrsUpdate(conn))    result = CURLE_ABORTED_BY_CALLBACK;  else    result = Curl_speedcheck(data, Curl_tvnow());  if(result)    ;  else if(rc == -1) {    failf(data, "select/poll error");    result = CURLE_OUT_OF_MEMORY;  }  else if(rc)    result = pp->statemach_act(conn);  return result;}

/* * The server may send us RTP data at any point, and RTSPREQ_RECEIVE does not * want to block the application forever while receiving a stream. Therefore, * we cannot assume that an RTSP socket is dead just because it is readable. * * Instead, if it is readable, run Curl_getconnectinfo() to peek at the socket * and distinguish between closed and data. */bool Curl_rtsp_connisdead(struct connectdata *check){  int sval;  bool ret_val = TRUE;  sval = Curl_socket_ready(check->sock[FIRSTSOCKET], CURL_SOCKET_BAD, 0);  if(sval == 0) {    /* timeout */    ret_val = FALSE;  }  else if(sval & CURL_CSELECT_ERR) {    /* socket is in an error state */    ret_val = TRUE;  }  else if((sval & CURL_CSELECT_IN) && check->data) {    /* readable with no error. could be closed or could be alive but we can       only check if we have a proper SessionHandle for the connection */    curl_socket_t connectinfo = Curl_getconnectinfo(check->data, &check);    if(connectinfo != CURL_SOCKET_BAD)      ret_val = FALSE;  }  return ret_val;}

//.........这里部分代码省略.........      /* now we've issued the CONNECT and we're waiting to hear back, return         and get called again polling-style */      return CURLE_OK;    } /* END CONNECT PHASE */    { /* BEGIN NEGOTIATION PHASE */      size_t nread;   /* total size read */      int perline; /* count bytes per line */      int keepon=TRUE;      ssize_t gotbytes;      char *ptr;      char *line_start;      ptr=data->state.buffer;      line_start = ptr;      nread=0;      perline=0;      keepon=TRUE;      while((nread<BUFSIZE) && (keepon && !error)) {        /* if timeout is requested, find out how much remaining time we have */        check = timeout - /* timeout time */          Curl_tvdiff(Curl_tvnow(), conn->now); /* spent time */        if(check <= 0) {          failf(data, "Proxy CONNECT aborted due to timeout");          error = SELECT_TIMEOUT; /* already too little time */          break;        }        /* loop every second at least, less if the timeout is near */        switch (Curl_socket_ready(tunnelsocket, CURL_SOCKET_BAD,                                  check<1000L?check:1000)) {        case -1: /* select() error, stop reading */          error = SELECT_ERROR;          failf(data, "Proxy CONNECT aborted due to select/poll error");          break;        case 0: /* timeout */          break;        default:          DEBUGASSERT(ptr+BUFSIZE-nread <= data->state.buffer+BUFSIZE+1);          result = Curl_read(conn, tunnelsocket, ptr, BUFSIZE-nread,                             &gotbytes);          if(result==CURLE_AGAIN)            continue; /* go loop yourself */          else if(result)            keepon = FALSE;          else if(gotbytes <= 0) {            keepon = FALSE;            if(data->set.proxyauth && data->state.authproxy.avail) {              /* proxy auth was requested and there was proxy auth available,                 then deem this as "mere" proxy disconnect */              conn->bits.proxy_connect_closed = TRUE;            }            else {              error = SELECT_ERROR;              failf(data, "Proxy CONNECT aborted");            }          }          else {            /*             * We got a whole chunk of data, which can be anything from one             * byte to a set of lines and possibly just a piece of the last             * line.

/* this function does a SSL/TLS (re-)handshake */static CURLcode handshake(struct connectdata *conn,                          int sockindex,                          bool duringconnect,                          bool nonblocking){  struct SessionHandle *data = conn->data;  struct ssl_connect_data *connssl = &conn->ssl[sockindex];  gnutls_session session = conn->ssl[sockindex].session;  curl_socket_t sockfd = conn->sock[sockindex];  long timeout_ms;  int rc;  int what;  while(1) {    /* check allowed time left */    timeout_ms = Curl_timeleft(conn, NULL, duringconnect);    if(timeout_ms < 0) {      /* no need to continue if time already is up */      failf(data, "SSL connection timeout");      return CURLE_OPERATION_TIMEDOUT;    }    /* if ssl is expecting something, check if it's available. */    if(connssl->connecting_state == ssl_connect_2_reading       || connssl->connecting_state == ssl_connect_2_writing) {      curl_socket_t writefd = ssl_connect_2_writing==        connssl->connecting_state?sockfd:CURL_SOCKET_BAD;      curl_socket_t readfd = ssl_connect_2_reading==        connssl->connecting_state?sockfd:CURL_SOCKET_BAD;      what = Curl_socket_ready(readfd, writefd,                               nonblocking?0:(int)timeout_ms);      if(what < 0) {        /* fatal error */        failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);        return CURLE_SSL_CONNECT_ERROR;      }      else if(0 == what) {        if(nonblocking) {          return CURLE_OK;        }        else {          /* timeout */          failf(data, "SSL connection timeout");          return CURLE_OPERATION_TIMEDOUT;        }      }      /* socket is readable or writable */    }    rc = gnutls_handshake(session);    if((rc == GNUTLS_E_AGAIN) || (rc == GNUTLS_E_INTERRUPTED)) {      connssl->connecting_state =        gnutls_record_get_direction(session)?        ssl_connect_2_writing:ssl_connect_2_reading;      if(nonblocking) {        return CURLE_OK;      }    } else if (rc < 0) {      failf(data, "gnutls_handshake() failed: %s", gnutls_strerror(rc));    } else {      /* Reset our connect state machine */      connssl->connecting_state = ssl_connect_1;      return CURLE_OK;    }  }}

/* * This function logs in to a SOCKS5 proxy and sends the specifics to the final * destination server. */CURLcode Curl_SOCKS5(const char *proxy_name,                     const char *proxy_password,                     const char *hostname,                     int remote_port,                     int sockindex,                     struct connectdata *conn){  /*    According to the RFC1928, section "6.  Replies". This is what a SOCK5    replies:        +----+-----+-------+------+----------+----------+        |VER | REP |  RSV  | ATYP | BND.ADDR | BND.PORT |        +----+-----+-------+------+----------+----------+        | 1  |  1  | X'00' |  1   | Variable |    2     |        +----+-----+-------+------+----------+----------+    Where:    o  VER    protocol version: X'05'    o  REP    Reply field:    o  X'00' succeeded  */  unsigned char socksreq[600]; /* room for large user/pw (255 max each) */  ssize_t actualread;  ssize_t written;  int result;  CURLcode code;  curl_socket_t sock = conn->sock[sockindex];  struct SessionHandle *data = conn->data;  long timeout;  bool socks5_resolve_local = (bool)(data->set.proxytype == CURLPROXY_SOCKS5);  const size_t hostname_len = strlen(hostname);  ssize_t packetsize = 0;  /* RFC1928 chapter 5 specifies max 255 chars for domain name in packet */  if(!socks5_resolve_local && hostname_len > 255)  {    infof(conn->data,"SOCKS5: server resolving disabled for hostnames of "          "length > 255 [actual len=%d]/n", hostname_len);    socks5_resolve_local = TRUE;  }  /* get timeout */  timeout = Curl_timeleft(conn, NULL, TRUE);  if(timeout < 0) {    /* time-out, bail out, go home */    failf(data, "Connection time-out");    return CURLE_OPERATION_TIMEDOUT;  }  Curl_nonblock(sock, TRUE);  /* wait until socket gets connected */  result = Curl_socket_ready(CURL_SOCKET_BAD, sock, (int)timeout);  if(-1 == result) {    failf(conn->data, "SOCKS5: no connection here");    return CURLE_COULDNT_CONNECT;  }  else if(0 == result) {    failf(conn->data, "SOCKS5: connection timeout");    return CURLE_OPERATION_TIMEDOUT;  }  if(result & CURL_CSELECT_ERR) {    failf(conn->data, "SOCKS5: error occured during connection");    return CURLE_COULDNT_CONNECT;  }  socksreq[0] = 5; /* version */  socksreq[1] = (char)(proxy_name ? 2 : 1); /* number of methods (below) */  socksreq[2] = 0; /* no authentication */  socksreq[3] = 2; /* username/password */  Curl_nonblock(sock, FALSE);  code = Curl_write_plain(conn, sock, (char *)socksreq, (2 + (int)socksreq[1]),                          &written);  if((code != CURLE_OK) || (written != (2 + (int)socksreq[1]))) {    failf(data, "Unable to send initial SOCKS5 request.");    return CURLE_COULDNT_CONNECT;  }  Curl_nonblock(sock, TRUE);  result = Curl_socket_ready(sock, CURL_SOCKET_BAD, (int)timeout);  if(-1 == result) {    failf(conn->data, "SOCKS5 nothing to read");    return CURLE_COULDNT_CONNECT;  }  else if(0 == result) {    failf(conn->data, "SOCKS5 read timeout");//.........这里部分代码省略.........

//.........这里部分代码省略.........                   &conn->ssl[sockindex].clicert, &conn->ssl[sockindex].rsa);  if(!Curl_inet_pton(AF_INET, conn->host.name, &addr) &&#ifdef ENABLE_IPV6     !Curl_inet_pton(AF_INET6, conn->host.name, &addr) &&#endif     sni && ssl_set_hostname(&conn->ssl[sockindex].ssl, conn->host.name)) {     infof(data, "WARNING: failed to configure "                 "server name indication (SNI) TLS extension/n");  }  infof(data, "PolarSSL: performing SSL/TLS handshake.../n");#ifdef POLARSSL_DEBUG  ssl_set_dbg(&conn->ssl[sockindex].ssl, polarssl_debug, data);#endif  for(;;) {    if(!(ret = ssl_handshake(&conn->ssl[sockindex].ssl)))      break;    else if(ret != POLARSSL_ERR_NET_TRY_AGAIN) {      failf(data, "ssl_handshake returned -0x%04X", -ret);      return CURLE_SSL_CONNECT_ERROR;    }    else {      /* wait for data from server... */      long timeout_ms = Curl_timeleft(data, NULL, TRUE);      if(timeout_ms < 0) {        failf(data, "SSL connection timeout");        return CURLE_OPERATION_TIMEDOUT;      }      switch(Curl_socket_ready(conn->sock[sockindex],                        CURL_SOCKET_BAD, timeout_ms)) {      case 0:        failf(data, "SSL handshake timeout");        return CURLE_OPERATION_TIMEDOUT;        break;      case CURL_CSELECT_IN:        continue;        break;      default:        return CURLE_SSL_CONNECT_ERROR;        break;      }    }  }  infof(data, "PolarSSL: Handshake complete, cipher is %s/n",        ssl_get_cipher(&conn->ssl[sockindex].ssl));  ret = ssl_get_verify_result(&conn->ssl[sockindex].ssl);  if(ret && data->set.ssl.verifypeer) {    if(ret & BADCERT_EXPIRED)      failf(data, "Cert verify failed: BADCERT_EXPIRED/n");    if(ret & BADCERT_REVOKED)      failf(data, "Cert verify failed: BADCERT_REVOKED");    if(ret & BADCERT_CN_MISMATCH)      failf(data, "Cert verify failed: BADCERT_CN_MISMATCH");    if(ret & BADCERT_NOT_TRUSTED)      failf(data, "Cert verify failed: BADCERT_NOT_TRUSTED");

/* * This function is called to shut down the SSL layer but keep the * socket open (CCC - Clear Command Channel) */int Curl_gtls_shutdown(struct connectdata *conn, int sockindex){  ssize_t result;  int retval = 0;  struct SessionHandle *data = conn->data;  int done = 0;  char buf[120];  /* This has only been tested on the proftpd server, and the mod_tls code     sends a close notify alert without waiting for a close notify alert in     response. Thus we wait for a close notify alert from the server, but     we do not send one. Let's hope other servers do the same... */  if(data->set.ftp_ccc == CURLFTPSSL_CCC_ACTIVE)      gnutls_bye(conn->ssl[sockindex].session, GNUTLS_SHUT_WR);  if(conn->ssl[sockindex].session) {    while(!done) {      int what = Curl_socket_ready(conn->sock[sockindex],                                   CURL_SOCKET_BAD, SSL_SHUTDOWN_TIMEOUT);      if(what > 0) {        /* Something to read, let's do it and hope that it is the close           notify alert from the server */        result = gnutls_record_recv(conn->ssl[sockindex].session,                                    buf, sizeof(buf));        switch(result) {        case 0:          /* This is the expected response. There was no data but only             the close notify alert */          done = 1;          break;        case GNUTLS_E_AGAIN:        case GNUTLS_E_INTERRUPTED:          infof(data, "GNUTLS_E_AGAIN || GNUTLS_E_INTERRUPTED/n");          break;        default:          retval = -1;          done = 1;          break;        }      }      else if(0 == what) {        /* timeout */        failf(data, "SSL shutdown timeout");        done = 1;        break;      }      else {        /* anything that gets here is fatally bad */        failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);        retval = -1;        done = 1;      }    }    gnutls_deinit(conn->ssl[sockindex].session);  }  gnutls_certificate_free_credentials(conn->ssl[sockindex].cred);#ifdef USE_TLS_SRP  if(data->set.ssl.authtype == CURL_TLSAUTH_SRP     && data->set.ssl.username != NULL)    gnutls_srp_free_client_credentials(conn->ssl[sockindex].srp_client_cred);#endif  conn->ssl[sockindex].cred = NULL;  conn->ssl[sockindex].session = NULL;  return retval;}

static ssize_tschannel_send(struct connectdata *conn, int sockindex,              const void *buf, size_t len, CURLcode *err){  ssize_t written = -1;  size_t data_len = 0;  unsigned char *data = NULL;  struct ssl_connect_data *connssl = &conn->ssl[sockindex];  SecBuffer outbuf[4];  SecBufferDesc outbuf_desc;  SECURITY_STATUS sspi_status = SEC_E_OK;  CURLcode code;  /* check if the maximum stream sizes were queried */  if(connssl->stream_sizes.cbMaximumMessage == 0) {    sspi_status = s_pSecFn->QueryContextAttributes(                              &connssl->ctxt->ctxt_handle,                              SECPKG_ATTR_STREAM_SIZES,                              &connssl->stream_sizes);    if(sspi_status != SEC_E_OK) {      *err = CURLE_SEND_ERROR;      return -1;    }  }  /* check if the buffer is longer than the maximum message length */  if(len > connssl->stream_sizes.cbMaximumMessage) {    *err = CURLE_SEND_ERROR;    return -1;  }  /* calculate the complete message length and allocate a buffer for it */  data_len = connssl->stream_sizes.cbHeader + len +              connssl->stream_sizes.cbTrailer;  data = (unsigned char*) malloc(data_len);  if(data == NULL) {    *err = CURLE_OUT_OF_MEMORY;    return -1;  }  /* setup output buffers (header, data, trailer, empty) */  InitSecBuffer(&outbuf[0], SECBUFFER_STREAM_HEADER,                data, connssl->stream_sizes.cbHeader);  InitSecBuffer(&outbuf[1], SECBUFFER_DATA,                data + connssl->stream_sizes.cbHeader, curlx_uztoul(len));  InitSecBuffer(&outbuf[2], SECBUFFER_STREAM_TRAILER,                data + connssl->stream_sizes.cbHeader + len,                connssl->stream_sizes.cbTrailer);  InitSecBuffer(&outbuf[3], SECBUFFER_EMPTY, NULL, 0);  InitSecBufferDesc(&outbuf_desc, outbuf, 4);  /* copy data into output buffer */  memcpy(outbuf[1].pvBuffer, buf, len);  /* http://msdn.microsoft.com/en-us/library/windows/desktop/aa375390.aspx */  sspi_status = s_pSecFn->EncryptMessage(&connssl->ctxt->ctxt_handle, 0,                                         &outbuf_desc, 0);  /* check if the message was encrypted */  if(sspi_status == SEC_E_OK) {    written = 0;    /* send the encrypted message including header, data and trailer */    len = outbuf[0].cbBuffer + outbuf[1].cbBuffer + outbuf[2].cbBuffer;    /*       It's important to send the full message which includes the header,       encrypted payload, and trailer.  Until the client receives all the       data a coherent message has not been delivered and the client       can't read any of it.       If we wanted to buffer the unwritten encrypted bytes, we would       tell the client that all data it has requested to be sent has been       sent. The unwritten encrypted bytes would be the first bytes to       send on the next invocation.       Here's the catch with this - if we tell the client that all the       bytes have been sent, will the client call this method again to       send the buffered data?  Looking at who calls this function, it       seems the answer is NO.    */    /* send entire message or fail */    while(len > (size_t)written) {      ssize_t this_write;      long timeleft;      int what;      this_write = 0;      timeleft = Curl_timeleft(conn->data, NULL, TRUE);      if(timeleft < 0) {        /* we already got the timeout */        failf(conn->data, "schannel: timed out sending data "              "(bytes sent: %zd)", written);        *err = CURLE_OPERATION_TIMEDOUT;        written = -1;        break;      }      what = Curl_socket_ready(CURL_SOCKET_BAD, conn->sock[sockindex],//.........这里部分代码省略.........

CURLcode Curl_is_connected(struct connectdata *conn,                           int sockindex,                           bool *connected){  struct SessionHandle *data = conn->data;  CURLcode result = CURLE_OK;  long allow;  int error = 0;  struct timeval now;  int rc;  int i;  DEBUGASSERT(sockindex >= FIRSTSOCKET && sockindex <= SECONDARYSOCKET);  *connected = FALSE; /* a very negative world view is best */  if(conn->bits.tcpconnect[sockindex]) {    /* we are connected already! */    *connected = TRUE;    return CURLE_OK;  }  now = Curl_tvnow();  /* figure out how long time we have left to connect */  allow = Curl_timeleft(data, &now, TRUE);  if(allow < 0) {    /* time-out, bail out, go home */    failf(data, "Connection time-out");    return CURLE_OPERATION_TIMEDOUT;  }  for(i=0; i<2; i++) {    if(conn->tempsock[i] == CURL_SOCKET_BAD)      continue;#ifdef mpeix    /* Call this function once now, and ignore the results. We do this to       "clear" the error state on the socket so that we can later read it       reliably. This is reported necessary on the MPE/iX operating system. */    (void)verifyconnect(conn->tempsock[i], NULL);#endif    /* check socket for connect */    rc = Curl_socket_ready(CURL_SOCKET_BAD, conn->tempsock[i], 0);    if(rc == 0) { /* no connection yet */      if(curlx_tvdiff(now, conn->connecttime) >= conn->timeoutms_per_addr) {        infof(data, "After %ldms connect time, move on!/n",              conn->timeoutms_per_addr);        error = ETIMEDOUT;      }      /* should we try another protocol family? */      if(i == 0 && conn->tempaddr[1] == NULL &&         curlx_tvdiff(now, conn->connecttime) >= HAPPY_EYEBALLS_TIMEOUT) {        trynextip(conn, sockindex, 1);      }    }    else if(rc == CURL_CSELECT_OUT) {      if(verifyconnect(conn->tempsock[i], &error)) {        /* we are connected with TCP, awesome! */        int other = i ^ 1;        /* use this socket from now on */        conn->sock[sockindex] = conn->tempsock[i];        conn->ip_addr = conn->tempaddr[i];        conn->tempsock[i] = CURL_SOCKET_BAD;        /* close the other socket, if open */        if(conn->tempsock[other] != CURL_SOCKET_BAD) {          Curl_closesocket(conn, conn->tempsock[other]);          conn->tempsock[other] = CURL_SOCKET_BAD;        }        /* see if we need to do any proxy magic first once we connected */        result = Curl_connected_proxy(conn, sockindex);        if(result)          return result;        conn->bits.tcpconnect[sockindex] = TRUE;        *connected = TRUE;        if(sockindex == FIRSTSOCKET)          Curl_pgrsTime(data, TIMER_CONNECT); /* connect done */        Curl_updateconninfo(conn, conn->sock[sockindex]);        Curl_verboseconnect(conn);        return CURLE_OK;      }      else        infof(data, "Connection failed/n");    }    else if(rc & CURL_CSELECT_ERR)      (void)verifyconnect(conn->tempsock[i], &error);    /*     * The connection failed here, we should attempt to connect to the "next     * address" for the given host. But first remember the latest error.//.........这里部分代码省略.........

static CURLcode gopher_do(struct connectdata *conn, bool *done){  CURLcode result=CURLE_OK;  struct SessionHandle *data=conn->data;  curl_socket_t sockfd = conn->sock[FIRSTSOCKET];  curl_off_t *bytecount = &data->req.bytecount;  char *path = data->state.path;  char *sel;  char *sel_org = NULL;  ssize_t amount, k;  int len;  *done = TRUE; /* unconditionally */  /* Create selector. Degenerate cases: / and /1 => convert to "" */  if(strlen(path) <= 2) {    sel = (char *)"";    len = (int)strlen(sel);  }  else {    char *newp;    size_t j, i;    /* Otherwise, drop / and the first character (i.e., item type) ... */    newp = path;    newp+=2;    /* ... then turn ? into TAB for search servers, Veronica, etc. ... */    j = strlen(newp);    for(i=0; i<j; i++)      if(newp[i] == '?')        newp[i] = '/x09';    /* ... and finally unescape */    sel = curl_easy_unescape(data, newp, 0, &len);    if(!sel)      return CURLE_OUT_OF_MEMORY;    sel_org = sel;  }  /* We use Curl_write instead of Curl_sendf to make sure the entire buffer is     sent, which could be sizeable with long selectors. */  k = curlx_uztosz(len);  for(;;) {    result = Curl_write(conn, sockfd, sel, k, &amount);    if(!result) { /* Which may not have written it all! */      result = Curl_client_write(conn, CLIENTWRITE_HEADER, sel, amount);      if(result) {        free(sel_org);        return result;      }      k -= amount;      sel += amount;      if(k < 1)        break; /* but it did write it all */    }    else {      failf(data, "Failed sending Gopher request");      free(sel_org);      return result;    }    /* Don't busyloop. The entire loop thing is a work-around as it causes a       BLOCKING behavior which is a NO-NO. This function should rather be       split up in a do and a doing piece where the pieces that aren't       possible to send now will be sent in the doing function repeatedly       until the entire request is sent.       Wait a while for the socket to be writable. Note that this doesn't       acknowledge the timeout.    */    Curl_socket_ready(CURL_SOCKET_BAD, sockfd, 100);  }  free(sel_org);  /* We can use Curl_sendf to send the terminal /r/n relatively safely and     save allocing another string/doing another _write loop. */  result = Curl_sendf(sockfd, conn, "/r/n");  if(result) {    failf(data, "Failed sending Gopher request");    return result;  }  result = Curl_client_write(conn, CLIENTWRITE_HEADER, (char *)"/r/n", 2);  if(result)    return result;  Curl_setup_transfer(conn, FIRSTSOCKET, -1, FALSE, bytecount,                      -1, NULL); /* no upload */  return CURLE_OK;}

/* this function does a SSL/TLS (re-)handshake */static CURLcode handshake(struct connectdata *conn,                          int sockindex,                          bool duringconnect,                          bool nonblocking){  struct SessionHandle *data = conn->data;  struct ssl_connect_data *connssl = &conn->ssl[sockindex];  gnutls_session session = conn->ssl[sockindex].session;  curl_socket_t sockfd = conn->sock[sockindex];  long timeout_ms;  int rc;  int what;  for(;;) {    /* check allowed time left */    timeout_ms = Curl_timeleft(data, NULL, duringconnect);    if(timeout_ms < 0) {      /* no need to continue if time already is up */      failf(data, "SSL connection timeout");      return CURLE_OPERATION_TIMEDOUT;    }    /* if ssl is expecting something, check if it's available. */    if(connssl->connecting_state == ssl_connect_2_reading       || connssl->connecting_state == ssl_connect_2_writing) {      curl_socket_t writefd = ssl_connect_2_writing==        connssl->connecting_state?sockfd:CURL_SOCKET_BAD;      curl_socket_t readfd = ssl_connect_2_reading==        connssl->connecting_state?sockfd:CURL_SOCKET_BAD;      what = Curl_socket_ready(readfd, writefd,                               nonblocking?0:                               timeout_ms?timeout_ms:1000);      if(what < 0) {        /* fatal error */        failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);        return CURLE_SSL_CONNECT_ERROR;      }      else if(0 == what) {        if(nonblocking)          return CURLE_OK;        else if(timeout_ms) {          /* timeout */          failf(data, "SSL connection timeout at %ld", timeout_ms);          return CURLE_OPERATION_TIMEDOUT;        }      }      /* socket is readable or writable */    }    rc = gnutls_handshake(session);    if((rc == GNUTLS_E_AGAIN) || (rc == GNUTLS_E_INTERRUPTED)) {      connssl->connecting_state =        gnutls_record_get_direction(session)?        ssl_connect_2_writing:ssl_connect_2_reading;      continue;      if(nonblocking)        return CURLE_OK;    }    else if((rc < 0) && !gnutls_error_is_fatal(rc)) {      const char *strerr = NULL;      if(rc == GNUTLS_E_WARNING_ALERT_RECEIVED) {        int alert = gnutls_alert_get(session);        strerr = gnutls_alert_get_name(alert);      }      if(strerr == NULL)        strerr = gnutls_strerror(rc);      failf(data, "gnutls_handshake() warning: %s", strerr);    }    else if(rc < 0) {      const char *strerr = NULL;      if(rc == GNUTLS_E_FATAL_ALERT_RECEIVED) {        int alert = gnutls_alert_get(session);        strerr = gnutls_alert_get_name(alert);      }      if(strerr == NULL)        strerr = gnutls_strerror(rc);      failf(data, "gnutls_handshake() failed: %s", strerr);      return CURLE_SSL_CONNECT_ERROR;    }    /* Reset our connect state machine */    connssl->connecting_state = ssl_connect_1;    return CURLE_OK;  }}

static CURLcodembed_connect_common(struct connectdata *conn,                    int sockindex,                    bool nonblocking,                    bool *done){  CURLcode retcode;  struct SessionHandle *data = conn->data;  struct ssl_connect_data *connssl = &conn->ssl[sockindex];  curl_socket_t sockfd = conn->sock[sockindex];  long timeout_ms;  int what;  /* check if the connection has already been established */  if(ssl_connection_complete == connssl->state) {    *done = TRUE;    return CURLE_OK;  }  if(ssl_connect_1==connssl->connecting_state) {    /* Find out how much more time we're allowed */    timeout_ms = Curl_timeleft(data, NULL, TRUE);    if(timeout_ms < 0) {      /* no need to continue if time already is up */      failf(data, "SSL connection timeout");      return CURLE_OPERATION_TIMEDOUT;    }    retcode = mbed_connect_step1(conn, sockindex);    if(retcode)      return retcode;  }  while(ssl_connect_2 == connssl->connecting_state ||        ssl_connect_2_reading == connssl->connecting_state ||        ssl_connect_2_writing == connssl->connecting_state) {    /* check allowed time left */    timeout_ms = Curl_timeleft(data, NULL, TRUE);    if(timeout_ms < 0) {      /* no need to continue if time already is up */      failf(data, "SSL connection timeout");      return CURLE_OPERATION_TIMEDOUT;    }    /* if ssl is expecting something, check if it's available. */    if(connssl->connecting_state == ssl_connect_2_reading       || connssl->connecting_state == ssl_connect_2_writing) {      curl_socket_t writefd = ssl_connect_2_writing==        connssl->connecting_state?sockfd:CURL_SOCKET_BAD;      curl_socket_t readfd = ssl_connect_2_reading==        connssl->connecting_state?sockfd:CURL_SOCKET_BAD;      what = Curl_socket_ready(readfd, writefd, nonblocking ? 0 : timeout_ms);      if(what < 0) {        /* fatal error */        failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);        return CURLE_SSL_CONNECT_ERROR;      }      else if(0 == what) {        if(nonblocking) {          *done = FALSE;          return CURLE_OK;        }        else {          /* timeout */          failf(data, "SSL connection timeout");          return CURLE_OPERATION_TIMEDOUT;        }      }      /* socket is readable or writable */    }    /* Run transaction, and return to the caller if it failed or if     * this connection is part of a multi handle and this loop would     * execute again. This permits the owner of a multi handle to     * abort a connection attempt before step2 has completed while     * ensuring that a client using select() or epoll() will always     * have a valid fdset to wait on.     */    retcode = mbed_connect_step2(conn, sockindex);    if(retcode || (nonblocking &&                   (ssl_connect_2 == connssl->connecting_state ||                    ssl_connect_2_reading == connssl->connecting_state ||                    ssl_connect_2_writing == connssl->connecting_state)))      return retcode;  } /* repeat step2 until all transactions are done. */  if(ssl_connect_3==connssl->connecting_state) {    retcode = mbed_connect_step3(conn, sockindex);    if(retcode)      return retcode;  }  if(ssl_connect_done==connssl->connecting_state) {    connssl->state = ssl_connection_complete;    conn->recv[sockindex] = mbed_recv;//.........这里部分代码省略.........

/* this function does a BLOCKING SSL/TLS (re-)handshake */static CURLcode handshake(struct connectdata *conn,                          gnutls_session session,                          int sockindex,                          bool duringconnect){  struct SessionHandle *data = conn->data;  int rc;  if (!gtls_inited)    _Curl_gtls_init();  do {    rc = gnutls_handshake(session);    if((rc == GNUTLS_E_AGAIN) || (rc == GNUTLS_E_INTERRUPTED)) {      long timeout_ms = DEFAULT_CONNECT_TIMEOUT;      long has_passed;      if(duringconnect && data->set.connecttimeout)        timeout_ms = data->set.connecttimeout;      if(data->set.timeout) {        /* get the strictest timeout of the ones converted to milliseconds */        if(data->set.timeout < timeout_ms)          timeout_ms = data->set.timeout;      }      /* Evaluate in milliseconds how much time that has passed */      has_passed = Curl_tvdiff(Curl_tvnow(), data->progress.t_startsingle);      /* subtract the passed time */      timeout_ms -= has_passed;      if(timeout_ms < 0) {        /* a precaution, no need to continue if time already is up */        failf(data, "SSL connection timeout");        return CURLE_OPERATION_TIMEDOUT;      }      rc = Curl_socket_ready(conn->sock[sockindex],                       conn->sock[sockindex], (int)timeout_ms);      if(rc > 0)        /* reabable or writable, go loop*/        continue;      else if(0 == rc) {        /* timeout */        failf(data, "SSL connection timeout");        return CURLE_OPERATION_TIMEDOUT;      }      else {        /* anything that gets here is fatally bad */        failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);        return CURLE_SSL_CONNECT_ERROR;      }    }    else      break;  } while(1);  if (rc < 0) {    failf(data, "gnutls_handshake() failed: %s", gnutls_strerror(rc));    return CURLE_SSL_CONNECT_ERROR;  }  return CURLE_OK;}