summaryrefslogtreecommitdiff
path: root/thirdparty/opus/http.c
blob: cfd4e626a4d7872d79bb38b0a96cbaf670f311ba (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
2703
2704
2705
2706
2707
2708
2709
2710
2711
2712
2713
2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
2869
2870
2871
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
2912
2913
2914
2915
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925
2926
2927
2928
2929
2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
2940
2941
2942
2943
2944
2945
2946
2947
2948
2949
2950
2951
2952
2953
2954
2955
2956
2957
2958
2959
2960
2961
2962
2963
2964
2965
2966
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981
2982
2983
2984
2985
2986
2987
2988
2989
2990
2991
2992
2993
2994
2995
2996
2997
2998
2999
3000
3001
3002
3003
3004
3005
3006
3007
3008
3009
3010
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042
3043
3044
3045
3046
3047
3048
3049
3050
3051
3052
3053
3054
3055
3056
3057
3058
3059
3060
3061
3062
3063
3064
3065
3066
3067
3068
3069
3070
3071
3072
3073
3074
3075
3076
3077
3078
3079
3080
3081
3082
3083
3084
3085
3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
3117
3118
3119
3120
3121
3122
3123
3124
3125
3126
3127
3128
3129
3130
3131
3132
3133
3134
3135
3136
3137
3138
3139
3140
3141
3142
3143
3144
3145
3146
3147
3148
3149
3150
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165
3166
3167
3168
3169
3170
3171
3172
3173
3174
3175
3176
3177
3178
3179
3180
3181
3182
3183
3184
3185
3186
3187
3188
3189
3190
3191
3192
3193
3194
3195
3196
3197
3198
3199
3200
3201
3202
3203
3204
3205
3206
3207
3208
3209
3210
3211
3212
3213
3214
3215
3216
3217
3218
3219
3220
3221
3222
3223
3224
3225
3226
3227
3228
3229
3230
3231
3232
3233
3234
3235
3236
3237
3238
3239
3240
3241
3242
3243
3244
3245
3246
3247
3248
3249
3250
3251
3252
3253
3254
3255
3256
3257
3258
3259
3260
3261
3262
3263
3264
3265
3266
3267
3268
3269
3270
3271
3272
3273
3274
3275
3276
3277
3278
3279
3280
3281
3282
3283
3284
3285
3286
3287
3288
3289
3290
3291
3292
3293
3294
3295
3296
3297
3298
3299
3300
3301
3302
3303
3304
3305
3306
3307
3308
3309
3310
3311
3312
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
3334
3335
3336
3337
3338
3339
3340
3341
3342
3343
3344
3345
3346
3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
3359
3360
3361
3362
3363
3364
3365
3366
3367
3368
3369
3370
3371
3372
3373
3374
3375
3376
3377
3378
3379
3380
3381
3382
3383
3384
3385
3386
3387
3388
3389
3390
3391
3392
3393
3394
3395
3396
3397
3398
3399
3400
3401
3402
3403
3404
3405
3406
3407
3408
3409
3410
3411
3412
3413
3414
3415
3416
3417
3418
3419
3420
3421
3422
3423
3424
3425
3426
3427
3428
3429
/********************************************************************
 *                                                                  *
 * THIS FILE IS PART OF THE libopusfile SOFTWARE CODEC SOURCE CODE. *
 * USE, DISTRIBUTION AND REPRODUCTION OF THIS LIBRARY SOURCE IS     *
 * GOVERNED BY A BSD-STYLE SOURCE LICENSE INCLUDED WITH THIS SOURCE *
 * IN 'COPYING'. PLEASE READ THESE TERMS BEFORE DISTRIBUTING.       *
 *                                                                  *
 * THE libopusfile SOURCE CODE IS (C) COPYRIGHT 2012                *
 * by the Xiph.Org Foundation and contributors http://www.xiph.org/ *
 *                                                                  *
 ********************************************************************/
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif

#include "internal.h"
#include <ctype.h>
#include <errno.h>
#include <limits.h>
#include <string.h>

/*RFCs referenced in this file:
  RFC  761: DOD Standard Transmission Control Protocol
  RFC 1535: A Security Problem and Proposed Correction With Widely Deployed DNS
   Software
  RFC 1738: Uniform Resource Locators (URL)
  RFC 1945: Hypertext Transfer Protocol -- HTTP/1.0
  RFC 2068: Hypertext Transfer Protocol -- HTTP/1.1
  RFC 2145: Use and Interpretation of HTTP Version Numbers
  RFC 2246: The TLS Protocol Version 1.0
  RFC 2459: Internet X.509 Public Key Infrastructure Certificate and
   Certificate Revocation List (CRL) Profile
  RFC 2616: Hypertext Transfer Protocol -- HTTP/1.1
  RFC 2617: HTTP Authentication: Basic and Digest Access Authentication
  RFC 2817: Upgrading to TLS Within HTTP/1.1
  RFC 2818: HTTP Over TLS
  RFC 3492: Punycode: A Bootstring encoding of Unicode for Internationalized
   Domain Names in Applications (IDNA)
  RFC 3986: Uniform Resource Identifier (URI): Generic Syntax
  RFC 3987: Internationalized Resource Identifiers (IRIs)
  RFC 4343: Domain Name System (DNS) Case Insensitivity Clarification
  RFC 5894: Internationalized Domain Names for Applications (IDNA):
   Background, Explanation, and Rationale
  RFC 6066: Transport Layer Security (TLS) Extensions: Extension Definitions
  RFC 6125: Representation and Verification of Domain-Based Application Service
   Identity within Internet Public Key Infrastructure Using X.509 (PKIX)
   Certificates in the Context of Transport Layer Security (TLS)
  RFC 6555: Happy Eyeballs: Success with Dual-Stack Hosts*/

typedef struct OpusParsedURL   OpusParsedURL;
typedef struct OpusStringBuf   OpusStringBuf;
typedef struct OpusHTTPConn    OpusHTTPConn;
typedef struct OpusHTTPStream  OpusHTTPStream;

static char *op_string_range_dup(const char *_start,const char *_end){
  size_t  len;
  char   *ret;
  OP_ASSERT(_start<=_end);
  len=_end-_start;
  /*This is to help avoid overflow elsewhere, later.*/
  if(OP_UNLIKELY(len>=INT_MAX))return NULL;
  ret=(char *)_ogg_malloc(sizeof(*ret)*(len+1));
  if(OP_LIKELY(ret!=NULL)){
    ret=(char *)memcpy(ret,_start,sizeof(*ret)*(len));
    ret[len]='\0';
  }
  return ret;
}

static char *op_string_dup(const char *_s){
  return op_string_range_dup(_s,_s+strlen(_s));
}

static char *op_string_tolower(char *_s){
  int i;
  for(i=0;_s[i]!='\0';i++){
    int c;
    c=_s[i];
    if(c>='A'&&c<='Z')c+='a'-'A';
    _s[i]=(char)c;
  }
  return _s;
}

/*URI character classes (from RFC 3986).*/
#define OP_URL_ALPHA \
 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
#define OP_URL_DIGIT       "0123456789"
#define OP_URL_HEXDIGIT    "0123456789ABCDEFabcdef"
/*Not a character class, but the characters allowed in <scheme>.*/
#define OP_URL_SCHEME      OP_URL_ALPHA OP_URL_DIGIT "+-."
#define OP_URL_GEN_DELIMS  "#/:?@[]"
#define OP_URL_SUB_DELIMS  "!$&'()*+,;="
#define OP_URL_RESERVED    OP_URL_GEN_DELIMS OP_URL_SUB_DELIMS
#define OP_URL_UNRESERVED  OP_URL_ALPHA OP_URL_DIGIT "-._~"
/*Not a character class, but the characters allowed in <pct-encoded>.*/
#define OP_URL_PCT_ENCODED "%"
/*Not a character class or production rule, but for convenience.*/
#define OP_URL_PCHAR_BASE \
 OP_URL_UNRESERVED OP_URL_PCT_ENCODED OP_URL_SUB_DELIMS
#define OP_URL_PCHAR       OP_URL_PCHAR_BASE ":@"
/*Not a character class, but the characters allowed in <userinfo> and
   <IP-literal>.*/
#define OP_URL_PCHAR_NA    OP_URL_PCHAR_BASE ":"
/*Not a character class, but the characters allowed in <segment-nz-nc>.*/
#define OP_URL_PCHAR_NC    OP_URL_PCHAR_BASE "@"
/*Not a character clsss, but the characters allowed in <path>.*/
#define OP_URL_PATH        OP_URL_PCHAR "/"
/*Not a character class, but the characters allowed in <query> / <fragment>.*/
#define OP_URL_QUERY_FRAG  OP_URL_PCHAR "/?"

/*Check the <% HEXDIG HEXDIG> escapes of a URL for validity.
  Return: 0 if valid, or a negative value on failure.*/
static int op_validate_url_escapes(const char *_s){
  int i;
  for(i=0;_s[i];i++){
    if(_s[i]=='%'){
      if(OP_UNLIKELY(!isxdigit(_s[i+1]))
       ||OP_UNLIKELY(!isxdigit(_s[i+2]))
       /*RFC 3986 says %00 "should be rejected if the application is not
          expecting to receive raw data within a component."*/
       ||OP_UNLIKELY(_s[i+1]=='0'&&_s[i+2]=='0')){
        return OP_FALSE;
      }
      i+=2;
    }
  }
  return 0;
}

/*Convert a hex digit to its actual value.
  _c: The hex digit to convert.
      Presumed to be valid ('0'...'9', 'A'...'F', or 'a'...'f').
  Return: The value of the digit, in the range [0,15].*/
static int op_hex_value(int _c){
  return _c>='a'?_c-'a'+10:_c>='A'?_c-'A'+10:_c-'0';
}

/*Unescape all the <% HEXDIG HEXDIG> sequences in a string in-place.
  This does no validity checking.*/
static char *op_unescape_url_component(char *_s){
  int i;
  int j;
  for(i=j=0;_s[i];i++,j++){
    if(_s[i]=='%'){
      _s[i]=(char)(op_hex_value(_s[i+1])<<4|op_hex_value(_s[i+2]));
      i+=2;
    }
  }
  return _s;
}

/*Parse a file: URL.
  This code is not meant to be fast: strspn() with large sets is likely to be
   slow, but it is very convenient.
  It is meant to be RFC 1738-compliant (as updated by RFC 3986).*/
static const char *op_parse_file_url(const char *_src){
  const char *scheme_end;
  const char *path;
  const char *path_end;
  scheme_end=_src+strspn(_src,OP_URL_SCHEME);
  if(OP_UNLIKELY(*scheme_end!=':')
   ||scheme_end-_src!=4||op_strncasecmp(_src,"file",4)!=0){
    /*Unsupported protocol.*/
    return NULL;
  }
  /*Make sure all escape sequences are valid to simplify unescaping later.*/
  if(OP_UNLIKELY(op_validate_url_escapes(scheme_end+1)<0))return NULL;
  if(scheme_end[1]=='/'&&scheme_end[2]=='/'){
    const char *host;
    /*file: URLs can have a host!
      Yeah, I was surprised, too, but that's what RFC 1738 says.
      It also says, "The file URL scheme is unusual in that it does not specify
       an Internet protocol or access method for such files; as such, its
       utility in network protocols between hosts is limited," which is a mild
       understatement.*/
    host=scheme_end+3;
    /*The empty host is what we expect.*/
    if(OP_LIKELY(*host=='/'))path=host;
    else{
      const char *host_end;
      char        host_buf[28];
      /*RFC 1738 says localhost "is interpreted as `the machine from which the
         URL is being interpreted,'" so let's check for it.*/
      host_end=host+strspn(host,OP_URL_PCHAR_BASE);
      /*No <port> allowed.
        This also rejects IP-Literals.*/
      if(*host_end!='/')return NULL;
      /*An escaped "localhost" can take at most 27 characters.*/
      if(OP_UNLIKELY(host_end-host>27))return NULL;
      memcpy(host_buf,host,sizeof(*host_buf)*(host_end-host));
      host_buf[host_end-host]='\0';
      op_unescape_url_component(host_buf);
      op_string_tolower(host_buf);
      /*Some other host: give up.*/
      if(OP_UNLIKELY(strcmp(host_buf,"localhost")!=0))return NULL;
      path=host_end;
    }
  }
  else path=scheme_end+1;
  path_end=path+strspn(path,OP_URL_PATH);
  /*This will reject a <query> or <fragment> component, too.
    I don't know what to do with queries, but a temporal fragment would at
     least make sense.
    RFC 1738 pretty clearly defines a <searchpart> that's equivalent to the
     RFC 3986 <query> component for other schemes, but not the file: scheme,
     so I'm going to just reject it.*/
  if(*path_end!='\0')return NULL;
  return path;
}

#if defined(OP_ENABLE_HTTP)
# if defined(_WIN32)
#  include <winsock2.h>
#  include <ws2tcpip.h>
#  include <openssl/ssl.h>
#  include "winerrno.h"

typedef SOCKET op_sock;

#  define OP_INVALID_SOCKET (INVALID_SOCKET)

/*Vista and later support WSAPoll(), but we don't want to rely on that.
  Instead we re-implement it badly using select().
  Unfortunately, they define a conflicting struct pollfd, so we only define our
   own if it looks like that one has not already been defined.*/
#  if !defined(POLLIN)
/*Equivalent to POLLIN.*/
#   define POLLRDNORM (0x0100)
/*Priority band data can be read.*/
#   define POLLRDBAND (0x0200)
/*There is data to read.*/
#   define POLLIN     (POLLRDNORM|POLLRDBAND)
/* There is urgent data to read.*/
#   define POLLPRI    (0x0400)
/*Equivalent to POLLOUT.*/
#   define POLLWRNORM (0x0010)
/*Writing now will not block.*/
#   define POLLOUT    (POLLWRNORM)
/*Priority data may be written.*/
#   define POLLWRBAND (0x0020)
/*Error condition (output only).*/
#   define POLLERR    (0x0001)
/*Hang up (output only).*/
#   define POLLHUP    (0x0002)
/*Invalid request: fd not open (output only).*/
#   define POLLNVAL   (0x0004)

struct pollfd{
  /*File descriptor.*/
  op_sock fd;
  /*Requested events.*/
  short   events;
  /*Returned events.*/
  short   revents;
};
#  endif

/*But Winsock never defines nfds_t (it's simply hard-coded to ULONG).*/
typedef unsigned long nfds_t;

/*The usage of FD_SET() below is O(N^2).
  This is okay because select() is limited to 64 sockets in Winsock, anyway.
  In practice, we only ever call it with one or two sockets.*/
static int op_poll_win32(struct pollfd *_fds,nfds_t _nfds,int _timeout){
  struct timeval tv;
  fd_set         ifds;
  fd_set         ofds;
  fd_set         efds;
  nfds_t         i;
  int            ret;
  FD_ZERO(&ifds);
  FD_ZERO(&ofds);
  FD_ZERO(&efds);
  for(i=0;i<_nfds;i++){
    _fds[i].revents=0;
    if(_fds[i].events&POLLIN)FD_SET(_fds[i].fd,&ifds);
    if(_fds[i].events&POLLOUT)FD_SET(_fds[i].fd,&ofds);
    FD_SET(_fds[i].fd,&efds);
  }
  if(_timeout>=0){
    tv.tv_sec=_timeout/1000;
    tv.tv_usec=(_timeout%1000)*1000;
  }
  ret=select(-1,&ifds,&ofds,&efds,_timeout<0?NULL:&tv);
  if(ret>0){
    for(i=0;i<_nfds;i++){
      if(FD_ISSET(_fds[i].fd,&ifds))_fds[i].revents|=POLLIN;
      if(FD_ISSET(_fds[i].fd,&ofds))_fds[i].revents|=POLLOUT;
      /*This isn't correct: there are several different things that might have
         happened to a fd in efds, but I don't know a good way to distinguish
         them without more context from the caller.
        It's okay, because we don't actually check any of these bits, we just
         need _some_ bit set.*/
      if(FD_ISSET(_fds[i].fd,&efds))_fds[i].revents|=POLLHUP;
    }
  }
  return ret;
}

/*We define op_errno() to make it clear that it's not an l-value like normal
   errno is.*/
#  define op_errno() (WSAGetLastError()?WSAGetLastError()-WSABASEERR:0)
#  define op_reset_errno() (WSASetLastError(0))

/*The remaining functions don't get an op_ prefix even though they only
   operate on sockets, because we don't use non-socket I/O here, and this
   minimizes the changes needed to deal with Winsock.*/
#  define close(_fd) closesocket(_fd)
/*This relies on sizeof(u_long)==sizeof(int), which is always true on both
   Win32 and Win64.*/
#  define ioctl(_fd,_req,_arg) ioctlsocket(_fd,_req,(u_long *)(_arg))
#  define getsockopt(_fd,_level,_name,_val,_len) \
 getsockopt(_fd,_level,_name,(char *)(_val),_len)
#  define setsockopt(_fd,_level,_name,_val,_len) \
 setsockopt(_fd,_level,_name,(const char *)(_val),_len)
#  define poll(_fds,_nfds,_timeout) op_poll_win32(_fds,_nfds,_timeout)

#  if defined(_MSC_VER)
typedef ptrdiff_t ssize_t;
#  endif

/*Load certificates from the built-in certificate store.*/
int SSL_CTX_set_default_verify_paths_win32(SSL_CTX *_ssl_ctx);
#  define SSL_CTX_set_default_verify_paths \
 SSL_CTX_set_default_verify_paths_win32

# else
/*Normal Berkeley sockets.*/
#  include <sys/ioctl.h>
#  include <sys/types.h>
#  include <sys/socket.h>
#  include <arpa/inet.h>
#  include <netinet/in.h>
#  include <netinet/tcp.h>
#  include <fcntl.h>
#  include <netdb.h>
#  include <poll.h>
#  include <unistd.h>
#  include <openssl/ssl.h>

typedef int op_sock;

#  define OP_INVALID_SOCKET (-1)

#  define op_errno() (errno)
#  define op_reset_errno() (errno=0)

# endif
# include <sys/timeb.h>
# include <openssl/x509v3.h>

/*The maximum number of simultaneous connections.
  RFC 2616 says this SHOULD NOT be more than 2, but everyone on the modern web
   ignores that (e.g., IE 8 bumped theirs up from 2 to 6, Firefox uses 15).
  If it makes you feel better, we'll only ever actively read from one of these
   at a time.
  The others are kept around mainly to avoid slow-starting a new connection
   when seeking, and time out rapidly.*/
# define OP_NCONNS_MAX (4)

/*The amount of time before we attempt to re-resolve the host.
  This is 10 minutes, as recommended in RFC 6555 for expiring cached connection
   results for dual-stack hosts.*/
# define OP_RESOLVE_CACHE_TIMEOUT_MS (10*60*(opus_int32)1000)

/*The number of redirections at which we give up.
  The value here is the current default in Firefox.
  RFC 2068 mandated a maximum of 5, but RFC 2616 relaxed that to "a client
   SHOULD detect infinite redirection loops."
  Fortunately, 20 is less than infinity.*/
# define OP_REDIRECT_LIMIT (20)

/*The initial size of the buffer used to read a response message (before the
   body).*/
# define OP_RESPONSE_SIZE_MIN (510)
/*The maximum size of a response message (before the body).
  Responses larger than this will be discarded.
  I've seen a real server return 20 kB of data for a 302 Found response.
  Increasing this beyond 32kB will cause problems on platforms with a 16-bit
   int.*/
# define OP_RESPONSE_SIZE_MAX (32766)

/*The number of milliseconds we will allow a connection to sit idle before we
   refuse to resurrect it.
  Apache as of 2.2 has reduced its default timeout to 5 seconds (from 15), so
   that's what we'll use here.*/
# define OP_CONNECTION_IDLE_TIMEOUT_MS (5*1000)

/*The number of milliseconds we will wait to send or receive data before giving
   up.*/
# define OP_POLL_TIMEOUT_MS (30*1000)

/*We will always attempt to read ahead at least this much in preference to
   opening a new connection.*/
# define OP_READAHEAD_THRESH_MIN (32*(opus_int32)1024)

/*The amount of data to request after a seek.
  This is a trade-off between read throughput after a seek vs. the the ability
   to quickly perform another seek with the same connection.*/
# define OP_PIPELINE_CHUNK_SIZE     (32*(opus_int32)1024)
/*Subsequent chunks are requested with larger and larger sizes until they pass
   this threshold, after which we just ask for the rest of the resource.*/
# define OP_PIPELINE_CHUNK_SIZE_MAX (1024*(opus_int32)1024)
/*This is the maximum number of requests we'll make with a single connection.
  Many servers will simply disconnect after we attempt some number of requests,
   possibly without sending a Connection: close header, meaning we won't
   discover it until we try to read beyond the end of the current chunk.
  We can reconnect when that happens, but this is slow.
  Instead, we impose a limit ourselves (set to the default for Apache
   installations and thus likely the most common value in use).*/
# define OP_PIPELINE_MAX_REQUESTS   (100)
/*This should be the number of requests, starting from a chunk size of
   OP_PIPELINE_CHUNK_SIZE and doubling each time, until we exceed
   OP_PIPELINE_CHUNK_SIZE_MAX and just request the rest of the file.
  We won't reuse a connection when seeking unless it has at least this many
   requests left, to reduce the chances we'll have to open a new connection
   while reading forward afterwards.*/
# define OP_PIPELINE_MIN_REQUESTS   (7)

/*Is this an https URL?
  For now we can simply check the last letter of the scheme.*/
# define OP_URL_IS_SSL(_url) ((_url)->scheme[4]=='s')

/*Does this URL use the default port for its scheme?*/
# define OP_URL_IS_DEFAULT_PORT(_url) \
 (!OP_URL_IS_SSL(_url)&&(_url)->port==80 \
 ||OP_URL_IS_SSL(_url)&&(_url)->port==443)

struct OpusParsedURL{
  /*Either "http" or "https".*/
  char     *scheme;
  /*The user name from the <userinfo> component, or NULL.*/
  char     *user;
  /*The password from the <userinfo> component, or NULL.*/
  char     *pass;
  /*The <host> component.
    This may not be NULL.*/
  char     *host;
  /*The <path> and <query> components.
    This may not be NULL.*/
  char     *path;
  /*The <port> component.
    This is set to the default port if the URL did not contain one.*/
  unsigned  port;
};

/*Parse a URL.
  This code is not meant to be fast: strspn() with large sets is likely to be
   slow, but it is very convenient.
  It is meant to be RFC 3986-compliant.
  We currently do not support IRIs (Internationalized Resource Identifiers,
   RFC 3987).
  Callers should translate them to URIs first.*/
static int op_parse_url_impl(OpusParsedURL *_dst,const char *_src){
  const char  *scheme_end;
  const char  *authority;
  const char  *userinfo_end;
  const char  *user;
  const char  *user_end;
  const char  *pass;
  const char  *hostport;
  const char  *hostport_end;
  const char  *host_end;
  const char  *port;
  opus_int32   port_num;
  const char  *port_end;
  const char  *path;
  const char  *path_end;
  const char  *uri_end;
  scheme_end=_src+strspn(_src,OP_URL_SCHEME);
  if(OP_UNLIKELY(*scheme_end!=':')
   ||OP_UNLIKELY(scheme_end-_src<4)||OP_UNLIKELY(scheme_end-_src>5)
   ||OP_UNLIKELY(op_strncasecmp(_src,"https",scheme_end-_src)!=0)){
    /*Unsupported protocol.*/
    return OP_EIMPL;
  }
  if(OP_UNLIKELY(scheme_end[1]!='/')||OP_UNLIKELY(scheme_end[2]!='/')){
    /*We require an <authority> component.*/
    return OP_EINVAL;
  }
  authority=scheme_end+3;
  /*Make sure all escape sequences are valid to simplify unescaping later.*/
  if(OP_UNLIKELY(op_validate_url_escapes(authority)<0))return OP_EINVAL;
  /*Look for a <userinfo> component.*/
  userinfo_end=authority+strspn(authority,OP_URL_PCHAR_NA);
  if(*userinfo_end=='@'){
    /*Found one.*/
    user=authority;
    /*Look for a password (yes, clear-text passwords are deprecated, I know,
       but what else are people supposed to use? use SSL if you care).*/
    user_end=authority+strspn(authority,OP_URL_PCHAR_BASE);
    if(*user_end==':')pass=user_end+1;
    else pass=NULL;
    hostport=userinfo_end+1;
  }
  else{
    /*We shouldn't have to initialize user_end, but gcc is too dumb to figure
       out that user!=NULL below means we didn't take this else branch.*/
    user=user_end=NULL;
    pass=NULL;
    hostport=authority;
  }
  /*Try to figure out where the <host> component ends.*/
  if(hostport[0]=='['){
    hostport++;
    /*We have an <IP-literal>, which can contain colons.*/
    hostport_end=host_end=hostport+strspn(hostport,OP_URL_PCHAR_NA);
    if(OP_UNLIKELY(*hostport_end++!=']'))return OP_EINVAL;
  }
  /*Currently we don't support IDNA (RFC 5894), because I don't want to deal
     with the policy about which domains should not be internationalized to
     avoid confusing similarities.
    Give this API Punycode (RFC 3492) domain names instead.*/
  else hostport_end=host_end=hostport+strspn(hostport,OP_URL_PCHAR_BASE);
  /*TODO: Validate host.*/
  /*Is there a port number?*/
  port_num=-1;
  if(*hostport_end==':'){
    int i;
    port=hostport_end+1;
    port_end=port+strspn(port,OP_URL_DIGIT);
    path=port_end;
    /*Not part of RFC 3986, but require port numbers in the range 0...65535.*/
    if(OP_LIKELY(port_end-port>0)){
      while(*port=='0')port++;
      if(OP_UNLIKELY(port_end-port>5))return OP_EINVAL;
      port_num=0;
      for(i=0;i<port_end-port;i++)port_num=port_num*10+port[i]-'0';
      if(OP_UNLIKELY(port_num>65535))return OP_EINVAL;
    }
  }
  else path=hostport_end;
  path_end=path+strspn(path,OP_URL_PATH);
  /*If the path is not empty, it must begin with a '/'.*/
  if(OP_LIKELY(path_end>path)&&OP_UNLIKELY(path[0]!='/'))return OP_EINVAL;
  /*Consume the <query> component, if any (right now we don't split this out
     from the <path> component).*/
  if(*path_end=='?')path_end=path_end+strspn(path_end,OP_URL_QUERY_FRAG);
  /*Discard the <fragment> component, if any.
    This doesn't get sent to the server.
    Some day we should add support for Media Fragment URIs
     <http://www.w3.org/TR/media-frags/>.*/
  if(*path_end=='#')uri_end=path_end+1+strspn(path_end+1,OP_URL_QUERY_FRAG);
  else uri_end=path_end;
  /*If there's anything left, this was not a valid URL.*/
  if(OP_UNLIKELY(*uri_end!='\0'))return OP_EINVAL;
  _dst->scheme=op_string_range_dup(_src,scheme_end);
  if(OP_UNLIKELY(_dst->scheme==NULL))return OP_EFAULT;
  op_string_tolower(_dst->scheme);
  if(user!=NULL){
    _dst->user=op_string_range_dup(user,user_end);
    if(OP_UNLIKELY(_dst->user==NULL))return OP_EFAULT;
    op_unescape_url_component(_dst->user);
    /*Unescaping might have created a ':' in the username.
      That's not allowed by RFC 2617's Basic Authentication Scheme.*/
    if(OP_UNLIKELY(strchr(_dst->user,':')!=NULL))return OP_EINVAL;
  }
  else _dst->user=NULL;
  if(pass!=NULL){
    _dst->pass=op_string_range_dup(pass,userinfo_end);
    if(OP_UNLIKELY(_dst->pass==NULL))return OP_EFAULT;
    op_unescape_url_component(_dst->pass);
  }
  else _dst->pass=NULL;
  _dst->host=op_string_range_dup(hostport,host_end);
  if(OP_UNLIKELY(_dst->host==NULL))return OP_EFAULT;
  if(port_num<0){
    if(_src[4]=='s')port_num=443;
    else port_num=80;
  }
  _dst->port=(unsigned)port_num;
  /*RFC 2616 says an empty <abs-path> component is equivalent to "/", and we
     MUST use the latter in the Request-URI.
    Reserve space for the slash here.*/
  if(path==path_end||path[0]=='?')path--;
  _dst->path=op_string_range_dup(path,path_end);
  if(OP_UNLIKELY(_dst->path==NULL))return OP_EFAULT;
  /*And force-set it here.*/
  _dst->path[0]='/';
  return 0;
}

static void op_parsed_url_init(OpusParsedURL *_url){
  memset(_url,0,sizeof(*_url));
}

static void op_parsed_url_clear(OpusParsedURL *_url){
  _ogg_free(_url->scheme);
  _ogg_free(_url->user);
  _ogg_free(_url->pass);
  _ogg_free(_url->host);
  _ogg_free(_url->path);
}

static int op_parse_url(OpusParsedURL *_dst,const char *_src){
  OpusParsedURL url;
  int           ret;
  op_parsed_url_init(&url);
  ret=op_parse_url_impl(&url,_src);
  if(OP_UNLIKELY(ret<0))op_parsed_url_clear(&url);
  else *_dst=*&url;
  return ret;
}

/*A buffer to hold growing strings.
  The main purpose of this is to consolidate allocation checks and simplify
   cleanup on a failed allocation.*/
struct OpusStringBuf{
  char *buf;
  int   nbuf;
  int   cbuf;
};

static void op_sb_init(OpusStringBuf *_sb){
  _sb->buf=NULL;
  _sb->nbuf=0;
  _sb->cbuf=0;
}

static void op_sb_clear(OpusStringBuf *_sb){
  _ogg_free(_sb->buf);
}

/*Make sure we have room for at least _capacity characters (plus 1 more for the
   terminating NUL).*/
static int op_sb_ensure_capacity(OpusStringBuf *_sb,int _capacity){
  char *buf;
  int   cbuf;
  buf=_sb->buf;
  cbuf=_sb->cbuf;
  if(_capacity>=cbuf-1){
    if(OP_UNLIKELY(cbuf>INT_MAX-1>>1))return OP_EFAULT;
    if(OP_UNLIKELY(_capacity>=INT_MAX-1))return OP_EFAULT;
    cbuf=OP_MAX(2*cbuf+1,_capacity+1);
    buf=_ogg_realloc(buf,sizeof(*buf)*cbuf);
    if(OP_UNLIKELY(buf==NULL))return OP_EFAULT;
    _sb->buf=buf;
    _sb->cbuf=cbuf;
  }
  return 0;
}

/*Increase the capacity of the buffer, but not to more than _max_size
   characters (plus 1 more for the terminating NUL).*/
static int op_sb_grow(OpusStringBuf *_sb,int _max_size){
  char *buf;
  int   cbuf;
  buf=_sb->buf;
  cbuf=_sb->cbuf;
  OP_ASSERT(_max_size<=INT_MAX-1);
  cbuf=cbuf<=_max_size-1>>1?2*cbuf+1:_max_size+1;
  buf=_ogg_realloc(buf,sizeof(*buf)*cbuf);
  if(OP_UNLIKELY(buf==NULL))return OP_EFAULT;
  _sb->buf=buf;
  _sb->cbuf=cbuf;
  return 0;
}

static int op_sb_append(OpusStringBuf *_sb,const char *_s,int _len){
  char *buf;
  int   nbuf;
  int   ret;
  nbuf=_sb->nbuf;
  if(OP_UNLIKELY(nbuf>INT_MAX-_len))return OP_EFAULT;
  ret=op_sb_ensure_capacity(_sb,nbuf+_len);
  if(OP_UNLIKELY(ret<0))return ret;
  buf=_sb->buf;
  memcpy(buf+nbuf,_s,sizeof(*buf)*_len);
  nbuf+=_len;
  buf[nbuf]='\0';
  _sb->nbuf=nbuf;
  return 0;
}

static int op_sb_append_string(OpusStringBuf *_sb,const char *_s){
  return op_sb_append(_sb,_s,strlen(_s));
}

static int op_sb_append_port(OpusStringBuf *_sb,unsigned _port){
  char port_buf[7];
  OP_ASSERT(_port<=65535U);
  sprintf(port_buf,":%u",_port);
  return op_sb_append_string(_sb,port_buf);
}

static int op_sb_append_nonnegative_int64(OpusStringBuf *_sb,opus_int64 _i){
  char digit;
  int  nbuf_start;
  int  ret;
  OP_ASSERT(_i>=0);
  nbuf_start=_sb->nbuf;
  ret=0;
  do{
    digit='0'+_i%10;
    ret|=op_sb_append(_sb,&digit,1);
    _i/=10;
  }
  while(_i>0);
  if(OP_LIKELY(ret>=0)){
    char *buf;
    int   nbuf_end;
    buf=_sb->buf;
    nbuf_end=_sb->nbuf-1;
    /*We've added the digits backwards.
      Reverse them.*/
    while(nbuf_start<nbuf_end){
      digit=buf[nbuf_start];
      buf[nbuf_start]=buf[nbuf_end];
      buf[nbuf_end]=digit;
      nbuf_start++;
      nbuf_end--;
    }
  }
  return ret;
}

static struct addrinfo *op_resolve(const char *_host,unsigned _port){
  struct addrinfo *addrs;
  struct addrinfo  hints;
  char             service[6];
  memset(&hints,0,sizeof(hints));
  hints.ai_socktype=SOCK_STREAM;
#if defined(AI_NUMERICSERV)
  hints.ai_flags=AI_NUMERICSERV;
#endif
  OP_ASSERT(_port<=65535U);
  sprintf(service,"%u",_port);
  if(OP_LIKELY(!getaddrinfo(_host,service,&hints,&addrs)))return addrs;
  return NULL;
}

static int op_sock_set_nonblocking(op_sock _fd,int _nonblocking){
#if !defined(_WIN32)
  int flags;
  flags=fcntl(_fd,F_GETFL);
  if(OP_UNLIKELY(flags<0))return flags;
  if(_nonblocking)flags|=O_NONBLOCK;
  else flags&=~O_NONBLOCK;
  return fcntl(_fd,F_SETFL,flags);
#else
  return ioctl(_fd,FIONBIO,&_nonblocking);
#endif
}

/*Disable/enable write coalescing if we can.
  We always send whole requests at once and always parse the response headers
   before sending another one, so normally write coalescing just causes added
   delay.*/
static void op_sock_set_tcp_nodelay(op_sock _fd,int _nodelay){
# if defined(TCP_NODELAY)&&(defined(IPPROTO_TCP)||defined(SOL_TCP))
#  if defined(IPPROTO_TCP)
#   define OP_SO_LEVEL IPPROTO_TCP
#  else
#   define OP_SO_LEVEL SOL_TCP
#  endif
  /*It doesn't really matter if this call fails, but it would be interesting
     to hit a case where it does.*/
  OP_ALWAYS_TRUE(!setsockopt(_fd,OP_SO_LEVEL,TCP_NODELAY,
   &_nodelay,sizeof(_nodelay)));
# endif
}

#if defined(_WIN32)
static void op_init_winsock(){
  static LONG    count;
  static WSADATA wsadata;
  if(InterlockedIncrement(&count)==1)WSAStartup(0x0202,&wsadata);
}
#endif

/*A single physical connection to an HTTP server.
  We may have several of these open at once.*/
struct OpusHTTPConn{
  /*The current position indicator for this connection.*/
  opus_int64    pos;
  /*The position where the current request will end, or -1 if we're reading
     until EOF (an unseekable stream or the initial HTTP/1.0 request).*/
  opus_int64    end_pos;
  /*The position where next request we've sent will start, or -1 if we haven't
     sent the next request yet.*/
  opus_int64    next_pos;
  /*The end of the next request or -1 if we requested the rest of the resource.
    This is only set to a meaningful value if next_pos is not -1.*/
  opus_int64    next_end;
  /*The SSL connection, if this is https.*/
  SSL          *ssl_conn;
  /*The next connection in either the LRU or free list.*/
  OpusHTTPConn *next;
  /*The last time we blocked for reading from this connection.*/
  struct timeb  read_time;
  /*The number of bytes we've read since the last time we blocked.*/
  opus_int64    read_bytes;
  /*The estimated throughput of this connection, in bytes/s.*/
  opus_int64    read_rate;
  /*The socket we're reading from.*/
  op_sock       fd;
  /*The number of remaining requests we are allowed on this connection.*/
  int           nrequests_left;
  /*The chunk size to use for pipelining requests.*/
  opus_int32    chunk_size;
};

static void op_http_conn_init(OpusHTTPConn *_conn){
  _conn->next_pos=-1;
  _conn->ssl_conn=NULL;
  _conn->next=NULL;
  _conn->fd=OP_INVALID_SOCKET;
}

static void op_http_conn_clear(OpusHTTPConn *_conn){
  if(_conn->ssl_conn!=NULL)SSL_free(_conn->ssl_conn);
  /*SSL frees the BIO for us.*/
  if(_conn->fd!=OP_INVALID_SOCKET)close(_conn->fd);
}

/*The global stream state.*/
struct OpusHTTPStream{
  /*The list of connections.*/
  OpusHTTPConn     conns[OP_NCONNS_MAX];
  /*The context object used as a framework for TLS/SSL functions.*/
  SSL_CTX         *ssl_ctx;
  /*The cached session to reuse for future connections.*/
  SSL_SESSION     *ssl_session;
  /*The LRU list (ordered from MRU to LRU) of currently connected
     connections.*/
  OpusHTTPConn    *lru_head;
  /*The free list.*/
  OpusHTTPConn    *free_head;
  /*The URL to connect to.*/
  OpusParsedURL    url;
  /*Information about the address we connected to.*/
  struct addrinfo  addr_info;
  /*The address we connected to.*/
  union{
    struct sockaddr     s;
    struct sockaddr_in  v4;
    struct sockaddr_in6 v6;
  }                addr;
  /*The last time we re-resolved the host.*/
  struct timeb     resolve_time;
  /*A buffer used to build HTTP requests.*/
  OpusStringBuf    request;
  /*A buffer used to build proxy CONNECT requests.*/
  OpusStringBuf    proxy_connect;
  /*A buffer used to receive the response headers.*/
  OpusStringBuf    response;
  /*The Content-Length, if specified, or -1 otherwise.
    This will always be specified for seekable streams.*/
  opus_int64       content_length;
  /*The position indicator used when no connection is active.*/
  opus_int64       pos;
  /*The host we actually connected to.*/
  char            *connect_host;
  /*The port we actually connected to.*/
  unsigned         connect_port;
  /*The connection we're currently reading from.
    This can be -1 if no connection is active.*/
  int              cur_conni;
  /*Whether or not the server supports range requests.*/
  int              seekable;
  /*Whether or not the server supports HTTP/1.1 with persistent connections.*/
  int              pipeline;
  /*Whether or not we should skip certificate checks.*/
  int              skip_certificate_check;
  /*The offset of the tail of the request.
    Only the offset in the Range: header appears after this, allowing us to
     quickly edit the request to ask for a new range.*/
  int              request_tail;
  /*The estimated time required to open a new connection, in milliseconds.*/
  opus_int32       connect_rate;
};

static void op_http_stream_init(OpusHTTPStream *_stream){
  OpusHTTPConn **pnext;
  int            ci;
  pnext=&_stream->free_head;
  for(ci=0;ci<OP_NCONNS_MAX;ci++){
    op_http_conn_init(_stream->conns+ci);
    *pnext=_stream->conns+ci;
    pnext=&_stream->conns[ci].next;
  }
  _stream->ssl_ctx=NULL;
  _stream->ssl_session=NULL;
  _stream->lru_head=NULL;
  op_parsed_url_init(&_stream->url);
  op_sb_init(&_stream->request);
  op_sb_init(&_stream->proxy_connect);
  op_sb_init(&_stream->response);
  _stream->connect_host=NULL;
  _stream->seekable=0;
}

/*Close the connection and move it to the free list.
  _stream:     The stream containing the free list.
  _conn:       The connection to close.
  _penxt:      The linked-list pointer currently pointing to this connection.
  _gracefully: Whether or not to shut down cleanly.*/
static void op_http_conn_close(OpusHTTPStream *_stream,OpusHTTPConn *_conn,
 OpusHTTPConn **_pnext,int _gracefully){
  /*If we don't shut down gracefully, the server MUST NOT re-use our session
     according to RFC 2246, because it can't tell the difference between an
     abrupt close and a truncation attack.
    So we shut down gracefully if we can.
    However, we will not wait if this would block (it's not worth the savings
     from session resumption to do so).
    Clients (that's us) MAY resume a TLS session that ended with an incomplete
     close, according to RFC 2818, so there's no reason to make sure the server
     shut things down gracefully.*/
  if(_gracefully&&_conn->ssl_conn!=NULL)SSL_shutdown(_conn->ssl_conn);
  op_http_conn_clear(_conn);
  _conn->next_pos=-1;
  _conn->ssl_conn=NULL;
  _conn->fd=OP_INVALID_SOCKET;
  OP_ASSERT(*_pnext==_conn);
  *_pnext=_conn->next;
  _conn->next=_stream->free_head;
  _stream->free_head=_conn;
}

static void op_http_stream_clear(OpusHTTPStream *_stream){
  while(_stream->lru_head!=NULL){
    op_http_conn_close(_stream,_stream->lru_head,&_stream->lru_head,0);
  }
  if(_stream->ssl_session!=NULL)SSL_SESSION_free(_stream->ssl_session);
  if(_stream->ssl_ctx!=NULL)SSL_CTX_free(_stream->ssl_ctx);
  op_sb_clear(&_stream->response);
  op_sb_clear(&_stream->proxy_connect);
  op_sb_clear(&_stream->request);
  if(_stream->connect_host!=_stream->url.host)_ogg_free(_stream->connect_host);
  op_parsed_url_clear(&_stream->url);
}

static int op_http_conn_write_fully(OpusHTTPConn *_conn,
 const char *_buf,int _buf_size){
  struct pollfd  fd;
  SSL           *ssl_conn;
  fd.fd=_conn->fd;
  ssl_conn=_conn->ssl_conn;
  while(_buf_size>0){
    int err;
    if(ssl_conn!=NULL){
      int ret;
      ret=SSL_write(ssl_conn,_buf,_buf_size);
      if(ret>0){
        /*Wrote some data.*/
        _buf+=ret;
        _buf_size-=ret;
        continue;
      }
      /*Connection closed.*/
      else if(ret==0)return OP_FALSE;
      err=SSL_get_error(ssl_conn,ret);
      /*Yes, renegotiations can cause SSL_write() to block for reading.*/
      if(err==SSL_ERROR_WANT_READ)fd.events=POLLIN;
      else if(err==SSL_ERROR_WANT_WRITE)fd.events=POLLOUT;
      else return OP_FALSE;
    }
    else{
      ssize_t ret;
      op_reset_errno();
      ret=send(fd.fd,_buf,_buf_size,0);
      if(ret>0){
        _buf+=ret;
        _buf_size-=ret;
        continue;
      }
      err=op_errno();
      if(err!=EAGAIN&&err!=EWOULDBLOCK)return OP_FALSE;
      fd.events=POLLOUT;
    }
    if(poll(&fd,1,OP_POLL_TIMEOUT_MS)<=0)return OP_FALSE;
  }
  return 0;
}

static int op_http_conn_estimate_available(OpusHTTPConn *_conn){
  int available;
  int ret;
  ret=ioctl(_conn->fd,FIONREAD,&available);
  if(ret<0)available=0;
  /*This requires the SSL read_ahead flag to be unset to work.
    We ignore partial records as well as the protocol overhead for any pending
     bytes.
    This means we might return somewhat less than can truly be read without
     blocking (if there's a partial record).
    This is okay, because we're using this value to estimate network transfer
     time, and we _have_ already received those bytes.
    We also might return slightly more (due to protocol overhead), but that's
     small enough that it probably doesn't matter.*/
  if(_conn->ssl_conn!=NULL)available+=SSL_pending(_conn->ssl_conn);
  return available;
}

static opus_int32 op_time_diff_ms(const struct timeb *_end,
 const struct timeb *_start){
  opus_int64 dtime;
  dtime=_end->time-(opus_int64)_start->time;
  OP_ASSERT(_end->millitm<1000);
  OP_ASSERT(_start->millitm<1000);
  if(OP_UNLIKELY(dtime>(OP_INT32_MAX-1000)/1000))return OP_INT32_MAX;
  if(OP_UNLIKELY(dtime<(OP_INT32_MIN+1000)/1000))return OP_INT32_MIN;
  return (opus_int32)dtime*1000+_end->millitm-_start->millitm;
}

/*Update the read rate estimate for this connection.*/
static void op_http_conn_read_rate_update(OpusHTTPConn *_conn){
  struct timeb read_time;
  opus_int32   read_delta_ms;
  opus_int64   read_delta_bytes;
  opus_int64   read_rate;
  read_delta_bytes=_conn->read_bytes;
  if(read_delta_bytes<=0)return;
  ftime(&read_time);
  read_delta_ms=op_time_diff_ms(&read_time,&_conn->read_time);
  read_rate=_conn->read_rate;
  read_delta_ms=OP_MAX(read_delta_ms,1);
  read_rate+=read_delta_bytes*1000/read_delta_ms-read_rate+4>>3;
  *&_conn->read_time=*&read_time;
  _conn->read_bytes=0;
  _conn->read_rate=read_rate;
}

/*Tries to read from the given connection.
  [out] _buf: Returns the data read.
  _buf_size:  The size of the buffer.
  _blocking:  Whether or not to block until some data is retrieved.
  Return: A positive number of bytes read on success.
          0:        The read would block, or the connection was closed.
          OP_EREAD: There was a fatal read error.*/
static int op_http_conn_read(OpusHTTPConn *_conn,
 char *_buf,int _buf_size,int _blocking){
  struct pollfd  fd;
  SSL           *ssl_conn;
  int            nread;
  int            nread_unblocked;
  fd.fd=_conn->fd;
  ssl_conn=_conn->ssl_conn;
  nread=nread_unblocked=0;
  /*RFC 2818 says "client implementations MUST treat any premature closes as
     errors and the data received as potentially truncated," so we make very
     sure to report read errors upwards.*/
  do{
    int err;
    if(ssl_conn!=NULL){
      int ret;
      ret=SSL_read(ssl_conn,_buf+nread,_buf_size-nread);
      OP_ASSERT(ret<=_buf_size-nread);
      if(ret>0){
        /*Read some data.
          Keep going to see if there's more.*/
        nread+=ret;
        nread_unblocked+=ret;
        continue;
      }
      /*If we already read some data, return it right now.*/
      if(nread>0)break;
      err=SSL_get_error(ssl_conn,ret);
      if(ret==0){
        /*Connection close.
          Check for a clean shutdown to prevent truncation attacks.
          This check always succeeds for SSLv2, as it has no "close notify"
           message and thus can't verify an orderly shutdown.*/
        return err==SSL_ERROR_ZERO_RETURN?0:OP_EREAD;
      }
      if(err==SSL_ERROR_WANT_READ)fd.events=POLLIN;
      /*Yes, renegotiations can cause SSL_read() to block for writing.*/
      else if(err==SSL_ERROR_WANT_WRITE)fd.events=POLLOUT;
      /*Some other error.*/
      else return OP_EREAD;
    }
    else{
      ssize_t ret;
      op_reset_errno();
      ret=recv(fd.fd,_buf+nread,_buf_size-nread,0);
      OP_ASSERT(ret<=_buf_size-nread);
      if(ret>0){
        /*Read some data.
          Keep going to see if there's more.*/
        nread+=ret;
        nread_unblocked+=ret;
        continue;
      }
      /*If we already read some data or the connection was closed, return
         right now.*/
      if(ret==0||nread>0)break;
      err=op_errno();
      if(err!=EAGAIN&&err!=EWOULDBLOCK)return OP_EREAD;
      fd.events=POLLIN;
    }
    _conn->read_bytes+=nread_unblocked;
    op_http_conn_read_rate_update(_conn);
    nread_unblocked=0;
    if(!_blocking)break;
    /*Need to wait to get any data at all.*/
    if(poll(&fd,1,OP_POLL_TIMEOUT_MS)<=0)return OP_EREAD;
  }
  while(nread<_buf_size);
  _conn->read_bytes+=nread_unblocked;
  return nread;
}

/*Tries to look at the pending data for a connection without consuming it.
  [out] _buf: Returns the data at which we're peeking.
  _buf_size:  The size of the buffer.*/
static int op_http_conn_peek(OpusHTTPConn *_conn,char *_buf,int _buf_size){
  struct pollfd   fd;
  SSL            *ssl_conn;
  int             ret;
  fd.fd=_conn->fd;
  ssl_conn=_conn->ssl_conn;
  for(;;){
    int err;
    if(ssl_conn!=NULL){
      ret=SSL_peek(ssl_conn,_buf,_buf_size);
      /*Either saw some data or the connection was closed.*/
      if(ret>=0)return ret;
      err=SSL_get_error(ssl_conn,ret);
      if(err==SSL_ERROR_WANT_READ)fd.events=POLLIN;
      /*Yes, renegotiations can cause SSL_peek() to block for writing.*/
      else if(err==SSL_ERROR_WANT_WRITE)fd.events=POLLOUT;
      else return 0;
    }
    else{
      op_reset_errno();
      ret=(int)recv(fd.fd,_buf,_buf_size,MSG_PEEK);
      /*Either saw some data or the connection was closed.*/
      if(ret>=0)return ret;
      err=op_errno();
      if(err!=EAGAIN&&err!=EWOULDBLOCK)return 0;
      fd.events=POLLIN;
    }
    /*Need to wait to get any data at all.*/
    if(poll(&fd,1,OP_POLL_TIMEOUT_MS)<=0)return 0;
  }
}

/*When parsing response headers, RFC 2616 mandates that all lines end in CR LF.
  However, even in the year 2012, I have seen broken servers use just a LF.
  This is the evil that Postel's advice from RFC 761 breeds.*/

/*Reads the entirety of a response to an HTTP request into the response buffer.
  Actual parsing and validation is done later.
  Return: The number of bytes in the response on success, OP_EREAD if the
           connection was closed before reading any data, or another negative
           value on any other error.*/
static int op_http_conn_read_response(OpusHTTPConn *_conn,
 OpusStringBuf *_response){
  int ret;
  _response->nbuf=0;
  ret=op_sb_ensure_capacity(_response,OP_RESPONSE_SIZE_MIN);
  if(OP_UNLIKELY(ret<0))return ret;
  for(;;){
    char *buf;
    int   size;
    int   capacity;
    int   read_limit;
    int   terminated;
    size=_response->nbuf;
    capacity=_response->cbuf-1;
    if(OP_UNLIKELY(size>=capacity)){
      ret=op_sb_grow(_response,OP_RESPONSE_SIZE_MAX);
      if(OP_UNLIKELY(ret<0))return ret;
      capacity=_response->cbuf-1;
      /*The response was too large.
        This prevents a bad server from running us out of memory.*/
      if(OP_UNLIKELY(size>=capacity))return OP_EIMPL;
    }
    buf=_response->buf;
    ret=op_http_conn_peek(_conn,buf+size,capacity-size);
    if(OP_UNLIKELY(ret<=0))return size<=0?OP_EREAD:OP_FALSE;
    /*We read some data.*/
    /*Make sure the starting characters are "HTTP".
      Otherwise we could wind up waiting forever for a response from
       something that is not an HTTP server.*/
    if(size<4&&op_strncasecmp(buf,"HTTP",OP_MIN(size+ret,4))!=0){
      return OP_FALSE;
    }
    /*How far can we read without passing the "\r\n\r\n" terminator?*/
    buf[size+ret]='\0';
    terminated=0;
    for(read_limit=OP_MAX(size-3,0);read_limit<size+ret;read_limit++){
      /*We don't look for the leading '\r' thanks to broken servers.*/
      if(buf[read_limit]=='\n'){
        if(buf[read_limit+1]=='\r'&&OP_LIKELY(buf[read_limit+2]=='\n')){
          terminated=3;
          break;
        }
        /*This case is for broken servers.*/
        else if(OP_UNLIKELY(buf[read_limit+1]=='\n')){
          terminated=2;
          break;
        }
      }
    }
    read_limit+=terminated;
    OP_ASSERT(size<=read_limit);
    OP_ASSERT(read_limit<=size+ret);
    /*Actually consume that data.*/
    ret=op_http_conn_read(_conn,buf+size,read_limit-size,1);
    if(OP_UNLIKELY(ret<=0))return OP_FALSE;
    size+=ret;
    buf[size]='\0';
    _response->nbuf=size;
    /*We found the terminator and read all the data up to and including it.*/
    if(terminated&&OP_LIKELY(size>=read_limit))return size;
  }
  return OP_EIMPL;
}

# define OP_HTTP_DIGIT "0123456789"

/*The Reason-Phrase is not allowed to contain control characters, except
   horizontal tab (HT: \011).*/
# define OP_HTTP_CREASON_PHRASE \
 "\001\002\003\004\005\006\007\010\012\013\014\015\016\017\020\021" \
 "\022\023\024\025\026\027\030\031\032\033\034\035\036\037\177"

# define OP_HTTP_CTLS \
 "\001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020" \
 "\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037\177"

/*This also includes '\t', but we get that from OP_HTTP_CTLS.*/
# define OP_HTTP_SEPARATORS " \"(),/:;<=>?@[\\]{}"

/*TEXT can also include LWS, but that has structure, so we parse it
   separately.*/
# define OP_HTTP_CTOKEN OP_HTTP_CTLS OP_HTTP_SEPARATORS

/*Return: The amount of linear white space (LWS) at the start of _s.*/
static int op_http_lwsspn(const char *_s){
  int i;
  for(i=0;;){
    if(_s[0]=='\r'&&_s[1]=='\n'&&(_s[2]=='\t'||_s[2]==' '))i+=3;
    /*This case is for broken servers.*/
    else if(_s[0]=='\n'&&(_s[1]=='\t'||_s[1]==' '))i+=2;
    else if(_s[i]=='\t'||_s[i]==' ')i++;
    else return i;
  }
}

static char *op_http_parse_status_line(int *_v1_1_compat,
 char **_status_code,char *_response){
  char   *next;
  char   *status_code;
  int     v1_1_compat;
  size_t  d;
  /*RFC 2616 Section 6.1 does not say that the tokens in the Status-Line cannot
     be separated by optional LWS, but since it specifically calls out where
     spaces are to be placed and that CR and LF are not allowed except at the
     end, I am assuming this to be true.*/
  /*We already validated that this starts with "HTTP"*/
  OP_ASSERT(op_strncasecmp(_response,"HTTP",4)==0);
  next=_response+4;
  if(OP_UNLIKELY(*next++!='/'))return NULL;
  d=strspn(next,OP_HTTP_DIGIT);
  /*"Leading zeros MUST be ignored by recipients."*/
  while(*next=='0'){
    next++;
    OP_ASSERT(d>0);
    d--;
  }
  /*We only support version 1.x*/
  if(OP_UNLIKELY(d!=1)||OP_UNLIKELY(*next++!='1'))return NULL;
  if(OP_UNLIKELY(*next++!='.'))return NULL;
  d=strspn(next,OP_HTTP_DIGIT);
  if(OP_UNLIKELY(d<=0))return NULL;
  /*"Leading zeros MUST be ignored by recipients."*/
  while(*next=='0'){
    next++;
    OP_ASSERT(d>0);
    d--;
  }
  /*We don't need to parse the version number.
    Any non-zero digit means it's greater than 1.*/
  v1_1_compat=d>0;
  next+=d;
  if(OP_UNLIKELY(*next++!=' '))return NULL;
  status_code=next;
  d=strspn(next,OP_HTTP_DIGIT);
  if(OP_UNLIKELY(d!=3))return NULL;
  next+=d;
  /*The Reason-Phrase can be empty, but the space must be here.*/
  if(OP_UNLIKELY(*next++!=' '))return NULL;
  next+=strcspn(next,OP_HTTP_CREASON_PHRASE);
  /*We are not mandating this be present thanks to broken servers.*/
  if(OP_LIKELY(*next=='\r'))next++;
  if(OP_UNLIKELY(*next++!='\n'))return NULL;
  if(_v1_1_compat!=NULL)*_v1_1_compat=v1_1_compat;
  *_status_code=status_code;
  return next;
}

/*Get the next response header.
  [out] _header: The header token, NUL-terminated, with leading and trailing
                  whitespace stripped, and converted to lower case (to simplify
                  case-insensitive comparisons), or NULL if there are no more
                  response headers.
  [out] _cdr:    The remaining contents of the header, excluding the initial
                  colon (':') and the terminating CRLF ("\r\n"),
                  NUL-terminated, and with leading and trailing whitespace
                  stripped, or NULL if there are no more response headers.
  [inout] _s:    On input, this points to the start of the current line of the
                  response headers.
                 On output, it points to the start of the first line following
                  this header, or NULL if there are no more response headers.
  Return: 0 on success, or a negative value on failure.*/
static int op_http_get_next_header(char **_header,char **_cdr,char **_s){
  char   *header;
  char   *header_end;
  char   *cdr;
  char   *cdr_end;
  char   *next;
  size_t  d;
  next=*_s;
  /*The second case is for broken servers.*/
  if(next[0]=='\r'&&next[1]=='\n'||OP_UNLIKELY(next[0]=='\n')){
    /*No more headers.*/
    *_header=NULL;
    *_cdr=NULL;
    *_s=NULL;
    return 0;
  }
  header=next+op_http_lwsspn(next);
  d=strcspn(header,OP_HTTP_CTOKEN);
  if(OP_UNLIKELY(d<=0))return OP_FALSE;
  header_end=header+d;
  next=header_end+op_http_lwsspn(header_end);
  if(OP_UNLIKELY(*next++!=':'))return OP_FALSE;
  next+=op_http_lwsspn(next);
  cdr=next;
  do{
    cdr_end=next+strcspn(next,OP_HTTP_CTLS);
    next=cdr_end+op_http_lwsspn(cdr_end);
  }
  while(next>cdr_end);
  /*We are not mandating this be present thanks to broken servers.*/
  if(OP_LIKELY(*next=='\r'))next++;
  if(OP_UNLIKELY(*next++!='\n'))return OP_FALSE;
  *header_end='\0';
  *cdr_end='\0';
  /*Field names are case-insensitive.*/
  op_string_tolower(header);
  *_header=header;
  *_cdr=cdr;
  *_s=next;
  return 0;
}

static opus_int64 op_http_parse_nonnegative_int64(const char **_next,
 const char *_cdr){
  const char *next;
  opus_int64  ret;
  int         i;
  next=_cdr+strspn(_cdr,OP_HTTP_DIGIT);
  *_next=next;
  if(OP_UNLIKELY(next<=_cdr))return OP_FALSE;
  while(*_cdr=='0')_cdr++;
  if(OP_UNLIKELY(next-_cdr>19))return OP_EIMPL;
  ret=0;
  for(i=0;i<next-_cdr;i++){
    int digit;
    digit=_cdr[i]-'0';
    /*Check for overflow.*/
    if(OP_UNLIKELY(ret>(OP_INT64_MAX-9)/10+(digit<=7)))return OP_EIMPL;
    ret=ret*10+digit;
  }
  return ret;
}

static opus_int64 op_http_parse_content_length(const char *_cdr){
  const char *next;
  opus_int64  content_length;
  content_length=op_http_parse_nonnegative_int64(&next,_cdr);
  if(OP_UNLIKELY(*next!='\0'))return OP_FALSE;
  return content_length;
}

static int op_http_parse_content_range(opus_int64 *_first,opus_int64 *_last,
 opus_int64 *_length,const char *_cdr){
  opus_int64 first;
  opus_int64 last;
  opus_int64 length;
  size_t     d;
  if(OP_UNLIKELY(op_strncasecmp(_cdr,"bytes",5)!=0))return OP_FALSE;
  _cdr+=5;
  d=op_http_lwsspn(_cdr);
  if(OP_UNLIKELY(d<=0))return OP_FALSE;
  _cdr+=d;
  if(*_cdr!='*'){
    first=op_http_parse_nonnegative_int64(&_cdr,_cdr);
    if(OP_UNLIKELY(first<0))return (int)first;
    _cdr+=op_http_lwsspn(_cdr);
    if(*_cdr++!='-')return OP_FALSE;
    _cdr+=op_http_lwsspn(_cdr);
    last=op_http_parse_nonnegative_int64(&_cdr,_cdr);
    if(OP_UNLIKELY(last<0))return (int)last;
    _cdr+=op_http_lwsspn(_cdr);
  }
  else{
    /*This is for a 416 response (Requested range not satisfiable).*/
    first=last=-1;
    _cdr++;
  }
  if(OP_UNLIKELY(*_cdr++!='/'))return OP_FALSE;
  if(*_cdr!='*'){
    length=op_http_parse_nonnegative_int64(&_cdr,_cdr);
    if(OP_UNLIKELY(length<0))return (int)length;
  }
  else{
    /*The total length is unspecified.*/
    _cdr++;
    length=-1;
  }
  if(OP_UNLIKELY(*_cdr!='\0'))return OP_FALSE;
  if(OP_UNLIKELY(last<first))return OP_FALSE;
  if(length>=0&&OP_UNLIKELY(last>=length))return OP_FALSE;
  *_first=first;
  *_last=last;
  *_length=length;
  return 0;
}

/*Parse the Connection response header and look for a "close" token.
  Return: 1 if a "close" token is found, 0 if it's not found, and a negative
           value on error.*/
static int op_http_parse_connection(char *_cdr){
  size_t d;
  int    ret;
  ret=0;
  for(;;){
    d=strcspn(_cdr,OP_HTTP_CTOKEN);
    if(OP_UNLIKELY(d<=0))return OP_FALSE;
    if(op_strncasecmp(_cdr,"close",(int)d)==0)ret=1;
    /*We're supposed to strip and ignore any headers mentioned in the
       Connection header if this response is from an HTTP/1.0 server (to
       work around forwarding of hop-by-hop headers by old proxies), but the
       only hop-by-hop header we look at is Connection itself.
      Everything else is a well-defined end-to-end header, and going back and
       undoing the things we did based on already-examined headers would be
       hard (since we only scan them once, in a destructive manner).
      Therefore we just ignore all the other tokens.*/
    _cdr+=d;
    d=op_http_lwsspn(_cdr);
    if(d<=0)break;
    _cdr+=d;
  }
  return OP_UNLIKELY(*_cdr!='\0')?OP_FALSE:ret;
}

typedef int (*op_ssl_step_func)(SSL *_ssl_conn);

/*Try to run an SSL function to completion (blocking if necessary).*/
static int op_do_ssl_step(SSL *_ssl_conn,op_sock _fd,op_ssl_step_func _step){
  struct pollfd fd;
  fd.fd=_fd;
  for(;;){
    int ret;
    int err;
    ret=(*_step)(_ssl_conn);
    if(ret>=0)return ret;
    err=SSL_get_error(_ssl_conn,ret);
    if(err==SSL_ERROR_WANT_READ)fd.events=POLLIN;
    else if(err==SSL_ERROR_WANT_WRITE)fd.events=POLLOUT;
    else return OP_FALSE;
    if(poll(&fd,1,OP_POLL_TIMEOUT_MS)<=0)return OP_FALSE;
  }
}

/*Implement a BIO type that just indicates every operation should be retried.
  We use this when initializing an SSL connection via a proxy to allow the
   initial handshake to proceed all the way up to the first read attempt, and
   then return.
  This allows the TLS client hello message to be pipelined with the HTTP
   CONNECT request.*/

static int op_bio_retry_write(BIO *_b,const char *_buf,int _num){
  (void)_buf;
  (void)_num;
  BIO_clear_retry_flags(_b);
  BIO_set_retry_write(_b);
  return -1;
}

static int op_bio_retry_read(BIO *_b,char *_buf,int _num){
  (void)_buf;
  (void)_num;
  BIO_clear_retry_flags(_b);
  BIO_set_retry_read(_b);
  return -1;
}

static int op_bio_retry_puts(BIO *_b,const char *_str){
  return op_bio_retry_write(_b,_str,0);
}

static long op_bio_retry_ctrl(BIO *_b,int _cmd,long _num,void *_ptr){
  long ret;
  (void)_b;
  (void)_num;
  (void)_ptr;
  ret=0;
  switch(_cmd){
    case BIO_CTRL_RESET:
    case BIO_C_RESET_READ_REQUEST:{
      BIO_clear_retry_flags(_b);
      /*Fall through.*/
    }
    case BIO_CTRL_EOF:
    case BIO_CTRL_SET:
    case BIO_CTRL_SET_CLOSE:
    case BIO_CTRL_FLUSH:
    case BIO_CTRL_DUP:{
      ret=1;
    }break;
  }
  return ret;
}

static int op_bio_retry_new(BIO *_b){
  _b->init=1;
  _b->num=0;
  _b->ptr=NULL;
  return 1;
}

static int op_bio_retry_free(BIO *_b){
  return _b!=NULL;
}

/*This is not const because OpenSSL doesn't allow it, even though it won't
   write to it.*/
static BIO_METHOD op_bio_retry_method={
  BIO_TYPE_NULL,
  "retry",
  op_bio_retry_write,
  op_bio_retry_read,
  op_bio_retry_puts,
  NULL,
  op_bio_retry_ctrl,
  op_bio_retry_new,
  op_bio_retry_free,
  NULL
};

/*Establish a CONNECT tunnel and pipeline the start of the TLS handshake for
   proxying https URL requests.*/
static int op_http_conn_establish_tunnel(OpusHTTPStream *_stream,
 OpusHTTPConn *_conn,op_sock _fd,SSL *_ssl_conn,BIO *_ssl_bio){
  BIO  *retry_bio;
  char *status_code;
  char *next;
  int   ret;
  _conn->ssl_conn=NULL;
  _conn->fd=_fd;
  OP_ASSERT(_stream->proxy_connect.nbuf>0);
  ret=op_http_conn_write_fully(_conn,
   _stream->proxy_connect.buf,_stream->proxy_connect.nbuf);
  if(OP_UNLIKELY(ret<0))return ret;
  retry_bio=BIO_new(&op_bio_retry_method);
  if(OP_UNLIKELY(retry_bio==NULL))return OP_EFAULT;
  SSL_set_bio(_ssl_conn,retry_bio,_ssl_bio);
  SSL_set_connect_state(_ssl_conn);
  /*This shouldn't succeed, since we can't read yet.*/
  OP_ALWAYS_TRUE(SSL_connect(_ssl_conn)<0);
  SSL_set_bio(_ssl_conn,_ssl_bio,_ssl_bio);
  /*Only now do we disable write coalescing, to allow the CONNECT
     request and the start of the TLS handshake to be combined.*/
  op_sock_set_tcp_nodelay(_fd,1);
  ret=op_http_conn_read_response(_conn,&_stream->response);
  if(OP_UNLIKELY(ret<0))return ret;
  next=op_http_parse_status_line(NULL,&status_code,_stream->response.buf);
  /*According to RFC 2817, "Any successful (2xx) response to a
     CONNECT request indicates that the proxy has established a
     connection to the requested host and port.*/
  if(OP_UNLIKELY(next==NULL)||OP_UNLIKELY(status_code[0]!='2'))return OP_FALSE;
  return 0;
}

/*Match a host name against a host with a possible wildcard pattern according
   to the rules of RFC 6125 Section 6.4.3.
  Return: 0 if the pattern doesn't match, and a non-zero value if it does.*/
static int op_http_hostname_match(const char *_host,size_t _host_len,
 ASN1_STRING *_pattern){
  const char *pattern;
  size_t      host_label_len;
  size_t      host_suffix_len;
  size_t      pattern_len;
  size_t      pattern_label_len;
  size_t      pattern_prefix_len;
  size_t      pattern_suffix_len;
  pattern=(const char *)ASN1_STRING_data(_pattern);
  pattern_len=strlen(pattern);
  /*Check the pattern for embedded NULs.*/
  if(OP_UNLIKELY(pattern_len!=(size_t)ASN1_STRING_length(_pattern)))return 0;
  pattern_label_len=strcspn(pattern,".");
  OP_ASSERT(pattern_label_len<=pattern_len);
  pattern_prefix_len=strcspn(pattern,"*");
  if(pattern_prefix_len>=pattern_label_len){
    /*"The client SHOULD NOT attempt to match a presented identifier in which
       the wildcard character comprises a label other than the left-most label
       (e.g., do not match bar.*.example.net)." [RFC 6125 Section 6.4.3]*/
    if(pattern_prefix_len<pattern_len)return 0;
    /*If the pattern does not contain a wildcard in the first element, do an
       exact match.
      Don't use the system strcasecmp here, as that uses the locale and
       RFC 4343 makes clear that DNS's case-insensitivity only applies to
       the ASCII range.*/
    return _host_len==pattern_len&&op_strncasecmp(_host,pattern,_host_len)==0;
  }
  /*"However, the client SHOULD NOT attempt to match a presented identifier
     where the wildcard character is embedded within an A-label or U-label of
     an internationalized domain name." [RFC 6125 Section 6.4.3]*/
  if(op_strncasecmp(pattern,"xn--",4)==0)return 0;
  host_label_len=strcspn(_host,".");
  /*Make sure the host has at least two dots, to prevent the wildcard match
     from being ridiculously wide.
    We should have already checked to ensure it had at least one.*/
  if(OP_UNLIKELY(_host[host_label_len]!='.')
   ||strchr(_host+host_label_len+1,'.')==NULL){
    return 0;
  }
  OP_ASSERT(host_label_len<_host_len);
  /*"If the wildcard character is the only character of the left-most label in
     the presented identifier, the client SHOULD NOT compare against anything
     but the left-most label of the reference identifier (e.g., *.example.com
     would match foo.example.com but not bar.foo.example.com)." [RFC 6125
     Section 6.4.3]
    This is really confusingly worded, as we check this by actually comparing
     the rest of the pattern for an exact match.
    We also use the fact that the wildcard must match at least one character,
     so the left-most label of the hostname must be at least as large as the
     left-most label of the pattern.*/
  if(host_label_len<pattern_label_len)return 0;
  OP_ASSERT(pattern[pattern_prefix_len]=='*');
  /*"The client MAY match a presented identifier in which the wildcard
     character is not the only character of the label (e.g., baz*.example.net
     and *baz.example.net and b*z.example.net would be taken to match
     baz1.example.net and foobaz.example.net and buzz.example.net,
     respectively)." [RFC 6125 Section 6.4.3]*/
  pattern_suffix_len=pattern_len-pattern_prefix_len-1;
  host_suffix_len=_host_len-host_label_len
   +pattern_label_len-pattern_prefix_len-1;
  return pattern_suffix_len==host_suffix_len
   &&op_strncasecmp(_host,pattern,pattern_prefix_len)==0
   &&op_strncasecmp(_host+_host_len-host_suffix_len,
   pattern+pattern_prefix_len+1,host_suffix_len)==0;
}

/*Convert a host to a numeric address, if possible.
  Return: A struct addrinfo containing the address, if it was numeric, and NULL
           otherise.*/
static struct addrinfo *op_inet_pton(const char *_host){
  struct addrinfo *addrs;
  struct addrinfo  hints;
  memset(&hints,0,sizeof(hints));
  hints.ai_socktype=SOCK_STREAM;
  hints.ai_flags=AI_NUMERICHOST;
  if(!getaddrinfo(_host,NULL,&hints,&addrs))return addrs;
  return NULL;
}

/*Verify the server's hostname matches the certificate they presented using
   the procedure from Section 6 of RFC 6125.
  Return: 0 if the certificate doesn't match, and a non-zero value if it does.*/
static int op_http_verify_hostname(OpusHTTPStream *_stream,SSL *_ssl_conn){
  X509                   *peer_cert;
  STACK_OF(GENERAL_NAME) *san_names;
  char                   *host;
  size_t                  host_len;
  int                     ret;
  host=_stream->url.host;
  host_len=strlen(host);
  peer_cert=SSL_get_peer_certificate(_ssl_conn);
  /*We set VERIFY_PEER, so we shouldn't get here without a certificate.*/
  if(OP_UNLIKELY(peer_cert==NULL))return 0;
  ret=0;
  OP_ASSERT(host_len<INT_MAX);
  /*RFC 2818 says (after correcting for Eratta 1077): "If a subjectAltName
     extension of type dNSName is present, that MUST be used as the identity.
    Otherwise, the (most specific) Common Name field in the Subject field of
     the certificate MUST be used.
    Although the use of the Common Name is existing practice, it is deprecated
     and Certification Authorities are encouraged to use the dNSName
     instead."
    "Matching is performed using the matching rules specified by RFC 2459.
    If more than one identity of a given type is present in the certificate
     (e.g., more than one dNSName name), a match in any one of the set is
     considered acceptable.
    Names may contain the wildcard character * which is condered to match any
     single domain name component or component fragment.
    E.g., *.a.com matches foo.a.com but not bar.foo.a.com.
    f*.com matches foo.com but not bar.com."
    "In some cases, the URI is specified as an IP address rather than a
     hostname.
    In this case, the iPAddress subjectAltName must be present in the
     certificate and must exactly match the IP in the URI."*/
  san_names=X509_get_ext_d2i(peer_cert,NID_subject_alt_name,NULL,NULL);
  if(san_names!=NULL){
    struct addrinfo *addr;
    unsigned char   *ip;
    int              ip_len;
    int              nsan_names;
    int              sni;
    /*Check to see if the host was specified as a simple IP address.*/
    addr=op_inet_pton(host);
    ip=NULL;
    ip_len=0;
    if(addr!=NULL){
      switch(addr->ai_family){
        case AF_INET:{
          struct sockaddr_in *s;
          s=(struct sockaddr_in *)addr->ai_addr;
          OP_ASSERT(addr->ai_addrlen>=sizeof(*s));
          ip=(unsigned char *)&s->sin_addr;
          ip_len=sizeof(s->sin_addr);
        }break;
        case AF_INET6:{
          struct sockaddr_in6 *s;
          s=(struct sockaddr_in6 *)addr->ai_addr;
          OP_ASSERT(addr->ai_addrlen>=sizeof(*s));
          ip=(unsigned char *)&s->sin6_addr;
          ip_len=sizeof(s->sin6_addr);
        }break;
      }
    }
    /*We can only verify fully-qualified domain names.
      To quote RFC 6125: "The extracted data MUST include only information that
       can be securely parsed out of the inputs (e.g., parsing the fully
       qualified DNS domain name out of the "host" component (or its
       equivalent) of a URI or deriving the application service type from the
       scheme of a URI) ..."
      We don't have a way to check (without relying on DNS records, which might
       be subverted) if this address is fully-qualified.
      This is particularly problematic when using a CONNECT tunnel, as it is
       the server that does DNS lookup, not us.
      However, we are certain that if the hostname has no '.', it is definitely
       not a fully-qualified domain name (with the exception of crazy TLDs that
       actually resolve, like "uz", but I am willing to ignore those).
      RFC 1535 says "...in any event where a '.' exists in a specified name it
       should be assumed to be a fully qualified domain name (FQDN) and SHOULD
       be tried as a rooted name first."
      That doesn't give us any security guarantees, of course (a subverted DNS
       could fail the original query and our resolver might still retry with a
       local domain appended).
      If we don't have a FQDN, just set the number of names to 0, so we'll fail
       and clean up any resources we allocated.*/
    if(ip==NULL&&strchr(host,'.')==NULL)nsan_names=0;
    /*RFC 2459 says there MUST be at least one, but we don't depend on it.*/
    else nsan_names=sk_GENERAL_NAME_num(san_names);
    for(sni=0;sni<nsan_names;sni++){
      const GENERAL_NAME *name;
      name=sk_GENERAL_NAME_value(san_names,sni);
      if(ip==NULL){
        if(name->type==GEN_DNS
         &&op_http_hostname_match(host,host_len,name->d.dNSName)){
          ret=1;
          break;
        }
      }
      else if(name->type==GEN_IPADD){
        unsigned char *cert_ip;
        /*If we do have an IP address, compare it directly.
          RFC 6125: "When the reference identity is an IP address, the identity
           MUST be converted to the 'network byte order' octet string
           representation.
          For IP Version 4, as specified in RFC 791, the octet string will
           contain exactly four octets.
          For IP Version 6, as specified in RFC 2460, the octet string will
           contain exactly sixteen octets.
          This octet string is then compared against subjectAltName values of
           type iPAddress.
          A match occurs if the reference identity octet string and the value
           octet strings are identical."*/
        cert_ip=ASN1_STRING_data(name->d.iPAddress);
        if(ip_len==ASN1_STRING_length(name->d.iPAddress)
         &&memcmp(ip,cert_ip,ip_len)==0){
          ret=1;
          break;
        }
      }
    }
    sk_GENERAL_NAME_pop_free(san_names,GENERAL_NAME_free);
    if(addr!=NULL)freeaddrinfo(addr);
  }
  /*Do the same FQDN check we did above.
    We don't do this once in advance for both cases, because in the
     subjectAltName case we might have an IPv6 address without a dot.*/
  else if(strchr(host,'.')!=NULL){
    int last_cn_loc;
    int cn_loc;
    /*If there is no subjectAltName, match against commonName.
      RFC 6125 says that at least one significant CA is known to issue certs
       with multiple CNs, although it SHOULD NOT.
      It also says: "The server's identity may also be verified by comparing
       the reference identity to the Common Name (CN) value in the last
       Relative Distinguished Name (RDN) of the subject field of the server's
       certificate (where "last" refers to the DER-encoded order...)."
      So find the last one and check it.*/
    cn_loc=-1;
    do{
      last_cn_loc=cn_loc;
      cn_loc=X509_NAME_get_index_by_NID(X509_get_subject_name(peer_cert),
       NID_commonName,last_cn_loc);
    }
    while(cn_loc>=0);
    ret=last_cn_loc>=0
     &&op_http_hostname_match(host,host_len,
     X509_NAME_ENTRY_get_data(
     X509_NAME_get_entry(X509_get_subject_name(peer_cert),last_cn_loc)));
  }
  X509_free(peer_cert);
  return ret;
}

/*Perform the TLS handshake on a new connection.*/
static int op_http_conn_start_tls(OpusHTTPStream *_stream,OpusHTTPConn *_conn,
 op_sock _fd,SSL *_ssl_conn){
  SSL_SESSION *ssl_session;
  BIO         *ssl_bio;
  int          skip_certificate_check;
  int          ret;
  ssl_bio=BIO_new_socket(_fd,BIO_NOCLOSE);
  if(OP_LIKELY(ssl_bio==NULL))return OP_FALSE;
# if !defined(OPENSSL_NO_TLSEXT)
  /*Support for RFC 6066 Server Name Indication.*/
  SSL_set_tlsext_host_name(_ssl_conn,_stream->url.host);
# endif
  /*Resume a previous session if available.*/
  if(_stream->ssl_session!=NULL){
    SSL_set_session(_ssl_conn,_stream->ssl_session);
  }
  /*If we're proxying, establish the CONNECT tunnel.*/
  if(_stream->proxy_connect.nbuf>0){
    ret=op_http_conn_establish_tunnel(_stream,_conn,
     _fd,_ssl_conn,ssl_bio);
    if(OP_UNLIKELY(ret<0))return ret;
  }
  else{
    /*Otherwise, just use this socket directly.*/
    op_sock_set_tcp_nodelay(_fd,1);
    SSL_set_bio(_ssl_conn,ssl_bio,ssl_bio);
    SSL_set_connect_state(_ssl_conn);
  }
  ret=op_do_ssl_step(_ssl_conn,_fd,SSL_connect);
  if(OP_UNLIKELY(ret<=0))return OP_FALSE;
  ssl_session=_stream->ssl_session;
  skip_certificate_check=_stream->skip_certificate_check;
  if(ssl_session==NULL||!skip_certificate_check){
    ret=op_do_ssl_step(_ssl_conn,_fd,SSL_do_handshake);
    if(OP_UNLIKELY(ret<=0))return OP_FALSE;
    /*OpenSSL does not do hostname verification, despite the fact that we just
       passed it the hostname above in the call to SSL_set_tlsext_host_name(),
       because they are morons.
      Do it for them.*/
    if(!skip_certificate_check&&!op_http_verify_hostname(_stream,_ssl_conn)){
      return OP_FALSE;
    }
    if(ssl_session==NULL){
      /*Save the session for later resumption.*/
      _stream->ssl_session=SSL_get1_session(_ssl_conn);
    }
  }
  _conn->ssl_conn=_ssl_conn;
  _conn->fd=_fd;
  _conn->nrequests_left=OP_PIPELINE_MAX_REQUESTS;
  return 0;
}

/*Try to start a connection to the next address in the given list of a given
   type.
  _fd:           The socket to connect with.
  [inout] _addr: A pointer to the list of addresses.
                 This will be advanced to the first one that matches the given
                  address family (possibly the current one).
  _ai_family:    The address family to connect to.
  Return: 1        If the connection was successful.
          0        If the connection is in progress.
          OP_FALSE If the connection failed and there were no more addresses
                    left to try.
                    *_addr will be set to NULL in this case.*/
static int op_sock_connect_next(op_sock _fd,
 const struct addrinfo **_addr,int _ai_family){
  const struct addrinfo *addr;
  int                    err;
  addr=*_addr;
  for(;;){
    /*Move to the next address of the requested type.*/
    for(;addr!=NULL&&addr->ai_family!=_ai_family;addr=addr->ai_next);
    *_addr=addr;
    /*No more: failure.*/
    if(addr==NULL)return OP_FALSE;
    if(connect(_fd,addr->ai_addr,addr->ai_addrlen)>=0)return 1;
    err=op_errno();
    /*Winsock will set WSAEWOULDBLOCK.*/
    if(OP_LIKELY(err==EINPROGRESS||err==EWOULDBLOCK))return 0;
    addr=addr->ai_next;
  }
}

/*The number of address families to try connecting to simultaneously.*/
# define OP_NPROTOS (2)

static int op_http_connect_impl(OpusHTTPStream *_stream,OpusHTTPConn *_conn,
 const struct addrinfo *_addrs,struct timeb *_start_time){
  const struct addrinfo *addr;
  const struct addrinfo *addrs[OP_NPROTOS];
  struct pollfd          fds[OP_NPROTOS];
  int                    ai_family;
  int                    nprotos;
  int                    ret;
  int                    pi;
  int                    pj;
  for(pi=0;pi<OP_NPROTOS;pi++)addrs[pi]=NULL;
  /*Try connecting via both IPv4 and IPv6 simultaneously, and keep the first
     one that succeeds.
    Start by finding the first address from each family.
    We order the first connection attempts in the same order the address
     families were returned in the DNS records in accordance with RFC 6555.*/
  for(addr=_addrs,nprotos=0;addr!=NULL&&nprotos<OP_NPROTOS;addr=addr->ai_next){
    if(addr->ai_family==AF_INET6||addr->ai_family==AF_INET){
      OP_ASSERT(addr->ai_addrlen<=sizeof(struct sockaddr_in6));
      OP_ASSERT(addr->ai_addrlen<=sizeof(struct sockaddr_in));
      /*If we've seen this address family before, skip this address for now.*/
      for(pi=0;pi<nprotos;pi++)if(addrs[pi]->ai_family==addr->ai_family)break;
      if(pi<nprotos)continue;
      addrs[nprotos++]=addr;
    }
  }
  /*Pop the connection off the free list and put it on the LRU list.*/
  OP_ASSERT(_stream->free_head==_conn);
  _stream->free_head=_conn->next;
  _conn->next=_stream->lru_head;
  _stream->lru_head=_conn;
  ftime(_start_time);
  *&_conn->read_time=*_start_time;
  _conn->read_bytes=0;
  _conn->read_rate=0;
  /*Try to start a connection to each protocol.
    RFC 6555 says it is RECOMMENDED that connection attempts be paced
     150...250 ms apart "to balance human factors against network load", but
     that "stateful algorithms" (that's us) "are expected to be more
     aggressive".
    We are definitely more aggressive: we don't pace at all.*/
  for(pi=0;pi<nprotos;pi++){
    ai_family=addrs[pi]->ai_family;
    fds[pi].fd=socket(ai_family,SOCK_STREAM,addrs[pi]->ai_protocol);
    fds[pi].events=POLLOUT;
    if(OP_LIKELY(fds[pi].fd!=OP_INVALID_SOCKET)){
      if(OP_LIKELY(op_sock_set_nonblocking(fds[pi].fd,1)>=0)){
        ret=op_sock_connect_next(fds[pi].fd,addrs+pi,ai_family);
        if(OP_UNLIKELY(ret>0)){
          /*It succeeded right away (technically possible), so stop.*/
          nprotos=pi+1;
          break;
        }
        /*Otherwise go on to the next protocol, and skip the clean-up below.*/
        else if(ret==0)continue;
        /*Tried all the addresses for this protocol.*/
      }
      /*Clean up the socket.*/
      close(fds[pi].fd);
    }
    /*Remove this protocol from the list.*/
    memmove(addrs+pi,addrs+pi+1,sizeof(*addrs)*(nprotos-pi-1));
    nprotos--;
    pi--;
  }
  /*Wait for one of the connections to finish.*/
  while(pi>=nprotos&&nprotos>0&&poll(fds,nprotos,OP_POLL_TIMEOUT_MS)>0){
    for(pi=0;pi<nprotos;pi++){
      socklen_t errlen;
      int       err;
      /*Still waiting...*/
      if(!fds[pi].revents)continue;
      errlen=sizeof(err);
      /*Some platforms will return the pending error in &err and return 0.
        Others will put it in errno and return -1.*/
      ret=getsockopt(fds[pi].fd,SOL_SOCKET,SO_ERROR,&err,&errlen);
      if(ret<0)err=op_errno();
      /*Success!*/
      if(err==0||err==EISCONN)break;
      /*Move on to the next address for this protocol.*/
      ai_family=addrs[pi]->ai_family;
      addrs[pi]=addrs[pi]->ai_next;
      ret=op_sock_connect_next(fds[pi].fd,addrs+pi,ai_family);
      /*It succeeded right away, so stop.*/
      if(ret>0)break;
      /*Otherwise go on to the next protocol, and skip the clean-up below.*/
      else if(ret==0)continue;
      /*Tried all the addresses for this protocol.
        Remove it from the list.*/
      close(fds[pi].fd);
      memmove(fds+pi,fds+pi+1,sizeof(*fds)*(nprotos-pi-1));
      memmove(addrs+pi,addrs+pi+1,sizeof(*addrs)*(nprotos-pi-1));
      nprotos--;
      pi--;
    }
  }
  /*Close all the other sockets.*/
  for(pj=0;pj<nprotos;pj++)if(pi!=pj)close(fds[pj].fd);
  /*If none of them succeeded, we're done.*/
  if(pi>=nprotos)return OP_FALSE;
  /*Save this address for future connection attempts.*/
  if(addrs[pi]!=&_stream->addr_info){
    memcpy(&_stream->addr_info,addrs[pi],sizeof(_stream->addr_info));
    _stream->addr_info.ai_addr=&_stream->addr.s;
    _stream->addr_info.ai_next=NULL;
    memcpy(&_stream->addr,addrs[pi]->ai_addr,addrs[pi]->ai_addrlen);
  }
  if(OP_URL_IS_SSL(&_stream->url)){
    SSL *ssl_conn;
    /*Start the SSL connection.*/
    OP_ASSERT(_stream->ssl_ctx!=NULL);
    ssl_conn=SSL_new(_stream->ssl_ctx);
    if(OP_LIKELY(ssl_conn!=NULL)){
      ret=op_http_conn_start_tls(_stream,_conn,fds[pi].fd,ssl_conn);
      if(OP_LIKELY(ret>=0))return ret;
      SSL_free(ssl_conn);
    }
    close(fds[pi].fd);
    _conn->fd=OP_INVALID_SOCKET;
    return OP_FALSE;
  }
  /*Just a normal non-SSL connection.*/
  _conn->ssl_conn=NULL;
  _conn->fd=fds[pi].fd;
  _conn->nrequests_left=OP_PIPELINE_MAX_REQUESTS;
  /*Disable write coalescing.
    We always send whole requests at once and always parse the response headers
     before sending another one.*/
  op_sock_set_tcp_nodelay(fds[pi].fd,1);
  return 0;
}

static int op_http_connect(OpusHTTPStream *_stream,OpusHTTPConn *_conn,
 const struct addrinfo *_addrs,struct timeb *_start_time){
  struct timeb     resolve_time;
  struct addrinfo *new_addrs;
  int              ret;
  /*Re-resolve the host if we need to (RFC 6555 says we MUST do so
     occasionally).*/
  new_addrs=NULL;
  ftime(&resolve_time);
  if(_addrs!=&_stream->addr_info||op_time_diff_ms(&resolve_time,
   &_stream->resolve_time)>=OP_RESOLVE_CACHE_TIMEOUT_MS){
    new_addrs=op_resolve(_stream->connect_host,_stream->connect_port);
    if(OP_LIKELY(new_addrs!=NULL)){
      _addrs=new_addrs;
      *&_stream->resolve_time=*&resolve_time;
    }
    else if(OP_LIKELY(_addrs==NULL))return OP_FALSE;
  }
  ret=op_http_connect_impl(_stream,_conn,_addrs,_start_time);
  if(new_addrs!=NULL)freeaddrinfo(new_addrs);
  return ret;
}

# define OP_BASE64_LENGTH(_len) (((_len)+2)/3*4)

static const char BASE64_TABLE[64]={
  'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P',
  'Q','R','S','T','U','V','W','X','Y','Z','a','b','c','d','e','f',
  'g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v',
  'w','x','y','z','0','1','2','3','4','5','6','7','8','9','+','/'
};

static char *op_base64_encode(char *_dst,const char *_src,int _len){
  unsigned s0;
  unsigned s1;
  unsigned s2;
  int      ngroups;
  int      i;
  ngroups=_len/3;
  for(i=0;i<ngroups;i++){
    s0=_src[3*i+0];
    s1=_src[3*i+1];
    s2=_src[3*i+2];
    _dst[4*i+0]=BASE64_TABLE[s0>>2];
    _dst[4*i+1]=BASE64_TABLE[(s0&3)<<4|s1>>4];
    _dst[4*i+2]=BASE64_TABLE[(s1&15)<<2|s2>>6];
    _dst[4*i+3]=BASE64_TABLE[s2&63];
  }
  _len-=3*i;
  if(_len==1){
    s0=_src[3*i+0];
    _dst[4*i+0]=BASE64_TABLE[s0>>2];
    _dst[4*i+1]=BASE64_TABLE[(s0&3)<<4];
    _dst[4*i+2]='=';
    _dst[4*i+3]='=';
    i++;
  }
  else if(_len==2){
    s0=_src[3*i+0];
    s1=_src[3*i+1];
    _dst[4*i+0]=BASE64_TABLE[s0>>2];
    _dst[4*i+1]=BASE64_TABLE[(s0&3)<<4|s1>>4];
    _dst[4*i+2]=BASE64_TABLE[(s1&15)<<2];
    _dst[4*i+3]='=';
    i++;
  }
  _dst[4*i]='\0';
  return _dst+4*i;
}

/*Construct an HTTP authorization header using RFC 2617's Basic Authentication
   Scheme and append it to the given string buffer.*/
static int op_sb_append_basic_auth_header(OpusStringBuf *_sb,
 const char *_header,const char *_user,const char *_pass){
  int user_len;
  int pass_len;
  int user_pass_len;
  int base64_len;
  int nbuf_total;
  int ret;
  ret=op_sb_append_string(_sb,_header);
  ret|=op_sb_append(_sb,": Basic ",8);
  user_len=strlen(_user);
  pass_len=strlen(_pass);
  if(OP_UNLIKELY(pass_len>INT_MAX-user_len))return OP_EFAULT;
  if(OP_UNLIKELY(user_len+pass_len>(INT_MAX>>2)*3-3))return OP_EFAULT;
  user_pass_len=user_len+1+pass_len;
  base64_len=OP_BASE64_LENGTH(user_pass_len);
  /*Stick "user:pass" at the end of the buffer so we can Base64 encode it
     in-place.*/
  nbuf_total=_sb->nbuf;
  if(OP_UNLIKELY(base64_len>INT_MAX-nbuf_total))return OP_EFAULT;
  nbuf_total+=base64_len;
  ret|=op_sb_ensure_capacity(_sb,nbuf_total);
  if(OP_UNLIKELY(ret<0))return ret;
  _sb->nbuf=nbuf_total-user_pass_len;
  OP_ALWAYS_TRUE(!op_sb_append(_sb,_user,user_len));
  OP_ALWAYS_TRUE(!op_sb_append(_sb,":",1));
  OP_ALWAYS_TRUE(!op_sb_append(_sb,_pass,pass_len));
  op_base64_encode(_sb->buf+nbuf_total-base64_len,
   _sb->buf+nbuf_total-user_pass_len,user_pass_len);
  return op_sb_append(_sb,"\r\n",2);
}

static int op_http_allow_pipelining(const char *_server){
  /*Servers known to do bad things with pipelined requests.
    This list is taken from Gecko's nsHttpConnection::SupportsPipelining() (in
     netwerk/protocol/http/nsHttpConnection.cpp).*/
  static const char *BAD_SERVERS[]={
    "EFAServer/",
    "Microsoft-IIS/4.",
    "Microsoft-IIS/5.",
    "Netscape-Enterprise/3.",
    "Netscape-Enterprise/4.",
    "Netscape-Enterprise/5.",
    "Netscape-Enterprise/6.",
    "WebLogic 3.",
    "WebLogic 4.",
    "WebLogic 5.",
    "WebLogic 6.",
    "Winstone Servlet Engine v0."
  };
# define NBAD_SERVERS ((int)(sizeof(BAD_SERVERS)/sizeof(*BAD_SERVERS)))
  if(*_server>='E'&&*_server<='W'){
    int si;
    for(si=0;si<NBAD_SERVERS;si++){
      if(strncmp(_server,BAD_SERVERS[si],strlen(BAD_SERVERS[si]))==0){
        return 0;
      }
    }
  }
  return 1;
# undef NBAD_SERVERS
}

static int op_http_stream_open(OpusHTTPStream *_stream,const char *_url,
 int _skip_certificate_check,const char *_proxy_host,unsigned _proxy_port,
 const char *_proxy_user,const char *_proxy_pass,OpusServerInfo *_info){
  struct addrinfo *addrs;
  int              nredirs;
  int              ret;
#if defined(_WIN32)
  op_init_winsock();
#endif
  ret=op_parse_url(&_stream->url,_url);
  if(OP_UNLIKELY(ret<0))return ret;
  if(_proxy_host!=NULL){
    if(OP_UNLIKELY(_proxy_port>65535U))return OP_EINVAL;
    _stream->connect_host=op_string_dup(_proxy_host);
    _stream->connect_port=_proxy_port;
  }
  else{
    _stream->connect_host=_stream->url.host;
    _stream->connect_port=_stream->url.port;
  }
  addrs=NULL;
  for(nredirs=0;nredirs<OP_REDIRECT_LIMIT;nredirs++){
    OpusParsedURL  next_url;
    struct timeb   start_time;
    struct timeb   end_time;
    char          *next;
    char          *status_code;
    int            minor_version_pos;
    int            v1_1_compat;
    /*Initialize the SSL library if necessary.*/
    if(OP_URL_IS_SSL(&_stream->url)&&_stream->ssl_ctx==NULL){
      SSL_CTX *ssl_ctx;
# if !defined(OPENSSL_NO_LOCKING)
      /*The documentation says SSL_library_init() is not reentrant.
        We don't want to add our own depenencies on a threading library, and it
         appears that it's safe to call OpenSSL's locking functions before the
         library is initialized, so that's what we'll do (really OpenSSL should
         do this for us).
        This doesn't guarantee that _other_ threads in the application aren't
         calling SSL_library_init() at the same time, but there's not much we
         can do about that.*/
      CRYPTO_w_lock(CRYPTO_LOCK_SSL);
# endif
      SSL_library_init();
      /*Needed to get SHA2 algorithms with old OpenSSL versions.*/
      OpenSSL_add_ssl_algorithms();
# if !defined(OPENSSL_NO_LOCKING)
      CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
# endif
      ssl_ctx=SSL_CTX_new(SSLv23_client_method());
      if(ssl_ctx==NULL)return OP_EFAULT;
      if(!_skip_certificate_check){
        /*We don't do anything if this fails, since it just means we won't load
           any certificates (and thus all checks will fail).
          However, as that is probably the result of a system
           mis-configuration, assert here to make it easier to identify.*/
        OP_ALWAYS_TRUE(SSL_CTX_set_default_verify_paths(ssl_ctx));
        SSL_CTX_set_verify(ssl_ctx,SSL_VERIFY_PEER,NULL);
      }
      _stream->ssl_ctx=ssl_ctx;
      _stream->skip_certificate_check=_skip_certificate_check;
      if(_proxy_host!=NULL){
        /*We need to establish a CONNECT tunnel to handle https proxying.
          Build the request we'll send to do so.*/
        _stream->proxy_connect.nbuf=0;
        ret=op_sb_append(&_stream->proxy_connect,"CONNECT ",8);
        ret|=op_sb_append_string(&_stream->proxy_connect,_stream->url.host);
        ret|=op_sb_append_port(&_stream->proxy_connect,_stream->url.port);
        /*CONNECT requires at least HTTP 1.1.*/
        ret|=op_sb_append(&_stream->proxy_connect," HTTP/1.1\r\n",11);
        ret|=op_sb_append(&_stream->proxy_connect,"Host: ",6);
        ret|=op_sb_append_string(&_stream->proxy_connect,_stream->url.host);
        /*The example in RFC 2817 Section 5.2 specifies an explicit port even
           when connecting to the default port.
          Given that the proxy doesn't know whether we're trying to connect to
           an http or an https URL except by the port number, this seems like a
           good idea.*/
        ret|=op_sb_append_port(&_stream->proxy_connect,_stream->url.port);
        ret|=op_sb_append(&_stream->proxy_connect,"\r\n",2);
        ret|=op_sb_append(&_stream->proxy_connect,"User-Agent: .\r\n",15);
        if(_proxy_user!=NULL&&_proxy_pass!=NULL){
          ret|=op_sb_append_basic_auth_header(&_stream->proxy_connect,
           "Proxy-Authorization",_proxy_user,_proxy_pass);
        }
        /*For backwards compatibility.*/
        ret|=op_sb_append(&_stream->proxy_connect,
         "Proxy-Connection: keep-alive\r\n",30);
        ret|=op_sb_append(&_stream->proxy_connect,"\r\n",2);
        if(OP_UNLIKELY(ret<0))return ret;
      }
    }
    /*Actually make the connection.*/
    ret=op_http_connect(_stream,_stream->conns+0,addrs,&start_time);
    if(OP_UNLIKELY(ret<0))return ret;
    /*Build the request to send.*/
    _stream->request.nbuf=0;
    ret=op_sb_append(&_stream->request,"GET ",4);
    ret|=op_sb_append_string(&_stream->request,
     _proxy_host!=NULL?_url:_stream->url.path);
    /*Send HTTP/1.0 by default for maximum compatibility (so we don't have to
       re-try if HTTP/1.1 fails, though it shouldn't, even for a 1.0 server).
      This means we aren't conditionally compliant with RFC 2145, because we
       violate the requirement that "An HTTP client SHOULD send a request
       version equal to the highest version for which the client is at least
       conditionally compliant...".
      According to RFC 2145, that means we can't claim any compliance with any
       IETF HTTP specification.*/
    ret|=op_sb_append(&_stream->request," HTTP/1.0\r\n",11);
    /*Remember where this is so we can upgrade to HTTP/1.1 if the server
       supports it.*/
    minor_version_pos=_stream->request.nbuf-3;
    ret|=op_sb_append(&_stream->request,"Host: ",6);
    ret|=op_sb_append_string(&_stream->request,_stream->url.host);
    if(!OP_URL_IS_DEFAULT_PORT(&_stream->url)){
      ret|=op_sb_append_port(&_stream->request,_stream->url.port);
    }
    ret|=op_sb_append(&_stream->request,"\r\n",2);
    /*User-Agents have been a bad idea, so send as little as possible.
      RFC 2616 requires at least one token in the User-Agent, which must have
       at least one character.*/
    ret|=op_sb_append(&_stream->request,"User-Agent: .\r\n",15);
    if(_proxy_host!=NULL&&!OP_URL_IS_SSL(&_stream->url)
     &&_proxy_user!=NULL&&_proxy_pass!=NULL){
      ret|=op_sb_append_basic_auth_header(&_stream->request,
       "Proxy-Authorization",_proxy_user,_proxy_pass);
    }
    if(_stream->url.user!=NULL&&_stream->url.pass!=NULL){
      ret|=op_sb_append_basic_auth_header(&_stream->request,
       "Authorization",_stream->url.user,_stream->url.pass);
    }
    /*Always send a Referer [sic] header.
      It's common to refuse to serve a resource unless one is present.
      We just use the relative "/" URI to suggest we came from the same domain,
       as this is the most common check.
      This might violate RFC 2616's mandate that the field "MUST NOT be sent if
       the Request-URI was obtained from a source that does not have its own
       URI, such as input from the user keyboard," but we don't really have any
       way to know.*/
    /*TODO: Should we update this on redirects?*/
    ret|=op_sb_append(&_stream->request,"Referer: /\r\n",12);
    /*Always send a Range request header to find out if we're seekable.
      This requires an HTTP/1.1 server to succeed, but we'll still get what we
       want with an HTTP/1.0 server that ignores this request header.*/
    ret|=op_sb_append(&_stream->request,"Range: bytes=0-\r\n",17);
    /*Remember where this is so we can append offsets to it later.*/
    _stream->request_tail=_stream->request.nbuf-4;
    ret|=op_sb_append(&_stream->request,"\r\n",2);
    if(OP_UNLIKELY(ret<0))return ret;
    ret=op_http_conn_write_fully(_stream->conns+0,
     _stream->request.buf,_stream->request.nbuf);
    if(OP_UNLIKELY(ret<0))return ret;
    ret=op_http_conn_read_response(_stream->conns+0,&_stream->response);
    if(OP_UNLIKELY(ret<0))return ret;
    ftime(&end_time);
    next=op_http_parse_status_line(&v1_1_compat,&status_code,
     _stream->response.buf);
    if(OP_UNLIKELY(next==NULL))return OP_FALSE;
    if(status_code[0]=='2'){
      opus_int64 content_length;
      opus_int64 range_length;
      int        pipeline_supported;
      int        pipeline_disabled;
      /*We only understand 20x codes.*/
      if(status_code[1]!='0')return OP_FALSE;
      content_length=-1;
      range_length=-1;
      /*Pipelining must be explicitly enabled.*/
      pipeline_supported=0;
      pipeline_disabled=0;
      for(;;){
        char *header;
        char *cdr;
        ret=op_http_get_next_header(&header,&cdr,&next);
        if(OP_UNLIKELY(ret<0))return ret;
        if(header==NULL)break;
        if(strcmp(header,"content-length")==0){
          /*Two Content-Length headers?*/
          if(OP_UNLIKELY(content_length>=0))return OP_FALSE;
          content_length=op_http_parse_content_length(cdr);
          if(OP_UNLIKELY(content_length<0))return (int)content_length;
          /*Make sure the Content-Length and Content-Range headers match.*/
          if(range_length>=0&&OP_UNLIKELY(content_length!=range_length)){
            return OP_FALSE;
          }
        }
        else if(strcmp(header,"content-range")==0){
          opus_int64 range_first;
          opus_int64 range_last;
          /*Two Content-Range headers?*/
          if(OP_UNLIKELY(range_length>=0))return OP_FALSE;
          ret=op_http_parse_content_range(&range_first,&range_last,
           &range_length,cdr);
          if(OP_UNLIKELY(ret<0))return ret;
          /*"A response with satus code 206 (Partial Content) MUST NOT
             include a Content-Range field with a byte-range-resp-spec of
             '*'."*/
          if(status_code[2]=='6'
           &&(OP_UNLIKELY(range_first<0)||OP_UNLIKELY(range_last<0))){
            return OP_FALSE;
          }
          /*We asked for the entire resource.*/
          if(range_length>=0){
            /*Quit if we didn't get it.*/
            if(range_last>=0&&OP_UNLIKELY(range_last!=range_length-1)){
              return OP_FALSE;
            }
          }
          /*If there was no length, use the end of the range.*/
          else if(range_last>=0)range_length=range_last+1;
          /*Make sure the Content-Length and Content-Range headers match.*/
          if(content_length>=0&&OP_UNLIKELY(content_length!=range_length)){
            return OP_FALSE;
          }
        }
        else if(strcmp(header,"connection")==0){
          /*According to RFC 2616, if an HTTP/1.1 application does not support
             pipelining, it "MUST include the 'close' connection option in
             every message."
            Therefore, if we receive one in the initial response, disable
             pipelining entirely.
            The server still might support it (e.g., we might just have hit the
             request limit for a temporary child process), but if it doesn't
             and we assume it does, every time we cross a chunk boundary we'll
             error out and reconnect, adding lots of latency.*/
          ret=op_http_parse_connection(cdr);
          if(OP_UNLIKELY(ret<0))return ret;
          pipeline_disabled|=ret;
        }
        else if(strcmp(header,"server")==0){
          /*If we got a Server response header, and it wasn't from a known-bad
             server, enable pipelining, as long as it's at least HTTP/1.1.
            According to RFC 2145, the server is supposed to respond with the
             highest minor version number it supports unless it is known or
             suspected that we incorrectly implement the HTTP specification.
            So it should send back at least HTTP/1.1, despite our HTTP/1.0
             request.*/
          pipeline_supported=v1_1_compat;
          if(v1_1_compat)pipeline_disabled|=!op_http_allow_pipelining(cdr);
          if(_info!=NULL&&_info->server==NULL)_info->server=op_string_dup(cdr);
        }
        /*Collect station information headers if the caller requested it.
          If there's more than one copy of a header, the first one wins.*/
        else if(_info!=NULL){
          if(strcmp(header,"content-type")==0){
            if(_info->content_type==NULL){
              _info->content_type=op_string_dup(cdr);
            }
          }
          else if(header[0]=='i'&&header[1]=='c'
           &&(header[2]=='e'||header[2]=='y')&&header[3]=='-'){
            if(strcmp(header+4,"name")==0){
              if(_info->name==NULL)_info->name=op_string_dup(cdr);
            }
            else if(strcmp(header+4,"description")==0){
              if(_info->description==NULL)_info->description=op_string_dup(cdr);
            }
            else if(strcmp(header+4,"genre")==0){
              if(_info->genre==NULL)_info->genre=op_string_dup(cdr);
            }
            else if(strcmp(header+4,"url")==0){
              if(_info->url==NULL)_info->url=op_string_dup(cdr);
            }
            else if(strcmp(header,"icy-br")==0
             ||strcmp(header,"ice-bitrate")==0){
              if(_info->bitrate_kbps<0){
                opus_int64 bitrate_kbps;
                /*Just re-using this function to parse a random unsigned
                   integer field.*/
                bitrate_kbps=op_http_parse_content_length(cdr);
                if(bitrate_kbps>=0&&bitrate_kbps<=OP_INT32_MAX){
                  _info->bitrate_kbps=(opus_int32)bitrate_kbps;
                }
              }
            }
            else if(strcmp(header,"icy-pub")==0
             ||strcmp(header,"ice-public")==0){
              if(_info->is_public<0&&(cdr[0]=='0'||cdr[0]=='1')&&cdr[1]=='\0'){
                _info->is_public=cdr[0]-'0';
              }
            }
          }
        }
      }
      switch(status_code[2]){
        /*200 OK*/
        case '0':break;
        /*203 Non-Authoritative Information*/
        case '3':break;
        /*204 No Content*/
        case '4':{
          if(content_length>=0&&OP_UNLIKELY(content_length!=0)){
            return OP_FALSE;
          }
        }break;
        /*206 Partial Content*/
        case '6':{
          /*No Content-Range header.*/
          if(OP_UNLIKELY(range_length<0))return OP_FALSE;
          content_length=range_length;
          /*The server supports range requests for this resource.
            We can seek.*/
          _stream->seekable=1;
        }break;
        /*201 Created: the response "SHOULD include an entity containing a list
           of resource characteristics and location(s)," but not an Opus file.
          202 Accepted: the response "SHOULD include an indication of request's
           current status and either a pointer to a status monitor or some
           estimate of when the user can expect the request to be fulfilled,"
           but not an Opus file.
          205 Reset Content: this "MUST NOT include an entity," meaning no Opus
           file.
          207...209 are not yet defined, so we don't know how to handle them.*/
        default:return OP_FALSE;
      }
      _stream->content_length=content_length;
      _stream->pipeline=pipeline_supported&&!pipeline_disabled;
      /*Pipelining requires HTTP/1.1 persistent connections.*/
      if(_stream->pipeline)_stream->request.buf[minor_version_pos]='1';
      _stream->conns[0].pos=0;
      _stream->conns[0].end_pos=_stream->seekable?content_length:-1;
      _stream->conns[0].chunk_size=-1;
      _stream->cur_conni=0;
      _stream->connect_rate=op_time_diff_ms(&end_time,&start_time);
      _stream->connect_rate=OP_MAX(_stream->connect_rate,1);
      if(_info!=NULL)_info->is_ssl=OP_URL_IS_SSL(&_stream->url);
      /*The URL has been successfully opened.*/
      return 0;
    }
    /*Shouldn't get 1xx; 4xx and 5xx are both failures (and we don't retry).
      Everything else is undefined.*/
    else if(status_code[0]!='3')return OP_FALSE;
    /*We have some form of redirect request.*/
    /*We only understand 30x codes.*/
    if(status_code[1]!='0')return OP_FALSE;
    switch(status_code[2]){
      /*300 Multiple Choices: "If the server has a preferred choice of
         representation, it SHOULD include the specific URI for that
         representation in the Location field," otherwise we'll fail.*/
      case '0':
      /*301 Moved Permanently*/
      case '1':
      /*302 Found*/
      case '2':
      /*307 Temporary Redirect*/
      case '7':
      /*308 Permanent Redirect (defined by draft-reschke-http-status-308-07).*/
      case '8':break;
      /*305 Use Proxy: "The Location field gives the URI of the proxy."
        TODO: This shouldn't actually be that hard to do.*/
      case '5':return OP_EIMPL;
      /*303 See Other: "The new URI is not a substitute reference for the
         originally requested resource."
        304 Not Modified: "The 304 response MUST NOT contain a message-body."
        306 (Unused)
        309 is not yet defined, so we don't know how to handle it.*/
      default:return OP_FALSE;
    }
    _url=NULL;
    for(;;){
      char *header;
      char *cdr;
      ret=op_http_get_next_header(&header,&cdr,&next);
      if(OP_UNLIKELY(ret<0))return ret;
      if(header==NULL)break;
      if(strcmp(header,"location")==0&&OP_LIKELY(_url==NULL))_url=cdr;
    }
    if(OP_UNLIKELY(_url==NULL))return OP_FALSE;
    ret=op_parse_url(&next_url,_url);
    if(OP_UNLIKELY(ret<0))return ret;
    if(_proxy_host==NULL||_stream->ssl_session!=NULL){
      if(strcmp(_stream->url.host,next_url.host)==0
       &&_stream->url.port==next_url.port){
        /*Try to skip re-resolve when connecting to the same host.*/
        addrs=&_stream->addr_info;
      }
      else{
        if(_stream->ssl_session!=NULL){
          /*Forget any cached SSL session from the last host.*/
          SSL_SESSION_free(_stream->ssl_session);
          _stream->ssl_session=NULL;
        }
      }
    }
    if(_proxy_host==NULL){
      OP_ASSERT(_stream->connect_host==_stream->url.host);
      _stream->connect_host=next_url.host;
      _stream->connect_port=next_url.port;
    }
    /*Always try to skip re-resolve for proxy connections.*/
    else addrs=&_stream->addr_info;
    op_parsed_url_clear(&_stream->url);
    *&_stream->url=*&next_url;
    /*TODO: On servers/proxies that support pipelining, we might be able to
       re-use this connection.*/
    op_http_conn_close(_stream,_stream->conns+0,&_stream->lru_head,1);
  }
  /*Redirection limit reached.*/
  return OP_FALSE;
}

static int op_http_conn_send_request(OpusHTTPStream *_stream,
 OpusHTTPConn *_conn,opus_int64 _pos,opus_int32 _chunk_size,
 int _try_not_to_block){
  opus_int64 next_end;
  int        ret;
  /*We shouldn't have another request outstanding.*/
  OP_ASSERT(_conn->next_pos<0);
  /*Build the request to send.*/
  OP_ASSERT(_stream->request.nbuf>=_stream->request_tail);
  _stream->request.nbuf=_stream->request_tail;
  ret=op_sb_append_nonnegative_int64(&_stream->request,_pos);
  ret|=op_sb_append(&_stream->request,"-",1);
  if(_chunk_size>0&&OP_ADV_OFFSET(_pos,2*_chunk_size)<_stream->content_length){
    /*We shouldn't be pipelining requests with non-HTTP/1.1 servers.*/
    OP_ASSERT(_stream->pipeline);
    next_end=_pos+_chunk_size;
    ret|=op_sb_append_nonnegative_int64(&_stream->request,next_end-1);
    /*Use a larger chunk size for our next request.*/
    _chunk_size<<=1;
    /*But after a while, just request the rest of the resource.*/
    if(_chunk_size>OP_PIPELINE_CHUNK_SIZE_MAX)_chunk_size=-1;
  }
  else{
    /*Either this was a non-pipelined request or we were close enough to the
       end to just ask for the rest.*/
    next_end=-1;
    _chunk_size=-1;
  }
  ret|=op_sb_append(&_stream->request,"\r\n\r\n",4);
  if(OP_UNLIKELY(ret<0))return ret;
  /*If we don't want to block, check to see if there's enough space in the send
     queue.
    There's still a chance we might block, even if there is enough space, but
     it's a much slimmer one.
    Blocking at all is pretty unlikely, as we won't have any requests queued
     when _try_not_to_block is set, so if FIONSPACE isn't available (e.g., on
     Linux), just skip the test.*/
  if(_try_not_to_block){
# if defined(FIONSPACE)
    int available;
    ret=ioctl(_conn->fd,FIONSPACE,&available);
    if(ret<0||available<_stream->request.nbuf)return 1;
# endif
  }
  ret=op_http_conn_write_fully(_conn,
   _stream->request.buf,_stream->request.nbuf);
  if(OP_UNLIKELY(ret<0))return ret;
  _conn->next_pos=_pos;
  _conn->next_end=next_end;
  /*Save the chunk size to use for the next request.*/
  _conn->chunk_size=_chunk_size;
  _conn->nrequests_left--;
  return ret;
}

/*Handles the response to all requests after the first one.
  Return: 1 if the connection was closed or timed out, 0 on success, or a
           negative value on any other error.*/
static int op_http_conn_handle_response(OpusHTTPStream *_stream,
 OpusHTTPConn *_conn){
  char       *next;
  char       *status_code;
  opus_int64  range_length;
  opus_int64  next_pos;
  opus_int64  next_end;
  int         ret;
  ret=op_http_conn_read_response(_conn,&_stream->response);
  /*If the server just closed the connection on us, we may have just hit a
     connection re-use limit, so we might want to retry.*/
  if(OP_UNLIKELY(ret<0))return ret==OP_EREAD?1:ret;
  next=op_http_parse_status_line(NULL,&status_code,_stream->response.buf);
  if(OP_UNLIKELY(next==NULL))return OP_FALSE;
  /*We _need_ a 206 Partial Content response.
    Nothing else will do.*/
  if(strncmp(status_code,"206",3)!=0){
    /*But on a 408 Request Timeout, we might want to re-try.*/
    return strncmp(status_code,"408",3)==0?1:OP_FALSE;
  }
  next_pos=_conn->next_pos;
  next_end=_conn->next_end;
  range_length=-1;
  for(;;){
    char *header;
    char *cdr;
    ret=op_http_get_next_header(&header,&cdr,&next);
    if(OP_UNLIKELY(ret<0))return ret;
    if(header==NULL)break;
    if(strcmp(header,"content-range")==0){
      opus_int64 range_first;
      opus_int64 range_last;
      /*Two Content-Range headers?*/
      if(OP_UNLIKELY(range_length>=0))return OP_FALSE;
      ret=op_http_parse_content_range(&range_first,&range_last,
       &range_length,cdr);
      if(OP_UNLIKELY(ret<0))return ret;
      /*"A response with satus code 206 (Partial Content) MUST NOT
         include a Content-Range field with a byte-range-resp-spec of
         '*'."*/
      if(OP_UNLIKELY(range_first<0)||OP_UNLIKELY(range_last<0))return OP_FALSE;
      /*We also don't want range_last to overflow.*/
      if(OP_UNLIKELY(range_last>=OP_INT64_MAX))return OP_FALSE;
      range_last++;
      /*Quit if we didn't get the offset we asked for.*/
      if(range_first!=next_pos)return OP_FALSE;
      if(next_end<0){
        /*We asked for the rest of the resource.*/
        if(range_length>=0){
          /*Quit if we didn't get it.*/
          if(OP_UNLIKELY(range_last!=range_length))return OP_FALSE;
        }
        /*If there was no length, use the end of the range.*/
        else range_length=range_last;
        next_end=range_last;
      }
      else{
        if(range_last!=next_end)return OP_FALSE;
        /*If there was no length, use the larger of the content length or the
           end of this chunk.*/
        if(range_length<0){
          range_length=OP_MAX(range_last,_stream->content_length);
        }
      }
    }
    else if(strcmp(header,"content-length")==0){
      opus_int64 content_length;
      /*Validate the Content-Length header, if present, against the request we
         made.*/
      content_length=op_http_parse_content_length(cdr);
      if(OP_UNLIKELY(content_length<0))return (int)content_length;
      if(next_end<0){
        /*If we haven't seen the Content-Range header yet and we asked for the
            rest of the resource, set next_end, so we can make sure they match
            when we do find the Content-Range header.*/
        if(OP_UNLIKELY(next_pos>OP_INT64_MAX-content_length))return OP_FALSE;
        next_end=next_pos+content_length;
      }
      /*Otherwise, make sure they match now.*/
      else if(OP_UNLIKELY(next_end-next_pos!=content_length))return OP_FALSE;
    }
    else if(strcmp(header,"connection")==0){
      ret=op_http_parse_connection(cdr);
      if(OP_UNLIKELY(ret<0))return ret;
      /*If the server told us it was going to close the connection, don't make
         any more requests.*/
      if(OP_UNLIKELY(ret>0))_conn->nrequests_left=0;
    }
  }
  /*No Content-Range header.*/
  if(OP_UNLIKELY(range_length<0))return OP_FALSE;
  /*Update the content_length if necessary.*/
  _stream->content_length=range_length;
  _conn->pos=next_pos;
  _conn->end_pos=next_end;
  _conn->next_pos=-1;
  return 0;
}

/*Open a new connection that will start reading at byte offset _pos.
  _pos:        The byte offset to start reading from.
  _chunk_size: The number of bytes to ask for in the initial request, or -1 to
                request the rest of the resource.
               This may be more bytes than remain, in which case it will be
                converted into a request for the rest.*/
static int op_http_conn_open_pos(OpusHTTPStream *_stream,
 OpusHTTPConn *_conn,opus_int64 _pos,opus_int32 _chunk_size){
  struct timeb  start_time;
  struct timeb  end_time;
  opus_int32    connect_rate;
  opus_int32    connect_time;
  int           ret;
  ret=op_http_connect(_stream,_conn,&_stream->addr_info,&start_time);
  if(OP_UNLIKELY(ret<0))return ret;
  ret=op_http_conn_send_request(_stream,_conn,_pos,_chunk_size,0);
  if(OP_UNLIKELY(ret<0))return ret;
  ret=op_http_conn_handle_response(_stream,_conn);
  if(OP_UNLIKELY(ret!=0))return OP_FALSE;
  ftime(&end_time);
  _stream->cur_conni=_conn-_stream->conns;
  OP_ASSERT(_stream->cur_conni>=0&&_stream->cur_conni<OP_NCONNS_MAX);
  /*The connection has been successfully opened.
    Update the connection time estimate.*/
  connect_time=op_time_diff_ms(&end_time,&start_time);
  connect_rate=_stream->connect_rate;
  connect_rate+=OP_MAX(connect_time,1)-connect_rate+8>>4;
  _stream->connect_rate=connect_rate;
  return 0;
}

/*Read data from the current response body.
  If we're pipelining and we get close to the end of this response, queue
   another request.
  If we've reached the end of this response body, parse the next response and
   keep going.
  [out] _buf: Returns the data read.
  _buf_size:  The size of the buffer.
  Return: A positive number of bytes read on success.
          0:        The connection was closed.
          OP_EREAD: There was a fatal read error.*/
static int op_http_conn_read_body(OpusHTTPStream *_stream,
 OpusHTTPConn *_conn,unsigned char *_buf,int _buf_size){
  opus_int64 pos;
  opus_int64 end_pos;
  opus_int64 next_pos;
  opus_int64 content_length;
  int        nread;
  int        pipeline;
  int        ret;
  /*Currently this function can only be called on the LRU head.
    Otherwise, we'd need a _pnext pointer if we needed to close the connection,
     and re-opening it would re-organize the lists.*/
  OP_ASSERT(_stream->lru_head==_conn);
  /*We should have filterd out empty reads by this point.*/
  OP_ASSERT(_buf_size>0);
  pos=_conn->pos;
  end_pos=_conn->end_pos;
  next_pos=_conn->next_pos;
  pipeline=_stream->pipeline;
  content_length=_stream->content_length;
  if(end_pos>=0){
    /*Have we reached the end of the current response body?*/
    if(pos>=end_pos){
      OP_ASSERT(content_length>=0);
      /*If this was the end of the stream, we're done.
        Also return early if a non-blocking read was requested (regardless of
         whether we might be able to parse the next response without
         blocking).*/
      if(content_length<=end_pos)return 0;
      /*Otherwise, start on the next response.*/
      if(next_pos<0){
        /*We haven't issued another request yet.*/
        if(!pipeline||_conn->nrequests_left<=0){
          /*There are two ways to get here: either the server told us it was
             going to close the connection after the last request, or we
             thought we were reading the whole resource, but it grew while we
             were reading it.
            The only way the latter could have happened is if content_length
             changed while seeking.
            Open a new request to read the rest.*/
          OP_ASSERT(_stream->seekable);
          /*Try to open a new connection to read another chunk.*/
          op_http_conn_close(_stream,_conn,&_stream->lru_head,1);
          /*If we're not pipelining, we should be requesting the rest.*/
          OP_ASSERT(pipeline||_conn->chunk_size==-1);
          ret=op_http_conn_open_pos(_stream,_conn,end_pos,_conn->chunk_size);
          if(OP_UNLIKELY(ret<0))return OP_EREAD;
        }
        else{
          /*Issue the request now (better late than never).*/
          ret=op_http_conn_send_request(_stream,_conn,pos,_conn->chunk_size,0);
          if(OP_UNLIKELY(ret<0))return OP_EREAD;
          next_pos=_conn->next_pos;
          OP_ASSERT(next_pos>=0);
        }
      }
      if(next_pos>=0){
        /*We shouldn't be trying to read past the current request body if we're
           seeking somewhere else.*/
        OP_ASSERT(next_pos==end_pos);
        ret=op_http_conn_handle_response(_stream,_conn);
        if(OP_UNLIKELY(ret<0))return OP_EREAD;
        if(OP_UNLIKELY(ret>0)&&pipeline){
          opus_int64 next_end;
          next_end=_conn->next_end;
          /*Our request timed out or the server closed the connection.
            Try re-connecting.*/
          op_http_conn_close(_stream,_conn,&_stream->lru_head,1);
          /*Unless there's a bug, we should be able to convert
             (next_pos,next_end) into valid (_pos,_chunk_size) parameters.*/
          OP_ASSERT(next_end<0
           ||next_end-next_pos>=0&&next_end-next_pos<=OP_INT32_MAX);
          ret=op_http_conn_open_pos(_stream,_conn,next_pos,
           next_end<0?-1:(opus_int32)(next_end-next_pos));
          if(OP_UNLIKELY(ret<0))return OP_EREAD;
        }
        else if(OP_UNLIKELY(ret!=0))return OP_EREAD;
      }
      pos=_conn->pos;
      end_pos=_conn->end_pos;
      content_length=_stream->content_length;
    }
    OP_ASSERT(end_pos>pos);
    _buf_size=OP_MIN(_buf_size,end_pos-pos);
  }
  nread=op_http_conn_read(_conn,(char *)_buf,_buf_size,1);
  if(OP_UNLIKELY(nread<0))return nread;
  pos+=nread;
  _conn->pos=pos;
  OP_ASSERT(end_pos<0||content_length>=0);
  /*TODO: If nrequests_left<=0, we can't make a new request, and there will be
     a big pause after we hit the end of the chunk while we open a new
     connection.
    It would be nice to be able to start that process now, but we have no way
     to do it in the background without blocking (even if we could start it, we
     have no guarantee the application will return control to us in a
     sufficiently timely manner to allow us to complete it, and this is
     uncommon enough that it's not worth using threads just for this).*/
  if(end_pos>=0&&end_pos<content_length&&next_pos<0
   &&pipeline&&OP_LIKELY(_conn->nrequests_left>0)){
    opus_int64 request_thresh;
    opus_int32 chunk_size;
    /*Are we getting close to the end of the current response body?
      If so, we should request more data.*/
    request_thresh=_stream->connect_rate*_conn->read_rate>>12;
    /*But don't commit ourselves too quickly.*/
    chunk_size=_conn->chunk_size;
    if(chunk_size>=0)request_thresh=OP_MIN(chunk_size>>2,request_thresh);
    if(end_pos-pos<request_thresh){
      ret=op_http_conn_send_request(_stream,_conn,end_pos,_conn->chunk_size,1);
      if(OP_UNLIKELY(ret<0))return OP_EREAD;
    }
  }
  return nread;
}

static int op_http_stream_read(void *_stream,
 unsigned char *_ptr,int _buf_size){
  OpusHTTPStream *stream;
  ptrdiff_t       nread;
  opus_int64      size;
  opus_int64      pos;
  int             ci;
  stream=(OpusHTTPStream *)_stream;
  /*Check for an empty read.*/
  if(_buf_size<=0)return 0;
  ci=stream->cur_conni;
  /*No current connection => EOF.*/
  if(ci<0)return 0;
  pos=stream->conns[ci].pos;
  size=stream->content_length;
  /*Check for EOF.*/
  if(size>=0){
    if(pos>=size)return 0;
    /*Check for a short read.*/
    if(_buf_size>size-pos)_buf_size=(int)(size-pos);
  }
  nread=op_http_conn_read_body(stream,stream->conns+ci,_ptr,_buf_size);
  if(OP_UNLIKELY(nread<=0)){
    /*We hit an error or EOF.
      Either way, we're done with this connection.*/
    op_http_conn_close(stream,stream->conns+ci,&stream->lru_head,1);
    stream->cur_conni=-1;
    stream->pos=pos;
  }
  return nread;
}

/*Discard data until we reach the _target position.
  This destroys the contents of _stream->response.buf, as we need somewhere to
   read this data, and that is a convenient place.
  _just_read_ahead: Whether or not this is a plain fast-forward.
                    If 0, we need to issue a new request for a chunk at _target
                     and discard all the data from our current request(s).
                    Otherwise, we should be able to reach _target without
                     issuing any new requests.
  _target:          The stream position to which to read ahead.*/
static int op_http_conn_read_ahead(OpusHTTPStream *_stream,
 OpusHTTPConn *_conn,int _just_read_ahead,opus_int64 _target){
  opus_int64 pos;
  opus_int64 end_pos;
  opus_int64 next_pos;
  opus_int64 next_end;
  ptrdiff_t  nread;
  int        ret;
  pos=_conn->pos;
  end_pos=_conn->end_pos;
  next_pos=_conn->next_pos;
  next_end=_conn->next_end;
  if(!_just_read_ahead){
    /*We need to issue a new pipelined request.
      This is the only case where we allow more than one outstanding request
       at a time, so we need to reset next_pos (we'll restore it below if we
       did have an outstanding request).*/
    OP_ASSERT(_stream->pipeline);
    _conn->next_pos=-1;
    ret=op_http_conn_send_request(_stream,_conn,_target,
     OP_PIPELINE_CHUNK_SIZE,0);
    if(OP_UNLIKELY(ret<0))return ret;
  }
  /*We can reach the target position by reading forward in the current chunk.*/
  if(_just_read_ahead&&(end_pos<0||_target<end_pos))end_pos=_target;
  else if(next_pos>=0){
    opus_int64 next_next_pos;
    opus_int64 next_next_end;
    /*We already have a request outstanding.
      Finish off the current chunk.*/
    while(pos<end_pos){
      nread=op_http_conn_read(_conn,_stream->response.buf,
       (int)OP_MIN(end_pos-pos,_stream->response.cbuf),1);
      /*We failed to read ahead.*/
      if(nread<=0)return OP_FALSE;
      pos+=nread;
    }
    OP_ASSERT(pos==end_pos);
    if(_just_read_ahead){
      next_next_pos=next_next_end=-1;
      end_pos=_target;
    }
    else{
      OP_ASSERT(_conn->next_pos==_target);
      next_next_pos=_target;
      next_next_end=_conn->next_end;
      _conn->next_pos=next_pos;
      _conn->next_end=next_end;
      end_pos=next_end;
    }
    ret=op_http_conn_handle_response(_stream,_conn);
    if(OP_UNLIKELY(ret!=0))return OP_FALSE;
    _conn->next_pos=next_next_pos;
    _conn->next_end=next_next_end;
  }
  while(pos<end_pos){
    nread=op_http_conn_read(_conn,_stream->response.buf,
     (int)OP_MIN(end_pos-pos,_stream->response.cbuf),1);
    /*We failed to read ahead.*/
    if(nread<=0)return OP_FALSE;
    pos+=nread;
  }
  OP_ASSERT(pos==end_pos);
  if(!_just_read_ahead){
    ret=op_http_conn_handle_response(_stream,_conn);
    if(OP_UNLIKELY(ret!=0))return OP_FALSE;
  }
  else _conn->pos=end_pos;
  OP_ASSERT(_conn->pos==_target);
  return 0;
}

static int op_http_stream_seek(void *_stream,opus_int64 _offset,int _whence){
  struct timeb     seek_time;
  OpusHTTPStream  *stream;
  OpusHTTPConn    *conn;
  OpusHTTPConn   **pnext;
  OpusHTTPConn    *close_conn;
  OpusHTTPConn   **close_pnext;
  opus_int64       content_length;
  opus_int64       pos;
  int              pipeline;
  int              ci;
  int              ret;
  stream=(OpusHTTPStream *)_stream;
  if(!stream->seekable)return -1;
  content_length=stream->content_length;
  /*If we're seekable, we should have gotten a Content-Length.*/
  OP_ASSERT(content_length>=0);
  ci=stream->cur_conni;
  pos=ci<0?content_length:stream->conns[ci].pos;
  switch(_whence){
    case SEEK_SET:{
      /*Check for overflow:*/
      if(_offset<0)return -1;
      pos=_offset;
    }break;
    case SEEK_CUR:{
      /*Check for overflow:*/
      if(_offset<-pos||_offset>OP_INT64_MAX-pos)return -1;
      pos+=_offset;
    }break;
    case SEEK_END:{
      /*Check for overflow:*/
      if(_offset>content_length||_offset<content_length-OP_INT64_MAX)return -1;
      pos=content_length-_offset;
    }break;
    default:return -1;
  }
  /*Mark when we deactivated the active connection.*/
  if(ci>=0){
    op_http_conn_read_rate_update(stream->conns+ci);
    *&seek_time=*&stream->conns[ci].read_time;
  }
  else ftime(&seek_time);
  /*If we seeked past the end of the stream, just disable the active
     connection.*/
  if(pos>=content_length){
    stream->cur_conni=-1;
    stream->pos=pos;
    return 0;
  }
  /*First try to find a connection we can use without waiting.*/
  pnext=&stream->lru_head;
  conn=stream->lru_head;
  while(conn!=NULL){
    opus_int64 conn_pos;
    opus_int64 end_pos;
    int        available;
    /*If this connection has been dormant too long or has made too many
       requests, close it.
      This is to prevent us from hitting server limits/firewall timeouts.*/
    if(op_time_diff_ms(&seek_time,&conn->read_time)>
     OP_CONNECTION_IDLE_TIMEOUT_MS
     ||conn->nrequests_left<OP_PIPELINE_MIN_REQUESTS){
      op_http_conn_close(stream,conn,pnext,1);
      conn=*pnext;
      continue;
    }
    available=op_http_conn_estimate_available(conn);
    conn_pos=conn->pos;
    end_pos=conn->end_pos;
    if(conn->next_pos>=0){
      OP_ASSERT(end_pos>=0);
      OP_ASSERT(conn->next_pos==end_pos);
      end_pos=conn->next_end;
    }
    OP_ASSERT(end_pos<0||conn_pos<=end_pos);
    /*Can we quickly read ahead without issuing a new request or waiting for
       any more data?
      If we have an oustanding request, we'll over-estimate the amount of data
       it has available (because we'll count the response headers, too), but
       that probably doesn't matter.*/
    if(conn_pos<=pos&&pos-conn_pos<=available&&(end_pos<0||pos<end_pos)){
      /*Found a suitable connection to re-use.*/
      ret=op_http_conn_read_ahead(stream,conn,1,pos);
      if(OP_UNLIKELY(ret<0)){
        /*The connection might have become stale, so close it and keep going.*/
        op_http_conn_close(stream,conn,pnext,1);
        conn=*pnext;
        continue;
      }
      /*Sucessfully resurrected this connection.*/
      *pnext=conn->next;
      conn->next=stream->lru_head;
      stream->lru_head=conn;
      stream->cur_conni=conn-stream->conns;
      return 0;
    }
    pnext=&conn->next;
    conn=conn->next;
  }
  /*Chances are that didn't work, so now try to find one we can use by reading
     ahead a reasonable amount and/or by issuing a new request.*/
  close_pnext=NULL;
  close_conn=NULL;
  pnext=&stream->lru_head;
  conn=stream->lru_head;
  pipeline=stream->pipeline;
  while(conn!=NULL){
    opus_int64 conn_pos;
    opus_int64 end_pos;
    opus_int64 read_ahead_thresh;
    int        available;
    int        just_read_ahead;
    /*Dividing by 2048 instead of 1000 scales this by nearly 1/2, biasing away
       from connection re-use (and roughly compensating for the lag required to
       reopen the TCP window of a connection that's been idle).
      There's no overflow checking here, because it's vanishingly unlikely, and
       all it would do is cause us to make poor decisions.*/
    read_ahead_thresh=OP_MAX(OP_READAHEAD_THRESH_MIN,
     stream->connect_rate*conn->read_rate>>11);
    available=op_http_conn_estimate_available(conn);
    conn_pos=conn->pos;
    end_pos=conn->end_pos;
    if(conn->next_pos>=0){
      OP_ASSERT(end_pos>=0);
      OP_ASSERT(conn->next_pos==end_pos);
      end_pos=conn->next_end;
    }
    OP_ASSERT(end_pos<0||conn_pos<=end_pos);
    /*Can we quickly read ahead without issuing a new request?*/
    just_read_ahead=conn_pos<=pos&&pos-conn_pos-available<=read_ahead_thresh
     &&(end_pos<0||pos<end_pos);
    if(just_read_ahead||pipeline&&end_pos>=0
     &&end_pos-conn_pos-available<=read_ahead_thresh){
      /*Found a suitable connection to re-use.*/
      ret=op_http_conn_read_ahead(stream,conn,just_read_ahead,pos);
      if(OP_UNLIKELY(ret<0)){
        /*The connection might have become stale, so close it and keep going.*/
        op_http_conn_close(stream,conn,pnext,1);
        conn=*pnext;
        continue;
      }
      /*Sucessfully resurrected this connection.*/
      *pnext=conn->next;
      conn->next=stream->lru_head;
      stream->lru_head=conn;
      stream->cur_conni=conn-stream->conns;
      return 0;
    }
    close_pnext=pnext;
    close_conn=conn;
    pnext=&conn->next;
    conn=conn->next;
  }
  /*No suitable connections.
    Open a new one.*/
  if(stream->free_head==NULL){
    /*All connections in use.
      Expire one of them (we should have already picked which one when scanning
       the list).*/
    OP_ASSERT(close_conn!=NULL);
    OP_ASSERT(close_pnext!=NULL);
    op_http_conn_close(stream,close_conn,close_pnext,1);
  }
  OP_ASSERT(stream->free_head!=NULL);
  conn=stream->free_head;
  /*If we can pipeline, only request a chunk of data.
    If we're seeking now, there's a good chance we will want to seek again
     soon, and this avoids committing this connection to reading the rest of
     the stream.
    Particularly with SSL or proxies, issuing a new request on the same
     connection can be substantially faster than opening a new one.
    This also limits the amount of data the server will blast at us on this
     connection if we later seek elsewhere and start reading from a different
     connection.*/
  ret=op_http_conn_open_pos(stream,conn,pos,
   pipeline?OP_PIPELINE_CHUNK_SIZE:-1);
  if(OP_UNLIKELY(ret<0)){
    op_http_conn_close(stream,conn,&stream->lru_head,1);
    return -1;
  }
  return 0;
}

static opus_int64 op_http_stream_tell(void *_stream){
  OpusHTTPStream *stream;
  int             ci;
  stream=(OpusHTTPStream *)_stream;
  ci=stream->cur_conni;
  return ci<0?stream->pos:stream->conns[ci].pos;
}

static int op_http_stream_close(void *_stream){
  OpusHTTPStream *stream;
  stream=(OpusHTTPStream *)_stream;
  if(OP_LIKELY(stream!=NULL)){
    op_http_stream_clear(stream);
    _ogg_free(stream);
  }
  return 0;
}

static const OpusFileCallbacks OP_HTTP_CALLBACKS={
  op_http_stream_read,
  op_http_stream_seek,
  op_http_stream_tell,
  op_http_stream_close
};
#endif

void opus_server_info_init(OpusServerInfo *_info){
  _info->name=NULL;
  _info->description=NULL;
  _info->genre=NULL;
  _info->url=NULL;
  _info->server=NULL;
  _info->content_type=NULL;
  _info->bitrate_kbps=-1;
  _info->is_public=-1;
  _info->is_ssl=0;
}

void opus_server_info_clear(OpusServerInfo *_info){
  _ogg_free(_info->content_type);
  _ogg_free(_info->server);
  _ogg_free(_info->url);
  _ogg_free(_info->genre);
  _ogg_free(_info->description);
  _ogg_free(_info->name);
}

/*The actual URL stream creation function.
  This one isn't extensible like the application-level interface, but because
   it isn't public, we're free to change it in the future.*/
static void *op_url_stream_create_impl(OpusFileCallbacks *_cb,const char *_url,
 int _skip_certificate_check,const char *_proxy_host,unsigned _proxy_port,
 const char *_proxy_user,const char *_proxy_pass,OpusServerInfo *_info){
  const char *path;
  /*Check to see if this is a valid file: URL.*/
  path=op_parse_file_url(_url);
  if(path!=NULL){
    char *unescaped_path;
    void *ret;
    unescaped_path=op_string_dup(path);
    if(OP_UNLIKELY(unescaped_path==NULL))return NULL;
    ret=op_fopen(_cb,op_unescape_url_component(unescaped_path),"rb");
    _ogg_free(unescaped_path);
    return ret;
  }
#if defined(OP_ENABLE_HTTP)
  /*If not, try http/https.*/
  else{
    OpusHTTPStream *stream;
    int             ret;
    stream=(OpusHTTPStream *)_ogg_malloc(sizeof(*stream));
    if(OP_UNLIKELY(stream==NULL))return NULL;
    op_http_stream_init(stream);
    ret=op_http_stream_open(stream,_url,_skip_certificate_check,
     _proxy_host,_proxy_port,_proxy_user,_proxy_pass,_info);
    if(OP_UNLIKELY(ret<0)){
      op_http_stream_clear(stream);
      _ogg_free(stream);
      return NULL;
    }
    *_cb=*&OP_HTTP_CALLBACKS;
    return stream;
  }
#else
  (void)_skip_certificate_check;
  (void)_proxy_host;
  (void)_proxy_port;
  (void)_proxy_user;
  (void)_proxy_pass;
  (void)_info;
  return NULL;
#endif
}

/*The actual implementation of op_url_stream_vcreate().
  We have to do a careful dance here to avoid potential memory leaks if
   OpusServerInfo is requested, since this function is also used by
   op_vopen_url() and op_vtest_url().
  Even if this function succeeds, those functions might ultimately fail.
  If they do, they should return without having touched the OpusServerInfo
   passed by the application.
  Therefore, if this function succeeds and OpusServerInfo is requested, the
   actual info will be stored in *_info and a pointer to the application's
   storage will be placed in *_pinfo.
  If this function fails or if the application did not request OpusServerInfo,
   *_pinfo will be NULL.
  Our caller is responsible for copying *_info to **_pinfo if it ultimately
   succeeds, or for clearing *_info if it ultimately fails.*/
void *op_url_stream_vcreate_impl(OpusFileCallbacks *_cb,
 const char *_url,OpusServerInfo *_info,OpusServerInfo **_pinfo,va_list _ap){
  int             skip_certificate_check;
  const char     *proxy_host;
  opus_int32      proxy_port;
  const char     *proxy_user;
  const char     *proxy_pass;
  OpusServerInfo *pinfo;
  skip_certificate_check=0;
  proxy_host=NULL;
  proxy_port=8080;
  proxy_user=NULL;
  proxy_pass=NULL;
  pinfo=NULL;
  for(;;){
    ptrdiff_t request;
    request=va_arg(_ap,char *)-(char *)NULL;
    /*If we hit NULL, we're done processing options.*/
    if(!request)break;
    switch(request){
      case OP_SSL_SKIP_CERTIFICATE_CHECK_REQUEST:{
        skip_certificate_check=!!va_arg(_ap,opus_int32);
      }break;
      case OP_HTTP_PROXY_HOST_REQUEST:{
        proxy_host=va_arg(_ap,const char *);
      }break;
      case OP_HTTP_PROXY_PORT_REQUEST:{
        proxy_port=va_arg(_ap,opus_int32);
        if(proxy_port<0||proxy_port>(opus_int32)65535)return NULL;
      }break;
      case OP_HTTP_PROXY_USER_REQUEST:{
        proxy_user=va_arg(_ap,const char *);
      }break;
      case OP_HTTP_PROXY_PASS_REQUEST:{
        proxy_pass=va_arg(_ap,const char *);
      }break;
      case OP_GET_SERVER_INFO_REQUEST:{
        pinfo=va_arg(_ap,OpusServerInfo *);
      }break;
      /*Some unknown option.*/
      default:return NULL;
    }
  }
  /*If the caller has requested server information, proxy it to a local copy to
     simplify error handling.*/
  *_pinfo=NULL;
  if(pinfo!=NULL){
    void *ret;
    opus_server_info_init(_info);
    ret=op_url_stream_create_impl(_cb,_url,skip_certificate_check,
     proxy_host,proxy_port,proxy_user,proxy_pass,_info);
    if(ret!=NULL)*_pinfo=pinfo;
    else opus_server_info_clear(_info);
    return ret;
  }
  return op_url_stream_create_impl(_cb,_url,skip_certificate_check,
   proxy_host,proxy_port,proxy_user,proxy_pass,NULL);
}

void *op_url_stream_vcreate(OpusFileCallbacks *_cb,
 const char *_url,va_list _ap){
  OpusServerInfo   info;
  OpusServerInfo *pinfo;
  void *ret;
  ret=op_url_stream_vcreate_impl(_cb,_url,&info,&pinfo,_ap);
  if(pinfo!=NULL)*pinfo=*&info;
  return ret;
}

void *op_url_stream_create(OpusFileCallbacks *_cb,
 const char *_url,...){
  va_list  ap;
  void    *ret;
  va_start(ap,_url);
  ret=op_url_stream_vcreate(_cb,_url,ap);
  va_end(ap);
  return ret;
}

/*Convenience routines to open/test URLs in a single step.*/

OggOpusFile *op_vopen_url(const char *_url,int *_error,va_list _ap){
  OpusFileCallbacks  cb;
  OggOpusFile       *of;
  OpusServerInfo     info;
  OpusServerInfo    *pinfo;
  void              *source;
  source=op_url_stream_vcreate_impl(&cb,_url,&info,&pinfo,_ap);
  if(OP_UNLIKELY(source==NULL)){
    OP_ASSERT(pinfo==NULL);
    if(_error!=NULL)*_error=OP_EFAULT;
    return NULL;
  }
  of=op_open_callbacks(source,&cb,NULL,0,_error);
  if(OP_UNLIKELY(of==NULL)){
    if(pinfo!=NULL)opus_server_info_clear(&info);
    (*cb.close)(source);
  }
  else if(pinfo!=NULL)*pinfo=*&info;
  return of;
}

OggOpusFile *op_open_url(const char *_url,int *_error,...){
  OggOpusFile *ret;
  va_list      ap;
  va_start(ap,_error);
  ret=op_vopen_url(_url,_error,ap);
  va_end(ap);
  return ret;
}

OggOpusFile *op_vtest_url(const char *_url,int *_error,va_list _ap){
  OpusFileCallbacks  cb;
  OggOpusFile       *of;
  OpusServerInfo     info;
  OpusServerInfo    *pinfo;
  void              *source;
  source=op_url_stream_vcreate_impl(&cb,_url,&info,&pinfo,_ap);
  if(OP_UNLIKELY(source==NULL)){
    OP_ASSERT(pinfo==NULL);
    if(_error!=NULL)*_error=OP_EFAULT;
    return NULL;
  }
  of=op_test_callbacks(source,&cb,NULL,0,_error);
  if(OP_UNLIKELY(of==NULL)){
    if(pinfo!=NULL)opus_server_info_clear(&info);
    (*cb.close)(source);
  }
  else if(pinfo!=NULL)*pinfo=*&info;
  return of;
}

OggOpusFile *op_test_url(const char *_url,int *_error,...){
  OggOpusFile *ret;
  va_list      ap;
  va_start(ap,_error);
  ret=op_vtest_url(_url,_error,ap);
  va_end(ap);
  return ret;
}