Initial "opaque SSL" framework. If an application defines

 Changes between 1.0.1 and 1.1.0  [xx XXX xxxx]

  *) New option OPENSSL_NO_SSL_INTERN. If an application can be compiled

     with this defined it will not be affected by any changes to ssl internal

     structures. Add several utility functions to allow openssl application

     to work with OPENSSL_NO_SSL_INTERN defined.

     [Steve Henson]

  *) Minor change to DRBG entropy callback semantics. In some cases

     there is no mutiple of the block length between min_len and

     max_len. Allow the callback to return more than max_len bytes

double app_tminterval (int stop,int usertime);

#endif

#define OPENSSL_NO_SSL_INTERN

#ifndef OPENSSL_NO_NEXTPROTONEG

unsigned char *next_protos_parse(unsigned short *outlen, const char *in);

#endif

			if (Verbose)

				{

				unsigned long id = c->id;

				unsigned long id = SSL_CIPHER_get_id(c);

				int id0 = (int)(id >> 24);

				int id1 = (int)((id >> 16) & 0xffL);

				int id2 = (int)((id >> 8) & 0xffL);

			}

		}

#endif                                              

	if (c_Pause & 0x01) con->debug=1;

	if (c_Pause & 0x01) SSL_set_debug(con, 1);

	if ( SSL_version(con) == DTLS1_VERSION)

		{

	if (c_debug)

		{

		con->debug=1;

		SSL_set_debug(con, 1);

		BIO_set_callback(sbio,bio_dump_callback);

		BIO_set_callback_arg(sbio,(char *)bio_c_out);

		}

			BIO_number_read(SSL_get_rbio(s)),

			BIO_number_written(SSL_get_wbio(s)));

		}

	BIO_printf(bio,((s->hit)?"---\nReused, ":"---\nNew, "));

	BIO_printf(bio,(SSL_cache_hit(s)?"---\nReused, ":"---\nNew, "));

	c=SSL_get_current_cipher(s);

	BIO_printf(bio,"%s, Cipher is %s\n",

		SSL_CIPHER_get_version(c),

	if (s_debug)

		{

		con->debug=1;

		SSL_set_debug(con, 1);

		BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);

		BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);

		}

		BIO_printf(bio_s_out, "\n");

		}

#endif

	if (con->hit) BIO_printf(bio_s_out,"Reused session-id\n");

	if (SSL_cache_hit(con)) BIO_printf(bio_s_out,"Reused session-id\n");

	if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) &

		TLS1_FLAGS_TLS_PADDING_BUG)

		BIO_printf(bio_s_out,"Peer has incorrect TLSv1 block padding\n");

	if (s_debug)

		{

		con->debug=1;

		SSL_set_debug(con, 1);

		BIO_set_callback(SSL_get_rbio(con),bio_dump_callback);

		BIO_set_callback_arg(SSL_get_rbio(con),(char *)bio_s_out);

		}

				goto err;

				}

			/* EVIL HACK! */

			con->state = SSL_ST_ACCEPT;

			SSL_set_state(con, SSL_ST_ACCEPT);

			i=SSL_do_handshake(con);

			BIO_printf(bio_s_out, "SSL_do_handshake -> %d\n",i);

			if (i <= 0)

					}

				BIO_puts(io,"\n");

				}

			BIO_printf(io,((con->hit)

			BIO_printf(io,(SSL_cache_hit(con)

				?"---\nReused, "

				:"---\nNew, "));

			c=SSL_get_current_cipher(con);

typedef struct simple_ssl_session_st

	{

	unsigned char *id;

	int idlen;

	unsigned int idlen;

	unsigned char *der;

	int derlen;

	struct simple_ssl_session_st *next;

	sess = OPENSSL_malloc(sizeof(simple_ssl_session));

	sess->idlen = session->session_id_length;

	sess->idlen = SSL_SESSION_get_id_len(session);

	sess->derlen = i2d_SSL_SESSION(session, NULL);

	sess->id = BUF_memdup(session->session_id, sess->idlen);

	sess->id = BUF_memdup(SSL_SESSION_get0_id(session), sess->idlen);

	sess->der = OPENSSL_malloc(sess->derlen);

	p = sess->der;

	*do_copy = 0;

	for (sess = first; sess; sess = sess->next)

		{

		if (idlen == sess->idlen && !memcmp(sess->id, id, idlen))

		if (idlen == (int)sess->idlen && !memcmp(sess->id, id, idlen))

			{

			const unsigned char *p = sess->der;

			BIO_printf(bio_err, "Lookup session: cache hit\n");

static void del_session(SSL_CTX *sctx, SSL_SESSION *session)

	{

	simple_ssl_session *sess, *prev = NULL;

	unsigned char *id = session->session_id;

	int idlen = session->session_id_length;

	const unsigned char *id = SSL_SESSION_get0_id(session);

	unsigned int idlen = SSL_SESSION_get_id_len(session);

	for (sess = first; sess; sess = sess->next)

		{

		if (idlen == sess->idlen && !memcmp(sess->id, id, idlen))