Fix security hole.

 Changes between 0.9.1c and 0.9.2

  *) Make SSL_get_peer_cert_chain() work in servers. Unfortunately, it still

     doesn't work when the session is reused. Coming soon!

     [Ben Laurie]

  *) Fix a security hole, that allows sessions to be reused in the wrong

     context thus bypassing client cert protection! All software that uses

     client certs and session caches in multiple contexts NEEDS PATCHING to

     allow session reuse! A fuller solution is in the works.

     [Ben Laurie, problem pointed out by Holger Reif, Bodo Moeller (and ???)]

  *) Some more source tree cleanups (removed obsolete files

     crypto/bf/asm/bf586.pl, test/test.txt and crypto/sha/asm/f.s; changed

     permission on "config" script to be executable) and a fix for the INSTALL

 OpenSSL 0.9.2 06-Mar-1999

 OpenSSL 0.9.2b 22 Mar 1999

 Copyright (c) 1998-1999 The OpenSSL Project

 Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

#ifndef NOPROTO

int do_accept(int acc_sock, int *sock, char **host);

int do_server(int port, int *ret, int (*cb) ());

int do_server(int port, int *ret, int (*cb) (), char *context);

#ifdef HEADER_X509_H

int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);

#else

#ifndef NOPROTO

static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int export,int keylength);

static int sv_body(char *hostname, int s);

static int www_body(char *hostname, int s);

static int sv_body(char *hostname, int s, char *context);

static int www_body(char *hostname, int s, char *context);

static void close_accept_socket(void );

static void sv_usage(void);

static int init_ssl_connection(SSL *s);

	BIO_printf(bio_err,"usage: s_server [args ...]\n");

	BIO_printf(bio_err,"\n");

	BIO_printf(bio_err," -accept arg   - port to accept on (default is %d)\n",PORT);

	BIO_printf(bio_err," -context arg  - set session ID context\n");

	BIO_printf(bio_err," -verify arg   - turn on peer certificate verification\n");

	BIO_printf(bio_err," -Verify arg   - turn on peer certificate verification, must have a cert.\n");

	BIO_printf(bio_err," -cert arg     - certificate file to use, PEM format assumed\n");

	{

	short port=PORT;

	char *CApath=NULL,*CAfile=NULL;

	char *context = NULL;

	int badop=0,bugs=0;

	int ret=1;

	int off=0;

			verify_depth=atoi(*(++argv));

			BIO_printf(bio_err,"verify depth is %d, must return a certificate\n",verify_depth);

			}

		else if	(strcmp(*argv,"-context") == 0)

			{

			if (--argc < 1) goto bad;

			context= *(++argv);

			}

		else if	(strcmp(*argv,"-cert") == 0)

			{

			if (--argc < 1) goto bad;

	BIO_printf(bio_s_out,"ACCEPT\n");

	if (www)

		do_server(port,&accept_socket,www_body);

		do_server(port,&accept_socket,www_body, context);

	else

		do_server(port,&accept_socket,sv_body);

		do_server(port,&accept_socket,sv_body, context);

	print_stats(bio_s_out,ctx);

	ret=0;

end:

		SSL_CTX_sess_get_cache_size(ssl_ctx));

	}

static int sv_body(hostname, s)

static int sv_body(hostname, s, context)

char *hostname;

int s;

char *context;

	{

	char *buf=NULL;

	fd_set readfds;

		}

#endif

	if (con == NULL)

	if (con == NULL) {

		con=(SSL *)SSL_new(ctx);

		if(context)

		      SSL_set_session_id_context(con, context, strlen(context));

	}

	SSL_clear(con);

	sbio=BIO_new_socket(s,BIO_NOCLOSE);

	}

#endif

static int www_body(hostname, s)

static int www_body(hostname, s, context)

char *hostname;

int s;

char *context;

	{

	char *buf=NULL;

	int ret=1;

	if (!BIO_set_write_buffer_size(io,bufsize)) goto err;

	if ((con=(SSL *)SSL_new(ctx)) == NULL) goto err;

	if(context) SSL_set_session_id_context(con, context, strlen(context));

	sbio=BIO_new_socket(s,BIO_NOCLOSE);

	if (s_nbio_test)