New ctrl values to clear or retrieve extra chain certs from an SSL_CTX.

	sess = OPENSSL_malloc(sizeof(simple_ssl_session));

	sess->idlen = SSL_SESSION_get_id_len(session);

	SSL_SESSION_get_id(session, &sess->idlen);

	sess->derlen = i2d_SSL_SESSION(session, NULL);

	sess->id = BUF_memdup(SSL_SESSION_get0_id(session), sess->idlen);

	sess->id = BUF_memdup(SSL_SESSION_get_id(session, NULL), sess->idlen);

	sess->der = OPENSSL_malloc(sess->derlen);

	p = sess->der;

static void del_session(SSL_CTX *sctx, SSL_SESSION *session)

	{

	simple_ssl_session *sess, *prev = NULL;

	const unsigned char *id = SSL_SESSION_get0_id(session);

	unsigned int idlen = SSL_SESSION_get_id_len(session);

	const unsigned char *id;

	unsigned int idlen;

	id = SSL_SESSION_get_id(session, &idlen);	

	for (sess = first; sess; sess = sess->next)

		{

		if (idlen == sess->idlen && !memcmp(sess->id, id, idlen))

		sk_X509_push(ctx->extra_certs,(X509 *)parg);

		break;

	case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:

		*(STACK_OF(X509) **)parg =  ctx->extra_certs;

		break;

	case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:

		if (ctx->extra_certs)

			{

			sk_X509_pop_free(ctx->extra_certs, X509_free);

			ctx->extra_certs = NULL;

			}

		break;

	default:

		return(0);

		}

#define SSL_CTRL_CLEAR_MODE			78

#define SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB	79

#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS		82

#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS	83

#define DTLSv1_get_timeout(ssl, arg) \

	SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)

#define DTLSv1_handle_timeout(ssl) \

#define SSL_CTX_add_extra_chain_cert(ctx,x509) \

	SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)

#define SSL_CTX_get_extra_chain_cert(ctx,px509) \

	SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERT,0,px509)

#define SSL_CTX_clear_extra_chain_cert(ctx) \

	SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERT,0,NULL)

#ifndef OPENSSL_NO_BIO

BIO_METHOD *BIO_f_ssl(void);

long	SSL_SESSION_get_timeout(const SSL_SESSION *s);

long	SSL_SESSION_set_timeout(SSL_SESSION *s, long t);

void	SSL_copy_session_id(SSL *to,const SSL *from);

unsigned int SSL_SESSION_get_id_len(SSL_SESSION *s);

const unsigned char *SSL_SESSION_get0_id(SSL_SESSION *s);

X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);

int SSL_SESSION_set1_id_context(SSL_SESSION *s,const unsigned char *sid_ctx,

			       unsigned int sid_ctx_len);

SSL_SESSION *SSL_SESSION_new(void);

const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,

					unsigned int *len);

unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s);

#ifndef OPENSSL_NO_FP_API

int	SSL_SESSION_print_fp(FILE *fp,const SSL_SESSION *ses);

#endif

	return s->session_id;

	}

unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s)

	{

	return s->compress_meth;

	}

/* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1

 * has 32 bytes (256 bits). As such, filling the ID with random gunk repeatedly

 * until we have no conflict is going to complete in one iteration pretty much

	return(t);

	}

unsigned int SSL_SESSION_get_id_len(SSL_SESSION *s)

	{

	return s->session_id_length;

	}

const unsigned char *SSL_SESSION_get0_id(SSL_SESSION *s)

	{

	return s->session_id;

	}

X509 *SSL_SESSION_get0_peer(SSL_SESSION *s)

	{

	return s->peer;