void (*info_callback)(const SSL *ssl,int type,int val); /* optional informational callback */	int error;		/* error bytes to be written */	int error_code;		/* actual code */#ifndef OPENSSL_NO_KRB5	KSSL_CTX *kssl_ctx;     /* Kerberos 5 context */#endif	/* OPENSSL_NO_KRB5 */	SSL_CTX *ctx;	/* set this flag to 1 and a sleep(1) is put into all SSL_read()	 * and SSL_write() calls, good for nbio debuging :-) */	int debug;		/* extra application data */	long verify_result;	CRYPTO_EX_DATA ex_data;	/* for server side, keep the list of CA_dn we can use */	STACK_OF(X509_NAME) *client_CA;	int references;	unsigned long options; /* protocol behaviour */	unsigned long mode; /* API behaviour */	long max_cert_list;	int first_packet;	int client_version;	/* what was passed, used for				 * SSLv3/TLS rollback check */#ifndef OPENSSL_NO_TLSEXT	/* TLS extension debug callback */	void (*tlsext_debug_cb)(SSL *s, int client_server, int type,					unsigned char *data, int len,					void *arg);	void *tlsext_debug_arg;	char *tlsext_hostname;	int servername_done;   /* no further mod of servername 	                          0 : call the servername extension callback.	                          1 : prepare 2, allow last ack just after in server callback.	                          2 : don't call servername callback, no ack in server hello	                       */	/* certificate status request info */	/* Status type or -1 if no status type */	int tlsext_status_type;	/* Expect OCSP CertificateStatus message */	int tlsext_status_expected;	/* OCSP status request only */	STACK_OF(OCSP_RESPID) *tlsext_ocsp_ids;	X509_EXTENSIONS *tlsext_ocsp_exts;	/* OCSP response received or to be sent */	unsigned char *tlsext_ocsp_resp;	int tlsext_ocsp_resplen;	/* RFC4507 session ticket expected to be received or sent */	int tlsext_ticket_expected;	SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */#define session_ctx initial_ctx#else#define session_ctx ctx#endif	};#ifdef __cplusplus}#endif#include <openssl/ssl2.h>#include <openssl/ssl3.h>#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */#include <openssl/dtls1.h> /* Datagram TLS */#include <openssl/ssl23.h>#ifdef  __cplusplusextern "C" {#endif/* compatibility */#define SSL_set_app_data(s,arg)		(SSL_set_ex_data(s,0,(char *)arg))#define SSL_get_app_data(s)		(SSL_get_ex_data(s,0))#define SSL_SESSION_set_app_data(s,a)	(SSL_SESSION_set_ex_data(s,0,(char *)a))#define SSL_SESSION_get_app_data(s)	(SSL_SESSION_get_ex_data(s,0))#define SSL_CTX_get_app_data(ctx)	(SSL_CTX_get_ex_data(ctx,0))#define SSL_CTX_set_app_data(ctx,arg)	(SSL_CTX_set_ex_data(ctx,0,(char *)arg))/* The following are the possible values for ssl->state are are * used to indicate where we are up to in the SSL connection establishment. * The macros that follow are about the only things you should need to use * and even then, only when using non-blocking IO. * It can also be useful to work out where you were when the connection * failed */#define SSL_ST_CONNECT			0x1000#define SSL_ST_ACCEPT			0x2000#define SSL_ST_MASK			0x0FFF#define SSL_ST_INIT			(SSL_ST_CONNECT|SSL_ST_ACCEPT)#define SSL_ST_BEFORE			0x4000#define SSL_ST_OK			0x03#define SSL_ST_RENEGOTIATE		(0x04|SSL_ST_INIT)#define SSL_CB_LOOP			0x01#define SSL_CB_EXIT			0x02#define SSL_CB_READ			0x04#define SSL_CB_WRITE			0x08#define SSL_CB_ALERT			0x4000 /* used in callback */#define SSL_CB_READ_ALERT		(SSL_CB_ALERT|SSL_CB_READ)#define SSL_CB_WRITE_ALERT		(SSL_CB_ALERT|SSL_CB_WRITE)#define SSL_CB_ACCEPT_LOOP		(SSL_ST_ACCEPT|SSL_CB_LOOP)#define SSL_CB_ACCEPT_EXIT		(SSL_ST_ACCEPT|SSL_CB_EXIT)#define SSL_CB_CONNECT_LOOP		(SSL_ST_CONNECT|SSL_CB_LOOP)#define SSL_CB_CONNECT_EXIT		(SSL_ST_CONNECT|SSL_CB_EXIT)#define SSL_CB_HANDSHAKE_START		0x10#define SSL_CB_HANDSHAKE_DONE		0x20/* Is the SSL_connection established? */#define SSL_get_state(a)		SSL_state(a)#define SSL_is_init_finished(a)		(SSL_state(a) == SSL_ST_OK)#define SSL_in_init(a)			(SSL_state(a)&SSL_ST_INIT)#define SSL_in_before(a)		(SSL_state(a)&SSL_ST_BEFORE)#define SSL_in_connect_init(a)		(SSL_state(a)&SSL_ST_CONNECT)#define SSL_in_accept_init(a)		(SSL_state(a)&SSL_ST_ACCEPT)/* The following 2 states are kept in ssl->rstate when reads fail, * you should not need these */#define SSL_ST_READ_HEADER			0xF0#define SSL_ST_READ_BODY			0xF1#define SSL_ST_READ_DONE			0xF2/* Obtain latest Finished message *   -- that we sent (SSL_get_finished) *   -- that we expected from peer (SSL_get_peer_finished). * Returns length (0 == no Finished so far), copies up to 'count' bytes. */size_t SSL_get_finished(const SSL *s, void *buf, size_t count);size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options * are 'ored' with SSL_VERIFY_PEER if they are desired */#define SSL_VERIFY_NONE			0x00#define SSL_VERIFY_PEER			0x01#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT	0x02#define SSL_VERIFY_CLIENT_ONCE		0x04#define OpenSSL_add_ssl_algorithms()	SSL_library_init()#define SSLeay_add_ssl_algorithms()	SSL_library_init()/* this is for backward compatibility */#if 0 /* NEW_SSLEAY */#define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c)#define SSL_set_pref_cipher(c,n)	SSL_set_cipher_list(c,n)#define SSL_add_session(a,b)            SSL_CTX_add_session((a),(b))#define SSL_remove_session(a,b)		SSL_CTX_remove_session((a),(b))#define SSL_flush_sessions(a,b)		SSL_CTX_flush_sessions((a),(b))#endif/* More backward compatibility */#define SSL_get_cipher(s) \		SSL_CIPHER_get_name(SSL_get_current_cipher(s))#define SSL_get_cipher_bits(s,np) \		SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)#define SSL_get_cipher_version(s) \		SSL_CIPHER_get_version(SSL_get_current_cipher(s))#define SSL_get_cipher_name(s) \		SSL_CIPHER_get_name(SSL_get_current_cipher(s))#define SSL_get_time(a)		SSL_SESSION_get_time(a)#define SSL_set_time(a,b)	SSL_SESSION_set_time((a),(b))#define SSL_get_timeout(a)	SSL_SESSION_get_timeout(a)#define SSL_set_timeout(a,b)	SSL_SESSION_set_timeout((a),(b))#if 1 /*SSLEAY_MACROS*/#define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \	(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) PEM_ASN1_read_bio_of(SSL_SESSION,d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,x,cb,u)#define PEM_write_SSL_SESSION(fp,x) \	PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \		PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL)#define PEM_write_bio_SSL_SESSION(bp,x) \	PEM_ASN1_write_bio_of(SSL_SESSION,i2d_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,x,NULL,NULL,0,NULL,NULL)#endif#define SSL_AD_REASON_OFFSET		1000/* These alert types are for SSLv3 and TLSv1 */#define SSL_AD_CLOSE_NOTIFY		SSL3_AD_CLOSE_NOTIFY#define SSL_AD_UNEXPECTED_MESSAGE	SSL3_AD_UNEXPECTED_MESSAGE /* fatal */#define SSL_AD_BAD_RECORD_MAC		SSL3_AD_BAD_RECORD_MAC     /* fatal */#define SSL_AD_DECRYPTION_FAILED	TLS1_AD_DECRYPTION_FAILED#define SSL_AD_RECORD_OVERFLOW		TLS1_AD_RECORD_OVERFLOW#define SSL_AD_DECOMPRESSION_FAILURE	SSL3_AD_DECOMPRESSION_FAILURE/* fatal */#define SSL_AD_HANDSHAKE_FAILURE	SSL3_AD_HANDSHAKE_FAILURE/* fatal */#define SSL_AD_NO_CERTIFICATE		SSL3_AD_NO_CERTIFICATE /* Not for TLS */#define SSL_AD_BAD_CERTIFICATE		SSL3_AD_BAD_CERTIFICATE#define SSL_AD_UNSUPPORTED_CERTIFICATE	SSL3_AD_UNSUPPORTED_CERTIFICATE#define SSL_AD_CERTIFICATE_REVOKED	SSL3_AD_CERTIFICATE_REVOKED#define SSL_AD_CERTIFICATE_EXPIRED	SSL3_AD_CERTIFICATE_EXPIRED#define SSL_AD_CERTIFICATE_UNKNOWN	SSL3_AD_CERTIFICATE_UNKNOWN#define SSL_AD_ILLEGAL_PARAMETER	SSL3_AD_ILLEGAL_PARAMETER   /* fatal */#define SSL_AD_UNKNOWN_CA		TLS1_AD_UNKNOWN_CA	/* fatal */#define SSL_AD_ACCESS_DENIED		TLS1_AD_ACCESS_DENIED	/* fatal */#define SSL_AD_DECODE_ERROR		TLS1_AD_DECODE_ERROR	/* fatal */#define SSL_AD_DECRYPT_ERROR		TLS1_AD_DECRYPT_ERROR#define SSL_AD_EXPORT_RESTRICTION	TLS1_AD_EXPORT_RESTRICTION/* fatal */#define SSL_AD_PROTOCOL_VERSION		TLS1_AD_PROTOCOL_VERSION /* fatal */#define SSL_AD_INSUFFICIENT_SECURITY	TLS1_AD_INSUFFICIENT_SECURITY/* fatal */#define SSL_AD_INTERNAL_ERROR		TLS1_AD_INTERNAL_ERROR	/* fatal */#define SSL_AD_USER_CANCELLED		TLS1_AD_USER_CANCELLED#define SSL_AD_NO_RENEGOTIATION		TLS1_AD_NO_RENEGOTIATION#define SSL_AD_UNSUPPORTED_EXTENSION	TLS1_AD_UNSUPPORTED_EXTENSION#define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE#define SSL_AD_UNRECOGNIZED_NAME	TLS1_AD_UNRECOGNIZED_NAME#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE#define SSL_ERROR_NONE			0#define SSL_ERROR_SSL			1#define SSL_ERROR_WANT_READ		2#define SSL_ERROR_WANT_WRITE		3#define SSL_ERROR_WANT_X509_LOOKUP	4#define SSL_ERROR_SYSCALL		5 /* look at error stack/return value/errno */#define SSL_ERROR_ZERO_RETURN		6#define SSL_ERROR_WANT_CONNECT		7#define SSL_ERROR_WANT_ACCEPT		8#define SSL_CTRL_NEED_TMP_RSA			1#define SSL_CTRL_SET_TMP_RSA			2#define SSL_CTRL_SET_TMP_DH			3#define SSL_CTRL_SET_TMP_ECDH			4#define SSL_CTRL_SET_TMP_RSA_CB			5#define SSL_CTRL_SET_TMP_DH_CB			6#define SSL_CTRL_SET_TMP_ECDH_CB		7#define SSL_CTRL_GET_SESSION_REUSED		8#define SSL_CTRL_GET_CLIENT_CERT_REQUEST	9#define SSL_CTRL_GET_NUM_RENEGOTIATIONS		10#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS	11#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS	12#define SSL_CTRL_GET_FLAGS			13#define SSL_CTRL_EXTRA_CHAIN_CERT		14#define SSL_CTRL_SET_MSG_CALLBACK               15#define SSL_CTRL_SET_MSG_CALLBACK_ARG           16/* only applies to datagram connections */#define SSL_CTRL_SET_MTU                17/* Stats */#define SSL_CTRL_SESS_NUMBER			20#define SSL_CTRL_SESS_CONNECT			21#define SSL_CTRL_SESS_CONNECT_GOOD		22#define SSL_CTRL_SESS_CONNECT_RENEGOTIATE	23#define SSL_CTRL_SESS_ACCEPT			24#define SSL_CTRL_SESS_ACCEPT_GOOD		25#define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE	26#define SSL_CTRL_SESS_HIT			27#define SSL_CTRL_SESS_CB_HIT			28#define SSL_CTRL_SESS_MISSES			29#define SSL_CTRL_SESS_TIMEOUTS			30#define SSL_CTRL_SESS_CACHE_FULL		31#define SSL_CTRL_OPTIONS			32#define SSL_CTRL_MODE				33#define SSL_CTRL_GET_READ_AHEAD			40#define SSL_CTRL_SET_READ_AHEAD			41#define SSL_CTRL_SET_SESS_CACHE_SIZE		42#define SSL_CTRL_GET_SESS_CACHE_SIZE		43#define SSL_CTRL_SET_SESS_CACHE_MODE		44#define SSL_CTRL_GET_SESS_CACHE_MODE		45#define SSL_CTRL_GET_MAX_CERT_LIST		50#define SSL_CTRL_SET_MAX_CERT_LIST		51/* see tls1.h for macros based on these */#ifndef OPENSSL_NO_TLSEXT#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB	53#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG	54#define SSL_CTRL_SET_TLSEXT_HOSTNAME		55#define SSL_CTRL_SET_TLSEXT_DEBUG_CB		56#define SSL_CTRL_SET_TLSEXT_DEBUG_ARG		57#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS		58#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS		59#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB	63#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG	64#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE	65#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS	66#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS	67#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS	68#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS	69#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP	70#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP	71#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB	72#endif#define SSL_session_reused(ssl) \	SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)#define SSL_num_renegotiations(ssl) \	SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)#define SSL_clear_num_renegotiations(ssl) \	SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)#define SSL_total_renegotiations(ssl) \	SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)#define SSL_CTX_need_tmp_RSA(ctx) \	SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)#define SSL_CTX_set_tmp_rsa(ctx,rsa) \	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)#define SSL_CTX_set_tmp_dh(ctx,dh) \	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)#define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)#define SSL_need_tmp_RSA(ssl) \	SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)#define SSL_set_tmp_rsa(ssl,rsa) \	SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)#define SSL_set_tmp_dh(ssl,dh) \	SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)#define SSL_set_tmp_ecdh(ssl,ecdh) \	SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)#define SSL_CTX_add_extra_chain_cert(ctx,x509) \	SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)#ifndef OPENSSL_NO_BIOBIO_METHOD *BIO_f_ssl(void);BIO *BIO_new_ssl(SSL_CTX *ctx,int client);BIO *BIO_new_ssl_connect(SSL_CTX *ctx);BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);int BIO_ssl_copy_session_id(BIO *to,BIO *from);void BIO_ssl_shutdown(BIO *ssl_bio);