自学教程：C++ ERR_clear_error函数代码示例

TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_PROPS *props){    SSL_CTX *server_ctx;    long    off = 0;    int     verify_flags = SSL_VERIFY_NONE;    int     cachable;    int     scache_timeout;    int     ticketable = 0;    int     protomask;    TLS_APPL_STATE *app_ctx;    int     log_mask;    /*     * Convert user loglevel to internal logmask.     */    log_mask = tls_log_mask(props->log_param, props->log_level);    if (log_mask & TLS_LOG_VERBOSE)	msg_info("initializing the server-side TLS engine");    /*     * Load (mostly cipher related) TLS-library internal main.cf parameters.     */    tls_param_init();    /*     * Detect mismatch between compile-time headers and run-time library.     */    tls_check_version();    /*     * Initialize the OpenSSL library by the book! To start with, we must     * initialize the algorithms. We want cleartext error messages instead of     * just error codes, so we load the error_strings.     */    SSL_load_error_strings();    OpenSSL_add_ssl_algorithms();    /*     * First validate the protocols. If these are invalid, we can't continue.     */    protomask = tls_protocol_mask(props->protocols);    if (protomask == TLS_PROTOCOL_INVALID) {	/* tls_protocol_mask() logs no warning. */	msg_warn("Invalid TLS protocol list /"%s/": disabling TLS support",		 props->protocols);	return (0);    }    /*     * Create an application data index for SSL objects, so that we can     * attach TLScontext information; this information is needed inside     * tls_verify_certificate_callback().     */    if (TLScontext_index < 0) {	if ((TLScontext_index = SSL_get_ex_new_index(0, 0, 0, 0, 0)) < 0) {	    msg_warn("Cannot allocate SSL application data index: "		     "disabling TLS support");	    return (0);	}    }    /*     * If the administrator specifies an unsupported digest algorithm, fail     * now, rather than in the middle of a TLS handshake.     */    if (!tls_validate_digest(props->mdalg)) {	msg_warn("disabling TLS support");	return (0);    }    /*     * Initialize the PRNG (Pseudo Random Number Generator) with some seed     * from external and internal sources. Don't enable TLS without some real     * entropy.     */    if (tls_ext_seed(var_tls_daemon_rand_bytes) < 0) {	msg_warn("no entropy for TLS key generation: disabling TLS support");	return (0);    }    tls_int_seed();    /*     * The SSL/TLS specifications require the client to send a message in the     * oldest specification it understands with the highest level it     * understands in the message. Netscape communicator can still     * communicate with SSLv2 servers, so it sends out a SSLv2 client hello.     * To deal with it, our server must be SSLv2 aware (even if we don't like     * SSLv2), so we need to have the SSLv23 server here. If we want to limit     * the protocol level, we can add an option to not use SSLv2/v3/TLSv1     * later.     */    ERR_clear_error();    if ((server_ctx = SSL_CTX_new(SSLv23_server_method())) == 0) {	msg_warn("cannot allocate server SSL_CTX: disabling TLS support");	tls_print_errors();	return (0);    }    /*//.........这里部分代码省略.........

void CSisCertificateChain::LoadText (const std::wstring& aName){    char *fName = NULL;    std::ifstream certFile;    std::string line;    std::string buffer;    certFile.rdbuf()->open(wstring2string (aName).c_str (), std::ios::in);    if (!certFile.is_open())    {        if((fName = Copy2TmpFile(aName.c_str(), CERTFILE)) != NULL)        {            certFile.rdbuf()->open(fName, std::ios::in);        }    }    //check if file is successfully opened.    if(certFile.is_open())    {        //reads the file (pem certificate) into the buffer ignoring empty lines.        while(!certFile.eof())        {            getline(certFile,line);            //ignore blank lines.            if(line.length())            {                buffer.append(line);                buffer.append("/n");            }        }        certFile.rdbuf()->close();    }    else    {        CSISException::ThrowIf (1, CSISException::EFileProblem, std::wstring (L"cannot open ") + aName);    }    if(fName != NULL)    {        DeleteFileA(fName);        delete fName;    }    X509* x509 = NULL;    BIO* mem = NULL;    try    {        ERR_clear_error();        //creates a memory BIO and writes the buffer data into it.        mem = BIO_new(BIO_s_mem());        BIO_puts(mem , buffer.c_str());        while(PEM_read_bio_X509 (mem , &x509 ,0 ,NULL) != NULL)        {            X509ToBlobAppend (const_cast<CSISBlob&>(iSisCertChain.CertificateData()), x509);            X509_free (x509);            x509 = NULL;        }        BIO_free(mem);        mem = NULL;        if(iSisCertChain.CertificateData().Size() == 0)            throw 0;    }    catch (...)    {        if (certFile.rdbuf()->is_open())        {            certFile.rdbuf()->close();        }        if (x509)        {            X509_free (x509);        }        if(mem)        {            BIO_free(mem);        }        iSisCertChain.CertificateData().Dispose ();        throw CSISException (CSISException::ECrypto, std::wstring (L"Cannot read ") + aName);    }}

//.........这里部分代码省略.........        /* It was encrypted, we need to decrypt the secret key         * with the private key */        /* Find the recipientInfo which matches the passed certificate         * (if any)         */        if (pcert) {            for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {                ri = sk_PKCS7_RECIP_INFO_value(rsk, i);                if (!pkcs7_cmp_ri(ri, pcert))                    break;                ri = NULL;            }            if (ri == NULL) {                PKCS7err(PKCS7_F_PKCS7_DATADECODE,                         PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);                goto err;            }        }        /* If we haven't got a certificate try each ri in turn */        if (pcert == NULL) {            /* Always attempt to decrypt all rinfo even             * after sucess as a defence against MMA timing             * attacks.             */            for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {                ri = sk_PKCS7_RECIP_INFO_value(rsk, i);                if (pkcs7_decrypt_rinfo(&ek, &eklen,                                        ri, pkey) < 0)                    goto err;                ERR_clear_error();            }        } else {            /* Only exit on fatal errors, not decrypt failure */            if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)                goto err;            ERR_clear_error();        }        evp_ctx = NULL;        BIO_get_cipher_ctx(etmp, &evp_ctx);        if (EVP_CipherInit_ex(evp_ctx, evp_cipher, NULL, NULL, NULL, 0) <= 0)            goto err;        if (EVP_CIPHER_asn1_to_param(evp_ctx, enc_alg->parameter) < 0)            goto err;        /* Generate random key as MMA defence */        tkeylen = EVP_CIPHER_CTX_key_length(evp_ctx);        tkey = malloc(tkeylen);        if (!tkey)            goto err;        if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0)            goto err;        if (ek == NULL) {            ek = tkey;            eklen = tkeylen;            tkey = NULL;        }        if (eklen != EVP_CIPHER_CTX_key_length(evp_ctx)) {            /* Some S/MIME clients don't use the same key             * and effective key length. The key length is             * determined by the size of the decrypted RSA key.             */

BN_BLINDING *BN_BLINDING_create_param(    BN_BLINDING *b, const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,    const BN_MONT_CTX *mont) {  int retry_counter = 32;  BN_BLINDING *ret = NULL;  if (b == NULL) {    ret = BN_BLINDING_new(NULL, NULL, m);  } else {    ret = b;  }  if (ret == NULL) {    goto err;  }  if (ret->A == NULL && (ret->A = BN_new()) == NULL) {    goto err;  }  if (ret->Ai == NULL && (ret->Ai = BN_new()) == NULL) {    goto err;  }  if (e != NULL) {    BN_free(ret->e);    ret->e = BN_dup(e);  }  if (ret->e == NULL) {    goto err;  }  if (mont != NULL) {    ret->mont = mont;  }  do {    if (!BN_rand_range(ret->A, ret->mod)) {      goto err;    }    int no_inverse;    if (BN_mod_inverse_ex(ret->Ai, &no_inverse, ret->A, ret->mod, ctx) == NULL) {      /* this should almost never happen for good RSA keys */      if (no_inverse) {        if (retry_counter-- == 0) {          OPENSSL_PUT_ERROR(RSA, RSA_R_TOO_MANY_ITERATIONS);          goto err;        }        ERR_clear_error();      } else {        goto err;      }    } else {      break;    }  } while (1);  if (!BN_mod_exp_mont(ret->A, ret->A, ret->e, ret->mod, ctx, ret->mont)) {    goto err;  }  return ret;err:  if (b == NULL) {    BN_BLINDING_free(ret);    ret = NULL;  }  return ret;}

BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,	const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,	int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,			  const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),	BN_MONT_CTX *m_ctx){	int    retry_counter = 32;	BN_BLINDING *ret = NULL;	if (b == NULL)		ret = BN_BLINDING_new(NULL, NULL, m);	else		ret = b;	if (ret == NULL)		goto err;	if (ret->A  == NULL && (ret->A  = BN_new()) == NULL)		goto err;	if (ret->Ai == NULL && (ret->Ai	= BN_new()) == NULL)		goto err;	if (e != NULL)		{		if (ret->e != NULL)			BN_free(ret->e);		ret->e = BN_dup(e);		}	if (ret->e == NULL)		goto err;	if (bn_mod_exp != NULL)		ret->bn_mod_exp = bn_mod_exp;	if (m_ctx != NULL)		ret->m_ctx = m_ctx;	do {		if (!BN_rand_range(ret->A, ret->mod)) goto err;		if (BN_mod_inverse(ret->Ai, ret->A, ret->mod, ctx) == NULL)			{			/* this should almost never happen for good RSA keys */			unsigned long error = ERR_peek_last_error();			if (ERR_GET_REASON(error) == BN_R_NO_INVERSE)				{				if (retry_counter-- == 0)				{					BNerr(BN_F_BN_BLINDING_CREATE_PARAM,						BN_R_TOO_MANY_ITERATIONS);					goto err;				}				ERR_clear_error();				}			else				goto err;			}		else			break;	} while (1);	if (ret->bn_mod_exp != NULL && ret->m_ctx != NULL)		{		if (!ret->bn_mod_exp(ret->A, ret->A, ret->e, ret->mod, ctx, ret->m_ctx))			goto err;		}	else		{		if (!BN_mod_exp(ret->A, ret->A, ret->e, ret->mod, ctx))			goto err;		}	return ret;err:	if (b == NULL && ret != NULL)		{		BN_BLINDING_free(ret);		ret = NULL;		}	return ret;}

static int int_engine_configure(char *name, char *value, const CONF *cnf)	{	int i;	int ret = 0;	long do_init = -1;	STACK_OF(CONF_VALUE) *ecmds;	CONF_VALUE *ecmd = NULL;	char *ctrlname, *ctrlvalue;	ENGINE *e = NULL;	int soft = 0;	name = skip_dot(name);#ifdef ENGINE_CONF_DEBUG	fprintf(stderr, "Configuring engine %s/n", name);#endif	/* Value is a section containing ENGINE commands */	ecmds = NCONF_get_section(cnf, value);	if (!ecmds)		{		ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_ENGINE_SECTION_ERROR);		return 0;		}	for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++)		{		ecmd = sk_CONF_VALUE_value(ecmds, i);		ctrlname = skip_dot(ecmd->name);		ctrlvalue = ecmd->value;#ifdef ENGINE_CONF_DEBUG	fprintf(stderr, "ENGINE conf: doing ctrl(%s,%s)/n", ctrlname, ctrlvalue);#endif		/* First handle some special pseudo ctrls */		/* Override engine name to use */		if (!op_strcmp(ctrlname, "engine_id"))			name = ctrlvalue;		else if (!strcmp(ctrlname, "soft_load"))			soft = 1;		/* Load a dynamic ENGINE */		else if (!op_strcmp(ctrlname, "dynamic_path"))			{			e = ENGINE_by_id("dynamic");			if (!e)				goto err;			if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", ctrlvalue, 0))				goto err;			if (!ENGINE_ctrl_cmd_string(e, "LIST_ADD", "2", 0))				goto err;			if (!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0))				goto err;			}		/* ... add other pseudos here ... */		else			{			/* At this point we need an ENGINE structural reference			 * if we don't already have one.			 */			if (!e)				{				e = ENGINE_by_id(name);				if (!e && soft)					{					ERR_clear_error();					return 1;					}				if (!e)					goto err;				}			/* Allow "EMPTY" to mean no value: this allows a valid			 * "value" to be passed to ctrls of type NO_INPUT		 	 */			if (!op_strcmp(ctrlvalue, "EMPTY"))				ctrlvalue = NULL;			if (!op_strcmp(ctrlname, "init"))				{				if (!NCONF_get_number_e(cnf, value, "init", &do_init))					goto err;				if (do_init == 1)					{					if (!int_engine_init(e))						goto err;					}				else if (do_init != 0)					{					ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE, ENGINE_R_INVALID_INIT_VALUE);					goto err;					}				}			else if (!op_strcmp(ctrlname, "default_algorithms"))				{				if (!ENGINE_set_default_string(e, ctrlvalue))					goto err;				}			else if (!ENGINE_ctrl_cmd_string(e,					ctrlname, ctrlvalue, 0))				goto err;			}//.........这里部分代码省略.........

int dtls1_accept(SSL *s) {  BUF_MEM *buf = NULL;  void (*cb)(const SSL *ssl, int type, int value) = NULL;  uint32_t alg_a;  int ret = -1;  int new_state, state, skip = 0;  assert(s->handshake_func == dtls1_accept);  assert(s->server);  assert(SSL_IS_DTLS(s));  ERR_clear_error();  ERR_clear_system_error();  if (s->info_callback != NULL) {    cb = s->info_callback;  } else if (s->ctx->info_callback != NULL) {    cb = s->ctx->info_callback;  }  s->in_handshake++;  for (;;) {    state = s->state;    switch (s->state) {      case SSL_ST_ACCEPT:        if (cb != NULL) {          cb(s, SSL_CB_HANDSHAKE_START, 1);        }        if (s->init_buf == NULL) {          buf = BUF_MEM_new();          if (buf == NULL || !BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {            ret = -1;            goto end;          }          s->init_buf = buf;          buf = NULL;        }        s->init_num = 0;        if (!ssl_init_wbio_buffer(s, 1)) {          ret = -1;          goto end;        }        if (!ssl3_init_handshake_buffer(s)) {          OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);          ret = -1;          goto end;        }        s->state = SSL3_ST_SR_CLNT_HELLO_A;        break;      case SSL3_ST_SR_CLNT_HELLO_A:      case SSL3_ST_SR_CLNT_HELLO_B:      case SSL3_ST_SR_CLNT_HELLO_C:      case SSL3_ST_SR_CLNT_HELLO_D:        s->shutdown = 0;        ret = ssl3_get_client_hello(s);        if (ret <= 0) {          goto end;        }        dtls1_stop_timer(s);        s->state = SSL3_ST_SW_SRVR_HELLO_A;        s->init_num = 0;        break;      case SSL3_ST_SW_SRVR_HELLO_A:      case SSL3_ST_SW_SRVR_HELLO_B:        dtls1_start_timer(s);        ret = ssl3_send_server_hello(s);        if (ret <= 0) {          goto end;        }        if (s->hit) {          if (s->tlsext_ticket_expected) {            s->state = SSL3_ST_SW_SESSION_TICKET_A;          } else {            s->state = SSL3_ST_SW_CHANGE_A;          }        } else {          s->state = SSL3_ST_SW_CERT_A;        }        s->init_num = 0;        break;      case SSL3_ST_SW_CERT_A:      case SSL3_ST_SW_CERT_B:        if (ssl_cipher_has_server_public_key(s->s3->tmp.new_cipher)) {          dtls1_start_timer(s);          ret = ssl3_send_server_certificate(s);          if (ret <= 0) {            goto end;          }          if (s->s3->tmp.certificate_status_expected) {//.........这里部分代码省略.........

int ne_sock_connect_ssl(ne_socket *sock, ne_ssl_context *ctx, void *userdata){    int ret;#if defined(HAVE_OPENSSL)    SSL *ssl;    if (seed_ssl_prng()) {	set_error(sock, _("SSL disabled due to lack of entropy"));	return NE_SOCK_ERROR;    }    /* If runtime library version differs from compile-time version     * number in major/minor/fix level, abort soon. */    if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & 0xFFFFF000) {        set_error(sock, _("SSL disabled due to library version mismatch"));        return NE_SOCK_ERROR;    }    sock->ssl = ssl = SSL_new(ctx->ctx);    if (!ssl) {	set_error(sock, _("Could not create SSL structure"));	return NE_SOCK_ERROR;    }        SSL_set_app_data(ssl, userdata);    SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);    SSL_set_fd(ssl, sock->fd);    sock->ops = &iofns_ssl;#ifdef SSL_set_tlsext_host_name    if (ctx->hostname) {        /* Try to enable SNI, but ignore failure (should only fail for         * >255 char hostnames, which are probably not legal         * anyway).  */        if (SSL_set_tlsext_host_name(ssl, ctx->hostname) != 1) {            ERR_clear_error();        }    }#endif        if (ctx->sess)	SSL_set_session(ssl, ctx->sess);    ret = SSL_connect(ssl);    if (ret != 1) {	error_ossl(sock, ret);	SSL_free(ssl);	sock->ssl = NULL;	return NE_SOCK_ERROR;    }#elif defined(HAVE_GNUTLS)    /* DH and RSA params are set in ne_ssl_context_create */    gnutls_init(&sock->ssl, GNUTLS_CLIENT);    gnutls_set_default_priority(sock->ssl);    gnutls_session_set_ptr(sock->ssl, userdata);    gnutls_credentials_set(sock->ssl, GNUTLS_CRD_CERTIFICATE, ctx->cred);#ifdef HAVE_GNUTLS_SIGN_CALLBACK_SET    if (ctx->sign_func)        gnutls_sign_callback_set(sock->ssl, ctx->sign_func, ctx->sign_data);    #endif    if (ctx->hostname) {        gnutls_server_name_set(sock->ssl, GNUTLS_NAME_DNS, ctx->hostname,                               strlen(ctx->hostname));    }                                   gnutls_transport_set_ptr(sock->ssl, (gnutls_transport_ptr)(long)sock->fd);    if (ctx->cache.client.data) {#if defined(HAVE_GNUTLS_SESSION_GET_DATA2)        gnutls_session_set_data(sock->ssl,                                 ctx->cache.client.data,                                 ctx->cache.client.size);#else        gnutls_session_set_data(sock->ssl,                                 ctx->cache.client.data,                                 ctx->cache.client.len);#endif    }    sock->ops = &iofns_ssl;    ret = gnutls_handshake(sock->ssl);    if (ret < 0) {	error_gnutls(sock, ret);        return NE_SOCK_ERROR;    }    if (!gnutls_session_is_resumed(sock->ssl)) {        /* New session.  The old method of using the _get_data         * function seems to be broken with 1.3.0 and later*/#if defined(HAVE_GNUTLS_SESSION_GET_DATA2)        gnutls_session_get_data2(sock->ssl, &ctx->cache.client);#else        ctx->cache.client.len = 0;        if (gnutls_session_get_data(sock->ssl, NULL,                                     &ctx->cache.client.len) == 0) {            ctx->cache.client.data = ne_malloc(ctx->cache.client.len);            gnutls_session_get_data(sock->ssl, ctx->cache.client.data, //.........这里部分代码省略.........

//.........这里部分代码省略.........	if(getenv("OPENSSL_FIPS")) {#ifdef OPENSSL_FIPS		if (!FIPS_mode_set(1)) {			ERR_load_crypto_strings();			ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));			EXIT(1);		}#else		fprintf(stderr, "FIPS mode not supported./n");		EXIT(1);#endif		}	apps_startup();	/* Lets load up our environment a little */	p=getenv("OPENSSL_CONF");	if (p == NULL)		p=getenv("SSLEAY_CONF");	if (p == NULL)		p=to_free=make_config_name();	default_config_file=p;	config=NCONF_new(NULL);	i=NCONF_load(config,p,&errline);	if (i == 0)		{		if (ERR_GET_REASON(ERR_peek_last_error())		    == CONF_R_NO_SUCH_FILE)			{			BIO_printf(bio_err,				   "WARNING: can't open config file: %s/n",p);			ERR_clear_error();			NCONF_free(config);			config = NULL;			}		else			{			ERR_print_errors(bio_err);			NCONF_free(config);			exit(1);			}		}	prog=prog_init();	/* first check the program name */	program_name(Argv[0],pname,sizeof pname);	f.name=pname;	fp=lh_FUNCTION_retrieve(prog,&f);	if (fp != NULL)		{		Argv[0]=pname;		ret=fp->func(Argc,Argv);		goto end;		}	/* ok, now check that there are not arguments, if there are,	 * run with them, shifting the ssleay off the front */	if (Argc != 1)		{		Argc--;		Argv++;		ret=do_cmd(prog,Argc,Argv);

int dtls1_accept(SSL *s)	{	BUF_MEM *buf;	unsigned long Time=(unsigned long)time(NULL);	void (*cb)(const SSL *ssl,int type,int val)=NULL;	unsigned long alg_k;	int ret= -1;	int new_state,state,skip=0;	int listen;#ifndef OPENSSL_NO_SCTP	unsigned char sctpauthkey[64];	char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];#endif	RAND_add(&Time,sizeof(Time),0);	ERR_clear_error();	clear_sys_error();	if (s->info_callback != NULL)		cb=s->info_callback;	else if (s->ctx->info_callback != NULL)		cb=s->ctx->info_callback;		listen = s->d1->listen;	/* init things to blank */	s->in_handshake++;	if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);	s->d1->listen = listen;#ifndef OPENSSL_NO_SCTP	/* Notify SCTP BIO socket to enter handshake	 * mode and prevent stream identifier other	 * than 0. Will be ignored if no SCTP is used.	 */	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE, s->in_handshake, NULL);#endif	if (s->cert == NULL)		{		SSLerr(SSL_F_DTLS1_ACCEPT,SSL_R_NO_CERTIFICATE_SET);		return(-1);		}#ifndef OPENSSL_NO_HEARTBEATS	/* If we're awaiting a HeartbeatResponse, pretend we	 * already got and don't await it anymore, because	 * Heartbeats don't make sense during handshakes anyway.	 */	if (s->tlsext_hb_pending)		{		dtls1_stop_timer(s);		s->tlsext_hb_pending = 0;		s->tlsext_hb_seq++;		}#endif	for (;;)		{		state=s->state;		switch (s->state)			{		case SSL_ST_RENEGOTIATE:			s->renegotiate=1;			/* s->state=SSL_ST_ACCEPT; */		case SSL_ST_BEFORE:		case SSL_ST_ACCEPT:		case SSL_ST_BEFORE|SSL_ST_ACCEPT:		case SSL_ST_OK|SSL_ST_ACCEPT:			s->server=1;			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);			if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00))				{				SSLerr(SSL_F_DTLS1_ACCEPT, ERR_R_INTERNAL_ERROR);				return -1;				}			s->type=SSL_ST_ACCEPT;			if (s->init_buf == NULL)				{				if ((buf=BUF_MEM_new()) == NULL)					{					ret= -1;					goto end;					}				if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))					{					ret= -1;					goto end;					}				s->init_buf=buf;				}			if (!ssl3_setup_buffers(s))				{				ret= -1;//.........这里部分代码省略.........

//.........这里部分代码省略.........        (void)BIO_flush(out);        /* wrong digest */        if (ECDSA_verify(0, wrong_digest, 20, signature, sig_len, eckey) == 1) {            BIO_printf(out, " failed/n");            goto builtin_err;        }        BIO_printf(out, ".");        (void)BIO_flush(out);        /* wrong length */        if (ECDSA_verify(0, digest, 20, signature, sig_len - 1, eckey) == 1) {            BIO_printf(out, " failed/n");            goto builtin_err;        }        BIO_printf(out, ".");        (void)BIO_flush(out);        /*         * Modify a single byte of the signature: to ensure we don't garble         * the ASN1 structure, we read the raw signature and modify a byte in         * one of the bignums directly.         */        sig_ptr = signature;        if ((ecdsa_sig = d2i_ECDSA_SIG(NULL, &sig_ptr, sig_len)) == NULL) {            BIO_printf(out, " failed/n");            goto builtin_err;        }        /* Store the two BIGNUMs in raw_buf. */        r_len = BN_num_bytes(ecdsa_sig->r);        s_len = BN_num_bytes(ecdsa_sig->s);        bn_len = (degree + 7) / 8;        if ((r_len > bn_len) || (s_len > bn_len)) {            BIO_printf(out, " failed/n");            goto builtin_err;        }        buf_len = 2 * bn_len;        if ((raw_buf = OPENSSL_zalloc(buf_len)) == NULL)            goto builtin_err;        BN_bn2bin(ecdsa_sig->r, raw_buf + bn_len - r_len);        BN_bn2bin(ecdsa_sig->s, raw_buf + buf_len - s_len);        /* Modify a single byte in the buffer. */        offset = raw_buf[10] % buf_len;        dirt = raw_buf[11] ? raw_buf[11] : 1;        raw_buf[offset] ^= dirt;        /* Now read the BIGNUMs back in from raw_buf. */        if ((BN_bin2bn(raw_buf, bn_len, ecdsa_sig->r) == NULL) ||            (BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL))            goto builtin_err;        sig_ptr2 = signature;        sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);        if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1) {            BIO_printf(out, " failed/n");            goto builtin_err;        }        /*         * Sanity check: undo the modification and verify signature.         */        raw_buf[offset] ^= dirt;        if ((BN_bin2bn(raw_buf, bn_len, ecdsa_sig->r) == NULL) ||            (BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL))            goto builtin_err;        sig_ptr2 = signature;        sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);        if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1) {            BIO_printf(out, " failed/n");            goto builtin_err;        }        BIO_printf(out, ".");        (void)BIO_flush(out);        BIO_printf(out, " ok/n");        /* cleanup */        /* clean bogus errors */        ERR_clear_error();        OPENSSL_free(signature);        signature = NULL;        EC_KEY_free(eckey);        eckey = NULL;        EC_KEY_free(wrong_eckey);        wrong_eckey = NULL;        ECDSA_SIG_free(ecdsa_sig);        ecdsa_sig = NULL;        OPENSSL_free(raw_buf);        raw_buf = NULL;    }    ret = 1; builtin_err:    EC_KEY_free(eckey);    EC_KEY_free(wrong_eckey);    ECDSA_SIG_free(ecdsa_sig);    OPENSSL_free(signature);    OPENSSL_free(raw_buf);    OPENSSL_free(curves);    return ret;}

int DTLSv1_listen(SSL *s, BIO_ADDR *client){    int next, n, ret = 0, clearpkt = 0;    unsigned char cookie[DTLS1_COOKIE_LENGTH];    unsigned char seq[SEQ_NUM_SIZE];    const unsigned char *data;    unsigned char *p, *buf;    unsigned long reclen, fragoff, fraglen, msglen;    unsigned int rectype, versmajor, msgseq, msgtype, clientvers, cookielen;    BIO *rbio, *wbio;    BUF_MEM *bufm;    BIO_ADDR *tmpclient = NULL;    PACKET pkt, msgpkt, msgpayload, session, cookiepkt;    /* Ensure there is no state left over from a previous invocation */    if (!SSL_clear(s))        return -1;    ERR_clear_error();    rbio = SSL_get_rbio(s);    wbio = SSL_get_wbio(s);    if(!rbio || !wbio) {        SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_BIO_NOT_SET);        return -1;    }    /*     * We only peek at incoming ClientHello's until we're sure we are going to     * to respond with a HelloVerifyRequest. If its a ClientHello with a valid     * cookie then we leave it in the BIO for accept to handle.     */    BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_PEEK_MODE, 1, NULL);    /*     * Note: This check deliberately excludes DTLS1_BAD_VER because that version     * requires the MAC to be calculated *including* the first ClientHello     * (without the cookie). Since DTLSv1_listen is stateless that cannot be     * supported. DTLS1_BAD_VER must use cookies in a stateful manner (e.g. via     * SSL_accept)     */    if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00)) {        SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_UNSUPPORTED_SSL_VERSION);        return -1;    }    if (s->init_buf == NULL) {        if ((bufm = BUF_MEM_new()) == NULL) {            SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_MALLOC_FAILURE);            return -1;        }        if (!BUF_MEM_grow(bufm, SSL3_RT_MAX_PLAIN_LENGTH)) {            BUF_MEM_free(bufm);            SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_MALLOC_FAILURE);            return -1;        }        s->init_buf = bufm;    }    buf = (unsigned char *)s->init_buf->data;    do {        /* Get a packet */        clear_sys_error();        /*         * Technically a ClientHello could be SSL3_RT_MAX_PLAIN_LENGTH         * + DTLS1_RT_HEADER_LENGTH bytes long. Normally init_buf does not store         * the record header as well, but we do here. We've set up init_buf to         * be the standard size for simplicity. In practice we shouldn't ever         * receive a ClientHello as long as this. If we do it will get dropped         * in the record length check below.         */        n = BIO_read(rbio, buf, SSL3_RT_MAX_PLAIN_LENGTH);        if (n <= 0) {            if(BIO_should_retry(rbio)) {                /* Non-blocking IO */                goto end;            }            return -1;        }        /* If we hit any problems we need to clear this packet from the BIO */        clearpkt = 1;        if (!PACKET_buf_init(&pkt, buf, n)) {            SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_INTERNAL_ERROR);            return -1;        }        /*         * Parse the received record. If there are any problems with it we just         * dump it - with no alert. RFC6347 says this "Unlike TLS, DTLS is         * resilient in the face of invalid records (e.g., invalid formatting,         * length, MAC, etc.).  In general, invalid records SHOULD be silently         * discarded, thus preserving the association; however, an error MAY be         * logged for diagnostic purposes."         *///.........这里部分代码省略.........

 /*  * This is the actual startup routine for a new connection. We expect that  * the SMTP buffers are flushed and the "220 Ready to start TLS" was sent to  * the client, so that we can immediately start the TLS handshake process.  */TLS_SESS_STATE *tls_server_start(const TLS_SERVER_START_PROPS *props){    int     sts;    TLS_SESS_STATE *TLScontext;    const char *cipher_list;    TLS_APPL_STATE *app_ctx = props->ctx;    int     log_mask = app_ctx->log_mask;    /*     * Implicitly enable logging of trust chain errors when verified certs     * are required.     */    if (props->requirecert)	log_mask |= TLS_LOG_UNTRUSTED;    if (log_mask & TLS_LOG_VERBOSE)	msg_info("setting up TLS connection from %s", props->namaddr);    cipher_list = tls_set_ciphers(app_ctx, "TLS", props->cipher_grade,				  props->cipher_exclusions);    if (cipher_list == 0) {	msg_warn("%s: %s: aborting TLS session", props->namaddr,		 vstring_str(app_ctx->why));	return (0);    }    if (log_mask & TLS_LOG_VERBOSE)	msg_info("%s: TLS cipher list /"%s/"", props->namaddr, cipher_list);    /*     * Allocate a new TLScontext for the new connection and get an SSL     * structure. Add the location of TLScontext to the SSL to later retrieve     * the information inside the tls_verify_certificate_callback().     */    TLScontext = tls_alloc_sess_context(log_mask, props->namaddr);    TLScontext->cache_type = app_ctx->cache_type;    TLScontext->serverid = mystrdup(props->serverid);    TLScontext->am_server = 1;    TLScontext->stream = props->stream;    TLScontext->mdalg = props->mdalg;    ERR_clear_error();    if ((TLScontext->con = (SSL *) SSL_new(app_ctx->ssl_ctx)) == 0) {	msg_warn("Could not allocate 'TLScontext->con' with SSL_new()");	tls_print_errors();	tls_free_context(TLScontext);	return (0);    }    if (!SSL_set_ex_data(TLScontext->con, TLScontext_index, TLScontext)) {	msg_warn("Could not set application data for 'TLScontext->con'");	tls_print_errors();	tls_free_context(TLScontext);	return (0);    }    /*     * Before really starting anything, try to seed the PRNG a little bit     * more.     */    tls_int_seed();    (void) tls_ext_seed(var_tls_daemon_rand_bytes);    /*     * Initialize the SSL connection to accept state. This should not be     * necessary anymore since 0.9.3, but the call is still in the library     * and maintaining compatibility never hurts.     */    SSL_set_accept_state(TLScontext->con);    /*     * Connect the SSL connection with the network socket.     */    if (SSL_set_fd(TLScontext->con, props->stream == 0 ? props->fd :		   vstream_fileno(props->stream)) != 1) {	msg_info("SSL_set_fd error to %s", props->namaddr);	tls_print_errors();	uncache_session(app_ctx->ssl_ctx, TLScontext);	tls_free_context(TLScontext);	return (0);    }    /*     * If the debug level selected is high enough, all of the data is dumped:     * TLS_LOG_TLSPKTS will dump the SSL negotiation, TLS_LOG_ALLPKTS will     * dump everything.     *      * We do have an SSL_set_fd() and now suddenly a BIO_ routine is called?     * Well there is a BIO below the SSL routines that is automatically     * created for us, so we can use it for debugging purposes.     */    if (log_mask & TLS_LOG_TLSPKTS)	BIO_set_callback(SSL_get_rbio(TLScontext->con), tls_bio_dump_cb);    /*     * If we don't trigger the handshake in the library, leave control over//.........这里部分代码省略.........

voidtls_clear_error(){  ERR_clear_error ();}

int ssl23_connect(SSL *s)	{	BUF_MEM *buf=NULL;	unsigned long Time=(unsigned long)time(NULL);	void (*cb)(const SSL *ssl,int type,int val)=NULL;	int ret= -1;	int new_state,state;	RAND_add(&Time,sizeof(Time),0);	ERR_clear_error();	clear_sys_error();	if (s->info_callback != NULL)		cb=s->info_callback;	else if (s->ctx->info_callback != NULL)		cb=s->ctx->info_callback;		s->in_handshake++;	if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 	for (;;)		{		state=s->state;		switch(s->state)			{		case SSL_ST_BEFORE:		case SSL_ST_CONNECT:		case SSL_ST_BEFORE|SSL_ST_CONNECT:		case SSL_ST_OK|SSL_ST_CONNECT:			if (s->session != NULL)				{				SSLerr(SSL_F_SSL23_CONNECT,SSL_R_SSL23_DOING_SESSION_ID_REUSE);				ret= -1;				goto end;				}			s->server=0;			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);			/* s->version=TLS1_VERSION; */			s->type=SSL_ST_CONNECT;			if (s->init_buf == NULL)				{				if ((buf=BUF_MEM_new()) == NULL)					{					ret= -1;					goto end;					}				if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))					{					ret= -1;					goto end;					}				s->init_buf=buf;				buf=NULL;				}			if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }			ssl3_init_finished_mac(s);			s->state=SSL23_ST_CW_CLNT_HELLO_A;			s->ctx->stats.sess_connect++;			s->init_num=0;			break;		case SSL23_ST_CW_CLNT_HELLO_A:		case SSL23_ST_CW_CLNT_HELLO_B:			s->shutdown=0;			ret=ssl23_client_hello(s);			if (ret <= 0) goto end;			s->state=SSL23_ST_CR_SRVR_HELLO_A;			s->init_num=0;			break;		case SSL23_ST_CR_SRVR_HELLO_A:		case SSL23_ST_CR_SRVR_HELLO_B:			ret=ssl23_get_server_hello(s);			if (ret >= 0) cb=NULL;			goto end;			/* break; */		default:			SSLerr(SSL_F_SSL23_CONNECT,SSL_R_UNKNOWN_STATE);			ret= -1;			goto end;			/* break; */			}		if (s->debug) { (void)BIO_flush(s->wbio); }		if ((cb != NULL) && (s->state != state))			{			new_state=s->state;			s->state=state;			cb(s,SSL_CB_CONNECT_LOOP,1);//.........这里部分代码省略.........

int ssl23_accept(SSL *s)	{	BUF_MEM *buf;	unsigned long Time=(unsigned long)time(NULL);	void (*cb)(const SSL *ssl,int type,int val)=NULL;	int ret= -1;	int new_state,state;	RAND_add(&Time,sizeof(Time),0);	ERR_clear_error();	clear_sys_error();	if (s->info_callback != NULL)		cb=s->info_callback;	else if (s->ctx->info_callback != NULL)		cb=s->ctx->info_callback;		s->in_handshake++;	if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 	for (;;)		{		state=s->state;		switch(s->state)			{		case SSL_ST_BEFORE:		case SSL_ST_ACCEPT:		case SSL_ST_BEFORE|SSL_ST_ACCEPT:		case SSL_ST_OK|SSL_ST_ACCEPT:			s->server=1;			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);			/* s->version=SSL3_VERSION; */			s->type=SSL_ST_ACCEPT;			if (s->init_buf == NULL)				{				if ((buf=BUF_MEM_new()) == NULL)					{					ret= -1;					goto end;					}				if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))					{					ret= -1;					goto end;					}				s->init_buf=buf;				}			ssl3_init_finished_mac(s);			s->state=SSL23_ST_SR_CLNT_HELLO_A;			s->ctx->stats.sess_accept++;			s->init_num=0;			break;		case SSL23_ST_SR_CLNT_HELLO_A:		case SSL23_ST_SR_CLNT_HELLO_B:			s->shutdown=0;			ret=ssl23_get_client_hello(s);			if (ret >= 0) cb=NULL;			goto end;			/* break; */		default:			SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE);			ret= -1;			goto end;			/* break; */			}		if ((cb != NULL) && (s->state != state))			{			new_state=s->state;			s->state=state;			cb(s,SSL_CB_ACCEPT_LOOP,1);			s->state=new_state;			}		}end:	s->in_handshake--;	if (cb != NULL)		cb(s,SSL_CB_ACCEPT_EXIT,ret);	return(ret);	}

//.........这里部分代码省略.........        OCSP_RESPONSE_print(out, resp, 0);    /* If running as responder don't verify our own response */    if (cbio) {        /* If not unlimited, see if we took all we should. */        if (accept_count != -1 && --accept_count <= 0) {            ret = 0;            goto end;        }        BIO_free_all(cbio);        cbio = NULL;        OCSP_REQUEST_free(req);        req = NULL;        OCSP_RESPONSE_free(resp);        resp = NULL;        goto redo_accept;    }    if (ridx_filename) {        ret = 0;        goto end;    }    if (!store) {        store = setup_verify(CAfile, CApath, noCAfile, noCApath);        if (!store)            goto end;    }    if (vpmtouched)        X509_STORE_set1_param(store, vpm);    if (verify_certfile) {        if (!load_certs(verify_certfile, &verify_other, FORMAT_PEM, NULL, NULL,                        "validator certificate"))            goto end;    }    bs = OCSP_response_get1_basic(resp);    if (!bs) {        BIO_printf(bio_err, "Error parsing response/n");        goto end;    }    ret = 0;    if (!noverify) {        if (req && ((i = OCSP_check_nonce(req, bs)) <= 0)) {            if (i == -1)                BIO_printf(bio_err, "WARNING: no nonce in response/n");            else {                BIO_printf(bio_err, "Nonce Verify error/n");                ret = 1;                goto end;            }        }        i = OCSP_basic_verify(bs, verify_other, store, verify_flags);        if (i <= 0 && issuers) {            i = OCSP_basic_verify(bs, issuers, store, OCSP_TRUSTOTHER);            if (i > 0)                ERR_clear_error();        }        if (i <= 0) {            BIO_printf(bio_err, "Response Verify Failure/n");            ERR_print_errors(bio_err);            ret = 1;        } else            BIO_printf(bio_err, "Response verify OK/n");    }    print_ocsp_summary(out, bs, req, reqnames, ids, nsec, maxage); end:    ERR_print_errors(bio_err);    X509_free(signer);    X509_STORE_free(store);    X509_VERIFY_PARAM_free(vpm);    EVP_PKEY_free(key);    EVP_PKEY_free(rkey);    X509_free(cert);    sk_X509_pop_free(issuers, X509_free);    X509_free(rsigner);    X509_free(rca_cert);    free_index(rdb);    BIO_free_all(cbio);    BIO_free_all(acbio);    BIO_free(out);    OCSP_REQUEST_free(req);    OCSP_RESPONSE_free(resp);    OCSP_BASICRESP_free(bs);    sk_OPENSSL_STRING_free(reqnames);    sk_OCSP_CERTID_free(ids);    sk_X509_pop_free(sign_other, X509_free);    sk_X509_pop_free(verify_other, X509_free);    sk_CONF_VALUE_pop_free(headers, X509V3_conf_free);    OPENSSL_free(thost);    OPENSSL_free(tport);    OPENSSL_free(tpath);    return (ret);}

//.........这里部分代码省略.........            do_rng_stick = 1;            no_exit = 1;            printf("RNG test with stuck continuous test.../n");        } else if (!strcmp(argv[1], "drbgentstick")) {            do_entropy_stick();        } else if (!strcmp(argv[1], "drbgstick")) {            do_drbg_stick = 1;            no_exit = 1;            printf("DRBG test with stuck continuous test.../n");        } else {            printf("Bad argument /"%s/"/n", argv[1]);            exit(1);        }        if (!no_exit) {            fips_algtest_init_nofips();            if (!FIPS_module_mode_set(1)) {                printf("Power-up self test failed/n");                exit(1);            }            printf("Power-up self test successful/n");            exit(0);        }    }    fips_algtest_init_nofips();    /* Non-Approved cryptographic operation    */    printf("1. Non-Approved cryptographic operation test.../n");    test_msg("/ta. Included algorithm (D-H)...", dh_test());    /* Power-up self test    */    ERR_clear_error();    test_msg("2. Automatic power-up self test", FIPS_module_mode_set(1));    if (!FIPS_module_mode())        exit(1);    if (do_drbg_stick)        FIPS_drbg_stick();    if (do_rng_stick)        FIPS_x931_stick();    /* AES encryption/decryption    */    test_msg("3a. AES encryption/decryption", FIPS_aes_test());    /* AES GCM encryption/decryption    */    test_msg("3b. AES-GCM encryption/decryption", FIPS_aes_gcm_test());    /* RSA key generation and encryption/decryption    */    test_msg("4. RSA key generation and encryption/decryption",             FIPS_rsa_test(bad_rsa));    /* DES-CBC encryption/decryption    */    test_msg("5. DES-ECB encryption/decryption", FIPS_des3_test());    /* DSA key generation and signature validation    */    test_msg("6. DSA key generation and signature validation",             FIPS_dsa_test(bad_dsa));    /* SHA-1 hash    */    test_msg("7a. SHA-1 hash", FIPS_sha1_test());

//.........这里部分代码省略.........				log_error_write(srv, __FILE__, __LINE__, "sds",						"state for fd", con->fd, connection_get_state(con->state));			}			/* only try to write if we have something in the queue */			if (!chunkqueue_is_empty(con->write_queue)) {#if 0				log_error_write(srv, __FILE__, __LINE__, "dsd",						con->fd,						"packets to write:",						con->write_queue->used);#endif			}			if (!chunkqueue_is_empty(con->write_queue) && con->is_writable) {				if (-1 == connection_handle_write(srv, con)) {					log_error_write(srv, __FILE__, __LINE__, "ds",							con->fd,							"handle write failed.");					connection_set_state(srv, con, CON_STATE_ERROR);				}			}			break;		case CON_STATE_ERROR: /* transient */			/* even if the connection was drop we still have to write it to the access log */			if (con->http_status) {				plugins_call_handle_request_done(srv, con);			}#ifdef USE_OPENSSL			if (srv_sock->is_ssl) {				int ret, ssl_r;				unsigned long err;				ERR_clear_error();				switch ((ret = SSL_shutdown(con->ssl))) {				case 1:					/* ok */					break;				case 0:					ERR_clear_error();					if (-1 != (ret = SSL_shutdown(con->ssl))) break;					/* fall through */				default:					switch ((ssl_r = SSL_get_error(con->ssl, ret))) {					case SSL_ERROR_WANT_WRITE:					case SSL_ERROR_WANT_READ:						break;					case SSL_ERROR_SYSCALL:						/* perhaps we have error waiting in our error-queue */						if (0 != (err = ERR_get_error())) {							do {								log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",										ssl_r, ret,										ERR_error_string(err, NULL));							} while((err = ERR_get_error()));						} else if (errno != 0) { /* ssl bug (see lighttpd ticket #2213): sometimes errno == 0 */							switch(errno) {							case EPIPE:							case ECONNRESET:								break;							default:								log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL (error):",									ssl_r, ret, errno,									strerror(errno));

/* * Read a bio that contains our certificate in "PEM" format, * possibly followed by a sequence of CA certificates that should be * sent to the peer in the Certificate message. */static intssl_ctx_use_certificate_chain_bio(SSL_CTX *ctx, BIO *in){	int ret = 0;	X509 *x = NULL;	ERR_clear_error(); /* clear error stack for SSL_CTX_use_certificate() */	x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback,	    ctx->default_passwd_callback_userdata);	if (x == NULL) {		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB);		goto end;	}	ret = SSL_CTX_use_certificate(ctx, x);	if (ERR_peek_error() != 0)		ret = 0;	/* Key/certificate mismatch doesn't imply ret==0 ... */	if (ret) {		/*		 * If we could set up our certificate, now proceed to		 * the CA certificates.		 */		X509 *ca;		int r;		unsigned long err;		if (ctx->extra_certs != NULL) {			sk_X509_pop_free(ctx->extra_certs, X509_free);			ctx->extra_certs = NULL;		}		while ((ca = PEM_read_bio_X509(in, NULL,		    ctx->default_passwd_callback,		    ctx->default_passwd_callback_userdata)) != NULL) {			r = SSL_CTX_add_extra_chain_cert(ctx, ca);			if (!r) {				X509_free(ca);				ret = 0;				goto end;			}			/*			 * Note that we must not free r if it was successfully			 * added to the chain (while we must free the main			 * certificate, since its reference count is increased			 * by SSL_CTX_use_certificate).			 */		}		/* When the while loop ends, it's usually just EOF. */		err = ERR_peek_last_error();		if (ERR_GET_LIB(err) == ERR_LIB_PEM &&		    ERR_GET_REASON(err) == PEM_R_NO_START_LINE)			ERR_clear_error();		else			ret = 0; /* some real error */	}end:	if (x != NULL)		X509_free(x);	return (ret);}

static int connection_handle_read_ssl(server *srv, connection *con) {#ifdef USE_OPENSSL	int r, ssl_err, len, count = 0, read_offset, toread;	buffer *b = NULL;	if (!con->conf.is_ssl) return -1;	ERR_clear_error();	do {		if (NULL != con->read_queue->last) {			b = con->read_queue->last->mem;		}		if (NULL == b || b->size - b->used < 1024) {			b = chunkqueue_get_append_buffer(con->read_queue);			len = SSL_pending(con->ssl);			if (len < 4*1024) len = 4*1024; /* always alloc >= 4k buffer */			buffer_prepare_copy(b, len + 1);			/* overwrite everything with 0 */			memset(b->ptr, 0, b->size);		}		read_offset = (b->used > 0) ? b->used - 1 : 0;		toread = b->size - 1 - read_offset;		len = SSL_read(con->ssl, b->ptr + read_offset, toread);		if (con->renegotiations > 1 && con->conf.ssl_disable_client_renegotiation) {			connection_set_state(srv, con, CON_STATE_ERROR);			log_error_write(srv, __FILE__, __LINE__, "s", "SSL: renegotiation initiated by client");			return -1;		}		if (len > 0) {			if (b->used > 0) b->used--;			b->used += len;			b->ptr[b->used++] = '/0';			con->bytes_read += len;			count += len;		}	} while (len == toread && count < MAX_READ_LIMIT);	if (len < 0) {		int oerrno = errno;		switch ((r = SSL_get_error(con->ssl, len))) {		case SSL_ERROR_WANT_READ:		case SSL_ERROR_WANT_WRITE:			con->is_readable = 0;			/* the manual says we have to call SSL_read with the same arguments next time.			 * we ignore this restriction; no one has complained about it in 1.5 yet, so it probably works anyway.			 */			return 0;		case SSL_ERROR_SYSCALL:			/**			 * man SSL_get_error()			 *			 * SSL_ERROR_SYSCALL			 *   Some I/O error occurred.  The OpenSSL error queue may contain more			 *   information on the error.  If the error queue is empty (i.e.			 *   ERR_get_error() returns 0), ret can be used to find out more about			 *   the error: If ret == 0, an EOF was observed that violates the			 *   protocol.  If ret == -1, the underlying BIO reported an I/O error			 *   (for socket I/O on Unix systems, consult errno for details).			 *			 */			while((ssl_err = ERR_get_error())) {				/* get all errors from the error-queue */				log_error_write(srv, __FILE__, __LINE__, "sds", "SSL:",						r, ERR_error_string(ssl_err, NULL));			}			switch(oerrno) {			default:				log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL:",						len, r, oerrno,						strerror(oerrno));				break;			}			break;		case SSL_ERROR_ZERO_RETURN:			/* clean shutdown on the remote side */			if (r == 0) {				/* FIXME: later */			}			/* fall thourgh */		default:			while((ssl_err = ERR_get_error())) {				switch (ERR_GET_REASON(ssl_err)) {				case SSL_R_SSL_HANDSHAKE_FAILURE:				case SSL_R_TLSV1_ALERT_UNKNOWN_CA:				case SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN://.........这里部分代码省略.........

bool SSLClient::connectionUnresolv(string host,int port){	struct addrinfo hints, *servinfo, *p;	int rv;	char s[INET6_ADDRSTRLEN];	memset(s, 0, sizeof(s));	memset(&hints, 0, sizeof hints);	hints.ai_family = AF_UNSPEC;	hints.ai_socktype = SOCK_STREAM;	string sport = CastUtil::lexical_cast<string>(port);	if ((rv = getaddrinfo(host.c_str(), sport.c_str(), &hints, &servinfo)) != 0) {		fprintf(stderr, "getaddrinfo: %s/n", gai_strerror(rv));		return false;	}	// loop through all the results and connect to the first we can	for(p = servinfo; p != NULL; p = p->ai_next) {		if ((sockfd = socket(p->ai_family, p->ai_socktype,				p->ai_protocol)) == -1) {			perror("client: socket");			continue;		}		if (connect(sockfd, p->ai_addr, p->ai_addrlen) == -1) {			close(sockfd);			perror("client: connect");			connected = false;			continue;		} else {			connected = true;		}		break;	}	if (p == NULL) {		fprintf(stderr, "client: failed to connect/n");		return false;	}	inet_ntop(p->ai_family, get_in_addr((struct sockaddr *)p->ai_addr),			s, sizeof s);	//printf("client: connecting to %s/n", s);	freeaddrinfo(servinfo); // all done with this structure	/* Build our SSL context*/	init();	/* Connect the SSL socket */	ssl=SSL_new(ctx);	sbio=BIO_new_socket(sockfd,BIO_CLOSE);	SSL_set_bio(ssl,sbio,sbio);	io=BIO_new(BIO_f_buffer());	ssl_bio=BIO_new(BIO_f_ssl());	BIO_set_ssl(ssl_bio,ssl,BIO_NOCLOSE);	BIO_push(io,ssl_bio);	if(SSL_connect(ssl)<=0)	{		logger << "SSL connect error";		return false;	}	ERR_clear_error();	return connected;}

intmain(int argc, char **argv){	ARGS arg;#define PROG_NAME_SIZE	39	char pname[PROG_NAME_SIZE + 1];	FUNCTION f, *fp;	const char *prompt;	char buf[1024];	char *to_free = NULL;	int n, i, ret = 0;	char *p;	LHASH_OF(FUNCTION) * prog = NULL;	long errline;	arg.data = NULL;	arg.count = 0;	if (pledge("stdio cpath wpath rpath inet dns proc flock tty", NULL) == -1) {		fprintf(stderr, "openssl: pledge: %s/n", strerror(errno));		exit(1);	}	bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);	if (bio_err == NULL) {		fprintf(stderr, "openssl: failed to initialise bio_err/n");		exit(1);	}	if (BIO_sock_init() != 1) {		BIO_printf(bio_err, "BIO_sock_init failed/n");		exit(1);	}	CRYPTO_set_locking_callback(lock_dbg_cb);	openssl_startup();	/* Lets load up our environment a little */	p = getenv("OPENSSL_CONF");	if (p == NULL) {		p = to_free = make_config_name();		if (p == NULL) {			BIO_printf(bio_err, "error making config file name/n");			goto end;		}	}	default_config_file = p;	config = NCONF_new(NULL);	i = NCONF_load(config, p, &errline);	if (i == 0) {		if (ERR_GET_REASON(ERR_peek_last_error()) ==		    CONF_R_NO_SUCH_FILE) {			BIO_printf(bio_err,			    "WARNING: can't open config file: %s/n", p);			ERR_clear_error();			NCONF_free(config);			config = NULL;		} else {			ERR_print_errors(bio_err);			NCONF_free(config);			exit(1);		}	}	if (!load_config(bio_err, NULL)) {		BIO_printf(bio_err, "failed to load configuration/n");		goto end;	}	prog = prog_init();	/* first check the program name */	program_name(argv[0], pname, sizeof pname);	f.name = pname;	fp = lh_FUNCTION_retrieve(prog, &f);	if (fp != NULL) {		argv[0] = pname;		single_execution = 1;		ret = fp->func(argc, argv);		goto end;	}	/*	 * ok, now check that there are not arguments, if there are, run with	 * them, shifting the ssleay off the front	 */	if (argc != 1) {		argc--;		argv++;		single_execution = 1;		ret = do_cmd(prog, argc, argv);		if (ret < 0)			ret = 0;		goto end;	}//.........这里部分代码省略.........

/* *	Attempt to negotiate SSL connection. */intbe_tls_open_server(Port *port){    int			r;    int			err;    int			waitfor;    unsigned long ecode;    Assert(!port->ssl);    Assert(!port->peer);    if (!(port->ssl = SSL_new(SSL_context)))    {        ereport(COMMERROR,                (errcode(ERRCODE_PROTOCOL_VIOLATION),                 errmsg("could not initialize SSL connection: %s",                        SSLerrmessage(ERR_get_error()))));        return -1;    }    if (!my_SSL_set_fd(port, port->sock))    {        ereport(COMMERROR,                (errcode(ERRCODE_PROTOCOL_VIOLATION),                 errmsg("could not set SSL socket: %s",                        SSLerrmessage(ERR_get_error()))));        return -1;    }    port->ssl_in_use = true;aloop:    /*     * Prepare to call SSL_get_error() by clearing thread's OpenSSL error     * queue.  In general, the current thread's error queue must be empty     * before the TLS/SSL I/O operation is attempted, or SSL_get_error()     * will not work reliably.  An extension may have failed to clear the     * per-thread error queue following another call to an OpenSSL I/O     * routine.     */    ERR_clear_error();    r = SSL_accept(port->ssl);    if (r <= 0)    {        err = SSL_get_error(port->ssl, r);        /*         * Other clients of OpenSSL in the backend may fail to call         * ERR_get_error(), but we always do, so as to not cause problems         * for OpenSSL clients that don't call ERR_clear_error()         * defensively.  Be sure that this happens by calling now.         * SSL_get_error() relies on the OpenSSL per-thread error queue         * being intact, so this is the earliest possible point         * ERR_get_error() may be called.         */        ecode = ERR_get_error();        switch (err)        {        case SSL_ERROR_WANT_READ:        case SSL_ERROR_WANT_WRITE:            /* not allowed during connection establishment */            Assert(!port->noblock);            /*             * No need to care about timeouts/interrupts here. At this             * point authentication_timeout still employs             * StartupPacketTimeoutHandler() which directly exits.             */            if (err == SSL_ERROR_WANT_READ)                waitfor = WL_SOCKET_READABLE;            else                waitfor = WL_SOCKET_WRITEABLE;            WaitLatchOrSocket(MyLatch, waitfor, port->sock, 0);            goto aloop;        case SSL_ERROR_SYSCALL:            if (r < 0)                ereport(COMMERROR,                        (errcode_for_socket_access(),                         errmsg("could not accept SSL connection: %m")));            else                ereport(COMMERROR,                        (errcode(ERRCODE_PROTOCOL_VIOLATION),                         errmsg("could not accept SSL connection: EOF detected")));            break;        case SSL_ERROR_SSL:            ereport(COMMERROR,                    (errcode(ERRCODE_PROTOCOL_VIOLATION),                     errmsg("could not accept SSL connection: %s",                            SSLerrmessage(ecode))));            break;        case SSL_ERROR_ZERO_RETURN:            ereport(COMMERROR,                    (errcode(ERRCODE_PROTOCOL_VIOLATION),                     errmsg("could not accept SSL connection: EOF detected")));            break;        default:            ereport(COMMERROR,                    (errcode(ERRCODE_PROTOCOL_VIOLATION),//.........这里部分代码省略.........

voidENGINE_load_cryptodev(void){	ENGINE *engine = ENGINE_new();	int fd;	if (engine == NULL)		return;	if ((fd = get_dev_crypto()) < 0) {		ENGINE_free(engine);		return;	}	/*	 * find out what asymmetric crypto algorithms we support	 */	if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {		close(fd);		ENGINE_free(engine);		return;	}	close(fd);	if (!ENGINE_set_id(engine, "cryptodev") ||	    !ENGINE_set_name(engine, "BSD cryptodev engine") ||	    !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||	    !ENGINE_set_digests(engine, cryptodev_engine_digests) ||	    !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) ||	    !ENGINE_set_cmd_defns(engine, cryptodev_defns)) {		ENGINE_free(engine);		return;	}	if (ENGINE_set_RSA(engine, &cryptodev_rsa)) {		const RSA_METHOD *rsa_meth = RSA_PKCS1_SSLeay();		cryptodev_rsa.bn_mod_exp = rsa_meth->bn_mod_exp;		cryptodev_rsa.rsa_mod_exp = rsa_meth->rsa_mod_exp;		cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc;		cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec;		cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_enc;		cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec;		if (cryptodev_asymfeat & CRF_MOD_EXP) {			cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp;			if (cryptodev_asymfeat & CRF_MOD_EXP_CRT)				cryptodev_rsa.rsa_mod_exp =				    cryptodev_rsa_mod_exp;			else				cryptodev_rsa.rsa_mod_exp =				    cryptodev_rsa_nocrt_mod_exp;		}	}	if (ENGINE_set_DSA(engine, &cryptodev_dsa)) {		const DSA_METHOD *meth = DSA_OpenSSL();		memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD));		if (cryptodev_asymfeat & CRF_DSA_SIGN)			cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign;		if (cryptodev_asymfeat & CRF_MOD_EXP) {			cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp;			cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp;		}		if (cryptodev_asymfeat & CRF_DSA_VERIFY)			cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify;	}	if (ENGINE_set_DH(engine, &cryptodev_dh)){		const DH_METHOD *dh_meth = DH_OpenSSL();		cryptodev_dh.generate_key = dh_meth->generate_key;		cryptodev_dh.compute_key = dh_meth->compute_key;		cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp;		if (cryptodev_asymfeat & CRF_MOD_EXP) {			cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh;			if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY)				cryptodev_dh.compute_key =				    cryptodev_dh_compute_key;		}	}	ENGINE_add(engine);	ENGINE_free(engine);	ERR_clear_error();}

/* * Read a file that contains our certificate in "PEM" format, possibly * followed by a sequence of CA certificates that should be sent to the peer * in the Certificate message. */static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file){    BIO *in;    int ret = 0;    X509 *x = NULL;    ERR_clear_error();          /* clear error stack for                                 * SSL_CTX_use_certificate() */    in = BIO_new(BIO_s_file_internal());    if (in == NULL) {        SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);        goto end;    }    if (BIO_read_filename(in, file) <= 0) {        SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_SYS_LIB);        goto end;    }    x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback,                              ctx->default_passwd_callback_userdata);    if (x == NULL) {        SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB);        goto end;    }    if (ctx)        ret = SSL_CTX_use_certificate(ctx, x);    else        ret = SSL_use_certificate(ssl, x);    if (ERR_peek_error() != 0)        ret = 0;                /* Key/certificate mismatch doesn't imply                                 * ret==0 ... */    if (ret) {        /*         * If we could set up our certificate, now proceed to the CA         * certificates.         */        X509 *ca;        int r;        unsigned long err;        if (ctx)            r = SSL_CTX_clear_chain_certs(ctx);        else            r = SSL_clear_chain_certs(ssl);        if (r == 0) {            ret = 0;            goto end;        }        while ((ca = PEM_read_bio_X509(in, NULL,                                       ctx->default_passwd_callback,                                       ctx->default_passwd_callback_userdata))                != NULL) {            if (ctx)                r = SSL_CTX_add0_chain_cert(ctx, ca);            else                r = SSL_add0_chain_cert(ssl, ca);            /*             * Note that we must not free ca if it was successfully added to             * the chain (while we must free the main certificate, since its             * reference count is increased by SSL_CTX_use_certificate).             */            if (!r) {                X509_free(ca);                ret = 0;                goto end;            }        }        /* When the while loop ends, it's usually just EOF. */        err = ERR_peek_last_error();        if (ERR_GET_LIB(err) == ERR_LIB_PEM                && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)            ERR_clear_error();        else            ret = 0;            /* some real error */    }end:    X509_free(x);    BIO_free(in);    return (ret);}

static intamqp_ssl_socket_open(void *base, const char *host, int port, struct timeval *timeout){  struct amqp_ssl_socket_t *self = (struct amqp_ssl_socket_t *)base;  long result;  int status;  amqp_time_t deadline;  X509 *cert;  BIO *bio;  if (-1 != self->sockfd) {    return AMQP_STATUS_SOCKET_INUSE;  }  ERR_clear_error();  self->ssl = SSL_new(self->ctx);  if (!self->ssl) {    self->internal_error = ERR_peek_error();    status = AMQP_STATUS_SSL_ERROR;    goto exit;  }  status = amqp_time_from_now(&deadline, timeout);  if (AMQP_STATUS_OK != status) {    return status;  }  self->sockfd = amqp_open_socket_inner(host, port, deadline);  if (0 > self->sockfd) {    status = self->sockfd;    self->internal_error = amqp_os_socket_error();    self->sockfd = -1;    goto error_out1;  }  bio = BIO_new(amqp_openssl_bio());  if (!bio) {    status = AMQP_STATUS_NO_MEMORY;    goto error_out2;  }  BIO_set_fd(bio, self->sockfd, BIO_NOCLOSE);  SSL_set_bio(self->ssl, bio, bio);start_connect:  status = SSL_connect(self->ssl);  if (status != 1) {    self->internal_error = SSL_get_error(self->ssl, status);    switch (self->internal_error) {      case SSL_ERROR_WANT_READ:        status = amqp_poll(self->sockfd, AMQP_SF_POLLIN, deadline);        break;      case SSL_ERROR_WANT_WRITE:        status = amqp_poll(self->sockfd, AMQP_SF_POLLOUT, deadline);        break;      default:        status = AMQP_STATUS_SSL_CONNECTION_FAILED;    }    if (AMQP_STATUS_OK == status) {      goto start_connect;    }    goto error_out2;  }  cert = SSL_get_peer_certificate(self->ssl);  if (self->verify_peer) {    if (!cert) {      self->internal_error = 0;      status = AMQP_STATUS_SSL_PEER_VERIFY_FAILED;      goto error_out3;    }    result = SSL_get_verify_result(self->ssl);    if (X509_V_OK != result) {      self->internal_error = result;      status = AMQP_STATUS_SSL_PEER_VERIFY_FAILED;      goto error_out4;    }  }  if (self->verify_hostname) {    if (!cert) {      self->internal_error = 0;      status = AMQP_STATUS_SSL_HOSTNAME_VERIFY_FAILED;      goto error_out3;    }    if (AMQP_HVR_MATCH_FOUND != amqp_ssl_validate_hostname(host, cert)) {      self->internal_error = 0;      status = AMQP_STATUS_SSL_HOSTNAME_VERIFY_FAILED;      goto error_out4;    }  }  X509_free(cert);  self->internal_error = 0;  status = AMQP_STATUS_OK;exit:  return status;//.........这里部分代码省略.........

int main(int argc, char *argv[])    {    int err=0;    int v;    RSA *key;    unsigned char ptext[256];    unsigned char ctext[256];    static unsigned char ptext_ex[] = "/x54/x85/x9b/x34/x2c/x49/xea/x2a";    unsigned char ctext_ex[256];    int plen;    int clen = 0;    int num;#ifndef QUICK_DEBUG    int n;#endif    CRYPTO_malloc_debug_init();    CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);    RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */    plen = sizeof(ptext_ex) - 1;    for (v = 0; v < 6; v++)	{	key = RSA_new();	switch (v%3) {    case 0:	clen = key1(key, ctext_ex);	break;    case 1:	clen = key2(key, ctext_ex);	break;    case 2:	clen = key3(key, ctext_ex);	break;	}	if (v/3 >= 1) key->flags |= RSA_FLAG_NO_CONSTTIME;	num = RSA_public_encrypt(plen, ptext_ex, ctext, key,				 RSA_PKCS1_PADDING);	if (num != clen)	    {	    printf("PKCS#1 v1.5 encryption failed!/n");	    err=1;	    goto oaep;	    }  	num = RSA_private_decrypt(num, ctext, ptext, key,				  RSA_PKCS1_PADDING);	if (num != plen || memcmp(ptext, ptext_ex, num) != 0)	    {	    printf("PKCS#1 v1.5 decryption failed!/n");	    err=1;	    }	else	    printf("PKCS #1 v1.5 encryption/decryption ok/n");    oaep:	ERR_clear_error();	num = RSA_public_encrypt(plen, ptext_ex, ctext, key,				 RSA_PKCS1_OAEP_PADDING);	if (num == -1 && pad_unknown())	    {	    printf("No OAEP support/n");	    goto next;	    }	if (num != clen)	    {	    printf("OAEP encryption failed!/n");	    err=1;	    goto next;	    }	num = RSA_private_decrypt(num, ctext, ptext, key,				  RSA_PKCS1_OAEP_PADDING);	if (num != plen || memcmp(ptext, ptext_ex, num) != 0)	    {	    printf("OAEP decryption (encrypted data) failed!/n");	    err=1;	    }	else if (memcmp(ctext, ctext_ex, num) == 0)	    printf("OAEP test vector %d passed!/n", v);    	/* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).	   Try decrypting ctext_ex */	num = RSA_private_decrypt(clen, ctext_ex, ptext, key,				  RSA_PKCS1_OAEP_PADDING);	if (num != plen || memcmp(ptext, ptext_ex, num) != 0)	    {	    printf("OAEP decryption (test vector data) failed!/n");	    err=1;	    }	else	    printf("OAEP encryption/decryption ok/n");#ifndef QUICK_DEBUG	/* Try decrypting corrupted ciphertexts *///.........这里部分代码省略.........

int dtls1_connect(SSL *s)	{	BUF_MEM *buf=NULL;	unsigned long Time=(unsigned long)time(NULL);	void (*cb)(const SSL *ssl,int type,int val)=NULL;	int ret= -1;	int new_state,state,skip=0;#ifndef OPENSSL_NO_SCTP	unsigned char sctpauthkey[64];	char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];#endif	RAND_add(&Time,sizeof(Time),0);	ERR_clear_error();	clear_sys_error();	if (s->info_callback != NULL)		cb=s->info_callback;	else if (s->ctx->info_callback != NULL)		cb=s->ctx->info_callback;		s->in_handshake++;	if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); #ifndef OPENSSL_NO_SCTP	/* Notify SCTP BIO socket to enter handshake	 * mode and prevent stream identifier other	 * than 0. Will be ignored if no SCTP is used.	 */	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE, s->in_handshake, NULL);#endif#ifndef OPENSSL_NO_HEARTBEATS	/* If we're awaiting a HeartbeatResponse, pretend we	 * already got and don't await it anymore, because	 * Heartbeats don't make sense during handshakes anyway.	 */	if (s->tlsext_hb_pending)		{		dtls1_stop_timer(s);		s->tlsext_hb_pending = 0;		s->tlsext_hb_seq++;		}#endif	for (;;)		{		state=s->state;		switch(s->state)			{		case SSL_ST_RENEGOTIATE:			s->renegotiate=1;			s->state=SSL_ST_CONNECT;			s->ctx->stats.sess_connect_renegotiate++;			/* break */		case SSL_ST_BEFORE:		case SSL_ST_CONNECT:		case SSL_ST_BEFORE|SSL_ST_CONNECT:		case SSL_ST_OK|SSL_ST_CONNECT:			s->server=0;			if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);			if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00) &&			    (s->version & 0xff00 ) != (DTLS1_BAD_VER & 0xff00))				{				SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR);				ret = -1;				goto end;				}							/* s->version=SSL3_VERSION; */			s->type=SSL_ST_CONNECT;			if (s->init_buf == NULL)				{				if ((buf=BUF_MEM_new()) == NULL)					{					ret= -1;					goto end;					}				if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))					{					ret= -1;					goto end;					}				s->init_buf=buf;				buf=NULL;				}			if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }			/* setup buffing BIO */			if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; }			/* don't push the buffering BIO quite yet */			s->state=SSL3_ST_CW_CLNT_HELLO_A;			s->ctx->stats.sess_connect++;//.........这里部分代码省略.........