Bug#19370676 : YASSL PRE-AUTH BUFFER OVERFLOW WHEN CLIENT

               LIES ABOUT SUITE_LEN_
               and
Bug#19355577 : YASSL PRE-AUTH BUFFER OVERFLOW WHEN CLIENT
               LIES ABOUT COMP_LEN_

Description : Updating yaSSL to version 2.3.4.

extra/yassl/README

@@ -12,15 +12,31 @@ before calling SSL_new();
 
 *** end Note ***
 
-yaSSL Release notes, version 2.3.0 (12/5/2013)
+yaSSL Release notes, version 2.3.4 (8/15/2014)
 
-  This release of yaSSL updates asm for newer GCC versions.
+    This release of yaSSL adds checking to the input_buffer class itself.
 
 See normal  build instructions below under 1.0.6.
 See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 
 
-*****************yaSSL Release notes, version 2.2.3b (4/23/2013)
+yaSSL Release notes, version 2.3.2 (7/25/2014)
+
+    This release of yaSSL updates test certs.
+
+See normal  build instructions below under 1.0.6.
+See libcurl build instructions below under 1.3.0 and note in 1.5.8.
+
+
+*****************yaSSL Release notes, version 2.3.0 (12/5/2013)
+
+    This release of yaSSL updates asm for newer GCC versions.
+
+See normal  build instructions below under 1.0.6.
+See libcurl build instructions below under 1.3.0 and note in 1.5.8.
+
+
+*****************yaSSL Release notes, version 2.2.3 (4/23/2013)
 
     This release of yaSSL updates the test certificates as they were expired
 

extra/yassl/certs/ca-cert.pem

 -----BEGIN CERTIFICATE-----
-MIIEnjCCA4agAwIBAgIJAOnQp195JfQ8MA0GCSqGSIb3DQEBBQUAMIGQMQswCQYD
-VQQGEwJVUzEQMA4GA1UECBMHTW9udGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8G
-A1UEChMIU2F3dG9vdGgxEzARBgNVBAsTCkNvbnN1bHRpbmcxFjAUBgNVBAMTDXd3
-dy55YXNzbC5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9AeWFzc2wuY29tMB4XDTEx
-MTAyNDE4MTgxNVoXDTE0MDcyMDE4MTgxNVowgZAxCzAJBgNVBAYTAlVTMRAwDgYD
-VQQIEwdNb250YW5hMRAwDgYDVQQHEwdCb3plbWFuMREwDwYDVQQKEwhTYXd0b290
-aDETMBEGA1UECxMKQ29uc3VsdGluZzEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEd
-MBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQC/DMotFLIehEJbzTgfSvJNdRDxtjWf38p9A5jTrN4DZu4q
-8diwfW4HVAsQmCFNgMsSIOfMT95FfclydzLqypC7aVIQAy+o85XF8YtiVhvvZ2+k
-EEGVrQqb46XAsNJwdlAwW6joCCx87aeieo04KRysx+3yfJWwlYJ9SVw4zXcl772A
-dVOUPD3KY1ufFbXTHRMvGdE823Y6zLh9yeXC19pAb9gh3HMbQi1TnP4a/H2rejY/
-mN6EfAVnzmoUOIep8Yy1aMtof3EgK/WgY/VWL6Mm0rdvsVoX1ziZCP6TWG/+wxNJ
-CBYLp01nAFIxZyNOmO1RRR25BNkL7Ngos0u97TZ5AgMBAAGjgfgwgfUwHQYDVR0O
-BBYEFCeOZxF0wyYdP+0zY7Ok2B0w5ejVMIHFBgNVHSMEgb0wgbqAFCeOZxF0wyYd
-P+0zY7Ok2B0w5ejVoYGWpIGTMIGQMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHTW9u
-dGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8GA1UEChMIU2F3dG9vdGgxEzARBgNV
-BAsTCkNvbnN1bHRpbmcxFjAUBgNVBAMTDXd3dy55YXNzbC5jb20xHTAbBgkqhkiG
-9w0BCQEWDmluZm9AeWFzc2wuY29tggkA6dCnX3kl9DwwDAYDVR0TBAUwAwEB/zAN
-BgkqhkiG9w0BAQUFAAOCAQEAX4YU9FGLvKVOMNperJr4bNkmS5P54xyJb57us513
-PokgdqPm6IYVIdviM7I01dCf88Gkh5Jc+dH/MC+OA7yzPAwyo5BfGpAer53zntcH
-Aql9J2ZjL68Y16wYmIyDjzjzC6w2EHX7ynYTUFsCj3O/46Dug1IlVM4mzpy9L3mr
-G2C4kvEDwPw7CNnArdVyCCWAYS3cn6eDYgdH4AdMSwcwBKmHHFV/BxLQy0Jdy89m
-ARoX7vkPYLfbb2jlTkFibtNvYE9LJ97PGAfxE13LP6klRNpSXMgE4VYS9SqQTtHi
-rwG1I6HsMdp7Y2nEuPPnzqE9wNtt87LZRsifw7hwWh9/yg==
+MIIEqjCCA5KgAwIBAgIJAJpBR82hFGKMMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD
+VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
+A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
+dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
+Fw0xNDA3MTEwMzIwMDhaFw0xNzA0MDYwMzIwMDhaMIGUMQswCQYDVQQGEwJVUzEQ
+MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3
+dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
+LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D
+mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx
+i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J
+XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc
+/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI
+/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB
++TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU
+J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
+VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290
+aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
+MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAmkFHzaEUYowwDAYD
+VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAeXgMbXmIkfw6FZz5J2IW8CEf
++n0/oqgyHvfyEal0FnRe3BjK8AAq1QMGJjDxR4P9Mm787apPfQxjYDEvfAy/mWaH
+7ScIhi3EM+iYIxz+o9uaSU78WkLvccM/rdxKqNKjHQmsMwR7hvNtAFmjyNvRPHP2
+DpDWXkngvzZjCHulsI81O1aMETVJBBzQ57pWxQ0KkY3Wt2IZNBJSTNJtfMU9DxiB
+VMv2POWE0tZxFewaNAvwoCF0Q8ijsN/ZZ9rirZNI+KCHvXkU4GIK3/cxLjF70TIq
+Cv5dFO/ZZFDkg5G8cA3XiI3ZvIQOxRqzv2QCTlGRpKKFFYOv8FubKElfsrMD2A==
 -----END CERTIFICATE-----
 Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            e9:d0:a7:5f:79:25:f4:3c
-        Signature Algorithm: sha1WithRSAEncryption
-        Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.yassl.com/emailAddress=info@yassl.com
+            9a:41:47:cd:a1:14:62:8c
+    Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
         Validity
-            Not Before: Oct 24 18:18:15 2011 GMT
-            Not After : Jul 20 18:18:15 2014 GMT
-        Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.yassl.com/emailAddress=info@yassl.com
+            Not Before: Jul 11 03:20:08 2014 GMT
+            Not After : Apr  6 03:20:08 2017 GMT
+        Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
-            RSA Public Key: (2048 bit)
-                Modulus (2048 bit):
+                Public-Key: (2048 bit)
+                Modulus:
                     00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a:
                     f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac:
                     de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98:
@@ -64,24 +64,24 @@ Certificate:
                 27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
-                DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.yassl.com/emailAddress=info@yassl.com
-                serial:E9:D0:A7:5F:79:25:F4:3C
+                DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+                serial:9A:41:47:CD:A1:14:62:8C
 
             X509v3 Basic Constraints: 
                 CA:TRUE
     Signature Algorithm: sha1WithRSAEncryption
-        5f:86:14:f4:51:8b:bc:a5:4e:30:da:5e:ac:9a:f8:6c:d9:26:
-        4b:93:f9:e3:1c:89:6f:9e:ee:b3:9d:77:3e:89:20:76:a3:e6:
-        e8:86:15:21:db:e2:33:b2:34:d5:d0:9f:f3:c1:a4:87:92:5c:
-        f9:d1:ff:30:2f:8e:03:bc:b3:3c:0c:32:a3:90:5f:1a:90:1e:
-        af:9d:f3:9e:d7:07:02:a9:7d:27:66:63:2f:af:18:d7:ac:18:
-        98:8c:83:8f:38:f3:0b:ac:36:10:75:fb:ca:76:13:50:5b:02:
-        8f:73:bf:e3:a0:ee:83:52:25:54:ce:26:ce:9c:bd:2f:79:ab:
-        1b:60:b8:92:f1:03:c0:fc:3b:08:d9:c0:ad:d5:72:08:25:80:
-        61:2d:dc:9f:a7:83:62:07:47:e0:07:4c:4b:07:30:04:a9:87:
-        1c:55:7f:07:12:d0:cb:42:5d:cb:cf:66:01:1a:17:ee:f9:0f:
-        60:b7:db:6f:68:e5:4e:41:62:6e:d3:6f:60:4f:4b:27:de:cf:
-        18:07:f1:13:5d:cb:3f:a9:25:44:da:52:5c:c8:04:e1:56:12:
-        f5:2a:90:4e:d1:e2:af:01:b5:23:a1:ec:31:da:7b:63:69:c4:
-        b8:f3:e7:ce:a1:3d:c0:db:6d:f3:b2:d9:46:c8:9f:c3:b8:70:
-        5a:1f:7f:ca
+         79:78:0c:6d:79:88:91:fc:3a:15:9c:f9:27:62:16:f0:21:1f:
+         fa:7d:3f:a2:a8:32:1e:f7:f2:11:a9:74:16:74:5e:dc:18:ca:
+         f0:00:2a:d5:03:06:26:30:f1:47:83:fd:32:6e:fc:ed:aa:4f:
+         7d:0c:63:60:31:2f:7c:0c:bf:99:66:87:ed:27:08:86:2d:c4:
+         33:e8:98:23:1c:fe:a3:db:9a:49:4e:fc:5a:42:ef:71:c3:3f:
+         ad:dc:4a:a8:d2:a3:1d:09:ac:33:04:7b:86:f3:6d:00:59:a3:
+         c8:db:d1:3c:73:f6:0e:90:d6:5e:49:e0:bf:36:63:08:7b:a5:
+         b0:8f:35:3b:56:8c:11:35:49:04:1c:d0:e7:ba:56:c5:0d:0a:
+         91:8d:d6:b7:62:19:34:12:52:4c:d2:6d:7c:c5:3d:0f:18:81:
+         54:cb:f6:3c:e5:84:d2:d6:71:15:ec:1a:34:0b:f0:a0:21:74:
+         43:c8:a3:b0:df:d9:67:da:e2:ad:93:48:f8:a0:87:bd:79:14:
+         e0:62:0a:df:f7:31:2e:31:7b:d1:32:2a:0a:fe:5d:14:ef:d9:
+         64:50:e4:83:91:bc:70:0d:d7:88:8d:d9:bc:84:0e:c5:1a:b3:
+         bf:64:02:4e:51:91:a4:a2:85:15:83:af:f0:5b:9b:28:49:5f:
+         b2:b3:03:d8

extra/yassl/certs/client-cert.pem

@@ -2,17 +2,17 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            87:4a:75:be:91:66:d8:3d
-        Signature Algorithm: sha1WithRSAEncryption
-        Issuer: C=US, ST=Oregon, L=Portland, O=yaSSL, OU=Programming, CN=www.yassl.com/emailAddress=info@yassl.com
+            b6:63:af:8f:5d:62:57:a0
+    Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Programming, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
         Validity
-            Not Before: Oct 24 18:21:55 2011 GMT
-            Not After : Jul 20 18:21:55 2014 GMT
-        Subject: C=US, ST=Oregon, L=Portland, O=yaSSL, OU=Programming, CN=www.yassl.com/emailAddress=info@yassl.com
+            Not Before: Jul 11 17:39:44 2014 GMT
+            Not After : Apr  6 17:39:44 2017 GMT
+        Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Programming, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
-            RSA Public Key: (2048 bit)
-                Modulus (2048 bit):
+                Public-Key: (2048 bit)
+                Modulus:
                     00:c3:03:d1:2b:fe:39:a4:32:45:3b:53:c8:84:2b:
                     2a:7c:74:9a:bd:aa:2a:52:07:47:d6:a6:36:b2:07:
                     32:8e:d0:ba:69:7b:c6:c3:44:9e:d4:81:48:fd:2d:
@@ -37,51 +37,51 @@ Certificate:
                 33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
             X509v3 Authority Key Identifier: 
                 keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
-                DirName:/C=US/ST=Oregon/L=Portland/O=yaSSL/OU=Programming/CN=www.yassl.com/emailAddress=info@yassl.com
-                serial:87:4A:75:BE:91:66:D8:3D
+                DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL/OU=Programming/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+                serial:B6:63:AF:8F:5D:62:57:A0
 
             X509v3 Basic Constraints: 
                 CA:TRUE
     Signature Algorithm: sha1WithRSAEncryption
-        1c:7c:42:81:29:9e:21:cf:d0:d8:c1:54:6f:cc:ae:14:09:38:
-        ff:68:98:9a:95:53:76:18:7b:e6:30:76:ec:28:0d:75:a7:de:
-        e0:cd:8e:d5:55:23:6a:47:2b:4e:8d:fc:7d:06:a3:d8:0f:ad:
-        5e:d6:04:c9:00:33:fb:77:27:d3:b5:03:b3:7b:21:74:31:0b:
-        4a:af:2d:1a:b3:93:8e:cc:f3:5f:3d:90:3f:cc:e3:55:19:91:
-        7b:78:24:2e:4a:09:bb:18:4e:61:2d:9c:c6:0a:a0:34:91:88:
-        70:6b:3b:48:47:bc:79:94:a2:a0:4d:32:47:54:c2:a3:dc:2e:
-        d2:51:4c:29:39:11:ff:e2:15:5e:58:97:36:f6:e9:06:06:86:
-        0e:8d:9d:95:03:72:b2:8b:19:7c:e9:14:6e:a1:88:73:68:58:
-        6d:71:5e:c2:d5:d3:13:d2:5f:de:ea:03:be:e2:00:40:e5:ce:
-        fd:e6:92:31:57:c3:eb:bb:66:ac:cb:2f:1a:fa:e0:62:a2:47:
-        f4:93:43:2a:4b:6c:5e:0a:2f:f9:e7:e6:4a:63:86:b0:ac:2a:
-        a1:eb:b4:5b:67:cd:32:e4:b6:11:4b:9a:72:66:0d:a2:4a:76:
-        8f:fe:22:bc:83:fd:db:b7:d5:a9:ee:05:c9:b1:71:7e:1b:2b:
-        e1:e3:af:c0
+         85:10:90:c5:5d:de:25:8c:f2:57:7b:2d:14:1c:05:f9:71:63:
+         40:b0:e3:c1:c1:2e:13:2a:7a:b7:d6:24:58:87:eb:03:fb:0d:
+         af:e0:f4:d0:c8:bc:51:36:10:4f:79:cc:4f:66:7d:af:99:cb:
+         7b:ce:68:94:c6:36:aa:42:6e:8c:78:5b:b2:85:ca:d1:e1:a8:
+         31:d1:81:d9:f9:c1:a3:9e:34:43:ef:0a:79:7d:3e:83:61:fc:
+         14:5c:d1:dd:bc:0e:d7:51:b7:71:6e:41:7e:8b:2c:5a:9a:cb:
+         77:4b:6a:f5:06:ff:02:af:1e:e6:63:4f:bc:44:d9:3f:56:9e:
+         09:9c:43:f9:55:21:32:46:82:09:86:a9:7b:74:1c:9e:5a:2a:
+         bf:03:79:91:cb:f2:29:7f:c9:15:82:89:b9:53:cd:7e:07:90:
+         a9:5d:76:e1:19:5e:0d:58:b8:59:d5:0d:df:23:ab:6b:63:76:
+         19:9e:9c:df:b0:57:49:6c:d0:86:97:c3:6c:3c:fa:e0:56:c2:
+         1b:e3:a1:42:1a:58:62:85:9d:74:19:83:08:af:59:90:f8:99:
+         bd:67:d3:4a:ea:0e:c9:ca:61:8a:0d:8a:42:cc:90:e9:2e:c2:
+         54:73:7f:5e:af:8d:e2:32:cb:45:20:d6:19:4d:5b:77:31:cc:
+         0f:2d:c0:7e
 -----BEGIN CERTIFICATE-----
-MIIEmDCCA4CgAwIBAgIJAIdKdb6RZtg9MA0GCSqGSIb3DQEBBQUAMIGOMQswCQYD
-VQQGEwJVUzEPMA0GA1UECBMGT3JlZ29uMREwDwYDVQQHEwhQb3J0bGFuZDEOMAwG
-A1UEChMFeWFTU0wxFDASBgNVBAsTC1Byb2dyYW1taW5nMRYwFAYDVQQDEw13d3cu
-eWFzc2wuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbTAeFw0xMTEw
-MjQxODIxNTVaFw0xNDA3MjAxODIxNTVaMIGOMQswCQYDVQQGEwJVUzEPMA0GA1UE
-CBMGT3JlZ29uMREwDwYDVQQHEwhQb3J0bGFuZDEOMAwGA1UEChMFeWFTU0wxFDAS
-BgNVBAsTC1Byb2dyYW1taW5nMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJ
-KoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAMMD0Sv+OaQyRTtTyIQrKnx0mr2qKlIHR9amNrIHMo7Quml7xsNE
-ntSBSP0taKKLZ7uhdcg2LErSG/eLus8N+e/s8YEee5sDR5q/Zcx/ZSRppugUiVvk
-NPfFsBST9Wd7Onp44QFWVpGmE0KN0jxAnEzv0YbfN1EbDKE79fGjSjXk4c6W3xt+
-v06X0BDoqAgwga8gC0MUxXRntDKCb42GwohAmTaDuh5AciIX11JlJHOwzu8Zza7/
-eGx7wBID1E5yDVBtO6M7o5lencjZDIWz2YrZVCbbbfqsu/8lTMTRefRx04ZAGBOw
-Y7VyTjDEl4SGLVYv1xX3f8Cu9fxb5fuhutMCAwEAAaOB9jCB8zAdBgNVHQ4EFgQU
-M9hFZtdohxh+VA1wJ5HHJteFZcAwgcMGA1UdIwSBuzCBuIAUM9hFZtdohxh+VA1w
-J5HHJteFZcChgZSkgZEwgY4xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIEwZPcmVnb24x
-ETAPBgNVBAcTCFBvcnRsYW5kMQ4wDAYDVQQKEwV5YVNTTDEUMBIGA1UECxMLUHJv
-Z3JhbW1pbmcxFjAUBgNVBAMTDXd3dy55YXNzbC5jb20xHTAbBgkqhkiG9w0BCQEW
-DmluZm9AeWFzc2wuY29tggkAh0p1vpFm2D0wDAYDVR0TBAUwAwEB/zANBgkqhkiG
-9w0BAQUFAAOCAQEAHHxCgSmeIc/Q2MFUb8yuFAk4/2iYmpVTdhh75jB27CgNdafe
-4M2O1VUjakcrTo38fQaj2A+tXtYEyQAz+3cn07UDs3shdDELSq8tGrOTjszzXz2Q
-P8zjVRmRe3gkLkoJuxhOYS2cxgqgNJGIcGs7SEe8eZSioE0yR1TCo9wu0lFMKTkR
-/+IVXliXNvbpBgaGDo2dlQNysosZfOkUbqGIc2hYbXFewtXTE9Jf3uoDvuIAQOXO
-/eaSMVfD67tmrMsvGvrgYqJH9JNDKktsXgov+efmSmOGsKwqoeu0W2fNMuS2EUua
-cmYNokp2j/4ivIP927fVqe4FybFxfhsr4eOvwA==
+MIIEqjCCA5KgAwIBAgIJALZjr49dYlegMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD
+VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4G
+A1UECgwHd29sZlNTTDEUMBIGA1UECwwLUHJvZ3JhbW1pbmcxGDAWBgNVBAMMD3d3
+dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
+Fw0xNDA3MTExNzM5NDRaFw0xNzA0MDYxNzM5NDRaMIGUMQswCQYDVQQGEwJVUzEQ
+MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4GA1UECgwHd29s
+ZlNTTDEUMBIGA1UECwwLUHJvZ3JhbW1pbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
+LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMMD0Sv+OaQyRTtTyIQrKnx0mr2qKlIHR9am
+NrIHMo7Quml7xsNEntSBSP0taKKLZ7uhdcg2LErSG/eLus8N+e/s8YEee5sDR5q/
+Zcx/ZSRppugUiVvkNPfFsBST9Wd7Onp44QFWVpGmE0KN0jxAnEzv0YbfN1EbDKE7
+9fGjSjXk4c6W3xt+v06X0BDoqAgwga8gC0MUxXRntDKCb42GwohAmTaDuh5AciIX
+11JlJHOwzu8Zza7/eGx7wBID1E5yDVBtO6M7o5lencjZDIWz2YrZVCbbbfqsu/8l
+TMTRefRx04ZAGBOwY7VyTjDEl4SGLVYv1xX3f8Cu9fxb5fuhutMCAwEAAaOB/DCB
++TAdBgNVHQ4EFgQUM9hFZtdohxh+VA1wJ5HHJteFZcAwgckGA1UdIwSBwTCBvoAU
+M9hFZtdohxh+VA1wJ5HHJteFZcChgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
+VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRAwDgYDVQQKDAd3b2xmU1NM
+MRQwEgYDVQQLDAtQcm9ncmFtbWluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
+MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAtmOvj11iV6AwDAYD
+VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAhRCQxV3eJYzyV3stFBwF+XFj
+QLDjwcEuEyp6t9YkWIfrA/sNr+D00Mi8UTYQT3nMT2Z9r5nLe85olMY2qkJujHhb
+soXK0eGoMdGB2fnBo540Q+8KeX0+g2H8FFzR3bwO11G3cW5BfossWprLd0tq9Qb/
+Aq8e5mNPvETZP1aeCZxD+VUhMkaCCYape3QcnloqvwN5kcvyKX/JFYKJuVPNfgeQ
+qV124RleDVi4WdUN3yOra2N2GZ6c37BXSWzQhpfDbDz64FbCG+OhQhpYYoWddBmD
+CK9ZkPiZvWfTSuoOycphig2KQsyQ6S7CVHN/Xq+N4jLLRSDWGU1bdzHMDy3Afg==
 -----END CERTIFICATE-----

extra/yassl/certs/client-keyEnc.pem

 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-CBC,B9D8FB94E38635AB
+DEK-Info: DES-EDE3-CBC,BDE979D13CCC0ABD
 
-3OTcffWLy2Ddlu2oUwnMWkvIb3e9wLL1jrKOpC0aeb//uiawgw50+KuU4pewB5fN
-lfEJwpX4NjfPL+Nk+B1VAVrv5gwk5/SY9SwIJluutzmGS4TfVOhqi2SVd0mc9kOD
-cSWQ9ltAohFu67jdx36j2u+eghDTOjls1lM8EpzL5cu3Bp4G+ST0nXAdnGtSZdV6
-eToLWjIHiC/JqeRSsKAlG0M5verw14sbb5MO4ZQF4Tdu0fCFgFvDSUM2V4ZLtS1N
-VysLEkHoF56YKZ5H2FYLxOVDpn5lSiLnOgRbteEzsysyJ1zLxXWFFwJPCpLVNL0e
-P7OoEoCR+oAdzGkkPF+EdMoULtQP+n6U7jGx3oFVS17NORIFvyxyP0hD4pGTGLnl
-qAEk30lhKGAE5GgvA2itxZIno/sxPKr5T5Sc2yWh9RdQuLWYNrOb8Kz8J1iXV5l6
-/5TLGu5XVWIlBnUtjMFUe5M54tqGQ6SuDUlL2ud5YeLVN0T+RU/bqV2fXGoBUqKb
-Oe8PECm62Ls0wjv27BIOXXV32WSXwsywSzBqq2YXZ5zc9Q0+Mf1Zl6jKwcr8rXhv
-rA2kcpicONryggsPZnn/us1bVuWKndsCbm7A5om6HowpamNMPuxhISigzzE59L6X
-X6Sl2F0N0zhrfUVlAAlfYTrwcQVtyBDj1xp2nzJFocurJt9EylLaT0Sw3nxWtuOg
-yQuF05UPCzxqow/7dMVqtQKng0ptpsn/E+Kr/Egk1YaTpUUxref6mD3R1S+qWML8
-uqTa3y1CWd4u+aJZH2oZU3gmEd8GvuWnmhsw8iTyq1bzYIga1rQZqh4W5Ok9V+jR
-GioT/x3mTIhtuEZ1Cmhne5qM3gWYgM3rC3D4+RnUFeThOC5lHtOYHtIEpg66cs7g
-QYAn75ghEkyfG7ZvdxAU9Ngn6hckux9tFu3GmeEtdqhVOHaOMaYi60uGSk6uBnTv
-P1sUqi70kMrIBWU7TgldKlTqVdReM87Nkb2O5v1xqtoswLWIi65hFWTqt/H65c1H
-aEBG1cBqnqBMYuFk8b4TzZbuU9o1UKj0/6N5mpm//BmW65B0htEDP7IYpGF0mt0H
-LkU+4ISmuLfPfQeviYio6/yASaFkHpxfK7N8CQvmyAG9U8FHRio2QCGSb2EO+BnT
-Bti6L9oMiQbAsCLWTbvBhCVxdncFw1ncq8gkPMXjEEVUsqAo5Kg+903pRHUyHLzS
-R6R3C6tTJnNtucJ0zqQMF3K1FHS1m8GrOm+hskJLTHgZLdz6tFTYkXfZBSCwIl7s
-plg0wq9CrNC2B8MczWn/j3/h7qSI3wBNqADHMdoiOHECffCeyGEYjW3+0iMoj1m1
-wY0DIym4DDRzk6wsEesxVi8iiCVpYwWnjJAvWYECEO+hWuwCez+eGVkhCT/5g3xW
-hPSRhivNuJT05tdR5o+yqONHn1eAQH7Ar3cj+neY5WC0iS5FK9axTqbHXotofD1e
-pJX17ZVWsmIIpRvAWGD+LOcfTMZsaB9DJbkrPSWlMW3lC2S5JOq8OgfMNWIDDUN1
-guwpK5Z/lWV1qMMnaWeDVgPH/G0FssECXlCU5+/Ol654h8tm2bRXYAYHPM+OoW67
+N7yz2JV13EmQ7MZPL5wamid5+G1V1gp8FKqMemAC5JDxonS/W9oViMLUcxbfPTDx
+FznKdYSVTIQ7vv3ofmDG4MEyV/2C568N2kdtAw+jTfrZFN+IU9CI+W+In/nacirF
+02sAcvDMofustnooKNOO7/iyb5+3vRvEt5vSSRQn5WuSQ9sUKjuzoLs/lbf7fyAt
+4NeqfI3rYBZXxiUOLITOGXzGNRuFoY+o2uDCfelLAJ8uhiVG6ME3LeJEo1dT5lZ8
+CSJOLPasKg0iG4V7olM4j9FvAfZr48RRsSfUen756Jo2HpI4bad8LKhFYIdNs2Au
+WwKLmjpo6QB9hBmRshR04rEXPdrgTqLBExCE08PyaGYnWU8ggWritCeBzDQFj/n4
+sI+NO0Mymuvg98e5RpO52lg3Xnqv9RIK3guLFOmI6aEHC0PS4WwOEQ==
 -----END RSA PRIVATE KEY-----

extra/yassl/certs/dsa1024.pem

+-----BEGIN DSA PRIVATE KEY-----
+MIIBvAIBAAKBgQC9Ue5KMuCKx+rG4epwxFFDzyoH4ccSwlglXsRdvqswDRK/oQvT
+NNNoWiVxTn3kvQ8qDlhWy9KjGTrqr/ttgmh56FFpe6tz4yTgCNyR9D+eGclD7lNf
+dPUc4E3SA6efopG6+ymI55bS+9xUFTG402UCrYSKT59zI2HBfuI6dltsxQIVAJHJ
+7WDQ+jBn/nmMyCQzdi+0qJx1AoGBAJJacRK36s5yGY1b6qhxWqvpoAC+SfEKylZn
+YWGYf2PM+Iwo6AgPKEw6BSsX+7Nmc4Gjyr4JWhComKi6onPamO/A2CbMM0DCxb47
+BeLBWfqWAgXVj0CODT4MQos5yugnviR/YpEgbzLxvrXr469lKWsAyB19/gFmGmQW
+cCgAwGm6AoGBAJ3LY89yHyvQ/TsQ6zlYbovjbk/ogndsMqPdNUvL4RuPTgJP/caa
+DDa0XJ7ak6A7TJ+QheLNwOXoZPYJC4EGFSDAXpYniGhbWIrVTCGe6lmZDfnx40WX
+S0kk3m/DHaC03ElLAiybxVGxyqoUfbT3Zv1JwftWMuiqHH5uADhdXuXVAhQ01VXa
+Rr8IPem35lKghVKnq/kGQw==
+-----END DSA PRIVATE KEY-----

extra/yassl/certs/dsa512.pem

------BEGIN DSA PRIVATE KEY-----
-MIH3AgEAAkEAmSlpgMk8mGhFqYL+Z+uViMW0DNYmRZUZLKAgW37faencww/zYQol
-m/IhAWrNqow358pm21b0D3160Ri5Qv0bEQIVAK0lKasKnwkcwa0DIHZ/prfdTQMJ
-AkASiJna59ALk5vm7jwhf5yztI2ljOI3gD8X0YFPvfBxtjIIVN2/AeKzdwZkdYoE
-1nk5sQIDA8YGdOWQBQoQRhkxAkAEhKAmMXIM6E9dUxdisYDKwBZfwx7qxdmYOPm+
-VlNHaM4IIlccuw13kc9bNu3zJIKQis2QfNt3+Rctc3Pvu7mCAhQjg+e+aqykxwwc
-E2V27tjDFY02uA==
------END DSA PRIVATE KEY-----

extra/yassl/certs/server-keyEnc.pem

 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-CBC,08132C1FFF5BC8CC
+DEK-Info: DES-CBC,136C7D8A69656668
 
-W+krChiFlNU+koE0Bep+U45OG4V4IFZv67ex6yJHgcsPd+HQ692A/h+5dYc8rdlW
-2LDgSODHHIMTt6RVJDxXxXs3qFmJQbnVXeXxV209X8EfaRarh+yiMKeUP6K8hIvj
-+IYRma6iKOs+d4KlcZZudGs2f/x8nhxXbmQtrLhGd4h91mnJk2sKmiz7UkUy6Qng
-gOHnT2dfF4Qk2ZYsjisRHjpWZiqh40GO1LuTgUjZoH+LGhMwMwOAE6+ss5xa+yE+
-Xd9Yljm0/QW68JILkCJQjLDRvPGxDJyvYq6TT/kSElsRlI/AuRrZH1YVD3hn/xjx
-tDoEB+JEbH6iu9ne2srxnGSKLzoUbb4XPaCjLIW9BJf7oANmmFQpZZQiRTyIUVWi
-IE5hJciqF7ra7IwfZAW/PeWGXpzNOVN9QAvyAMsmvUCzJdxd1ySUatjhZ+mSFYGk
-rDVtyrgt4ZQgV0EdJV0Yn1ZWMOk1qEKXT0JAnI+9S6Y+QEdwXmdz3xlVuq61Jvub
-iJUVepnD/1QeFfWy8JwlscWpWFrkr569f3SNG+FGb6fufnUP7K6sX3urj+pj1QET
-f9NmmvLBsVsbj1Egg3wnxbVHIUPky64LY04wtNJaAwhuG6mKCvaClKYMTmTCyrzP
-aRwghhMQ3yHUbo2A1ZppYsXXg8lX30eW+5O77N9Q3xfP0phODHXsnXhBH09ml1JQ
-MmiCaL5n6sIVcjtFmN/kyaEuz/1VrBSaDCPeW88n61UXUidXrGOZN/2c/2xFir8B
-2rdE82lQLl07SJxzQQ6aJVvrc5tnbV/ENDySS5dG6Yl/w89/nuu0RFHmAweKqfGC
-8m0XOkmonIk6h3YT7XrkE0b/2jkf1mMaMKrGGfRmxqNt1nGxMCJHAO/Sn9v+I9rU
-W7HCZ04RTnRp1BXcqDxdwlveDKJRVfiKOSSEOpEXXlexS5R1vikmxrCwK5YVUTkT
-3tgahVtHJkFHnBHBzXyHUDwWahxZaU9TO43z0JFxs0zINWUWppldf0oyWjP1FSrI
-a9tXBs7aoykUY9Av9K0p4UJJU005qzD/tuegZFX34wRETJO0BJnlZHTTZSqLSVX+
-KZg4nPq8Xii1VHta3tgw7up2z1tpepsBerTsRQ1+IDpxLaIxgt9am0hXVTiMLex/
-DD9UvQC/eBUmpmWraK/Mqeq/UrPl+lmeoXsG6LWIvEp9d19rJ/3OhIJf2pDh9dC8
-NzJoNP9qOrDajAwzeeF5dbQxCaG+X8am9s4wryC0p+NrQ0tzv8efey0zBodDIOgo
-F1G7+ADgHy+V565q8sdL52xx0xB9Ty5p9IOfOUbxa3K65TJf/I/QAQjl4LyTbkfr
-kzpYAG2uF55EB3Eq3aMrj47pzZy0ELXXN2qYJ9Oelgl+h6MzYbmd+Wm+A2Cofv3u
-7ANAyjAYN7/Lo3lTFAt7sXAXGKnqw62JNSSMkIqZVrG5dn7Jxj5AJCVyYxTrm6Y+
-DDcblX47XrWxVoVJN/dLJZ8FzWs4o/8w9Yn8U54Ci7F0g+j2f+OpDy9PGFYT9pKw
-xWG8chkYE6QPilEYvdi26ZnZ3u236q9PMtyRP87NmBN2sLkj/rbBTzBxWIaGS+Mt
+jvNTyPaztxPIoAzbdmZnD0Zw2+60tMxNc0GMHNmeOyG25aHP/dT+TWiKFpFVkkkY
+uoCIhYUyw7gmpw+CnRJwWd+ans4nrvAjwy5oWJvarvsyUpjqvnPoIlAqd+d4TDKN
+eESzcI76+gHdisAtCrQD+fGqgTZhli5TgDbnpasL/QnY2qDlutvakkVw7gPXe156
+2Phy8WN+efr65J6wt3K/dj7Datl9u4JeHQK81gYyWBVX+EagEjPGDzkFQCj9Z0q7
+8K3iB5GW1JAqJS0IfZPB40AnSTF/n1TL1SN3qfU3l7hTGNrx9o7580bgDEoAR7pI
+F8eZlS15KHtZmh11AnU1KTKZ6kmgnNqeMTGMN6N0ct2wMKW1dV87eTDlF0oiR2ol
+XwtFgKmrIjfpmzkdWjbJmWnGMjD56KdiFZga/ZyKMsPrVoYLgfJEpn36iQspfygx
+HCGNTf0PjIsjEWU0WyQiF86t+c45W3wNFsv/AxVyfMl+su02yrd6u2ecuQDir3Cs
+b2k8IKtQgVe/NIpEWLKuiHG5oedIPPQyDYK5uq+gHxCGeOoKnWlsWFEHZRiza4X5
+tbgTrJB8Sw0ENWrvVGGmQZN4pSImlsMwzQ2qik5CQ00N1b3+56/obn0z75I3bUSb
+tC5g8DRjl6oclAenNgh/MYMT287y5W2dD4npxHcekX4O3J2CDXNfg4vV2j5GRxtg
+LVJdYE2p7bpYePCDHrYng8b9ubBprx0CrEnkIvvtUjzNPf6VDL0+MBKl+XgR2/nz
+iRqTuZnlGGOyM+KYDwXpgwfs/HfvFGksxTAlO/40GkGh+WGPaIoNyCK0SgQKhyb4
+JIkR0vd2/yLg3lWMJrGwh7A0Gm07Z/781oURP3uWd+PaCOgGcd5ipcAjcEyuxNly
+AthipWqmQWUcbf6Z2N9j3OA22Hv2Uzk8HSfi9VOZtL9svdEEZ0NnOekJgnc6stQp
+bXiknlK/T5WdrWxSyCfgUq68Vf6DFfIRAVuFdJ3WHT2wVXHrDfft6D+Ne/XCxPoE
+8zGmkyusaph33UHQ1oNyUbLbwcDCDSmOo8gYoedD3IwxtMA3wJRugomqosItwV8X
+vkgmcy8eSE/+gZUxJEN2gnLcfKFhCkC80J6oFhmoDD6vuUnPHcFdKZgVPw2rzPk5
+Vb1kX+gpORplYmKpq1vz/ujscL4T0TmYLz02hkIS4edpW55ncTTv7JWefpRiTB1J
+RB3td3me4htqR+YIDWJ+emrOmqsCG2WvpAS+MTw2mj1jYk9LL/ZYobTjSCEWmuwT
+yVK6m303irR7HQDauxhslRFgoK21w63viOyj5NKIU1gQtaAANGDxcgORC1XLjjgt
+oNutSQA+7P42vfHSHK4cnTBXl6V32H/GyVpdHQOZqSrqIjgLmUZodSmRPROxosZF
+a46B1O7m/rJFxkiKW4vod+/WqjoE0Hhfrb8rRrkRjzGeCqqSSnQ3vrunVkvF8hlA
+b6FOv4ZBJL4piC1GKH+rscqke9NEiDqXN8C3iYz86jbck/Ha21yUS8T3X7N52sg+
+B3AmOGnLK6BebYeto9vZxQjacChJZSixSxLV+l9/nVQ0+mW42azHdzk0ru59TGAj
 -----END RSA PRIVATE KEY-----

extra/yassl/include/buffer.hpp

 /*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -48,7 +48,11 @@ const uint AUTO = 0xFEEDBEEF;
 
 
 struct NoCheck {
-    void check(uint, uint);
+    int check(uint, uint);
+};
+
+struct Check {
+    int check(uint, uint);
 };
 
 /* input_buffer operates like a smart c style array with a checking option, 
@@ -60,11 +64,13 @@ struct NoCheck {
  * write to the buffer bulk wise and have the correct size
  */
 
-class input_buffer : public NoCheck {
+class input_buffer : public Check {
     uint   size_;                // number of elements in buffer
     uint   current_;             // current offset position in buffer
     byte*  buffer_;              // storage for buffer
     byte*  end_;                 // end of storage marker
+    int    error_;               // error number
+    byte   zero_;                // for returning const reference to zero byte
 public:
     input_buffer();
 
@@ -93,6 +99,10 @@ public:
 
     uint get_remaining() const;
 
+    int  get_error()     const;
+
+    void set_error();
+
     void set_current(uint i);
 
     // read only access through [], advance current
@@ -103,7 +113,7 @@ public:
     bool eof();
 
     // peek ahead
-    byte peek() const;
+    byte peek();
 
     // write function, should use at/near construction
     void assign(const byte* t, uint s);

extra/yassl/include/openssl/ssl.h

@@ -35,7 +35,7 @@
 #include "rsa.h"
 
 
-#define YASSL_VERSION "2.3.0"
+#define YASSL_VERSION "2.3.4"
 
 
 #if defined(__cplusplus)

extra/yassl/src/buffer.cpp

 /*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -32,8 +32,19 @@ namespace yaSSL {
 
 
 
-void NoCheck::check(uint, uint) 
+/* return 0 on check success, always true for NoCheck policy */
+int NoCheck::check(uint, uint) 
 {
+    return 0;
+}
+
+/* return 0 on check success */
+int Check::check(uint i, uint max) 
+{
+    if (i < max)
+        return 0;
+
+    return -1;
 }
 
 
@@ -48,18 +59,20 @@ void NoCheck::check(uint, uint)
 
 
 input_buffer::input_buffer() 
-    : size_(0), current_(0), buffer_(0), end_(0) 
+    : size_(0), current_(0), buffer_(0), end_(0), error_(0), zero_(0)
 {}
 
 
 input_buffer::input_buffer(uint s) 
-    : size_(0), current_(0), buffer_(NEW_YS byte[s]), end_(buffer_ + s)
+    : size_(0), current_(0), buffer_(NEW_YS byte[s]), end_(buffer_ + s),
+      error_(0), zero_(0)
 {}
 
 
 // with assign
 input_buffer::input_buffer(uint s, const byte* t, uint len) 
-    : size_(0), current_(0), buffer_(NEW_YS byte[s]), end_(buffer_ + s) 
+    : size_(0), current_(0), buffer_(NEW_YS byte[s]), end_(buffer_ + s),
+      error_(0), zero_(0)
 { 
     assign(t, len); 
 }
@@ -74,8 +87,10 @@ input_buffer::~input_buffer()
 // users can pass defualt zero length buffer and then allocate
 void input_buffer::allocate(uint s) 
 { 
-    buffer_ = NEW_YS byte[s];
-    end_ = buffer_ + s; 
+    if (error_ == 0) {
+        buffer_ = NEW_YS byte[s];
+        end_ = buffer_ + s;
+    }
 }
 
 
@@ -90,40 +105,67 @@ byte* input_buffer::get_buffer() const
 // if you know the size before the write use assign()
 void input_buffer::add_size(uint i) 
 { 
-    check(size_ + i-1, get_capacity()); 
-    size_ += i; 
+    if (error_ == 0 && check(size_ + i-1, get_capacity()) == 0)
+        size_ += i;
+    else
+        error_ = -1;
 }
 
 
 uint input_buffer::get_capacity()  const 
 { 
-    return (uint) (end_ - buffer_); 
+    if (error_ == 0)
+        return end_ - buffer_;
+
+    return 0;
 }
 
 
 uint input_buffer::get_current()   const 
 { 
-    return current_; 
+    if (error_ == 0)
+        return current_;
+
+    return 0;
 }
 
 
 uint input_buffer::get_size()      const 
 { 
-    return size_; 
+    if (error_ == 0)
+        return size_;
+
+    return 0;
 }
 
 
 uint input_buffer::get_remaining() const 
 { 
-    return size_ - current_; 
+    if (error_ == 0)
+        return size_ - current_;
+
+    return 0;
+}
+
+
+int input_buffer::get_error() const 
+{ 
+    return error_;
+}
+
+
+void input_buffer::set_error()
+{ 
+    error_ = -1;
 }
 
 
 void input_buffer::set_current(uint i) 
 {
-    if (i)
-        check(i - 1, size_); 
-    current_ = i; 
+    if (error_ == 0 && i && check(i - 1, size_) == 0)
+        current_ = i;
+    else
+        error_ = -1;
 }
 
 
@@ -131,40 +173,59 @@ void input_buffer::set_current(uint i)
 // user passes in AUTO index for ease of use
 const byte& input_buffer::operator[](uint i) 
 {
-    check(current_, size_);
-    return buffer_[current_++];
+    if (error_ == 0 && check(current_, size_) == 0)
+        return buffer_[current_++];
+
+    error_ = -1;
+    return zero_;
 }
 
 
 // end of input test
 bool input_buffer::eof() 
 { 
+    if (error_ != 0)
+        return true;
+
     return current_ >= size_; 
 }
 
 
 // peek ahead
-byte input_buffer::peek() const
+byte input_buffer::peek()
 {
-    return buffer_[current_];
+    if (error_ == 0 && check(current_, size_) == 0)
+        return buffer_[current_];
+
+    error_ = -1;
+    return 0;
 }
 
 
 // write function, should use at/near construction
 void input_buffer::assign(const byte* t, uint s)
 {
-    check(current_, get_capacity());
-    add_size(s);
-    memcpy(&buffer_[current_], t, s);
+    if (t && error_ == 0 && check(current_, get_capacity()) == 0) {
+        add_size(s);
+        if (error_ == 0) {
+            memcpy(&buffer_[current_], t, s);
+            return;  // success
+        }
+    }
+
+    error_ = -1;
 }
 
 
 // use read to query input, adjusts current
 void input_buffer::read(byte* dst, uint length)
 {
-    check(current_ + length - 1, size_);
-    memcpy(dst, &buffer_[current_], length);
-    current_ += length;
+    if (dst && error_ == 0 && check(current_ + length - 1, size_) == 0) {
+        memcpy(dst, &buffer_[current_], length);
+        current_ += length;
+    } else {
+        error_ = -1;
+    }
 }
 
 

extra/yassl/src/handshake.cpp

@@ -522,7 +522,7 @@ void buildSHA_CertVerify(SSL& ssl, byte* digest)
 // some clients still send sslv2 client hello
 void ProcessOldClientHello(input_buffer& input, SSL& ssl)
 {
-    if (input.get_remaining() < 2) {
+    if (input.get_error() || input.get_remaining() < 2) {
         ssl.SetError(bad_input);
         return;
     }
@@ -549,20 +549,24 @@ void ProcessOldClientHello(input_buffer& input, SSL& ssl)
 
     byte len[2];
 
-    input.read(len, sizeof(len));
+    len[0] = input[AUTO];
+    len[1] = input[AUTO];
     ato16(len, ch.suite_len_);
 
-    input.read(len, sizeof(len));
+    len[0] = input[AUTO];
+    len[1] = input[AUTO];
     uint16 sessionLen;
     ato16(len, sessionLen);
     ch.id_len_ = sessionLen;
 
-    input.read(len, sizeof(len));
+    len[0] = input[AUTO];
+    len[1] = input[AUTO];
     uint16 randomLen;
     ato16(len, randomLen);
 
-    if (ch.suite_len_ > MAX_SUITE_SZ || sessionLen > ID_LEN ||
-                                        randomLen > RAN_LEN) {
+    if (input.get_error() || ch.suite_len_ > MAX_SUITE_SZ ||
+                             ch.suite_len_ > input.get_remaining() ||
+                             sessionLen > ID_LEN || randomLen > RAN_LEN) {
         ssl.SetError(bad_input);
         return;
     }
@@ -580,13 +584,12 @@ void ProcessOldClientHello(input_buffer& input, SSL& ssl)
     ch.suite_len_ = j;
 
     if (ch.id_len_)
-        input.read(ch.session_id_, ch.id_len_);
+        input.read(ch.session_id_, ch.id_len_);   // id_len_ from sessionLen
 
     if (randomLen < RAN_LEN)
         memset(ch.random_, 0, RAN_LEN - randomLen);
     input.read(&ch.random_[RAN_LEN - randomLen], randomLen);
  
-
     ch.Process(input, ssl);
 }
 
@@ -787,6 +790,9 @@ int DoProcessReply(SSL& ssl)
             ssl.verifyState(hdr);
         }
 
+        if (ssl.GetError())
+            return 0;
+
         // make sure we have enough input in buffer to process this record
         if (needHdr || hdr.length_ > buffer.get_remaining()) {
             // put header in front for next time processing
@@ -799,6 +805,9 @@ int DoProcessReply(SSL& ssl)
 
         while (buffer.get_current() < hdr.length_ + RECORD_HEADER + offset) {
             // each message in record, can be more than 1 if not encrypted
+            if (ssl.GetError())
+                return 0;
+
             if (ssl.getSecurity().get_parms().pending_ == false) { // cipher on
                 // sanity check for malicious/corrupted/illegal input
                 if (buffer.get_remaining() < hdr.length_) {

extra/yassl/src/yassl_int.cpp

 /*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -2534,8 +2534,9 @@ ASN1_STRING* StringHolder::GetString()
     int DeCompress(input_buffer& in, int sz, input_buffer& out)
     {
         byte tmp[LENGTH_SZ];
-    
-        in.read(tmp, sizeof(tmp));
+   
+        tmp[0] = in[AUTO]; 
+        tmp[1] = in[AUTO]; 
 
         uint16 len;
         ato16(tmp, len);

extra/yassl/taocrypt/include/asn.hpp

 /*
-   Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -111,7 +111,7 @@ enum Constants
     MAX_LENGTH_SZ =  5,    
     MAX_SEQ_SZ    =  5,    // enum(seq|con) + length(4)
     MAX_ALGO_SIZE =  9,
-    MAX_DIGEST_SZ = 25,    // SHA + enum(Bit or Octet) + length(4)
+    MAX_DIGEST_SZ = 69,    // SHA512 + enum(Bit or Octet) + length(4)
     DSA_SIG_SZ    = 40,
     ASN_NAME_MAX  = 512    // max total of all included names
 };
@@ -257,8 +257,11 @@ typedef STL::list<Signer*> SignerList;
 
 
 enum ContentType { HUH = 651 };
-enum SigType  { SHAwDSA = 517, MD2wRSA = 646, MD5wRSA = 648, SHAwRSA =649};
-enum HashType { MD2h = 646, MD5h = 649, SHAh = 88 };
+enum SigType  { SHAwDSA = 517, MD2wRSA = 646, MD5wRSA = 648, SHAwRSA = 649,
+                SHA256wRSA = 655, SHA384wRSA = 656, SHA512wRSA = 657,
+                SHA256wDSA = 416 };
+enum HashType { MD2h = 646, MD5h = 649, SHAh = 88, SHA256h = 414, SHA384h = 415,
+                SHA512h = 416 };
 enum KeyType  { DSAk = 515, RSAk = 645 };     // sums of algo OID
 
 

extra/yassl/taocrypt/include/block.hpp

 /*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -74,7 +74,7 @@ typename A::pointer StdReallocate(A& a, T* p, typename A::size_type oldSize,
     if (preserve) {
         A b = A();
         typename A::pointer newPointer = b.allocate(newSize, 0);
-        memcpy(newPointer, p, sizeof(T) * min((word32) oldSize, (word32) newSize));
+        memcpy(newPointer, p, sizeof(T) * min(oldSize, newSize));
         a.deallocate(p, oldSize);
         STL::swap(a, b);
         return newPointer;
@@ -186,9 +186,9 @@ public:
 
     ~Block() { allocator_.deallocate(buffer_, sz_); }
 private:
+    A      allocator_;
     word32 sz_;     // size in Ts
     T*     buffer_;
-    A      allocator_;
 };
 
 

extra/yassl/taocrypt/include/integer.hpp

 /*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -47,7 +47,7 @@
 
 #ifdef TAOCRYPT_X86ASM_AVAILABLE
     #if defined(__GNUC__) && (__GNUC__ >= 4)
-        // GCC 4 or greater optimizes too much inline on recursive for bigint,
+        // GCC 4 or greater optimizes too much inline on recursive for bigint, 
         // -O3 just as fast without asm here anyway
         #undef TAOCRYPT_X86ASM_AVAILABLE
     #endif

extra/yassl/taocrypt/include/pwdbased.hpp

 /*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -16,6 +16,7 @@
    MA  02110-1301  USA.
 */
 
+
 /* pwdbased.hpp defines PBKDF2 from PKCS #5
 */
 
@@ -48,10 +49,7 @@ word32 PBKDF2_HMAC<T>::DeriveKey(byte* derived, word32 dLen, const byte* pwd,
                                  word32 pLen, const byte* salt, word32 sLen,
                                  word32 iterations) const
 {
-    if (dLen > MaxDerivedKeyLength())
-        return 0;
-
-    if (iterations < 0)
+	if (dLen > MaxDerivedKeyLength())
         return 0;
 
     ByteBlock buffer(T::DIGEST_SIZE);

extra/yassl/taocrypt/include/runtime.hpp

 /*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -34,7 +34,10 @@
 
 // Handler for pure virtual functions
 namespace __Crun {
-    void pure_error(void);
+    static void pure_error(void)
+    {
+       // "Pure virtual method called, Aborted", GCC 4.2 str cmp fix
+    }
 } // namespace __Crun
 
 #endif // __sun
@@ -48,7 +51,15 @@ extern "C" {
 #if defined(DO_TAOCRYPT_KERNEL_MODE)
     #include "kernelc.hpp"
 #endif
-    int __cxa_pure_virtual () __attribute__ ((weak));
+
+/* Disallow inline __cxa_pure_virtual() */
+static int __cxa_pure_virtual() __attribute__((noinline, used));
+static int __cxa_pure_virtual()
+{
+    // oops, pure virtual called!
+    return 0;
+}
+
 } // extern "C"
 
 #endif // __GNUC__ > 2

extra/yassl/taocrypt/include/sha.hpp

 /*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -159,6 +158,12 @@ private:
     void Transform();
 };
 
+enum { MAX_SHA2_DIGEST_SIZE = 64 };   // SHA512
+
+#else
+
+enum { MAX_SHA2_DIGEST_SIZE = 32 };   // SHA256
+
 #endif // WORD64_AVAILABLE
 
 

extra/yassl/taocrypt/src/aes.cpp

 /*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -66,7 +66,7 @@ void AES::Process(byte* out, const byte* in, word32 sz)
                 in  += BLOCK_SIZE;
             }
         }
-    else {
+        else {
             while (blocks--) {
                 AsmDecrypt(in, out, (void*)Td0);
                 
@@ -79,8 +79,8 @@ void AES::Process(byte* out, const byte* in, word32 sz)
                 out += BLOCK_SIZE;
                 in  += BLOCK_SIZE;
             }
-       }
-   }
+        }
+    }
 }
 
 #endif // DO_AES_ASM
@@ -466,14 +466,13 @@ void AES::decrypt(const byte* inBlock, const byte* xorBlock,
             "movd mm7, ebp;" \
             "movd mm4, eax;" \
             "mov  ebp, edx;"  \
-            "sub  esp, 4;"
-
+            "sub  esp, 4;" 
         #define EPILOG()  \
             "add esp, 4;" \
             "pop ebp;" \
             "pop ebx;" \
-                   "emms;" \
-                   ".att_syntax;" \
+       	    "emms;" \
+       	    ".att_syntax;" \
                 : \
                 : "c" (this), "S" (inBlock), "d" (boxes), "a" (outBlock) \
                 : "%edi", "memory", "cc" \
@@ -834,9 +833,9 @@ void AES::AsmEncrypt(const byte* inBlock, byte* outBlock, void* boxes) const
 
 
 #ifdef _MSC_VER
-    __declspec(naked)
+    __declspec(naked) 
 #else
-    __attribute__ ((noinline)) 
+    __attribute__ ((noinline))
 #endif
 void AES::AsmDecrypt(const byte* inBlock, byte* outBlock, void* boxes) const
 {

extra/yassl/taocrypt/src/algebra.cpp

 /*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -186,10 +186,10 @@ Integer AbstractGroup::CascadeScalarMultiply(const Element &x,
 
 struct WindowSlider
 {
-    WindowSlider(const Integer &expIn, bool fastNegateIn,
+    WindowSlider(const Integer &exp, bool fastNegate,
                  unsigned int windowSizeIn=0)
-        : exp(expIn), windowModulus(Integer::One()), windowSize(windowSizeIn),
-          windowBegin(0), fastNegate(fastNegateIn), firstTime(true),
+        : exp(exp), windowModulus(Integer::One()), windowSize(windowSizeIn),
+          windowBegin(0), fastNegate(fastNegate), firstTime(true),
           finished(false)
     {
         if (windowSize == 0)

extra/yassl/taocrypt/src/arc4.cpp

 /*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -121,12 +121,11 @@ void ARC4::AsmProcess(byte* out, const byte* in, word32 length)
         "push ebx;" \
         "push ebp;" \
         "mov ebp, eax;"
-
     #define EPILOG()  \
         "pop ebp;" \
         "pop ebx;" \
-               "emms;" \
-               ".att_syntax;" \
+       	"emms;" \
+       	".att_syntax;" \
             : \
             : "c" (this), "D" (out), "S" (in), "a" (length) \
             : "%edx", "memory", "cc" \
@@ -180,7 +179,7 @@ void ARC4::AsmProcess(byte* out, const byte* in, word32 length)
 #ifdef _MSC_VER
     AS1( loopStart: )  // loopStart
 #else
-    AS1( 0: )          // loopStart for some gas (need numeric for jump back
+    AS1( 0: )          // loopStart for some gas (need numeric for jump back 
 #endif
 
     // y = (y+a) & 0xff;
@@ -232,7 +231,7 @@ void ARC4::AsmProcess(byte* out, const byte* in, word32 length)
 
 AS1( nothing:                           )
 
-    // inline adjust
+    // inline adjust 
     AS2(    add   esp, 4               )   // fix room on stack
 
     EPILOG()

extra/yassl/taocrypt/src/asn.cpp

 /*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
-   Use is subject to license terms.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -761,7 +760,7 @@ void CertDecoder::GetName(NameType nt)
     while (source_.get_index() < length) {
         GetSet();
         if (source_.GetError().What() == SET_E) {
-            source_.SetError(NO_ERROR_E);  // extensions may only have sequence
+            source_.SetError(NO_ERROR_E);  // extensions may only have sequence 
             source_.prev();
         }
         GetSequence();
@@ -832,10 +831,8 @@ void CertDecoder::GetName(NameType nt)
             if (source_.IsLeft(length) == false) return;
 
             if (email) {
-                if (!(ptr = AddTag(ptr, buf_end, "/emailAddress=", 14, length))) {
-                    source_.SetError(CONTENT_E);
-                    return;
-                }
+                if (!(ptr = AddTag(ptr, buf_end, "/emailAddress=", 14, length)))
+                    return; 
             }
 
             source_.advance(length);
@@ -972,12 +969,26 @@ bool CertDecoder::ConfirmSignature(Source& pub)
         hasher.reset(NEW_TC SHA);
         ht = SHAh;
     }
+    else if (signatureOID_ == SHA256wRSA || signatureOID_ == SHA256wDSA) {
+        hasher.reset(NEW_TC SHA256);
+        ht = SHA256h;
+    }
+#ifdef WORD64_AVAILABLE
+    else if (signatureOID_ == SHA384wRSA) {
+        hasher.reset(NEW_TC SHA384);
+        ht = SHA384h;
+    }
+    else if (signatureOID_ == SHA512wRSA) {
+        hasher.reset(NEW_TC SHA512);
+        ht = SHA512h;
+    }
+#endif
     else {
         source_.SetError(UNKOWN_SIG_E);
         return false;
     }
 
-    byte digest[SHA::DIGEST_SIZE];      // largest size
+    byte digest[MAX_SHA2_DIGEST_SIZE];      // largest size
 
     hasher->Update(source_.get_buffer() + certBegin_, sigIndex_ - certBegin_);
     hasher->Final(digest);
@@ -1050,6 +1061,12 @@ word32 DER_Encoder::SetAlgoID(HashType aOID, byte* output)
                                       0x02, 0x05, 0x05, 0x00  };
     static const byte md2AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
                                       0x02, 0x02, 0x05, 0x00};
+    static const byte sha256AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
+                                         0x04, 0x02, 0x01, 0x05, 0x00 };
+    static const byte sha384AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
+                                         0x04, 0x02, 0x02, 0x05, 0x00 };
+    static const byte sha512AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
+                                         0x04, 0x02, 0x03, 0x05, 0x00 };
 
     int algoSz = 0;
     const byte* algoName = 0;
@@ -1060,6 +1077,21 @@ word32 DER_Encoder::SetAlgoID(HashType aOID, byte* output)
         algoName = shaAlgoID;
         break;
 
+    case SHA256h:
+        algoSz = sizeof(sha256AlgoID);
+        algoName = sha256AlgoID;
+        break;
+
+    case SHA384h:
+        algoSz = sizeof(sha384AlgoID);
+        algoName = sha384AlgoID;
+        break;
+
+    case SHA512h:
+        algoSz = sizeof(sha512AlgoID);
+        algoName = sha512AlgoID;
+        break;
+
     case MD2h:
         algoSz = sizeof(md2AlgoID);
         algoName = md2AlgoID;

extra/yassl/taocrypt/src/blowfish.cpp

 /*
-   Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -237,8 +237,8 @@ void Blowfish::ProcessAndXorBlock(const byte* in, const byte* xOr, byte* out)
         #define EPILOG()  \
             "pop ebp;" \
             "pop ebx;" \
-                   "emms;" \
-                   ".att_syntax;" \
+       	    "emms;" \
+       	    ".att_syntax;" \
                 : \
                 : "c" (this), "S" (inBlock), "a" (outBlock) \
                 : "%edi", "%edx", "memory", "cc" \
@@ -291,7 +291,7 @@ void Blowfish::ProcessAndXorBlock(const byte* in, const byte* xOr, byte* out)
 
 
 #ifdef _MSC_VER
-    __declspec(naked)
+    __declspec(naked) 
 #else
     __attribute__ ((noinline))
 #endif

extra/yassl/taocrypt/src/des.cpp

 /*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -642,9 +641,9 @@ void DES_EDE3::ProcessAndXorBlock(const byte* in, const byte* xOr,
 
 
 #ifdef _MSC_VER
-    __declspec(naked)
+    __declspec(naked) 
 #else
-    __attribute__ ((noinline)) 
+    __attribute__ ((noinline))
 #endif
 void DES_EDE3::AsmProcess(const byte* in, byte* out, void* box) const
 {
@@ -664,8 +663,8 @@ void DES_EDE3::AsmProcess(const byte* in, byte* out, void* box) const
     #define EPILOG()  \
         "pop ebp;" \
         "pop ebx;" \
-               "emms;" \
-               ".att_syntax;" \
+       	"emms;" \
+       	".att_syntax;" \
             :  \
             : "d" (this), "S" (in), "a" (box), "c" (out) \
             : "%edi", "memory", "cc" \

extra/yassl/taocrypt/src/integer.cpp

 /*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -56,9 +56,8 @@
     #endif
 #elif defined(_MSC_VER) && defined(_M_IX86)
 /*    #pragma message("You do not seem to have the Visual C++ Processor Pack ")
-     #pragma message("installed, so use of SSE2 intrinsics will be disabled.")
-*/
     #pragma message("installed, so use of SSE2 intrinsics will be disabled.")
+*/
 #elif defined(__GNUC__) && defined(__i386__)
 /*   #warning You do not have GCC 3.3 or later, or did not specify the -msse2 \
              compiler option. Use of SSE2 intrinsics will be disabled.
@@ -282,7 +281,12 @@ DWord() {}
     word GetHighHalfAsBorrow() const {return 0-halfs_.high;}
 
 private:
-    struct dword_struct
+    union
+    {
+    #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE
+        dword whole_;
+    #endif
+        struct
         {
         #ifdef LITTLE_ENDIAN_ORDER
             word low;
@@ -291,14 +295,7 @@ DWord() {}
             word high;
             word low;
         #endif
-    };
-
-    union
-    {
-    #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE
-        dword whole_;
-    #endif
-        struct dword_struct halfs_;
+        } halfs_;
     };
 };
 
@@ -1201,24 +1198,20 @@ class LowLevel : public PentiumOptimized
     #define AS1(x) #x ";"
     #define AS2(x, y) #x ", " #y ";"
     #define AddPrologue \
-        word res; \
         __asm__ __volatile__ \
         ( \
             "push %%ebx;"	/* save this manually, in case of -fPIC */ \
-            "mov %3, %%ebx;" \
+            "mov %2, %%ebx;" \
             ".intel_syntax noprefix;" \
             "push ebp;"
     #define AddEpilogue \
             "pop ebp;" \
             ".att_syntax prefix;" \
             "pop %%ebx;" \
-            "mov %%eax, %0;" \
-                    : "=g" (res) \
+                    : \
                     : "c" (C), "d" (A), "m" (B), "S" (N) \
                     : "%edi", "memory", "cc" \
-        ); \
-        return res;
-
+        );
     #define MulPrologue \
         __asm__ __volatile__ \
         ( \

extra/yassl/taocrypt/src/md5.cpp

 /*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -223,7 +223,7 @@ void MD5::Update(const byte* data, word32 len)
 
 
 #ifdef _MSC_VER
-    __declspec(naked)
+    __declspec(naked) 
 #else
     __attribute__ ((noinline))
 #endif
@@ -242,8 +242,8 @@ void MD5::AsmTransform(const byte* data, word32 times)
     #define EPILOG()  \
         "pop ebp;" \
         "pop ebx;" \
-               "emms;" \
-               ".att_syntax;" \
+       	"emms;" \
+       	".att_syntax;" \
             : \
             : "c" (this), "D" (data), "a" (times) \
             : "%esi", "%edx", "memory", "cc" \
@@ -297,7 +297,7 @@ void MD5::AsmTransform(const byte* data, word32 times)
 #ifdef _MSC_VER
     AS1( loopStart: )  // loopStart
 #else
-    AS1( 0: )          // loopStart for some gas (need numeric for jump back
+    AS1( 0: )          // loopStart for some gas (need numeric for jump back 
 #endif
 
     // set up

extra/yassl/taocrypt/src/misc.cpp

 /*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -84,17 +84,7 @@ namespace STL = STL_NAMESPACE;
 
     }
 
-#ifdef __sun
-
-// Handler for pure virtual functions
-namespace __Crun {
-    void pure_error() {
-    }
-}
-
-#endif
-
-#if defined(__ICC) || defined(__INTEL_COMPILER) || (__GNUC__ > 2)
+#if defined(__ICC) || defined(__INTEL_COMPILER)
 
 extern "C" {
 
@@ -175,6 +165,14 @@ word Crop(word value, unsigned int size)
 
 #ifdef TAOCRYPT_X86ASM_AVAILABLE
 
+#ifndef _MSC_VER
+    static jmp_buf s_env;
+    static void SigIllHandler(int)
+    {
+        longjmp(s_env, 1);
+    }
+#endif
+
 
 bool HaveCpuId()
 {

extra/yassl/taocrypt/src/rabbit.cpp

 /*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
- 
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
+
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; version 2 of the License.
- 
+
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
- 
+
    You should have received a copy of the GNU General Public License
    along with this program; see the file COPYING. If not, write to the
    Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
@@ -236,7 +236,7 @@ void Rabbit::Process(byte* output, const byte* input, word32 msglen)
         NextState(Work);
 
         /* Generate 16 bytes of pseudo-random data */
-        tmp[0] = LITTLE32(workCtx_.x[0] ^ 
+        tmp[0] = LITTLE32(workCtx_.x[0] ^
                   (workCtx_.x[5]>>16) ^ U32V(workCtx_.x[3]<<16));
         tmp[1] = LITTLE32(workCtx_.x[2] ^ 
                   (workCtx_.x[7]>>16) ^ U32V(workCtx_.x[5]<<16));

extra/yassl/taocrypt/src/random.cpp

 /*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -27,6 +27,7 @@
 #include <time.h>
 
 #if defined(_WIN32)
+    #define _WIN32_WINNT 0x0400
     #include <windows.h>
     #include <wincrypt.h>
 #else

extra/yassl/taocrypt/src/ripemd.cpp

 /*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -507,6 +507,8 @@ void RIPEMD160::Transform()
 
 #ifdef _MSC_VER
     __declspec(naked) 
+#else
+    __attribute__ ((noinline))
 #endif
 void RIPEMD160::AsmTransform(const byte* data, word32 times)
 {
@@ -520,12 +522,11 @@ void RIPEMD160::AsmTransform(const byte* data, word32 times)
         ".intel_syntax noprefix;" \
         "push ebx;" \
         "push ebp;"
-
     #define EPILOG()  \
         "pop ebp;" \
         "pop ebx;" \
-               "emms;" \
-               ".att_syntax;" \
+       	"emms;" \
+       	".att_syntax;" \
             : \
             : "c" (this), "D" (data), "d" (times) \
             : "%esi", "%eax", "memory", "cc" \
@@ -571,7 +572,7 @@ void RIPEMD160::AsmTransform(const byte* data, word32 times)
 #ifdef _MSC_VER
     AS1( loopStart: )  // loopStart
 #else
-    AS1( 0: )          // loopStart for some gas (need numeric for jump back
+    AS1( 0: )          // loopStart for some gas (need numeric for jump back 
 #endif
 
     AS2(    movd  mm2, edx              )   // store times_
@@ -830,7 +831,7 @@ void RIPEMD160::AsmTransform(const byte* data, word32 times)
     AS1(    jnz   0b )         // loopStart
 #endif
 
-    // inline adjust
+    // inline adjust 
     AS2(    add   esp, 24               )   // fix room on stack
 
     EPILOG()

extra/yassl/taocrypt/src/sha.cpp

 /*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -776,12 +776,11 @@ void SHA::AsmTransform(const byte* data, word32 times)
         ".intel_syntax noprefix;" \
         "push ebx;" \
         "push ebp;"
-
     #define EPILOG()  \
         "pop ebp;" \
         "pop ebx;" \
-               "emms;" \
-               ".att_syntax;" \
+       	"emms;" \
+       	".att_syntax;" \
             : \
             : "c" (this), "D" (data), "a" (times) \
             : "%esi", "%edx", "memory", "cc" \
@@ -830,7 +829,7 @@ void SHA::AsmTransform(const byte* data, word32 times)
 #ifdef _MSC_VER
     AS1( loopStart: )  // loopStart
 #else
-    AS1( 0: )          // loopStart for some gas (need numeric for jump back
+    AS1( 0: )          // loopStart for some gas (need numeric for jump back 
 #endif
 
     // byte reverse 16 words of input, 4 at a time, put on stack for W[]
@@ -1022,7 +1021,7 @@ void SHA::AsmTransform(const byte* data, word32 times)
     AS1(    jnz   0b )         // loopStart
 #endif
 
-    // inline adjust
+    // inline adjust 
     AS2(    add   esp, 68               )   // fix room on stack
 
     EPILOG()

extra/yassl/taocrypt/src/twofish.cpp

 /*
-   Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -285,12 +285,11 @@ void Twofish::decrypt(const byte* inBlock, const byte* xorBlock,
             "push ebp;" \
             "movd mm3, eax;" \
             "movd mm6, ebp;"
-
         #define EPILOG()  \
             "pop ebp;" \
             "pop ebx;" \
-                   "emms;" \
-                   ".att_syntax;" \
+       	    "emms;" \
+       	    ".att_syntax;" \
                 : \
                 : "D" (this), "S" (inBlock), "a" (outBlock) \
                 : "%ecx", "%edx", "memory", "cc" \
@@ -479,7 +478,7 @@ void Twofish::AsmEncrypt(const byte* inBlock, byte* outBlock) const
     AS2(    movd  ebp, mm6                      )
     AS2(    movd  esi, mm0                      ) // k_
     #ifdef __GNUC__
-       AS2(    movd  edi, mm3                  ) // outBlock
+        AS2(    movd  edi, mm3                  ) // outBlock
     #else
         AS2(    mov   edi, [ebp + 12]           ) // outBlock
     #endif
@@ -500,7 +499,7 @@ void Twofish::AsmEncrypt(const byte* inBlock, byte* outBlock) const
 
 
 #ifdef _MSC_VER
-    __declspec(naked)
+    __declspec(naked) 
 #else
     __attribute__ ((noinline))
 #endif
@@ -551,7 +550,7 @@ void Twofish::AsmDecrypt(const byte* inBlock, byte* outBlock) const
     AS2(    movd  ebp, mm6                      )
     AS2(    movd  esi, mm0                      ) // k_
     #ifdef __GNUC__
-        AS2(    movd   edi, mm3                 ) // outBlock
+        AS2(    movd  edi, mm3                  ) // outBlock
     #else
         AS2(    mov   edi, [ebp + 12]           ) // outBlock
     #endif