diff --git a/config/makefile.conf b/config/makefile.conf
index cc06e97f5..9f9db1330 100644
--- a/config/makefile.conf
+++ b/config/makefile.conf
@@ -81,6 +81,7 @@ else    # Not Win32
 
 CFLAGS += -I$(AXTLS_HOME)/config -I$(AXTLS_HOME)/ssl -I$(AXTLS_HOME)/crypto
 LD=$(CC)
+STRIP=strip
 
 # Solaris
 ifdef CONFIG_PLATFORM_SOLARIS
diff --git a/httpd/Makefile b/httpd/Makefile
index b37c9819b..b8c18d244 100644
--- a/httpd/Makefile
+++ b/httpd/Makefile
@@ -97,7 +97,7 @@ ifndef CONFIG_PLATFORM_WIN32
 $(TARGET): $(OBJ) $(AXTLS_HOME)/$(STAGE)/libaxtls.a
 	$(LD) $(LDFLAGS) -o $@ $(OBJ) $(LIBS)
 ifdef CONFIG_STRIP_UNWANTED_SECTIONS
-	strip --remove-section=.comment $(TARGET)
+	$(STRIP) --remove-section=.comment $(TARGET)
 endif
 
 $(TARGET2): htpasswd.o $(AXTLS_HOME)/$(STAGE)/libaxtls.a
diff --git a/samples/c/Makefile b/samples/c/Makefile
index f0a9d0ec0..17cf9e7c1 100644
--- a/samples/c/Makefile
+++ b/samples/c/Makefile
@@ -61,7 +61,7 @@ ifndef CONFIG_PLATFORM_WIN32
 $(TARGET): $(OBJ) $(LIBS)/libaxtls.a
 	$(LD) $(LDFLAGS) -o $@ $(OBJ) -L$(LIBS) -laxtls 
 ifdef CONFIG_STRIP_UNWANTED_SECTIONS
-	strip --remove-section=.comment $(TARGET)
+	$(STRIP) --remove-section=.comment $(TARGET)
 endif   # use strip
 else    # Win32
 
diff --git a/ssl/tls1_svr.c b/ssl/tls1_svr.c
index 6f5dedddf..45b9bec6a 100644
--- a/ssl/tls1_svr.c
+++ b/ssl/tls1_svr.c
@@ -370,7 +370,7 @@ static int send_server_hello_done(SSL *ssl)
  */
 static int process_client_key_xchg(SSL *ssl)
 {
-    uint8_t *buf = ssl->bm_data;
+    uint8_t *buf = &ssl->bm_data[ssl->dc->bm_proc_index];
     int pkt_size = ssl->bm_index;
     int premaster_size, secret_length = (buf[2] << 8) + buf[3];
     uint8_t premaster_secret[MAX_KEY_BYTE_SIZE];
@@ -384,8 +384,6 @@ static int process_client_key_xchg(SSL *ssl)
         goto error;
     }
 
-    DISPLAY_RSA(ssl, rsa_ctx);
-
     /* is there an extra size field? */
     if ((secret_length - 2) == rsa_ctx->num_octets)
         offset += 2;
@@ -419,6 +417,7 @@ static int process_client_key_xchg(SSL *ssl)
     ssl->next_state = HS_FINISHED; 
 #endif
 error:
+    ssl->dc->bm_proc_index += rsa_ctx->num_octets+offset;
     return ret;
 }
 
@@ -440,7 +439,7 @@ static int send_certificate_request(SSL *ssl)
  */
 static int process_cert_verify(SSL *ssl)
 {
-    uint8_t *buf = ssl->bm_data;
+    uint8_t *buf = &ssl->bm_data[ssl->dc->bm_proc_index];
     int pkt_size = ssl->bm_index;
     uint8_t dgst_buf[MAX_KEY_BYTE_SIZE];
     uint8_t dgst[MD5_SIZE+SHA1_SIZE];
@@ -449,7 +448,6 @@ static int process_cert_verify(SSL *ssl)
     int n;
 
     PARANOIA_CHECK(pkt_size, x509_ctx->rsa_ctx->num_octets+6);
-
     DISPLAY_RSA(ssl, x509_ctx->rsa_ctx);
 
     /* rsa_ctx->bi_ctx is not thread-safe */