Import yaSSL version 1.4.0

extra/yassl/FLOSS-EXCEPTIONS: Import patch yassl.diff extra/yassl/README: Import patch yassl.diff extra/yassl/examples/client/client.cpp: Import patch yassl.diff extra/yassl/examples/echoclient/echoclient.cpp: Import patch yassl.diff extra/yassl/examples/echoserver/echoserver.cpp: Import patch yassl.diff extra/yassl/examples/server/server.cpp: Import patch yassl.diff extra/yassl/include/buffer.hpp: Import patch yassl.diff extra/yassl/include/cert_wrapper.hpp: Import patch yassl.diff extra/yassl/include/crypto_wrapper.hpp: Import patch yassl.diff extra/yassl/include/factory.hpp: Import patch yassl.diff extra/yassl/include/openssl/ssl.h: Import patch yassl.diff extra/yassl/include/socket_wrapper.hpp: Import patch yassl.diff extra/yassl/include/yassl_error.hpp: Import patch yassl.diff extra/yassl/include/yassl_imp.hpp: Import patch yassl.diff extra/yassl/include/yassl_int.hpp: Import patch yassl.diff extra/yassl/include/yassl_types.hpp: Import patch yassl.diff extra/yassl/src/cert_wrapper.cpp: Import patch yassl.diff extra/yassl/src/crypto_wrapper.cpp: Import patch yassl.diff extra/yassl/src/handshake.cpp: Import patch yassl.diff extra/yassl/src/socket_wrapper.cpp: Import patch yassl.diff extra/yassl/src/ssl.cpp: Import patch yassl.diff extra/yassl/src/template_instnt.cpp: Import patch yassl.diff extra/yassl/src/yassl.cpp: Import patch yassl.diff extra/yassl/src/yassl_error.cpp: Import patch yassl.diff extra/yassl/src/yassl_imp.cpp: Import patch yassl.diff extra/yassl/src/yassl_int.cpp: Import patch yassl.diff extra/yassl/taocrypt/COPYING: Import patch yassl.diff extra/yassl/taocrypt/INSTALL: Import patch yassl.diff extra/yassl/taocrypt/README: Import patch yassl.diff extra/yassl/taocrypt/include/asn.hpp: Import patch yassl.diff extra/yassl/taocrypt/include/block.hpp: Import patch yassl.diff extra/yassl/taocrypt/include/blowfish.hpp: Import patch yassl.diff extra/yassl/taocrypt/include/error.hpp: Import patch yassl.diff extra/yassl/taocrypt/include/file.hpp: Import patch yassl.diff extra/yassl/taocrypt/include/integer.hpp: Import patch yassl.diff extra/yassl/taocrypt/include/misc.hpp: Import patch yassl.diff extra/yassl/taocrypt/include/pwdbased.hpp: Import patch yassl.diff extra/yassl/taocrypt/include/twofish.hpp: Import patch yassl.diff extra/yassl/taocrypt/mySTL/algorithm.hpp: Import patch yassl.diff extra/yassl/taocrypt/mySTL/helpers.hpp: Import patch yassl.diff extra/yassl/taocrypt/mySTL/list.hpp: Import patch yassl.diff extra/yassl/taocrypt/mySTL/memory.hpp: Import patch yassl.diff extra/yassl/taocrypt/mySTL/memory_array.hpp: Import patch yassl.diff extra/yassl/taocrypt/mySTL/pair.hpp: Import patch yassl.diff extra/yassl/taocrypt/mySTL/stdexcept.hpp: Import patch yassl.diff extra/yassl/taocrypt/mySTL/vector.hpp: Import patch yassl.diff extra/yassl/taocrypt/src/algebra.cpp: Import patch yassl.diff extra/yassl/taocrypt/src/asn.cpp: Import patch yassl.diff extra/yassl/taocrypt/src/blowfish.cpp: Import patch yassl.diff extra/yassl/taocrypt/src/des.cpp: Import patch yassl.diff extra/yassl/taocrypt/src/dh.cpp: Import patch yassl.diff extra/yassl/taocrypt/src/integer.cpp: Import patch yassl.diff extra/yassl/taocrypt/src/md4.cpp: Import patch yassl.diff extra/yassl/taocrypt/src/md5.cpp: Import patch yassl.diff extra/yassl/taocrypt/src/random.cpp: Import patch yassl.diff extra/yassl/taocrypt/src/ripemd.cpp: Import patch yassl.diff extra/yassl/taocrypt/src/sha.cpp: Import patch yassl.diff extra/yassl/taocrypt/src/template_instnt.cpp: Import patch yassl.diff extra/yassl/testsuite/test.hpp: Import patch yassl.diff BitKeeper/deleted/.del-algorithm.hpp: Delete: extra/yassl/mySTL/algorithm.hpp BitKeeper/deleted/.del-helpers.hpp: Delete: extra/yassl/mySTL/helpers.hpp BitKeeper/deleted/.del-list.hpp: Delete: extra/yassl/mySTL/list.hpp BitKeeper/deleted/.del-pair.hpp: Delete: extra/yassl/mySTL/pair.hpp BitKeeper/deleted/.del-stdexcept.hpp: Delete: extra/yassl/mySTL/stdexcept.hpp BitKeeper/deleted/.del-vector.hpp: Delete: extra/yassl/mySTL/vector.hpp BitKeeper/deleted/.del-memory.hpp: Delete: extra/yassl/mySTL/memory.hpp extra/yassl/Makefile.am: mySTL directory has moved from yassl/ to yassl/taocrypt extra/yassl/src/Makefile.am: mySTL directory has moved from yassl/ to yassl/taocrypt extra/yassl/taocrypt/Makefile.am: mySTL directory has moved from yassl/ to yassl/taocrypt extra/yassl/taocrypt/benchmark/Makefile.am: mySTL directory has moved from yassl/ to yassl/taocrypt extra/yassl/taocrypt/src/Makefile.am: mySTL directory has moved from yassl/ to yassl/taocrypt extra/yassl/taocrypt/src/misc.cpp: Remove the functions CRYPTO_lock and CRYPTO_add_lock as they would collide with OpenSSL functions extra/yassl/taocrypt/test/Makefile.am: mySTL directory has moved from yassl/ to yassl/taocrypt extra/yassl/testsuite/Makefile.am: mySTL directory has moved from yassl/ to yassl/taocrypt
2025-09-02 09:41:40 +03:00 · 2006-09-25 16:40:29 +02:00
parent 24cdd48020
commit 62d2cadb62
67 changed files with 1972 additions and 353 deletions
--- a/extra/yassl/FLOSS-EXCEPTIONS
+++ b/extra/yassl/FLOSS-EXCEPTIONS
@@ -1,7 +1,7 @@
 yaSSL FLOSS License Exception
 ****************************************
-Version 0.1, 26 June 2006
+Version 0.2, 31 August 2006
 The Sawtooth Consulting Ltd. Exception for Free/Libre and Open Source
 Software-only Applications Using yaSSL Libraries (the "FLOSS Exception").
@@ -81,6 +81,7 @@ the GPL:
     Python license (CNRI Python License)               -
     Python Software Foundation License                 2.1.1
     Sleepycat License                                  "1999"
     University of Illinois/NCSA Open Source License    -
     W3C License                                        "2001"
     X11 License                                        "2001"
     Zlib/libpng License                                -
--- a/extra/yassl/Makefile.am
+++ b/extra/yassl/Makefile.am
@@ -1,2 +1,2 @@
 SUBDIRS = taocrypt src testsuite
-EXTRA_DIST = yassl.dsp yassl.dsw $(wildcard mySTL/*.hpp) CMakeLists.txt
+EXTRA_DIST = yassl.dsp yassl.dsw CMakeLists.txt
--- a/extra/yassl/README
+++ b/extra/yassl/README
@@ -1,4 +1,15 @@
-yaSSL Release notes, version 1.3.7 (06/26/06)
+yaSSL Release notes, version 1.4.0 (08/13/06)
    This release of yaSSL contains bug fixes, portability enhancements,
    nonblocking connect and accept, better OpenSSL error mapping, and 
    certificate caching for session resumption.
 See normal  build instructions below under 1.0.6.
 See libcurl build instructions below under 1.3.0.
 ********************yaSSL Release notes, version 1.3.7 (06/26/06)
    This release of yaSSL contains bug fixes, portability enhancements,
--- a/extra/yassl/examples/client/client.cpp
+++ b/extra/yassl/examples/client/client.cpp
@@ -27,7 +27,13 @@ void client_test(void* args)
    SSL_set_fd(ssl, sockfd);
-    if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed");
+    if (SSL_connect(ssl) != SSL_SUCCESS)
    {
        SSL_CTX_free(ctx);
        SSL_free(ssl);
        tcp_close(sockfd);
        err_sys("SSL_connect failed");
    }
    showPeer(ssl);
    const char* cipher = 0;
@@ -39,11 +45,16 @@ void client_test(void* args)
        strncat(list, cipher, strlen(cipher) + 1);
    }
    printf("%s\n", list);
-    printf("Using Cipher Suite %s\n", SSL_get_cipher(ssl));
+    printf("Using Cipher Suite: %s\n", SSL_get_cipher(ssl));
    char msg[] = "hello yassl!";
    if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
    {
        SSL_CTX_free(ctx);
        SSL_free(ssl);
        tcp_close(sockfd);
        err_sys("SSL_write failed");
    }
    char reply[1024];
    reply[SSL_read(ssl, reply, sizeof(reply))] = 0;
@@ -56,22 +67,36 @@ void client_test(void* args)
    SSL_shutdown(ssl);
    SSL_free(ssl);
    tcp_close(sockfd);
 #ifdef TEST_RESUME
    tcp_connect(sockfd);
    SSL_set_fd(sslResume, sockfd);
    SSL_set_session(sslResume, session);
-    if (SSL_connect(sslResume) != SSL_SUCCESS) err_sys("SSL resume failed");
+    if (SSL_connect(sslResume) != SSL_SUCCESS)
    {
        SSL_CTX_free(ctx);
        SSL_free(ssl);
        tcp_close(sockfd);
        err_sys("SSL resume failed");
    }
    showPeer(sslResume);
    if (SSL_write(sslResume, msg, sizeof(msg)) != sizeof(msg))
    {
      SSL_CTX_free(ctx);
      SSL_free(ssl);
      tcp_close(sockfd);
        err_sys("SSL_write failed");
    }
    reply[SSL_read(sslResume, reply, sizeof(reply))] = 0;
    printf("Server response: %s\n", reply);
    SSL_shutdown(sslResume);
    SSL_free(sslResume);
    tcp_close(sockfd);
 #endif // TEST_RESUME
    SSL_CTX_free(ctx);
--- a/extra/yassl/examples/echoclient/echoclient.cpp
+++ b/extra/yassl/examples/echoclient/echoclient.cpp
@@ -41,7 +41,14 @@ void echoclient_test(void* args)
    SSL*        ssl = SSL_new(ctx);
    SSL_set_fd(ssl, sockfd);
-    if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed");
+
    if (SSL_connect(ssl) != SSL_SUCCESS)
    {
        SSL_CTX_free(ctx);
        SSL_free(ssl);
        tcp_close(sockfd);
        err_sys("SSL_connect failed");
    }
    char send[1024];
    char reply[1024];
@@ -50,7 +57,12 @@ void echoclient_test(void* args)
        int sendSz = strlen(send) + 1;
        if (SSL_write(ssl, send, sendSz) != sendSz)
        {
            SSL_CTX_free(ctx);
            SSL_free(ssl);
            tcp_close(sockfd);
            err_sys("SSL_write failed");
        }
        if (strncmp(send, "quit", 4) == 0) {
            fputs("sending server shutdown command: quit!\n", fout);
@@ -63,6 +75,7 @@ void echoclient_test(void* args)
    SSL_CTX_free(ctx);
    SSL_free(ssl);
    tcp_close(sockfd);
    fflush(fout);
    if (inCreated)  fclose(fin);
--- a/extra/yassl/examples/echoserver/echoserver.cpp
+++ b/extra/yassl/examples/echoserver/echoserver.cpp
@@ -67,11 +67,23 @@ THREAD_RETURN YASSL_API echoserver_test(void* args)
        socklen_t   client_len = sizeof(client);
        int         clientfd = accept(sockfd, (sockaddr*)&client,
                                      (ACCEPT_THIRD_T)&client_len);
-        if (clientfd == -1) err_sys("tcp accept failed");
+        if (clientfd == -1)
        {
            SSL_CTX_free(ctx);
            tcp_close(sockfd);
            err_sys("tcp accept failed");
        }
        SSL* ssl = SSL_new(ctx);
        SSL_set_fd(ssl, clientfd);
-        if (SSL_accept(ssl) != SSL_SUCCESS) err_sys("SSL_accept failed");
+        if (SSL_accept(ssl) != SSL_SUCCESS)
        {
            SSL_CTX_free(ctx);
            SSL_free(ssl);
            tcp_close(sockfd);
            tcp_close(clientfd);
            err_sys("SSL_accept failed");
        }
        char command[1024];
        int echoSz(0);
@@ -100,7 +112,14 @@ THREAD_RETURN YASSL_API echoserver_test(void* args)
                echoSz += sizeof(footer);
                if (SSL_write(ssl, command, echoSz) != echoSz)
                {
                    SSL_CTX_free(ctx);
                    SSL_free(ssl);
                    tcp_close(sockfd);
                    tcp_close(clientfd);
                    err_sys("SSL_write failed");
                }
                break;
            }
            command[echoSz] = 0;
@@ -110,16 +129,19 @@ THREAD_RETURN YASSL_API echoserver_test(void* args)
        #endif
            if (SSL_write(ssl, command, echoSz) != echoSz)
            {
                SSL_CTX_free(ctx);
                SSL_free(ssl);
                tcp_close(sockfd);
                tcp_close(clientfd);
                err_sys("SSL_write failed");
        }
        }
        SSL_free(ssl);
        tcp_close(clientfd);
    }
-#ifdef _WIN32
+    tcp_close(sockfd);
    closesocket(sockfd);
 #else
    close(sockfd);
 #endif
    DH_free(dh);
    SSL_CTX_free(ctx);
--- a/extra/yassl/examples/server/server.cpp
+++ b/extra/yassl/examples/server/server.cpp
@@ -19,11 +19,7 @@ THREAD_RETURN YASSL_API server_test(void* args)
    set_args(argc, argv, *static_cast<func_args*>(args));
    tcp_accept(sockfd, clientfd, *static_cast<func_args*>(args));
-#ifdef _WIN32
+    tcp_close(sockfd);
    closesocket(sockfd);
 #else
    close(sockfd);
 #endif
    SSL_METHOD* method = TLSv1_server_method();
    SSL_CTX*    ctx = SSL_CTX_new(method);
@@ -36,9 +32,17 @@ THREAD_RETURN YASSL_API server_test(void* args)
    SSL* ssl = SSL_new(ctx);
    SSL_set_fd(ssl, clientfd);
-    if (SSL_accept(ssl) != SSL_SUCCESS) err_sys("SSL_accept failed");
+    if (SSL_accept(ssl) != SSL_SUCCESS)
    {
        SSL_CTX_free(ctx);
        SSL_free(ssl);
        tcp_close(sockfd);
        tcp_close(clientfd);
        err_sys("SSL_accept failed");
    }
    showPeer(ssl);
-    printf("Using Cipher Suite %s\n", SSL_get_cipher(ssl));
+    printf("Using Cipher Suite: %s\n", SSL_get_cipher(ssl));
    char command[1024];
    command[SSL_read(ssl, command, sizeof(command))] = 0;
@@ -46,12 +50,20 @@ THREAD_RETURN YASSL_API server_test(void* args)
    char msg[] = "I hear you, fa shizzle!";
    if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
    {
        SSL_CTX_free(ctx);
        SSL_free(ssl);
        tcp_close(sockfd);
        tcp_close(clientfd);
        err_sys("SSL_write failed"); 
    }
    DH_free(dh);
    SSL_CTX_free(ctx);
    SSL_free(ssl);
    tcp_close(clientfd);
    ((func_args*)args)->return_code = 0;
    return 0;
 }
--- a/extra/yassl/include/buffer.hpp
+++ b/extra/yassl/include/buffer.hpp
@@ -34,7 +34,10 @@
 #include <assert.h>             // assert
 #include "yassl_types.hpp"      // ysDelete
 #include "memory.hpp"           // mySTL::auto_ptr
-#include "algorithm.hpp"        // mySTL::swap
+#include STL_ALGORITHM_FILE
 namespace STL = STL_NAMESPACE;
 #ifdef _MSC_VER
@@ -199,7 +202,7 @@ struct del_ptr_zero
    void operator()(T*& p) const
    {
        T* tmp = 0;
-        mySTL::swap(tmp, p);
+        STL::swap(tmp, p);
        checked_delete(tmp); 
    }
 };
--- a/extra/yassl/include/cert_wrapper.hpp
+++ b/extra/yassl/include/cert_wrapper.hpp
@@ -41,8 +41,12 @@
 #include "yassl_types.hpp"  // SignatureAlgorithm
 #include "buffer.hpp"       // input_buffer
 #include "asn.hpp"          // SignerList
-#include "list.hpp"         // mySTL::list
+#include STL_LIST_FILE
-#include "algorithm.hpp"    // mySTL::for_each
+#include STL_ALGORITHM_FILE
 namespace STL = STL_NAMESPACE;
 namespace yaSSL {
@@ -72,7 +76,7 @@ private:
 // Certificate Manager keeps a list of the cert chain and public key
 class CertManager {
-    typedef mySTL::list<x509*> CertList;
+    typedef STL::list<x509*> CertList;
    CertList     list_;                 // self      
    input_buffer privateKey_;
@@ -120,6 +124,7 @@ public:
    void setVerifyNone();
    void setFailNoCert();
    void setSendVerify();
    void setPeerX509(X509*);
 private:
    CertManager(const CertManager&);            // hide copy
    CertManager& operator=(const CertManager&); // and assign
--- a/extra/yassl/include/crypto_wrapper.hpp
+++ b/extra/yassl/include/crypto_wrapper.hpp
@@ -416,7 +416,17 @@ private:
 class x509;
-x509* PemToDer(FILE*, CertType);
+struct EncryptedInfo {
    enum { IV_SZ = 32, NAME_SZ = 80 };
    char  name[NAME_SZ]; // max one line
    byte  iv[IV_SZ];     // in base16 rep
    uint  ivSz;
    bool  set;
    EncryptedInfo() : ivSz(0), set(false) {}
 };
 x509* PemToDer(FILE*, CertType, EncryptedInfo* info = 0);
 } // naemspace
--- a/extra/yassl/include/factory.hpp
+++ b/extra/yassl/include/factory.hpp
@@ -35,10 +35,12 @@
 #ifndef yaSSL_FACTORY_HPP
 #define yaSSL_FACTORY_HPP
-#include "vector.hpp"
+#include STL_VECTOR_FILE
-#include "pair.hpp"
+#include STL_PAIR_FILE
 namespace STL = STL_NAMESPACE;
 // VC60 workaround: it doesn't allow typename in some places
 #if defined(_MSC_VER) && (_MSC_VER < 1300)
@@ -58,8 +60,8 @@ template<class    AbstractProduct,
         typename ProductCreator = AbstractProduct* (*)()
        >
 class Factory {                                             
-    typedef mySTL::pair<IdentifierType, ProductCreator> CallBack;
+    typedef STL::pair<IdentifierType, ProductCreator> CallBack;
-    typedef mySTL::vector<CallBack> CallBackVector;
+    typedef STL::vector<CallBack> CallBackVector;
    CallBackVector callbacks_;
 public:
@@ -79,14 +81,16 @@ public:
    // register callback
    void Register(const IdentifierType& id, ProductCreator pc)
    {
-        callbacks_.push_back(mySTL::make_pair(id, pc));
+        callbacks_.push_back(STL::make_pair(id, pc));
    }
    // THE Creator, returns a new object of the proper type or 0
    AbstractProduct* CreateObject(const IdentifierType& id) const
    {
-        const CallBack* first = callbacks_.begin();
+        typedef typename STL::vector<CallBack>::const_iterator cIter;
-        const CallBack* last  = callbacks_.end();
+        
        cIter first = callbacks_.begin();
        cIter last  = callbacks_.end();
        while (first != last) {
            if (first->first == id)
--- a/extra/yassl/include/openssl/ssl.h
+++ b/extra/yassl/include/openssl/ssl.h
@@ -41,7 +41,7 @@
 #include "rsa.h"
-#define YASSL_VERSION "1.3.7"
+#define YASSL_VERSION "1.4.2"
 #if defined(__cplusplus)
@@ -505,6 +505,8 @@ ASN1_TIME* X509_get_notAfter(X509* x);
 #define V_ASN1_UTF8STRING 12
 #define GEN_DNS            2
 #define CERTFICATE_ERROR 0x14090086  /* SSLv3 error */
 typedef struct MD4_CTX {
    int buffer[32];      /* big enough to hold, check size in Init */
--- a/extra/yassl/include/socket_wrapper.hpp
+++ b/extra/yassl/include/socket_wrapper.hpp
@@ -71,6 +71,7 @@ typedef unsigned char byte;
 class Socket {
    socket_t socket_;                    // underlying socket descriptor
    bool     wouldBlock_;                // for non-blocking data
    bool     blocking_;                  // is option set
 public:
    explicit Socket(socket_t s = INVALID_SOCKET);
    ~Socket();
@@ -84,6 +85,7 @@ public:
    bool wait();
    bool WouldBlock() const;
    bool IsBlocking() const;
    void closeSocket();
    void shutDown(int how = SD_SEND);
--- a/extra/yassl/include/yassl_error.hpp
+++ b/extra/yassl/include/yassl_error.hpp
@@ -54,7 +54,11 @@ enum YasslError {
    verify_error        = 112,
    send_error          = 113,
    receive_error       = 114,
-    certificate_error   = 115
+    certificate_error   = 115,
    privateKey_error    = 116,
    badVersion_error    = 117
    // !!!! add error message to .cpp !!!!
    // 1000+ from TaoCrypt error.hpp
--- a/extra/yassl/include/yassl_imp.hpp
+++ b/extra/yassl/include/yassl_imp.hpp
@@ -39,7 +39,10 @@
 #include "yassl_types.hpp"
 #include "factory.hpp"
-#include "list.hpp"         // mySTL::list
+#include STL_LIST_FILE
 namespace STL = STL_NAMESPACE;
 namespace yaSSL {
@@ -427,7 +430,7 @@ private:
 class CertificateRequest : public HandShakeBase  {
    ClientCertificateType         certificate_types_[CERT_TYPES];
    int                           typeTotal_;
-    mySTL::list<DistinguishedName>  certificate_authorities_;
+    STL::list<DistinguishedName>  certificate_authorities_;
 public:
    CertificateRequest();
    ~CertificateRequest();
--- a/extra/yassl/include/yassl_int.hpp
+++ b/extra/yassl/include/yassl_int.hpp
@@ -40,6 +40,13 @@
 #include "lock.hpp"
 #include "openssl/ssl.h"  // ASN1_STRING and DH
 #ifdef _POSIX_THREADS
    #include <pthread.h>
 #endif
 namespace STL = STL_NAMESPACE;
 namespace yaSSL {
@@ -80,12 +87,35 @@ enum ServerState {
 };
 // client connect state for nonblocking restart
 enum ConnectState {
    CONNECT_BEGIN = 0,
    CLIENT_HELLO_SENT,
    FIRST_REPLY_DONE,
    FINISHED_DONE,
    SECOND_REPLY_DONE
 };
 // server accpet state for nonblocking restart
 enum AcceptState {
    ACCEPT_BEGIN = 0,
    ACCEPT_FIRST_REPLY_DONE,
    SERVER_HELLO_DONE,
    ACCEPT_SECOND_REPLY_DONE,
    ACCEPT_FINISHED_DONE,
    ACCEPT_THIRD_REPLY_DONE
 };
 // combines all states
 class States {
    RecordLayerState recordLayer_;
    HandShakeState   handshakeLayer_;
    ClientState      clientState_;
    ServerState      serverState_;
    ConnectState     connectState_;
    AcceptState      acceptState_;
    char             errorString_[MAX_ERROR_SZ];
    YasslError       what_;
 public:
@@ -95,6 +125,8 @@ public:
    const HandShakeState&   getHandShake() const;
    const ClientState&      getClient()    const;
    const ServerState&      getServer()    const;
    const ConnectState&     GetConnect()   const;
    const AcceptState&      GetAccept()    const;
    const char*             getString()    const;
          YasslError        What()         const;
@@ -102,6 +134,8 @@ public:
    HandShakeState&   useHandShake();
    ClientState&      useClient();
    ServerState&      useServer();
    ConnectState&     UseConnect();
    AcceptState&      UseAccept();
    char*             useString();
    void              SetError(YasslError);
 private:
@@ -142,8 +176,9 @@ public:
    X509_NAME(const char*, size_t sz);
    ~X509_NAME();
-    char* GetName();
+    const char*  GetName() const;
    ASN1_STRING* GetEntry(int i);
    size_t       GetLength() const;
 private:
    X509_NAME(const X509_NAME&);                // hide copy
    X509_NAME& operator=(const X509_NAME&);     // and assign
@@ -157,6 +192,9 @@ public:
    ~StringHolder();
    ASN1_STRING* GetString();
 private:
    StringHolder(const StringHolder&);                // hide copy
    StringHolder& operator=(const StringHolder&);     // and assign
 };
@@ -176,6 +214,7 @@ public:
    ASN1_STRING* GetBefore();
    ASN1_STRING* GetAfter();
 private:
    X509(const X509&);              // hide copy
    X509& operator=(const X509&);   // and assign
@@ -202,6 +241,7 @@ class SSL_SESSION {
    uint        bornOn_;                        // create time in seconds
    uint        timeout_;                       // timeout in seconds
    RandomPool& random_;                        // will clean master secret
    X509*       peerX509_;
 public:
    explicit SSL_SESSION(RandomPool&);
    SSL_SESSION(const SSL&, RandomPool&);
@@ -212,17 +252,20 @@ public:
    const Cipher* GetSuite()   const;
          uint    GetBornOn()  const;
          uint    GetTimeOut() const;
          X509*   GetPeerX509() const;
          void    SetTimeOut(uint);
    SSL_SESSION& operator=(const SSL_SESSION&); // allow assign for resumption
 private:
    SSL_SESSION(const SSL_SESSION&);            // hide copy
    void CopyX509(X509*);
 };
 // holds all sessions
 class Sessions {
-    mySTL::list<SSL_SESSION*> list_;
+    STL::list<SSL_SESSION*> list_;
    RandomPool random_;                 // for session cleaning
    Mutex      mutex_;                  // no-op for single threaded
@@ -241,8 +284,42 @@ private:
 };
 #ifdef _POSIX_THREADS
    typedef pthread_t THREAD_ID_T;
 #else
    typedef DWORD     THREAD_ID_T;
 #endif
 // thread error data
 struct ThreadError {
    THREAD_ID_T threadID_;
    int         errorID_;
 };
 // holds all errors
 class Errors {
    STL::list<ThreadError> list_;
    Mutex                  mutex_;
    Errors() {}                         // only GetErrors can create
 public:
    int  Lookup(bool peek);             // self lookup
    void Add(int);              
    void Remove();                      // remove self
    ~Errors() {}
    friend Errors& GetErrors(); // singleton creator
 private:
    Errors(const Errors&);              // hide copy
    Errors& operator=(const Errors);    // and assign
 };
 Sessions&   GetSessions();      // forward singletons
 sslFactory& GetSSL_Factory();
 Errors&     GetErrors();
 // openSSL method and context types
@@ -252,8 +329,10 @@ class SSL_METHOD {
    bool            verifyPeer_;    // request or send certificate
    bool            verifyNone_;    // whether to verify certificate
    bool            failNoCert_;
    bool            multipleProtocol_;  // for SSLv23 compatibility
 public:
-    explicit SSL_METHOD(ConnectionEnd ce, ProtocolVersion pv);
+    SSL_METHOD(ConnectionEnd ce, ProtocolVersion pv,
               bool multipleProtocol = false);
    ProtocolVersion getVersion() const;
    ConnectionEnd   getSide()    const;
@@ -265,6 +344,7 @@ public:
    bool verifyPeer() const;
    bool verifyNone() const;
    bool failNoCert() const;
    bool multipleProtocol() const;
 private:
    SSL_METHOD(const SSL_METHOD&);              // hide copy
    SSL_METHOD& operator=(const SSL_METHOD&);   // and assign
@@ -334,7 +414,7 @@ private:
 // the SSL context
 class SSL_CTX {
 public:
-    typedef mySTL::list<x509*> CertList;
+    typedef STL::list<x509*> CertList;
 private:
    SSL_METHOD* method_;
    x509*       certificate_;
@@ -342,6 +422,8 @@ private:
    CertList    caList_;
    Ciphers     ciphers_;
    DH_Parms    dhParms_;
    pem_password_cb passwordCb_;
    void*           userData_;
    Stats       stats_;
    Mutex       mutex_;         // for Stats
 public:
@@ -354,12 +436,16 @@ public:
    const Ciphers&    GetCiphers()  const;
    const DH_Parms&   GetDH_Parms() const;
    const Stats&      GetStats()    const;
    pem_password_cb   GetPasswordCb() const;
          void*       GetUserData()   const;
    void setVerifyPeer();
    void setVerifyNone();
    void setFailNoCert();
    bool SetCipherList(const char*);
    bool SetDH(const DH&);
    void SetPasswordCb(pem_password_cb cb);
    void SetUserData(void*);
    void            IncrementStats(StatsField);
    void            AddCA(x509* ca);
@@ -434,13 +520,14 @@ private:
 // holds input and output buffers
 class Buffers {
 public: 
-    typedef mySTL::list<input_buffer*>  inputList;
+    typedef STL::list<input_buffer*>  inputList;
-    typedef mySTL::list<output_buffer*> outputList;
+    typedef STL::list<output_buffer*> outputList;
 private:
    inputList  dataList_;                // list of users app data / handshake
    outputList handShakeList_;           // buffered handshake msgs
    input_buffer* rawInput_;             // buffered raw input yet to process
 public:
-    Buffers() {}
+    Buffers();
    ~Buffers();
    const inputList&  getData()      const;
@@ -448,6 +535,9 @@ public:
    inputList&  useData();
    outputList& useHandShake();
    void          SetRawInput(input_buffer*);  // takes ownership
    input_buffer* TakeRawInput();              // takes ownership 
 private:
    Buffers(const Buffers&);             // hide copy
    Buffers& operator=(const Buffers&); // and assign   
@@ -502,6 +592,7 @@ public:
    const sslFactory& getFactory()  const;
    const Socket&     getSocket()   const;
          YasslError  GetError()    const;
          bool        GetMultiProtocol() const;
    Crypto&    useCrypto();
    Security&  useSecurity();
@@ -509,6 +600,7 @@ public:
    sslHashes& useHashes();
    Socket&    useSocket();
    Log&       useLog();
    Buffers&   useBuffers();
    // sets
    void set_pending(Cipher suite);
--- a/extra/yassl/include/yassl_types.hpp
+++ b/extra/yassl/include/yassl_types.hpp
@@ -38,6 +38,8 @@
 namespace yaSSL {
 #define YASSL_LIB
 #ifdef YASSL_PURE_C
@@ -76,7 +78,7 @@ namespace yaSSL {
    ::operator delete[](ptr, yaSSL::ys);
    }
-    #define NEW_YS new (ys) 
+    #define NEW_YS new (yaSSL::ys)
    // to resolve compiler generated operator delete on base classes with
    // virtual destructors (when on stack), make sure doesn't get called
@@ -122,6 +124,39 @@ typedef opaque byte;
 typedef unsigned int uint;
 #ifdef USE_SYS_STL
    // use system STL
    #define STL_VECTOR_FILE    <vector>
    #define STL_LIST_FILE      <list>
    #define STL_ALGORITHM_FILE <algorithm>
    #define STL_MEMORY_FILE    <memory>
    #define STL_PAIR_FILE      <utility>
    #define STL_NAMESPACE       std
 #else
    // use mySTL
    #define STL_VECTOR_FILE    "vector.hpp"
    #define STL_LIST_FILE      "list.hpp"
    #define STL_ALGORITHM_FILE "algorithm.hpp"
    #define STL_MEMORY_FILE    "memory.hpp"
    #define STL_PAIR_FILE      "pair.hpp"
    #define STL_NAMESPACE       mySTL
 #endif
 #ifdef min
    #undef min
 #endif 
 template <typename T>
 T min(T a, T b)
 {
    return a < b ? a : b;
 }
 // all length constants in bytes
 const int ID_LEN            =  32;  // session id length
 const int SUITE_LEN         =   2;  // cipher suite length
@@ -163,6 +198,7 @@ const int DES_BLOCK         =   8;  // DES is always fixed block size 8
 const int DES_IV_SZ         = DES_BLOCK;    // Init Vector length for DES
 const int RC4_KEY_SZ        =  16;  // RC4 Key length
 const int AES_128_KEY_SZ    =  16;  // AES 128bit Key length
 const int AES_192_KEY_SZ    =  24;  // AES 192bit Key length
 const int AES_256_KEY_SZ    =  32;  // AES 256bit Key length
 const int AES_BLOCK_SZ      =  16;  // AES 128bit block size, rfc 3268
 const int AES_IV_SZ         = AES_BLOCK_SZ; // AES Init Vector length
--- a/extra/yassl/src/Makefile.am
+++ b/extra/yassl/src/Makefile.am
@@ -1,4 +1,4 @@
-INCLUDES = -I../include -I../taocrypt/include -I../mySTL
+INCLUDES = -I../include -I../taocrypt/include -I../taocrypt/mySTL
 noinst_LTLIBRARIES = libyassl.la
 libyassl_la_SOURCES = buffer.cpp cert_wrapper.cpp crypto_wrapper.cpp \
--- a/extra/yassl/src/cert_wrapper.cpp
+++ b/extra/yassl/src/cert_wrapper.cpp
@@ -63,8 +63,8 @@ x509::x509(const x509& that) : length_(that.length_),
 void x509::Swap(x509& that)
 {
-    mySTL::swap(length_, that.length_);
+    STL::swap(length_, that.length_);
-    mySTL::swap(buffer_, that.buffer_);
+    STL::swap(buffer_, that.buffer_);
 }
@@ -105,11 +105,11 @@ CertManager::~CertManager()
 {
    ysDelete(peerX509_);
-    mySTL::for_each(signers_.begin(), signers_.end(), del_ptr_zero()) ;
+    STL::for_each(signers_.begin(), signers_.end(), del_ptr_zero()) ;
-    mySTL::for_each(peerList_.begin(), peerList_.end(), del_ptr_zero()) ;
+    STL::for_each(peerList_.begin(), peerList_.end(), del_ptr_zero()) ;
-    mySTL::for_each(list_.begin(), list_.end(), del_ptr_zero()) ;
+    STL::for_each(list_.begin(), list_.end(), del_ptr_zero()) ;
 }
@@ -242,7 +242,7 @@ uint CertManager::get_privateKeyLength() const
 // Validate the peer's certificate list, from root to peer (last to first)
 int CertManager::Validate()
 {
-    CertList::iterator last  = peerList_.rbegin();  // fix this
+    CertList::reverse_iterator last = peerList_.rbegin();
    int count = peerList_.size();
    while ( count > 1 ) {
@@ -255,7 +255,7 @@ int CertManager::Validate()
        const TaoCrypt::PublicKey& key = cert.GetPublicKey();
        signers_.push_back(NEW_YS TaoCrypt::Signer(key.GetKey(), key.size(),
                                        cert.GetCommonName(), cert.GetHash()));
-        --last;
+        ++last;
        --count;
    }
@@ -310,6 +310,23 @@ int CertManager::SetPrivateKey(const x509& key)
 }
 // Store OpenSSL type peer's cert
 void CertManager::setPeerX509(X509* x)
 {
    assert(peerX509_ == 0);
    if (x == 0) return;
    X509_NAME* issuer   = x->GetIssuer();
    X509_NAME* subject  = x->GetSubject();
    ASN1_STRING* before = x->GetBefore();
    ASN1_STRING* after  = x->GetAfter();
    peerX509_ = NEW_YS X509(issuer->GetName(), issuer->GetLength(),
        subject->GetName(), subject->GetLength(), (const char*) before->data,
        before->length, (const char*) after->data, after->length);
 }
 #if defined(USE_CML_LIB)
 // Get the peer's certificate, extract and save public key
--- a/extra/yassl/src/crypto_wrapper.cpp
+++ b/extra/yassl/src/crypto_wrapper.cpp
@@ -908,7 +908,7 @@ void DiffieHellman::get_parms(byte* bp, byte* bg, byte* bpub) const
 // convert PEM file to DER x509 type
-x509* PemToDer(FILE* file, CertType type)
+x509* PemToDer(FILE* file, CertType type, EncryptedInfo* info)
 {
    using namespace TaoCrypt;
@@ -935,6 +935,37 @@ x509* PemToDer(FILE* file, CertType type)
            break;
        }
    // remove encrypted header if there
    if (fgets(line, sizeof(line), file)) {
        char encHeader[] = "Proc-Type";
        if (strncmp(encHeader, line, strlen(encHeader)) == 0 &&
            fgets(line,sizeof(line), file)) {
            char* start  = strstr(line, "DES");
            char* finish = strstr(line, ",");
            if (!start)
                start    = strstr(line, "AES");
            if (!info) return 0;
            if ( start && finish && (start < finish)) {
                memcpy(info->name, start, finish - start);
                info->name[finish - start] = 0;
                memcpy(info->iv, finish + 1, sizeof(info->iv));
                char* newline = strstr(line, "\r");
                if (!newline) newline = strstr(line, "\n");
                if (newline && (newline > finish)) {
                    info->ivSz = newline - (finish + 1);
                    info->set = true;
                }
            }
            fgets(line,sizeof(line), file); // get blank line
            begin = ftell(file);
        }
    }
    while(fgets(line, sizeof(line), file))
        if (strncmp(footer, line, strlen(footer)) == 0) {
            foundEnd = true;
@@ -956,7 +987,7 @@ x509* PemToDer(FILE* file, CertType type)
    Base64Decoder b64Dec(der);
    uint sz = der.size();
-    mySTL::auto_ptr<x509> x(NEW_YS x509(sz), ysDelete);
+    mySTL::auto_ptr<x509> x(NEW_YS x509(sz));
    memcpy(x->use_buffer(), der.get_buffer(), sz);
    return x.release();
--- a/extra/yassl/src/handshake.cpp
+++ b/extra/yassl/src/handshake.cpp
@@ -37,7 +37,6 @@
 namespace yaSSL {
 using mySTL::min;
 // Build a client hello message from cipher suites and compression method
@@ -363,7 +362,7 @@ void p_hash(output_buffer& result, const output_buffer& secret,
    uint   lastLen = result.get_capacity() % len;
    opaque previous[SHA_LEN];  // max size
    opaque current[SHA_LEN];   // max size
-    mySTL::auto_ptr<Digest> hmac(ysDelete);
+    mySTL::auto_ptr<Digest> hmac;
    if (lastLen) times += 1;
@@ -582,7 +581,7 @@ void hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz,
 void TLS_hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz,
              ContentType content, bool verify)
 {
-    mySTL::auto_ptr<Digest> hmac(ysDelete);
+    mySTL::auto_ptr<Digest> hmac;
    opaque seq[SEQ_SZ] = { 0x00, 0x00, 0x00, 0x00 };
    opaque length[LENGTH_SZ];
    opaque inner[SIZEOF_ENUM + VERSION_SZ + LENGTH_SZ]; // type + version + len
@@ -660,25 +659,25 @@ void build_certHashes(SSL& ssl, Hashes& hashes)
-// do process input requests
+// do process input requests, return 0 is done, 1 is call again to complete
-mySTL::auto_ptr<input_buffer>
+int DoProcessReply(SSL& ssl)
 DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered)
 {
    // wait for input if blocking
    if (!ssl.useSocket().wait()) {
      ssl.SetError(receive_error);
-        buffered.reset(0);
+        return 0;
        return buffered;
    }
    uint ready = ssl.getSocket().get_ready();
-    if (!ready) return buffered; 
+    if (!ready) return 1; 
    // add buffered data if its there
-    uint buffSz = buffered.get() ? buffered.get()->get_size() : 0;
+    input_buffer* buffered = ssl.useBuffers().TakeRawInput();
    uint buffSz = buffered ? buffered->get_size() : 0;
    input_buffer buffer(buffSz + ready);
    if (buffSz) {
-        buffer.assign(buffered.get()->get_buffer(), buffSz);
+        buffer.assign(buffered->get_buffer(), buffSz);
-        buffered.reset(0);
+        ysDelete(buffered);
        buffered = 0;
    }
    // add new data
@@ -692,10 +691,8 @@ DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered)
                  ssl.getStates().getServer() == clientNull) 
        if (buffer.peek() != handshake) {
            ProcessOldClientHello(buffer, ssl);
-            if (ssl.GetError()) {
+            if (ssl.GetError())
-                buffered.reset(0);
+                return 0;
                return buffered;
            }
        }
    while(!buffer.eof()) {
@@ -715,31 +712,28 @@ DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered)
            // put header in front for next time processing
            uint extra = needHdr ? 0 : RECORD_HEADER;
            uint sz = buffer.get_remaining() + extra;
-            buffered.reset(NEW_YS input_buffer(sz, buffer.get_buffer() +
+            ssl.useBuffers().SetRawInput(NEW_YS input_buffer(sz,
-                           buffer.get_current() - extra, sz));
+                      buffer.get_buffer() + buffer.get_current() - extra, sz));
-            break;
+            return 1;
        }
        while (buffer.get_current() < hdr.length_ + RECORD_HEADER + offset) {
            // each message in record, can be more than 1 if not encrypted
            if (ssl.getSecurity().get_parms().pending_ == false) // cipher on
                decrypt_message(ssl, buffer, hdr.length_);
-            mySTL::auto_ptr<Message> msg(mf.CreateObject(hdr.type_), ysDelete);
+            mySTL::auto_ptr<Message> msg(mf.CreateObject(hdr.type_));
            if (!msg.get()) {
                ssl.SetError(factory_error);
-                buffered.reset(0);
+                return 0;
                return buffered;
            }
            buffer >> *msg;
            msg->Process(buffer, ssl);
-            if (ssl.GetError()) {
+            if (ssl.GetError())
-                buffered.reset(0);
+                return 0;
                return buffered;
            }
        }
        offset += hdr.length_ + RECORD_HEADER;
    }
-    return buffered;
+    return 0;
 }
@@ -747,16 +741,17 @@ DoProcessReply(SSL& ssl, mySTL::auto_ptr<input_buffer> buffered)
 void processReply(SSL& ssl)
 {
    if (ssl.GetError()) return;
    mySTL::auto_ptr<input_buffer> buffered(ysDelete);
-    for (;;) {
+    if (DoProcessReply(ssl))
-        mySTL::auto_ptr<input_buffer> tmp(DoProcessReply(ssl, buffered));
+        // didn't complete process
-        if (tmp.get())      // had only part of a record's data, call again
+        if (!ssl.getSocket().IsBlocking()) {
-            buffered = tmp;
+            // keep trying now
-        else
+            while (!ssl.GetError())
-            break;
+                if (DoProcessReply(ssl) == 0) break;
        if (ssl.GetError()) return;
    }
        else
            // user will have try again later
            ssl.SetError(YasslError(SSL_ERROR_WANT_READ));
 }
@@ -793,7 +788,7 @@ void sendClientKeyExchange(SSL& ssl, BufferOutput buffer)
    RecordLayerHeader rlHeader;
    HandShakeHeader   hsHeader;
-    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
+    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
    buildHeaders(ssl, hsHeader, rlHeader, ck);
    buildOutput(*out.get(), rlHeader, hsHeader, ck);
    hashHandShake(ssl, *out.get());
@@ -814,7 +809,7 @@ void sendServerKeyExchange(SSL& ssl, BufferOutput buffer)
    RecordLayerHeader rlHeader;
    HandShakeHeader   hsHeader;
-    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
+    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
    buildHeaders(ssl, hsHeader, rlHeader, sk);
    buildOutput(*out.get(), rlHeader, hsHeader, sk);
    hashHandShake(ssl, *out.get());
@@ -839,7 +834,7 @@ void sendChangeCipher(SSL& ssl, BufferOutput buffer)
    ChangeCipherSpec ccs;
    RecordLayerHeader rlHeader;
    buildHeader(ssl, rlHeader, ccs);
-    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
+    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
    buildOutput(*out.get(), rlHeader, ccs);
    if (buffer == buffered)
@@ -856,7 +851,7 @@ void sendFinished(SSL& ssl, ConnectionEnd side, BufferOutput buffer)
    Finished fin;
    buildFinished(ssl, fin, side == client_end ? client : server);
-    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
+    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
    cipherFinished(ssl, fin, *out.get());                   // hashes handshake
    if (ssl.getSecurity().get_resuming()) {
@@ -955,7 +950,7 @@ void sendServerHello(SSL& ssl, BufferOutput buffer)
    ServerHello       sh(ssl.getSecurity().get_connection().version_);
    RecordLayerHeader rlHeader;
    HandShakeHeader   hsHeader;
-    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
+    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
    buildServerHello(ssl, sh);
    ssl.set_random(sh.get_random(), server_end);
@@ -978,7 +973,7 @@ void sendServerHelloDone(SSL& ssl, BufferOutput buffer)
    ServerHelloDone   shd;
    RecordLayerHeader rlHeader;
    HandShakeHeader   hsHeader;
-    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
+    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
    buildHeaders(ssl, hsHeader, rlHeader, shd);
    buildOutput(*out.get(), rlHeader, hsHeader, shd);
@@ -999,7 +994,7 @@ void sendCertificate(SSL& ssl, BufferOutput buffer)
    Certificate       cert(ssl.getCrypto().get_certManager().get_cert());
    RecordLayerHeader rlHeader;
    HandShakeHeader   hsHeader;
-    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
+    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
    buildHeaders(ssl, hsHeader, rlHeader, cert);
    buildOutput(*out.get(), rlHeader, hsHeader, cert);
@@ -1021,7 +1016,7 @@ void sendCertificateRequest(SSL& ssl, BufferOutput buffer)
    request.Build();
    RecordLayerHeader  rlHeader;
    HandShakeHeader    hsHeader;
-    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
+    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
    buildHeaders(ssl, hsHeader, rlHeader, request);
    buildOutput(*out.get(), rlHeader, hsHeader, request);
@@ -1043,7 +1038,7 @@ void sendCertificateVerify(SSL& ssl, BufferOutput buffer)
    verify.Build(ssl);
    RecordLayerHeader  rlHeader;
    HandShakeHeader    hsHeader;
-    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
+    mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer);
    buildHeaders(ssl, hsHeader, rlHeader, verify);
    buildOutput(*out.get(), rlHeader, hsHeader, verify);
--- a/extra/yassl/src/socket_wrapper.cpp
+++ b/extra/yassl/src/socket_wrapper.cpp
@@ -41,9 +41,10 @@
    #include <netinet/in.h>
    #include <sys/ioctl.h>
    #include <string.h>
    #include <fcntl.h>
 #endif // _WIN32
-#if defined(__sun) || defined(__SCO_VERSION__)
+#if defined(__sun) || defined(__SCO_VERSION__) || defined(__NETWARE__)
    #include <sys/filio.h>
 #endif
@@ -62,7 +63,7 @@ namespace yaSSL {
 Socket::Socket(socket_t s) 
-    : socket_(s), wouldBlock_(false)
+    : socket_(s), wouldBlock_(false), blocking_(false)
 {}
@@ -148,6 +149,7 @@ uint Socket::receive(byte* buf, unsigned int sz, int flags)
        if (get_lastError() == SOCKET_EWOULDBLOCK || 
            get_lastError() == SOCKET_EAGAIN) {
            wouldBlock_ = true;
            blocking_   = true; // socket can block, only way to tell for win32
        return 0;
    }
    }
@@ -189,6 +191,12 @@ bool Socket::WouldBlock() const
 }
 bool Socket::IsBlocking() const
 {
    return blocking_;
 }
 void Socket::set_lastError(int errorCode)
 {
 #ifdef _WIN32
--- a/extra/yassl/src/ssl.cpp
+++ b/extra/yassl/src/ssl.cpp
@@ -42,6 +42,9 @@
 #include "yassl_int.hpp"
 #include "md5.hpp"              // for TaoCrypt MD5 size assert
 #include "md4.hpp"              // for TaoCrypt MD4 size assert
 #include "file.hpp"             // for TaoCrypt Source
 #include "coding.hpp"           // HexDecoder
 #include "helpers.hpp"          // for placement new hack
 #include <stdio.h>
 #ifdef _WIN32
@@ -55,7 +58,6 @@
 namespace yaSSL {
 using mySTL::min;
 int read_file(SSL_CTX* ctx, const char* file, int format, CertType type)
@@ -93,11 +95,55 @@ int read_file(SSL_CTX* ctx, const char* file, int format, CertType type)
            }
        }
        else {
-            x = PemToDer(input, type);
+            EncryptedInfo info;
            x = PemToDer(input, type, &info);
            if (!x) {
                fclose(input);
                return SSL_BAD_FILE;
            }
            if (info.set) {
                // decrypt
                char password[80];
                pem_password_cb cb = ctx->GetPasswordCb();
                if (!cb) {
                    fclose(input);
                    return SSL_BAD_FILE;
                }
                int passwordSz = cb(password, sizeof(password), 0,
                                    ctx->GetUserData());
                byte key[AES_256_KEY_SZ];  // max sizes
                byte iv[AES_IV_SZ];
                // use file's salt for key derivation, but not real iv
                TaoCrypt::Source source(info.iv, info.ivSz);
                TaoCrypt::HexDecoder dec(source);
                memcpy(info.iv, source.get_buffer(), min((uint)sizeof(info.iv),
                                                         source.size()));
                EVP_BytesToKey(info.name, "MD5", info.iv, (byte*)password,
                               passwordSz, 1, key, iv);
                STL::auto_ptr<BulkCipher> cipher;
                if (strncmp(info.name, "DES-CBC", 7) == 0)
                    cipher.reset(NEW_YS DES);
                else if (strncmp(info.name, "DES-EDE3-CBC", 13) == 0)
                    cipher.reset(NEW_YS DES_EDE);
                else if (strncmp(info.name, "AES-128-CBC", 13) == 0)
                    cipher.reset(NEW_YS AES(AES_128_KEY_SZ));
                else if (strncmp(info.name, "AES-192-CBC", 13) == 0)
                    cipher.reset(NEW_YS AES(AES_192_KEY_SZ));
                else if (strncmp(info.name, "AES-256-CBC", 13) == 0)
                    cipher.reset(NEW_YS AES(AES_256_KEY_SZ));
                else {
                    fclose(input);
                    return SSL_BAD_FILE;
                }
                cipher->set_decryptKey(key, info.iv);
                STL::auto_ptr<x509> newx(NEW_YS x509(x->get_length()));   
                cipher->decrypt(newx->use_buffer(), x->get_buffer(),
                                x->get_length());
                ysDelete(x);
                x = newx.release();
            }
        }
    }
    fclose(input);
@@ -140,8 +186,17 @@ SSL_METHOD* TLSv1_client_method()
 SSL_METHOD* SSLv23_server_method()
 {
-    // compatibility only, no version 2 support
+    // compatibility only, no version 2 support, but does SSL 3 and TLS 1
-    return SSLv3_server_method();
+    return NEW_YS SSL_METHOD(server_end, ProtocolVersion(3,1), true);
 }
 SSL_METHOD* SSLv23_client_method()
 {
    // compatibility only, no version 2 support, but does SSL 3 and TLS 1
    // though it sends TLS1 hello not SSLv2 so SSLv3 only servers will decline
    // TODO: maybe add support to send SSLv2 hello ???
    return NEW_YS SSL_METHOD(client_end, ProtocolVersion(3,1), true);
 }
@@ -178,14 +233,29 @@ int SSL_set_fd(SSL* ssl, int fd)
 int SSL_connect(SSL* ssl)
 {
    if (ssl->GetError() == YasslError(SSL_ERROR_WANT_READ))
        ssl->SetError(no_error);
    ClientState neededState;
    switch (ssl->getStates().GetConnect()) {
    case CONNECT_BEGIN :
    sendClientHello(*ssl);
-    ClientState neededState = ssl->getSecurity().get_resuming() ?
+        if (!ssl->GetError())
            ssl->useStates().UseConnect() = CLIENT_HELLO_SENT;
    case CLIENT_HELLO_SENT :
        neededState = ssl->getSecurity().get_resuming() ?
        serverFinishedComplete : serverHelloDoneComplete;
    while (ssl->getStates().getClient() < neededState) {
        if (ssl->GetError()) break;
    processReply(*ssl);
    }
        if (!ssl->GetError())
            ssl->useStates().UseConnect() = FIRST_REPLY_DONE;
    case FIRST_REPLY_DONE :
    if(ssl->getCrypto().get_certManager().sendVerify())
        sendCertificate(*ssl);
@@ -198,18 +268,32 @@ int SSL_connect(SSL* ssl)
    sendChangeCipher(*ssl);
    sendFinished(*ssl, client_end);
    ssl->flushBuffer();
        if (!ssl->GetError())
            ssl->useStates().UseConnect() = FINISHED_DONE;
    case FINISHED_DONE :
    if (!ssl->getSecurity().get_resuming())
        while (ssl->getStates().getClient() < serverFinishedComplete) {
            if (ssl->GetError()) break;
        processReply(*ssl);
        }
        if (!ssl->GetError())
            ssl->useStates().UseConnect() = SECOND_REPLY_DONE;
    case SECOND_REPLY_DONE :
    ssl->verifyState(serverFinishedComplete);
    ssl->useLog().ShowTCP(ssl->getSocket().get_fd());
-    if (ssl->GetError())
+        if (ssl->GetError()) {
            GetErrors().Add(ssl->GetError());
        return SSL_FATAL_ERROR;
        }   
    return SSL_SUCCESS;
    default :
        return SSL_FATAL_ERROR; // unkown state
    }
 }
@@ -228,7 +312,17 @@ int SSL_read(SSL* ssl, void* buffer, int sz)
 int SSL_accept(SSL* ssl)
 {
    if (ssl->GetError() == YasslError(SSL_ERROR_WANT_READ))
        ssl->SetError(no_error);
    switch (ssl->getStates().GetAccept()) {
    case ACCEPT_BEGIN :
    processReply(*ssl);
        if (!ssl->GetError())
            ssl->useStates().UseAccept() = ACCEPT_FIRST_REPLY_DONE;
    case ACCEPT_FIRST_REPLY_DONE :
    sendServerHello(*ssl);
    if (!ssl->getSecurity().get_resuming()) {
@@ -242,27 +336,51 @@ int SSL_accept(SSL* ssl)
        sendServerHelloDone(*ssl);
        ssl->flushBuffer();
        }
        if (!ssl->GetError())
            ssl->useStates().UseAccept() = SERVER_HELLO_DONE;
    case SERVER_HELLO_DONE :
        if (!ssl->getSecurity().get_resuming()) {
        while (ssl->getStates().getServer() < clientFinishedComplete) {
            if (ssl->GetError()) break;
            processReply(*ssl);
        }
    }
        if (!ssl->GetError())
            ssl->useStates().UseAccept() = ACCEPT_SECOND_REPLY_DONE;
    case ACCEPT_SECOND_REPLY_DONE :
    sendChangeCipher(*ssl);
    sendFinished(*ssl, server_end);
    ssl->flushBuffer();
        if (!ssl->GetError())
            ssl->useStates().UseAccept() = ACCEPT_FINISHED_DONE;
    case ACCEPT_FINISHED_DONE :
    if (ssl->getSecurity().get_resuming()) {
        while (ssl->getStates().getServer() < clientFinishedComplete) {
          if (ssl->GetError()) break;
          processReply(*ssl);
      }
    }
        if (!ssl->GetError())
            ssl->useStates().UseAccept() = ACCEPT_THIRD_REPLY_DONE;
    case ACCEPT_THIRD_REPLY_DONE :
    ssl->useLog().ShowTCP(ssl->getSocket().get_fd());
-    if (ssl->GetError())
+        if (ssl->GetError()) {
            GetErrors().Add(ssl->GetError());
        return SSL_FATAL_ERROR;
        }
    return SSL_SUCCESS;
    default:
        return SSL_FATAL_ERROR; // unknown state
    }
 }
@@ -278,6 +396,8 @@ int SSL_do_handshake(SSL* ssl)
 int SSL_clear(SSL* ssl)
 {
    ssl->useSocket().closeSocket();
    GetErrors().Remove();
    return SSL_SUCCESS;
 }
@@ -289,6 +409,8 @@ int SSL_shutdown(SSL* ssl)
    ssl->useLog().ShowTCP(ssl->getSocket().get_fd(), true);
    ssl->useSocket().closeSocket();
    GetErrors().Remove();
    return SSL_SUCCESS;
 }
@@ -762,9 +884,8 @@ void DH_free(DH* dh)
 // be created
 BIGNUM* BN_bin2bn(const unsigned char* num, int sz, BIGNUM* retVal)
 {
    using mySTL::auto_ptr;
    bool created = false;
-    auto_ptr<BIGNUM> bn(ysDelete);
+    mySTL::auto_ptr<BIGNUM> bn;
    if (!retVal) {
        created = true;
@@ -825,7 +946,7 @@ const EVP_MD* EVP_md5(void)
 const EVP_CIPHER* EVP_des_ede3_cbc(void)
 {
-    static const char* type = "DES_EDE3_CBC";
+    static const char* type = "DES-EDE3-CBC";
    return type;
 }
@@ -836,16 +957,37 @@ int EVP_BytesToKey(const EVP_CIPHER* type, const EVP_MD* md, const byte* salt,
    // only support MD5 for now
    if (strncmp(md, "MD5", 3)) return 0;
-    // only support DES_EDE3_CBC for now
+    int keyLen = 0;
-    if (strncmp(type, "DES_EDE3_CBC", 12)) return 0; 
+    int ivLen  = 0;
    // only support CBC DES and AES for now
    if (strncmp(type, "DES-CBC", 7) == 0) {
        keyLen = DES_KEY_SZ;
        ivLen  = DES_IV_SZ;
    }
    else if (strncmp(type, "DES-EDE3-CBC", 12) == 0) {
        keyLen = DES_EDE_KEY_SZ;
        ivLen  = DES_IV_SZ;
    }
    else if (strncmp(type, "AES-128-CBC", 11) == 0) {
        keyLen = AES_128_KEY_SZ;
        ivLen  = AES_IV_SZ;
    }
    else if (strncmp(type, "AES-192-CBC", 11) == 0) {
        keyLen = AES_192_KEY_SZ;
        ivLen  = AES_IV_SZ;
    }
    else if (strncmp(type, "AES-256-CBC", 11) == 0) {
        keyLen = AES_256_KEY_SZ;
        ivLen  = AES_IV_SZ;
    }
    else
        return 0;
    yaSSL::MD5 myMD;
    uint digestSz = myMD.get_digestSize();
    byte digest[SHA_LEN];                   // max size
    yaSSL::DES_EDE cipher;
    int keyLen    = cipher.get_keySize();
    int ivLen     = cipher.get_ivSize();
    int keyLeft   = keyLen;
    int ivLeft    = ivLen;
    int keyOutput = 0;
@@ -878,7 +1020,7 @@ int EVP_BytesToKey(const EVP_CIPHER* type, const EVP_MD* md, const byte* salt,
        if (ivLeft && digestLeft) {
            int store = min(ivLeft, digestLeft);
-            memcpy(&iv[ivLen - ivLeft], digest, store);
+            memcpy(&iv[ivLen - ivLeft], &digest[digestSz - digestLeft], store);
            keyOutput += store;
            ivLeft    -= store;
@@ -954,10 +1096,9 @@ void DES_ecb_encrypt(DES_cblock* input, DES_cblock* output,
 }
-void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*, void* userdata)
+void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX* ctx, void* userdata)
 {
-    // yaSSL doesn't support yet, unencrypt your PEM file with userdata
+    ctx->SetUserData(userdata);
    // before handing off to yaSSL
 }
@@ -1034,12 +1175,6 @@ ASN1_TIME* X509_get_notAfter(X509* x)
 }
 SSL_METHOD* SSLv23_client_method(void)  /* doesn't actually roll back */
 {
    return SSLv3_client_method();
 }
 SSL_METHOD* SSLv2_client_method(void)   /* will never work, no v 2    */
 {
    return 0;
@@ -1363,9 +1498,9 @@ int SSL_pending(SSL* ssl)
    }
-    void SSL_CTX_set_default_passwd_cb(SSL_CTX*, pem_password_cb)
+    void SSL_CTX_set_default_passwd_cb(SSL_CTX* ctx, pem_password_cb cb)
    {
-        // TDOD:
+        ctx->SetPasswordCb(cb);
    }
@@ -1428,7 +1563,7 @@ int SSL_pending(SSL* ssl)
    void ERR_remove_state(unsigned long)
    {
-        // TODO:
+        GetErrors().Remove();
    }
@@ -1437,16 +1572,30 @@ int SSL_pending(SSL* ssl)
        return l & 0xfff;
    }
    unsigned long err_helper(bool peek = false)
    {
        int ysError = GetErrors().Lookup(peek);
        // translate cert error for libcurl, it uses OpenSSL hex code
        switch (ysError) {
        case TaoCrypt::SIG_OTHER_E:
            return CERTFICATE_ERROR;
            break;
        default :
            return 0;
        }
    }
    unsigned long ERR_peek_error()
    {
-        return 0;  // TODO:
+        return err_helper(true);
    }
    unsigned long ERR_get_error()
    {
-        return ERR_peek_error();
+        return err_helper();
    }
--- a/extra/yassl/src/template_instnt.cpp
+++ b/extra/yassl/src/template_instnt.cpp
@@ -65,6 +65,19 @@ template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::output_buffer*>::iterat
 template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::x509*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::x509*>::iterator, mySTL::list<yaSSL::x509*>::iterator, yaSSL::del_ptr_zero);
 template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::Digest*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::Digest*>::iterator, mySTL::list<yaSSL::Digest*>::iterator, yaSSL::del_ptr_zero);
 template yaSSL::del_ptr_zero for_each<mySTL::list<yaSSL::BulkCipher*>::iterator, yaSSL::del_ptr_zero>(mySTL::list<yaSSL::BulkCipher*>::iterator, mySTL::list<yaSSL::BulkCipher*>::iterator, yaSSL::del_ptr_zero);
 template bool list<yaSSL::ThreadError>::erase(list<yaSSL::ThreadError>::iterator);
 template void list<yaSSL::ThreadError>::push_back(yaSSL::ThreadError);
 template void list<yaSSL::ThreadError>::pop_front();
 template void list<yaSSL::ThreadError>::pop_back();
 template list<yaSSL::ThreadError>::~list();
 template pair<int, yaSSL::Message* (*)()>* GetArrayMemory<pair<int, yaSSL::Message* (*)()> >(size_t);
 template void FreeArrayMemory<pair<int, yaSSL::Message* (*)()> >(pair<int, yaSSL::Message* (*)()>*);
 template pair<int, yaSSL::HandShakeBase* (*)()>* GetArrayMemory<pair<int, yaSSL::HandShakeBase* (*)()> >(size_t);
 template void FreeArrayMemory<pair<int, yaSSL::HandShakeBase* (*)()> >(pair<int, yaSSL::HandShakeBase* (*)()>*);
 template pair<int, yaSSL::ServerKeyBase* (*)()>* GetArrayMemory<pair<int, yaSSL::ServerKeyBase* (*)()> >(size_t);
 template void FreeArrayMemory<pair<int, yaSSL::ServerKeyBase* (*)()> >(pair<int, yaSSL::ServerKeyBase* (*)()>*);
 template pair<int, yaSSL::ClientKeyBase* (*)()>* GetArrayMemory<pair<int, yaSSL::ClientKeyBase* (*)()> >(size_t);
 template void FreeArrayMemory<pair<int, yaSSL::ClientKeyBase* (*)()> >(pair<int, yaSSL::ClientKeyBase* (*)()>*);
 }
 namespace yaSSL {
@@ -90,8 +103,12 @@ template void ysDelete<X509>(X509*);
 template void ysDelete<Message>(Message*);
 template void ysDelete<sslFactory>(sslFactory*);
 template void ysDelete<Sessions>(Sessions*);
 template void ysDelete<Errors>(Errors*);
 template void ysArrayDelete<unsigned char>(unsigned char*);
 template void ysArrayDelete<char>(char*);
 template int min<int>(int, int);
 template unsigned int min<unsigned int>(unsigned int, unsigned int);
 }
 #endif // HAVE_EXPLICIT_TEMPLATE_INSTANTIATION
--- a/extra/yassl/src/yassl.cpp
+++ b/extra/yassl/src/yassl.cpp
@@ -36,21 +36,9 @@
 #include "openssl/ssl.h"  // get rid of this
 // yaSSL overloads hide these
 void* operator new[](size_t sz)
 {
    return ::operator new(sz);
 }
 void operator delete[](void* ptr)
 {
    ::operator delete(ptr);
 }
 namespace yaSSL {
 using mySTL::min;
 struct Base {
--- a/extra/yassl/src/yassl_error.cpp
+++ b/extra/yassl/src/yassl_error.cpp
@@ -125,13 +125,21 @@ void SetErrorString(YasslError error, char* buffer)
        strncpy(buffer, "unable to proccess cerificate", max);
        break; 
    case privateKey_error :
        strncpy(buffer, "unable to proccess private key, bad format", max);
        break;
    case badVersion_error :
        strncpy(buffer, "protocl version mismatch", max);
        break;
        // openssl errors
    case SSL_ERROR_WANT_READ :
        strncpy(buffer, "the read operation would block", max);
        break;
        // TaoCrypt errors
-    case NO_ERROR :
+    case NO_ERROR_E :
        strncpy(buffer, "not in error state", max);
        break;
@@ -235,6 +243,10 @@ void SetErrorString(YasslError error, char* buffer)
        strncpy(buffer, "ASN: bad other signature confirmation", max);
        break;
    case CERTFICATE_ERROR :
        strncpy(buffer, "Unable to verify certificate", max);
        break;
    default :
        strncpy(buffer, "unknown error number", max);
    }
--- a/extra/yassl/src/yassl_imp.cpp
+++ b/extra/yassl/src/yassl_imp.cpp
@@ -139,7 +139,7 @@ void DH_Server::build(SSL& ssl)
                       parms_.alloc_pub(pubSz));
    short sigSz = 0;
-    mySTL::auto_ptr<Auth> auth(ysDelete);
+    mySTL::auto_ptr<Auth> auth;
    const CertManager& cert = ssl.getCrypto().get_certManager();
    if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo)
@@ -151,9 +151,11 @@ void DH_Server::build(SSL& ssl)
        sigSz += DSS_ENCODED_EXTRA;
    }
    sigSz += auth->get_signatureLength();
-
+    if (!sigSz) {
        ssl.SetError(privateKey_error);
        return;
    }
    length_ = 8; // pLen + gLen + YsLen + SigLen
    length_ += pSz + gSz + pubSz + sigSz;
@@ -612,7 +614,7 @@ void HandShakeHeader::Process(input_buffer& input, SSL& ssl)
 {
    ssl.verifyState(*this);
    const HandShakeFactory& hsf = ssl.getFactory().getHandShake();
-    mySTL::auto_ptr<HandShakeBase> hs(hsf.CreateObject(type_), ysDelete);
+    mySTL::auto_ptr<HandShakeBase> hs(hsf.CreateObject(type_));
    if (!hs.get()) {
        ssl.SetError(factory_error);
        return;
@@ -1214,6 +1216,20 @@ output_buffer& operator<<(output_buffer& output, const ServerHello& hello)
 // Server Hello processing handler
 void ServerHello::Process(input_buffer&, SSL& ssl)
 {
    if (ssl.GetMultiProtocol()) {   // SSLv23 support
        if (ssl.isTLS() && server_version_.minor_ < 1)
            // downgrade to SSLv3
            ssl.useSecurity().use_connection().TurnOffTLS();
    }
    else if (ssl.isTLS() && server_version_.minor_ < 1) {
        ssl.SetError(badVersion_error);
        return;
    }
    else if (!ssl.isTLS() && (server_version_.major_ == 3 &&
                              server_version_.minor_ >= 1)) {
        ssl.SetError(badVersion_error);
        return;
    }
    ssl.set_pending(cipher_suite_[1]);
    ssl.set_random(random_, server_end);
    if (id_len_)
@@ -1384,11 +1400,23 @@ output_buffer& operator<<(output_buffer& output, const ClientHello& hello)
 // Client Hello processing handler
 void ClientHello::Process(input_buffer&, SSL& ssl)
 {
-    if (ssl.isTLS() && client_version_.minor_ == 0) {
+    if (ssl.GetMultiProtocol()) {   // SSLv23 support
        if (ssl.isTLS() && client_version_.minor_ < 1) {
            // downgrade to SSLv3
        ssl.useSecurity().use_connection().TurnOffTLS();
        ProtocolVersion pv = ssl.getSecurity().get_connection().version_;
        ssl.useSecurity().use_parms().SetSuites(pv);  // reset w/ SSL suites
    }
    }
    else if (ssl.isTLS() && client_version_.minor_ < 1) {
        ssl.SetError(badVersion_error);
        return;
    }
    else if (!ssl.isTLS() && (client_version_.major_ == 3 &&
                              client_version_.minor_ >= 1)) {
        ssl.SetError(badVersion_error);
        return;
    }
    ssl.set_random(random_, client_end);
    while (id_len_) {  // trying to resume
@@ -1541,7 +1569,7 @@ CertificateRequest::CertificateRequest()
 CertificateRequest::~CertificateRequest()
 {
-    mySTL::for_each(certificate_authorities_.begin(),
+    STL::for_each(certificate_authorities_.begin(),
                  certificate_authorities_.end(),
                  del_ptr_zero()) ;
 }
@@ -1634,9 +1662,9 @@ output_buffer& operator<<(output_buffer& output,
           request.typeTotal_ - REQUEST_HEADER, tmp);
    output.write(tmp, sizeof(tmp));
-    mySTL::list<DistinguishedName>::const_iterator first =
+    STL::list<DistinguishedName>::const_iterator first =
                                    request.certificate_authorities_.begin();
-    mySTL::list<DistinguishedName>::const_iterator last =
+    STL::list<DistinguishedName>::const_iterator last =
                                    request.certificate_authorities_.end();
    while (first != last) {
        uint16 sz;
@@ -1684,7 +1712,7 @@ void CertificateVerify::Build(SSL& ssl)
    uint16 sz = 0;
    byte   len[VERIFY_HEADER];
-    mySTL::auto_ptr<byte> sig(ysArrayDelete);
+    mySTL::auto_array<byte> sig;
    // sign
    const CertManager& cert = ssl.getCrypto().get_certManager();
--- a/extra/yassl/src/yassl_int.cpp
+++ b/extra/yassl/src/yassl_int.cpp
@@ -33,6 +33,10 @@
 #include "handshake.hpp"
 #include "timer.hpp"
 #ifdef _POSIX_THREADS
    #include "pthread.h"
 #endif
 #ifdef YASSL_PURE_C
@@ -74,7 +78,6 @@
 namespace yaSSL {
 using mySTL::min;
@@ -155,6 +158,7 @@ void c32toa(uint32 u32, opaque* c)
 States::States() : recordLayer_(recordReady), handshakeLayer_(preHandshake),
           clientState_(serverNull),  serverState_(clientNull),
           connectState_(CONNECT_BEGIN), acceptState_(ACCEPT_BEGIN),
           what_(no_error) {}
 const RecordLayerState& States::getRecord() const 
@@ -181,6 +185,18 @@ const ServerState& States::getServer() const
 }
 const ConnectState& States::GetConnect() const
 {
    return connectState_;
 }
 const AcceptState& States::GetAccept() const
 {
    return acceptState_;
 }
 const char* States::getString() const
 {
    return errorString_;
@@ -217,6 +233,18 @@ ServerState& States::useServer()
 }
 ConnectState& States::UseConnect()
 {
    return connectState_;
 }
 AcceptState& States::UseAccept()
 {
    return acceptState_;
 }
 char* States::useString()
 {
    return errorString_;
@@ -722,6 +750,12 @@ void SSL::SetError(YasslError ye)
 }
 Buffers& SSL::useBuffers()
 {
    return buffers_;
 }
 // locals
 namespace {
@@ -959,7 +993,7 @@ using namespace yassl_int_cpp_local1;
 uint SSL::bufferedData()
 {
-    return mySTL::for_each(buffers_.getData().begin(),buffers_.getData().end(),
+    return STL::for_each(buffers_.getData().begin(),buffers_.getData().end(),
                           SumData()).total_;
 }
@@ -1002,7 +1036,7 @@ void SSL::PeekData(Data& data)
    data.set_length(0);                         // output, actual data filled
    dataSz = min(dataSz, bufferedData());
-    Buffers::inputList::iterator front = buffers_.getData().begin();
+    Buffers::inputList::iterator front = buffers_.useData().begin();
    while (elements) {
        uint frontSz = (*front)->get_remaining();
@@ -1027,7 +1061,7 @@ void SSL::flushBuffer()
 {
    if (GetError()) return;
-    uint sz = mySTL::for_each(buffers_.getHandShake().begin(),
+    uint sz = STL::for_each(buffers_.getHandShake().begin(),
                            buffers_.getHandShake().end(),
                            SumBuffer()).total_;
    output_buffer out(sz);
@@ -1213,8 +1247,10 @@ void SSL::matchSuite(const opaque* peer, uint length)
 void SSL::set_session(SSL_SESSION* s) 
 { 
-    if (s && GetSessions().lookup(s->GetID(), &secure_.use_resume()))
+    if (s && GetSessions().lookup(s->GetID(), &secure_.use_resume())) {
        secure_.set_resuming(true);
        crypto_.use_certManager().setPeerX509(s->GetPeerX509());
    }
 }
@@ -1260,6 +1296,12 @@ YasslError SSL::GetError() const
 }
 bool SSL::GetMultiProtocol() const
 {
    return secure_.GetContext()->getMethod()->multipleProtocol();
 }
 Crypto& SSL::useCrypto()
 {
    return crypto_;
@@ -1314,9 +1356,25 @@ void SSL::addBuffer(output_buffer* b)
 }
 void SSL_SESSION::CopyX509(X509* x)
 {
    assert(peerX509_ == 0);
    if (x == 0) return;
    X509_NAME* issuer   = x->GetIssuer();
    X509_NAME* subject  = x->GetSubject();
    ASN1_STRING* before = x->GetBefore();
    ASN1_STRING* after  = x->GetAfter();
    peerX509_ = NEW_YS X509(issuer->GetName(), issuer->GetLength(),
        subject->GetName(), subject->GetLength(), (const char*) before->data,
        before->length, (const char*) after->data, after->length);
 }
 // store connection parameters
 SSL_SESSION::SSL_SESSION(const SSL& ssl, RandomPool& ran) 
-    : timeout_(DEFAULT_TIMEOUT), random_(ran)
+    : timeout_(DEFAULT_TIMEOUT), random_(ran), peerX509_(0)
 {
    const Connection& conn = ssl.getSecurity().get_connection();
@@ -1325,12 +1383,14 @@ SSL_SESSION::SSL_SESSION(const SSL& ssl, RandomPool& ran)
    memcpy(suite_, ssl.getSecurity().get_parms().suite_, SUITE_LEN);
    bornOn_ = lowResTimer();
    CopyX509(ssl.getCrypto().get_certManager().get_peerX509());
 }
 // for resumption copy in ssl::parameters
 SSL_SESSION::SSL_SESSION(RandomPool& ran) 
-    : bornOn_(0), timeout_(0), random_(ran)
+    : bornOn_(0), timeout_(0), random_(ran), peerX509_(0)
 {
    memset(sessionID_, 0, ID_LEN);
    memset(master_secret_, 0, SECRET_LEN);
@@ -1347,6 +1407,12 @@ SSL_SESSION& SSL_SESSION::operator=(const SSL_SESSION& that)
    bornOn_  = that.bornOn_;
    timeout_ = that.timeout_;
    if (peerX509_) {
        ysDelete(peerX509_);
        peerX509_ = 0;
    }
    CopyX509(that.peerX509_);
    return *this;
 }
@@ -1369,6 +1435,12 @@ const Cipher* SSL_SESSION::GetSuite() const
 }
 X509* SSL_SESSION::GetPeerX509() const
 {
    return peerX509_;
 }
 uint SSL_SESSION::GetBornOn() const
 {
    return bornOn_;
@@ -1395,6 +1467,8 @@ SSL_SESSION::~SSL_SESSION()
 {
    volatile opaque* p = master_secret_;
    clean(p, SECRET_LEN, random_);
    ysDelete(peerX509_);
 }
@@ -1418,6 +1492,15 @@ sslFactory& GetSSL_Factory()
 }
 static Errors* errorsInstance = 0;
 Errors& GetErrors()
 {
    if (!errorsInstance)
        errorsInstance = NEW_YS Errors;
    return *errorsInstance;
 }
 typedef Mutex::Lock Lock;
@@ -1433,14 +1516,15 @@ void Sessions::add(const SSL& ssl)
 Sessions::~Sessions() 
 { 
-    mySTL::for_each(list_.begin(), list_.end(), del_ptr_zero()); 
+    STL::for_each(list_.begin(), list_.end(), del_ptr_zero()); 
 }
 // locals
 namespace yassl_int_cpp_local2 { // for explicit templates
-typedef mySTL::list<SSL_SESSION*>::iterator iterator;
+typedef STL::list<SSL_SESSION*>::iterator sess_iterator;
 typedef STL::list<ThreadError>::iterator  thr_iterator;
 struct sess_match {
    const opaque* id_;
@@ -1455,6 +1539,28 @@ struct sess_match {
 };
 THREAD_ID_T GetSelf()
 {
 #ifndef _POSIX_THREADS
    return GetCurrentThreadId();
 #else
    return pthread_self();
 #endif
 }
 struct thr_match {
    THREAD_ID_T id_;
    explicit thr_match() : id_(GetSelf()) {}
    bool operator()(ThreadError thr)
    {
        if (thr.threadID_ == id_)
            return true;
        return false;
    }
 };
 } // local namespace
 using namespace yassl_int_cpp_local2;
@@ -1463,8 +1569,8 @@ using namespace yassl_int_cpp_local2;
 SSL_SESSION* Sessions::lookup(const opaque* id, SSL_SESSION* copy)
 {
    Lock guard(mutex_);
-    iterator find = mySTL::find_if(list_.begin(), list_.end(), sess_match(id));
+    sess_iterator find = STL::find_if(list_.begin(), list_.end(),
-
+                                        sess_match(id));
    if (find != list_.end()) {
        uint current = lowResTimer();
        if ( ((*find)->GetBornOn() + (*find)->GetTimeOut()) < current) {
@@ -1484,8 +1590,8 @@ SSL_SESSION* Sessions::lookup(const opaque* id, SSL_SESSION* copy)
 void Sessions::remove(const opaque* id)
 {
    Lock guard(mutex_);
-    iterator find = mySTL::find_if(list_.begin(), list_.end(), sess_match(id));
+    sess_iterator find = STL::find_if(list_.begin(), list_.end(),
-
+                                        sess_match(id));
    if (find != list_.end()) {
        del_ptr_zero()(*find);
        list_.erase(find);
@@ -1493,9 +1599,51 @@ void Sessions::remove(const opaque* id)
 }
-SSL_METHOD::SSL_METHOD(ConnectionEnd ce, ProtocolVersion pv) 
+// remove a self thread error
 void Errors::Remove()
 {
    Lock guard(mutex_);
    thr_iterator find = STL::find_if(list_.begin(), list_.end(),
                                       thr_match());
    if (find != list_.end())
        list_.erase(find);
 }
 // lookup self error code
 int Errors::Lookup(bool peek)
 {
    Lock guard(mutex_);
    thr_iterator find = STL::find_if(list_.begin(), list_.end(),
                                       thr_match());
    if (find != list_.end()) {
        int ret = find->errorID_;
        if (!peek)
            list_.erase(find);
        return ret;
    }
    else
        return 0;
 }
 // add a new error code for self
 void Errors::Add(int error)
 {
    ThreadError add;
    add.errorID_  = error;
    add.threadID_ = GetSelf();
    Remove();   // may have old error
    Lock guard(mutex_);
    list_.push_back(add);
 }
 SSL_METHOD::SSL_METHOD(ConnectionEnd ce, ProtocolVersion pv, bool multiProto) 
    : version_(pv), side_(ce), verifyPeer_(false), verifyNone_(false),
-      failNoCert_(false) 
+      failNoCert_(false), multipleProtocol_(multiProto)
 {}
@@ -1547,8 +1695,15 @@ bool SSL_METHOD::failNoCert() const
 }
 bool SSL_METHOD::multipleProtocol() const
 {
    return multipleProtocol_;
 }
 SSL_CTX::SSL_CTX(SSL_METHOD* meth) 
-    : method_(meth), certificate_(0), privateKey_(0)
+    : method_(meth), certificate_(0), privateKey_(0), passwordCb_(0),
      userData_(0)
 {}
@@ -1558,7 +1713,7 @@ SSL_CTX::~SSL_CTX()
    ysDelete(certificate_);
    ysDelete(privateKey_);
-    mySTL::for_each(caList_.begin(), caList_.end(), del_ptr_zero());
+    STL::for_each(caList_.begin(), caList_.end(), del_ptr_zero());
 }
@@ -1611,6 +1766,30 @@ const Stats& SSL_CTX::GetStats() const
 }
 pem_password_cb SSL_CTX::GetPasswordCb() const
 {
    return passwordCb_;
 }
 void SSL_CTX::SetPasswordCb(pem_password_cb cb)
 {
    passwordCb_ = cb;
 }
 void* SSL_CTX::GetUserData() const
 {
    return userData_;
 }
 void SSL_CTX::SetUserData(void* data)
 {
    userData_ = data;
 }
 void SSL_CTX::setVerifyPeer()
 {
    method_->setVerifyPeer();
@@ -1914,12 +2093,33 @@ Hashes& sslHashes::use_certVerify()
 }
 Buffers::Buffers() : rawInput_(0)
 {}
 Buffers::~Buffers()
 {
-    mySTL::for_each(handShakeList_.begin(), handShakeList_.end(),
+    STL::for_each(handShakeList_.begin(), handShakeList_.end(),
                  del_ptr_zero()) ;
-    mySTL::for_each(dataList_.begin(), dataList_.end(),
+    STL::for_each(dataList_.begin(), dataList_.end(),
                  del_ptr_zero()) ;
    ysDelete(rawInput_);
 }
 void Buffers::SetRawInput(input_buffer* ib)
 {
    assert(rawInput_ == 0);
    rawInput_ = ib;
 }
 input_buffer* Buffers::TakeRawInput()
 {
    input_buffer* ret = rawInput_;
    rawInput_ = 0;
    return ret;
 }
@@ -2026,12 +2226,18 @@ X509_NAME::~X509_NAME()
 }
-char* X509_NAME::GetName()
+const char* X509_NAME::GetName() const
 {
    return name_;
 }
 size_t X509_NAME::GetLength() const
 {
    return sz_;
 }
 X509::X509(const char* i, size_t iSz, const char* s, size_t sSz,
           const char* b, int bSz, const char* a, int aSz)
    : issuer_(i, iSz), subject_(s, sSz),
@@ -2114,10 +2320,12 @@ extern "C" void yaSSL_CleanUp()
    TaoCrypt::CleanUp();
    yaSSL::ysDelete(yaSSL::sslFactoryInstance);
    yaSSL::ysDelete(yaSSL::sessionsInstance);
    yaSSL::ysDelete(yaSSL::errorsInstance);
    // In case user calls more than once, prevent seg fault
    yaSSL::sslFactoryInstance = 0;
    yaSSL::sessionsInstance = 0;
    yaSSL::errorsInstance = 0;
 }
@@ -2126,6 +2334,7 @@ namespace mySTL {
 template yaSSL::yassl_int_cpp_local1::SumData for_each<mySTL::list<yaSSL::input_buffer*>::iterator, yaSSL::yassl_int_cpp_local1::SumData>(mySTL::list<yaSSL::input_buffer*>::iterator, mySTL::list<yaSSL::input_buffer*>::iterator, yaSSL::yassl_int_cpp_local1::SumData);
 template yaSSL::yassl_int_cpp_local1::SumBuffer for_each<mySTL::list<yaSSL::output_buffer*>::iterator, yaSSL::yassl_int_cpp_local1::SumBuffer>(mySTL::list<yaSSL::output_buffer*>::iterator, mySTL::list<yaSSL::output_buffer*>::iterator, yaSSL::yassl_int_cpp_local1::SumBuffer);
 template mySTL::list<yaSSL::SSL_SESSION*>::iterator find_if<mySTL::list<yaSSL::SSL_SESSION*>::iterator, yaSSL::yassl_int_cpp_local2::sess_match>(mySTL::list<yaSSL::SSL_SESSION*>::iterator, mySTL::list<yaSSL::SSL_SESSION*>::iterator, yaSSL::yassl_int_cpp_local2::sess_match);
 template mySTL::list<yaSSL::ThreadError>::iterator find_if<mySTL::list<yaSSL::ThreadError>::iterator, yaSSL::yassl_int_cpp_local2::thr_match>(mySTL::list<yaSSL::ThreadError>::iterator, mySTL::list<yaSSL::ThreadError>::iterator, yaSSL::yassl_int_cpp_local2::thr_match);
 }
 #endif
--- a/extra/yassl/taocrypt/COPYING
+++ b/extra/yassl/taocrypt/COPYING
@@ -0,0 +1,340 @@
 		    GNU GENERAL PUBLIC LICENSE
 		       Version 2, June 1991
 Copyright (C) 1989, 1991 Free Software Foundation, Inc.
     59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 Everyone is permitted to copy and distribute verbatim copies
 of this license document, but changing it is not allowed.
 			    Preamble
  The licenses for most software are designed to take away your
 freedom to share and change it.  By contrast, the GNU General Public
 License is intended to guarantee your freedom to share and change free
 software--to make sure the software is free for all its users.  This
 General Public License applies to most of the Free Software
 Foundation's software and to any other program whose authors commit to
 using it.  (Some other Free Software Foundation software is covered by
 the GNU Library General Public License instead.)  You can apply it to
 your programs, too.
  When we speak of free software, we are referring to freedom, not
 price.  Our General Public Licenses are designed to make sure that you
 have the freedom to distribute copies of free software (and charge for
 this service if you wish), that you receive source code or can get it
 if you want it, that you can change the software or use pieces of it
 in new free programs; and that you know you can do these things.
  To protect your rights, we need to make restrictions that forbid
 anyone to deny you these rights or to ask you to surrender the rights.
 These restrictions translate to certain responsibilities for you if you
 distribute copies of the software, or if you modify it.
  For example, if you distribute copies of such a program, whether
 gratis or for a fee, you must give the recipients all the rights that
 you have.  You must make sure that they, too, receive or can get the
 source code.  And you must show them these terms so they know their
 rights.
  We protect your rights with two steps: (1) copyright the software, and
 (2) offer you this license which gives you legal permission to copy,
 distribute and/or modify the software.
  Also, for each author's protection and ours, we want to make certain
 that everyone understands that there is no warranty for this free
 software.  If the software is modified by someone else and passed on, we
 want its recipients to know that what they have is not the original, so
 that any problems introduced by others will not reflect on the original
 authors' reputations.
  Finally, any free program is threatened constantly by software
 patents.  We wish to avoid the danger that redistributors of a free
 program will individually obtain patent licenses, in effect making the
 program proprietary.  To prevent this, we have made it clear that any
 patent must be licensed for everyone's free use or not licensed at all.
  The precise terms and conditions for copying, distribution and
 modification follow.
 		    GNU GENERAL PUBLIC LICENSE
   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
  0. This License applies to any program or other work which contains
 a notice placed by the copyright holder saying it may be distributed
 under the terms of this General Public License.  The "Program", below,
 refers to any such program or work, and a "work based on the Program"
 means either the Program or any derivative work under copyright law:
 that is to say, a work containing the Program or a portion of it,
 either verbatim or with modifications and/or translated into another
 language.  (Hereinafter, translation is included without limitation in
 the term "modification".)  Each licensee is addressed as "you".
 Activities other than copying, distribution and modification are not
 covered by this License; they are outside its scope.  The act of
 running the Program is not restricted, and the output from the Program
 is covered only if its contents constitute a work based on the
 Program (independent of having been made by running the Program).
 Whether that is true depends on what the Program does.
  1. You may copy and distribute verbatim copies of the Program's
 source code as you receive it, in any medium, provided that you
 conspicuously and appropriately publish on each copy an appropriate
 copyright notice and disclaimer of warranty; keep intact all the
 notices that refer to this License and to the absence of any warranty;
 and give any other recipients of the Program a copy of this License
 along with the Program.
 You may charge a fee for the physical act of transferring a copy, and
 you may at your option offer warranty protection in exchange for a fee.
  2. You may modify your copy or copies of the Program or any portion
 of it, thus forming a work based on the Program, and copy and
 distribute such modifications or work under the terms of Section 1
 above, provided that you also meet all of these conditions:
    a) You must cause the modified files to carry prominent notices
    stating that you changed the files and the date of any change.
    b) You must cause any work that you distribute or publish, that in
    whole or in part contains or is derived from the Program or any
    part thereof, to be licensed as a whole at no charge to all third
    parties under the terms of this License.
    c) If the modified program normally reads commands interactively
    when run, you must cause it, when started running for such
    interactive use in the most ordinary way, to print or display an
    announcement including an appropriate copyright notice and a
    notice that there is no warranty (or else, saying that you provide
    a warranty) and that users may redistribute the program under
    these conditions, and telling the user how to view a copy of this
    License.  (Exception: if the Program itself is interactive but
    does not normally print such an announcement, your work based on
    the Program is not required to print an announcement.)
 These requirements apply to the modified work as a whole.  If
 identifiable sections of that work are not derived from the Program,
 and can be reasonably considered independent and separate works in
 themselves, then this License, and its terms, do not apply to those
 sections when you distribute them as separate works.  But when you
 distribute the same sections as part of a whole which is a work based
 on the Program, the distribution of the whole must be on the terms of
 this License, whose permissions for other licensees extend to the
 entire whole, and thus to each and every part regardless of who wrote it.
 Thus, it is not the intent of this section to claim rights or contest
 your rights to work written entirely by you; rather, the intent is to
 exercise the right to control the distribution of derivative or
 collective works based on the Program.
 In addition, mere aggregation of another work not based on the Program
 with the Program (or with a work based on the Program) on a volume of
 a storage or distribution medium does not bring the other work under
 the scope of this License.
  3. You may copy and distribute the Program (or a work based on it,
 under Section 2) in object code or executable form under the terms of
 Sections 1 and 2 above provided that you also do one of the following:
    a) Accompany it with the complete corresponding machine-readable
    source code, which must be distributed under the terms of Sections
    1 and 2 above on a medium customarily used for software interchange; or,
    b) Accompany it with a written offer, valid for at least three
    years, to give any third party, for a charge no more than your
    cost of physically performing source distribution, a complete
    machine-readable copy of the corresponding source code, to be
    distributed under the terms of Sections 1 and 2 above on a medium
    customarily used for software interchange; or,
    c) Accompany it with the information you received as to the offer
    to distribute corresponding source code.  (This alternative is
    allowed only for noncommercial distribution and only if you
    received the program in object code or executable form with such
    an offer, in accord with Subsection b above.)
 The source code for a work means the preferred form of the work for
 making modifications to it.  For an executable work, complete source
 code means all the source code for all modules it contains, plus any
 associated interface definition files, plus the scripts used to
 control compilation and installation of the executable.  However, as a
 special exception, the source code distributed need not include
 anything that is normally distributed (in either source or binary
 form) with the major components (compiler, kernel, and so on) of the
 operating system on which the executable runs, unless that component
 itself accompanies the executable.
 If distribution of executable or object code is made by offering
 access to copy from a designated place, then offering equivalent
 access to copy the source code from the same place counts as
 distribution of the source code, even though third parties are not
 compelled to copy the source along with the object code.
  4. You may not copy, modify, sublicense, or distribute the Program
 except as expressly provided under this License.  Any attempt
 otherwise to copy, modify, sublicense or distribute the Program is
 void, and will automatically terminate your rights under this License.
 However, parties who have received copies, or rights, from you under
 this License will not have their licenses terminated so long as such
 parties remain in full compliance.
  5. You are not required to accept this License, since you have not
 signed it.  However, nothing else grants you permission to modify or
 distribute the Program or its derivative works.  These actions are
 prohibited by law if you do not accept this License.  Therefore, by
 modifying or distributing the Program (or any work based on the
 Program), you indicate your acceptance of this License to do so, and
 all its terms and conditions for copying, distributing or modifying
 the Program or works based on it.
  6. Each time you redistribute the Program (or any work based on the
 Program), the recipient automatically receives a license from the
 original licensor to copy, distribute or modify the Program subject to
 these terms and conditions.  You may not impose any further
 restrictions on the recipients' exercise of the rights granted herein.
 You are not responsible for enforcing compliance by third parties to
 this License.
  7. If, as a consequence of a court judgment or allegation of patent
 infringement or for any other reason (not limited to patent issues),
 conditions are imposed on you (whether by court order, agreement or
 otherwise) that contradict the conditions of this License, they do not
 excuse you from the conditions of this License.  If you cannot
 distribute so as to satisfy simultaneously your obligations under this
 License and any other pertinent obligations, then as a consequence you
 may not distribute the Program at all.  For example, if a patent
 license would not permit royalty-free redistribution of the Program by
 all those who receive copies directly or indirectly through you, then
 the only way you could satisfy both it and this License would be to
 refrain entirely from distribution of the Program.
 If any portion of this section is held invalid or unenforceable under
 any particular circumstance, the balance of the section is intended to
 apply and the section as a whole is intended to apply in other
 circumstances.
 It is not the purpose of this section to induce you to infringe any
 patents or other property right claims or to contest validity of any
 such claims; this section has the sole purpose of protecting the
 integrity of the free software distribution system, which is
 implemented by public license practices.  Many people have made
 generous contributions to the wide range of software distributed
 through that system in reliance on consistent application of that
 system; it is up to the author/donor to decide if he or she is willing
 to distribute software through any other system and a licensee cannot
 impose that choice.
 This section is intended to make thoroughly clear what is believed to
 be a consequence of the rest of this License.
  8. If the distribution and/or use of the Program is restricted in
 certain countries either by patents or by copyrighted interfaces, the
 original copyright holder who places the Program under this License
 may add an explicit geographical distribution limitation excluding
 those countries, so that distribution is permitted only in or among
 countries not thus excluded.  In such case, this License incorporates
 the limitation as if written in the body of this License.
  9. The Free Software Foundation may publish revised and/or new versions
 of the General Public License from time to time.  Such new versions will
 be similar in spirit to the present version, but may differ in detail to
 address new problems or concerns.
 Each version is given a distinguishing version number.  If the Program
 specifies a version number of this License which applies to it and "any
 later version", you have the option of following the terms and conditions
 either of that version or of any later version published by the Free
 Software Foundation.  If the Program does not specify a version number of
 this License, you may choose any version ever published by the Free Software
 Foundation.
  10. If you wish to incorporate parts of the Program into other free
 programs whose distribution conditions are different, write to the author
 to ask for permission.  For software which is copyrighted by the Free
 Software Foundation, write to the Free Software Foundation; we sometimes
 make exceptions for this.  Our decision will be guided by the two goals
 of preserving the free status of all derivatives of our free software and
 of promoting the sharing and reuse of software generally.
 			    NO WARRANTY
  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
 FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
 OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
 PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
 OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
 TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
 PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
 REPAIR OR CORRECTION.
  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
 WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
 REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
 INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
 OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
 TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
 YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
 PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
 POSSIBILITY OF SUCH DAMAGES.
 		     END OF TERMS AND CONDITIONS
 	    How to Apply These Terms to Your New Programs
  If you develop a new program, and you want it to be of the greatest
 possible use to the public, the best way to achieve this is to make it
 free software which everyone can redistribute and change under these terms.
  To do so, attach the following notices to the program.  It is safest
 to attach them to the start of each source file to most effectively
 convey the exclusion of warranty; and each file should have at least
 the "copyright" line and a pointer to where the full notice is found.
    <one line to give the program's name and a brief idea of what it does.>
    Copyright (C) <year>  <name of author>
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 Also add information on how to contact you by electronic and paper mail.
 If the program is interactive, make it output a short notice like this
 when it starts in an interactive mode:
    Gnomovision version 69, Copyright (C) year  name of author
    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
    This is free software, and you are welcome to redistribute it
    under certain conditions; type `show c' for details.
 The hypothetical commands `show w' and `show c' should show the appropriate
 parts of the General Public License.  Of course, the commands you use may
 be called something other than `show w' and `show c'; they could even be
 mouse-clicks or menu items--whatever suits your program.
 You should also get your employer (if you work as a programmer) or your
 school, if any, to sign a "copyright disclaimer" for the program, if
 necessary.  Here is a sample; alter the names:
  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
  `Gnomovision' (which makes passes at compilers) written by James Hacker.
  <signature of Ty Coon>, 1 April 1989
  Ty Coon, President of Vice
 This General Public License does not permit incorporating your program into
 proprietary programs.  If your program is a subroutine library, you may
 consider it more useful to permit linking proprietary applications with the
 library.  If this is what you want to do, use the GNU Library General
 Public License instead of this License.
--- a/extra/yassl/taocrypt/INSTALL
+++ b/extra/yassl/taocrypt/INSTALL
@@ -0,0 +1,229 @@
 Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002 Free Software
 Foundation, Inc.
   This file is free documentation; the Free Software Foundation gives
 unlimited permission to copy, distribute and modify it.
 Basic Installation
 ==================
   These are generic installation instructions.
   The `configure' shell script attempts to guess correct values for
 various system-dependent variables used during compilation.  It uses
 those values to create a `Makefile' in each directory of the package.
 It may also create one or more `.h' files containing system-dependent
 definitions.  Finally, it creates a shell script `config.status' that
 you can run in the future to recreate the current configuration, and a
 file `config.log' containing compiler output (useful mainly for
 debugging `configure').
   It can also use an optional file (typically called `config.cache'
 and enabled with `--cache-file=config.cache' or simply `-C') that saves
 the results of its tests to speed up reconfiguring.  (Caching is
 disabled by default to prevent problems with accidental use of stale
 cache files.)
   If you need to do unusual things to compile the package, please try
 to figure out how `configure' could check whether to do them, and mail
 diffs or instructions to the address given in the `README' so they can
 be considered for the next release.  If you are using the cache, and at
 some point `config.cache' contains results you don't want to keep, you
 may remove or edit it.
   The file `configure.ac' (or `configure.in') is used to create
 `configure' by a program called `autoconf'.  You only need
 `configure.ac' if you want to change it or regenerate `configure' using
 a newer version of `autoconf'.
 The simplest way to compile this package is:
  1. `cd' to the directory containing the package's source code and type
     `./configure' to configure the package for your system.  If you're
     using `csh' on an old version of System V, you might need to type
     `sh ./configure' instead to prevent `csh' from trying to execute
     `configure' itself.
     Running `configure' takes awhile.  While running, it prints some
     messages telling which features it is checking for.
  2. Type `make' to compile the package.
  3. Optionally, type `make check' to run any self-tests that come with
     the package.
  4. Type `make install' to install the programs and any data files and
     documentation.
  5. You can remove the program binaries and object files from the
     source code directory by typing `make clean'.  To also remove the
     files that `configure' created (so you can compile the package for
     a different kind of computer), type `make distclean'.  There is
     also a `make maintainer-clean' target, but that is intended mainly
     for the package's developers.  If you use it, you may have to get
     all sorts of other programs in order to regenerate files that came
     with the distribution.
 Compilers and Options
 =====================
   Some systems require unusual options for compilation or linking that
 the `configure' script does not know about.  Run `./configure --help'
 for details on some of the pertinent environment variables.
   You can give `configure' initial values for configuration parameters
 by setting variables in the command line or in the environment.  Here
 is an example:
     ./configure CC=c89 CFLAGS=-O2 LIBS=-lposix
   *Note Defining Variables::, for more details.
 Compiling For Multiple Architectures
 ====================================
   You can compile the package for more than one kind of computer at the
 same time, by placing the object files for each architecture in their
 own directory.  To do this, you must use a version of `make' that
 supports the `VPATH' variable, such as GNU `make'.  `cd' to the
 directory where you want the object files and executables to go and run
 the `configure' script.  `configure' automatically checks for the
 source code in the directory that `configure' is in and in `..'.
   If you have to use a `make' that does not support the `VPATH'
 variable, you have to compile the package for one architecture at a
 time in the source code directory.  After you have installed the
 package for one architecture, use `make distclean' before reconfiguring
 for another architecture.
 Installation Names
 ==================
   By default, `make install' will install the package's files in
 `/usr/local/bin', `/usr/local/man', etc.  You can specify an
 installation prefix other than `/usr/local' by giving `configure' the
 option `--prefix=PATH'.
   You can specify separate installation prefixes for
 architecture-specific files and architecture-independent files.  If you
 give `configure' the option `--exec-prefix=PATH', the package will use
 PATH as the prefix for installing programs and libraries.
 Documentation and other data files will still use the regular prefix.
   In addition, if you use an unusual directory layout you can give
 options like `--bindir=PATH' to specify different values for particular
 kinds of files.  Run `configure --help' for a list of the directories
 you can set and what kinds of files go in them.
   If the package supports it, you can cause programs to be installed
 with an extra prefix or suffix on their names by giving `configure' the
 option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
 Optional Features
 =================
   Some packages pay attention to `--enable-FEATURE' options to
 `configure', where FEATURE indicates an optional part of the package.
 They may also pay attention to `--with-PACKAGE' options, where PACKAGE
 is something like `gnu-as' or `x' (for the X Window System).  The
 `README' should mention any `--enable-' and `--with-' options that the
 package recognizes.
   For packages that use the X Window System, `configure' can usually
 find the X include and library files automatically, but if it doesn't,
 you can use the `configure' options `--x-includes=DIR' and
 `--x-libraries=DIR' to specify their locations.
 Specifying the System Type
 ==========================
   There may be some features `configure' cannot figure out
 automatically, but needs to determine by the type of machine the package
 will run on.  Usually, assuming the package is built to be run on the
 _same_ architectures, `configure' can figure that out, but if it prints
 a message saying it cannot guess the machine type, give it the
 `--build=TYPE' option.  TYPE can either be a short name for the system
 type, such as `sun4', or a canonical name which has the form:
     CPU-COMPANY-SYSTEM
 where SYSTEM can have one of these forms:
     OS KERNEL-OS
   See the file `config.sub' for the possible values of each field.  If
 `config.sub' isn't included in this package, then this package doesn't
 need to know the machine type.
   If you are _building_ compiler tools for cross-compiling, you should
 use the `--target=TYPE' option to select the type of system they will
 produce code for.
   If you want to _use_ a cross compiler, that generates code for a
 platform different from the build platform, you should specify the
 "host" platform (i.e., that on which the generated programs will
 eventually be run) with `--host=TYPE'.
 Sharing Defaults
 ================
   If you want to set default values for `configure' scripts to share,
 you can create a site shell script called `config.site' that gives
 default values for variables like `CC', `cache_file', and `prefix'.
 `configure' looks for `PREFIX/share/config.site' if it exists, then
 `PREFIX/etc/config.site' if it exists.  Or, you can set the
 `CONFIG_SITE' environment variable to the location of the site script.
 A warning: not all `configure' scripts look for a site script.
 Defining Variables
 ==================
   Variables not defined in a site shell script can be set in the
 environment passed to `configure'.  However, some packages may run
 configure again during the build, and the customized values of these
 variables may be lost.  In order to avoid this problem, you should set
 them in the `configure' command line, using `VAR=value'.  For example:
     ./configure CC=/usr/local2/bin/gcc
 will cause the specified gcc to be used as the C compiler (unless it is
 overridden in the site shell script).
 `configure' Invocation
 ======================
   `configure' recognizes the following options to control how it
 operates.
 `--help'
 `-h'
     Print a summary of the options to `configure', and exit.
 `--version'
 `-V'
     Print the version of Autoconf used to generate the `configure'
     script, and exit.
 `--cache-file=FILE'
     Enable the cache: use and save the results of the tests in FILE,
     traditionally `config.cache'.  FILE defaults to `/dev/null' to
     disable caching.
 `--config-cache'
 `-C'
     Alias for `--cache-file=config.cache'.
 `--quiet'
 `--silent'
 `-q'
     Do not print messages saying which checks are being made.  To
     suppress all normal output, redirect it to `/dev/null' (any error
     messages will still be shown).
 `--srcdir=DIR'
     Look for the package's source code in directory DIR.  Usually
     `configure' can determine that directory automatically.
 `configure' also accepts some other, not widely useful, options.  Run
 `configure --help' for more details.
--- a/extra/yassl/taocrypt/Makefile.am
+++ b/extra/yassl/taocrypt/Makefile.am
@@ -1,2 +1,2 @@
 SUBDIRS = src test benchmark
-EXTRA_DIST = taocrypt.dsw taocrypt.dsp CMakeLists.txt
+EXTRA_DIST = taocrypt.dsw taocrypt.dsp CMakeLists.txt $(wildcard mySTL/*.hpp)
--- a/extra/yassl/taocrypt/README
+++ b/extra/yassl/taocrypt/README
@@ -0,0 +1,37 @@
 TaoCrypt release 0.9.0   09/18/2006
 This is the first release of TaoCrypt, it was previously only included with
 yaSSL. TaoCrypt is highly portable and fast, its features include:
 One way hash functions: SHA-1, MD2, MD4, MD5, RIPEMD-160
 Message authentication codes: HMAC
 Block Ciphers: DES, Triple-DES, AES, Blowfish, Twofish
 Stream Ciphers: ARC4
 Public Key Crypto: RSA, DSA, Diffie-Hellman
 Password based key derivation: PBKDF2 from PKCS #5
 Pseudo Random Number Generators
 Lare Integer Support
 Base 16/64 encoding/decoding
 DER encoding/decoding
 X.509 processing
 SSE2 and ia32 asm for the right processors and compilers
 To build on Unix
    ./configure
    make
    To test the build, from the ./test directory run ./test
 On Windows
    Open the taocrypt project workspace
    Choose (Re)Build All
    To test the build, run the test executable
 Please send any questions or comments to todd@yassl.com.
--- a/extra/yassl/taocrypt/benchmark/Makefile.am
+++ b/extra/yassl/taocrypt/benchmark/Makefile.am
@@ -1,4 +1,4 @@
-INCLUDES = -I../include -I../../mySTL
+INCLUDES = -I../include -I../mySTL
 bin_PROGRAMS       = benchmark
 benchmark_SOURCES  = benchmark.cpp
 benchmark_LDFLAGS  = -L../src
--- a/extra/yassl/taocrypt/include/asn.hpp
+++ b/extra/yassl/taocrypt/include/asn.hpp
@@ -33,10 +33,12 @@
 #include "misc.hpp"
 #include "block.hpp"
 #include "list.hpp"
 #include "error.hpp"
 #include STL_LIST_FILE
 namespace STL = STL_NAMESPACE;
 namespace TaoCrypt {
@@ -232,7 +234,7 @@ private:
 };
-typedef mySTL::list<Signer*> SignerList;
+typedef STL::list<Signer*> SignerList;
 enum SigType  { SHAwDSA = 517, MD2wRSA = 646, MD5wRSA = 648, SHAwRSA =649};
--- a/extra/yassl/taocrypt/include/block.hpp
+++ b/extra/yassl/taocrypt/include/block.hpp
@@ -31,12 +31,14 @@
 #ifndef TAO_CRYPT_BLOCK_HPP
 #define TAO_CRYPT_BLOCK_HPP
 #include "algorithm.hpp"    // mySTL::swap
 #include "misc.hpp"
 #include <string.h>         // memcpy
 #include <stddef.h>         // ptrdiff_t
 #include STL_ALGORITHM_FILE
 namespace STL = STL_NAMESPACE;
 namespace TaoCrypt {
@@ -80,7 +82,7 @@ typename A::pointer StdReallocate(A& a, T* p, typename A::size_type oldSize,
        typename A::pointer newPointer = b.allocate(newSize, 0);
        memcpy(newPointer, p, sizeof(T) * min(oldSize, newSize));
        a.deallocate(p, oldSize);
-        mySTL::swap(a, b);
+        STL::swap(a, b);
        return newPointer;
    }
    else {
@@ -183,9 +185,9 @@ public:
    }
    void Swap(Block& other) {
-        mySTL::swap(sz_, other.sz_);
+        STL::swap(sz_, other.sz_);
-        mySTL::swap(buffer_, other.buffer_);
+        STL::swap(buffer_, other.buffer_);
-        mySTL::swap(allocator_, other.allocator_);
+        STL::swap(allocator_, other.allocator_);
    }
    ~Block() { allocator_.deallocate(buffer_, sz_); }
--- a/extra/yassl/taocrypt/include/blowfish.hpp
+++ b/extra/yassl/taocrypt/include/blowfish.hpp
@@ -32,7 +32,11 @@
 #include "misc.hpp"
 #include "modes.hpp"
-#include "algorithm.hpp"
+#include STL_ALGORITHM_FILE
 namespace STL = STL_NAMESPACE;
 namespace TaoCrypt {
--- a/extra/yassl/taocrypt/include/error.hpp
+++ b/extra/yassl/taocrypt/include/error.hpp
@@ -37,7 +37,7 @@ namespace TaoCrypt {
 enum ErrorNumber {
-NO_ERROR   =    0, // "not in error state"
+NO_ERROR_E   =    0, // "not in error state"
 // RandomNumberGenerator
 WINCRYPT_E      = 1001, // "bad wincrypt acquire"
@@ -78,7 +78,7 @@ SIG_OTHER_E     = 1039  // "bad other signature confirmation"
 struct Error {
    ErrorNumber  what_;    // description number, 0 for no error
-    explicit Error(ErrorNumber w = NO_ERROR) : what_(w) {}
+    explicit Error(ErrorNumber w = NO_ERROR_E) : what_(w) {}
    ErrorNumber What()            const  { return what_; }
    void        SetError(ErrorNumber w)  { what_ = w; }
--- a/extra/yassl/taocrypt/include/file.hpp
+++ b/extra/yassl/taocrypt/include/file.hpp
@@ -83,7 +83,7 @@ private:
    void Swap(Source& other) 
    {
        buffer_.Swap(other.buffer_);
-        mySTL::swap(current_, other.current_);
+        STL::swap(current_, other.current_);
    }
 };
--- a/extra/yassl/taocrypt/include/integer.hpp
+++ b/extra/yassl/taocrypt/include/integer.hpp
@@ -44,8 +44,8 @@
 #include "block.hpp"
 #include "random.hpp"
 #include "file.hpp"
 #include "algorithm.hpp"    // mySTL::swap
 #include <string.h>
 #include STL_ALGORITHM_FILE
 #ifdef TAOCRYPT_X86ASM_AVAILABLE
--- a/extra/yassl/taocrypt/include/misc.hpp
+++ b/extra/yassl/taocrypt/include/misc.hpp
@@ -198,6 +198,23 @@ void CleanUp();
 #endif
 #ifdef USE_SYS_STL
    // use system STL
    #define STL_VECTOR_FILE    <vector>
    #define STL_LIST_FILE      <list>
    #define STL_ALGORITHM_FILE <algorithm>
    #define STL_MEMORY_FILE    <memory>
    #define STL_NAMESPACE       std
 #else
    // use mySTL
    #define STL_VECTOR_FILE    "vector.hpp"
    #define STL_LIST_FILE      "list.hpp"
    #define STL_ALGORITHM_FILE "algorithm.hpp"
    #define STL_MEMORY_FILE    "memory.hpp"
    #define STL_NAMESPACE       mySTL
 #endif
 // ***************** DLL related ********************
 #ifdef TAOCRYPT_WIN32_AVAILABLE
--- a/extra/yassl/taocrypt/include/pwdbased.hpp
+++ b/extra/yassl/taocrypt/include/pwdbased.hpp
@@ -74,7 +74,7 @@ word32 PBKDF2_HMAC<T>::DeriveKey(byte* derived, word32 dLen, const byte* pwd,
 		}
 		hmac.Final(buffer.get_buffer());
-		word32 segmentLen = mySTL::min(dLen, buffer.size());
+		word32 segmentLen = min(dLen, buffer.size());
 		memcpy(derived, buffer.get_buffer(), segmentLen);
 		for (j = 1; j < iterations; j++) {
--- a/extra/yassl/taocrypt/include/twofish.hpp
+++ b/extra/yassl/taocrypt/include/twofish.hpp
@@ -32,7 +32,11 @@
 #include "misc.hpp"
 #include "modes.hpp"
-#include "algorithm.hpp"
+#include STL_ALGORITHM_FILE
 namespace STL = STL_NAMESPACE;
 namespace TaoCrypt {
--- a/extra/yassl/taocrypt/mySTL/algorithm.hpp
+++ b/extra/yassl/taocrypt/mySTL/algorithm.hpp
--- a/extra/yassl/taocrypt/mySTL/helpers.hpp
+++ b/extra/yassl/taocrypt/mySTL/helpers.hpp
@@ -113,6 +113,47 @@ PlaceIter uninit_fill_n(PlaceIter place, Size n, const T& value)
 }
 template <typename T>
 T* GetArrayMemory(size_t items)
 {
    unsigned char* ret;
    #ifdef YASSL_LIB
        ret = NEW_YS unsigned char[sizeof(T) * items];
    #else
        ret = NEW_TC unsigned char[sizeof(T) * items];
    #endif
    return reinterpret_cast<T*>(ret);
 }
 template <typename T>
 void FreeArrayMemory(T* ptr)
 {
    unsigned char* p = reinterpret_cast<unsigned char*>(ptr);
    #ifdef YASSL_LIB
        yaSSL::ysArrayDelete(p);
    #else
        TaoCrypt::tcArrayDelete(p);
    #endif
 }
 static void* GetMemory(size_t bytes)
 {
    return GetArrayMemory<unsigned char>(bytes);
 }
 static void FreeMemory(void* ptr)
 {
    FreeArrayMemory(ptr);
 }
 } // namespace mySTL
--- a/extra/yassl/taocrypt/mySTL/list.hpp
+++ b/extra/yassl/taocrypt/mySTL/list.hpp
@@ -33,7 +33,6 @@
 #include "helpers.hpp"
 #include <stdlib.h>
 namespace mySTL {
@@ -75,8 +74,7 @@ public:
    class iterator {
        node* current_;
    public:
-        iterator() : current_(0) {}
+        explicit iterator(node* p = 0) : current_(p) {}
        explicit iterator(node* p) : current_(p) {}
        T& operator*() const
        {
@@ -127,11 +125,67 @@ public:
        friend class list<T>;
    };
    class reverse_iterator {
        node* current_;
    public:
        explicit reverse_iterator(node* p = 0) : current_(p) {}
        T& operator*() const
        {
            return current_->value_;
        }
        T* operator->() const
        {
            return &(operator*());
        }
        reverse_iterator& operator++()
        {
            current_ = current_->prev_;
            return *this;
        }
        reverse_iterator& operator--()
        {
            current_ = current_->next_;
            return *this;
        }
        reverse_iterator operator++(int)
        {
            reverse_iterator tmp = *this;
            current_ = current_->prev_;
            return tmp;
        }
        reverse_iterator operator--(int)
        {
            reverse_iterator tmp = *this;
            current_ = current_->next_;
            return tmp;
        }
        bool operator==(const reverse_iterator& other) const
        { 
            return current_ == other.current_;
        }
        bool operator!=(const reverse_iterator& other) const
        {
            return current_ != other.current_;
        }
        friend class list<T>;
    };
    bool erase(iterator);
    iterator         begin()  const { return iterator(head_); }
-    iterator rbegin() const { return iterator(tail_); }
+    reverse_iterator rbegin() const { return reverse_iterator(tail_); }
    iterator         end()    const { return iterator(); }
    reverse_iterator rend()   const { return reverse_iterator(); }
    typedef iterator const_iterator;    // for now
@@ -158,7 +212,7 @@ list<T>::~list()
    for (; start; start = next_) {
        next_ = start->next_;
        destroy(start);
-        free(start);
+        FreeMemory(start);
    }
 }
@@ -166,8 +220,7 @@ list<T>::~list()
 template<typename T> 
 void list<T>::push_front(T t)
 {
-    void* mem = malloc(sizeof(node));
+    void* mem = GetMemory(sizeof(node));
    if (!mem) abort();
    node* add = new (reinterpret_cast<yassl_pointer>(mem)) node(t);
    if (head_) {
@@ -196,7 +249,7 @@ void list<T>::pop_front()
        head_->prev_ = 0;
    }
    destroy(front);
-    free(front);
+    FreeMemory(front);
    --sz_;
 }
@@ -204,7 +257,7 @@ void list<T>::pop_front()
 template<typename T> 
 T list<T>::front() const
 {
-    if (head_ == 0) return 0;
+    if (head_ == 0) return T();
    return head_->value_;
 }
@@ -212,8 +265,7 @@ T list<T>::front() const
 template<typename T> 
 void list<T>::push_back(T t)
 {
-    void* mem = malloc(sizeof(node));
+    void* mem = GetMemory(sizeof(node));
    if (!mem) abort();
    node* add = new (reinterpret_cast<yassl_pointer>(mem)) node(t);
    if (tail_) {
@@ -242,7 +294,7 @@ void list<T>::pop_back()
        tail_->next_ = 0;
    }
    destroy(rear);
-    free(rear);
+    FreeMemory(rear);
    --sz_;
 }
@@ -250,7 +302,7 @@ void list<T>::pop_back()
 template<typename T> 
 T list<T>::back() const
 {
-    if (tail_ == 0) return 0;
+    if (tail_ == 0) return T();
    return tail_->value_;
 }
@@ -286,7 +338,7 @@ bool list<T>::remove(T t)
        del->next_->prev_ = del->prev_;
        destroy(del);
-        free(del);
+        FreeMemory(del);
        --sz_;
    }
    return true;
@@ -309,78 +361,13 @@ bool list<T>::erase(iterator iter)
        del->next_->prev_ = del->prev_;
        destroy(del);
-        free(del);
+        FreeMemory(del);
        --sz_;
    }
    return true;
 }
 /* MSVC can't handle ??
 template<typename T>
 T& list<T>::iterator::operator*() const
 {
    return current_->value_;
 }
 template<typename T>
 T* list<T>::iterator::operator->() const
 {
    return &(operator*());
 }
 template<typename T>
 typename list<T>::iterator& list<T>::iterator::operator++()
 {
    current_ = current_->next_;
    return *this;
 }
 template<typename T>
 typename list<T>::iterator& list<T>::iterator::operator--()
 {
    current_ = current_->prev_;
    return *this;
 }
 template<typename T>
 typename list<T>::iterator& list<T>::iterator::operator++(int)
 {
    iterator tmp = *this;
    current_ = current_->next_;
    return tmp;
 }
 template<typename T>
 typename list<T>::iterator& list<T>::iterator::operator--(int)
 {
    iterator tmp = *this;
    current_ = current_->prev_;
    return tmp;
 }
 template<typename T>
 bool list<T>::iterator::operator==(const iterator& other) const
 {
    return current_ == other.current_;
 }
 template<typename T>
 bool list<T>::iterator::operator!=(const iterator& other) const
 {
    return current_ != other.current_;
 }
 */  // end MSVC 6 can't handle
 } // namespace mySTL
--- a/extra/yassl/taocrypt/mySTL/memory.hpp
+++ b/extra/yassl/taocrypt/mySTL/memory.hpp
@@ -31,6 +31,7 @@
 #ifndef mySTL_MEMORY_HPP
 #define mySTL_MEMORY_HPP
 #include "memory_array.hpp"   // for auto_array
 #ifdef _MSC_VER
    // disable operator-> warning for builtins
@@ -43,27 +44,25 @@ namespace mySTL {
 template<typename T>
 struct auto_ptr_ref {
    typedef void (*Deletor)(T*);
    T* ptr_;
-    Deletor del_;
+    explicit auto_ptr_ref(T* p) : ptr_(p) {}
    auto_ptr_ref(T* p, Deletor d) : ptr_(p), del_(d) {}
 };
 template<typename T>
 class auto_ptr {
    typedef void (*Deletor)(T*);
    T*       ptr_;
    Deletor  del_;
    void Destroy()
    {
-        del_(ptr_);
+        #ifdef YASSL_LIB
            yaSSL::ysDelete(ptr_);
        #else
            TaoCrypt::tcDelete(ptr_);
        #endif
    }
 public:
-    auto_ptr(T* p, Deletor d) : ptr_(p), del_(d) {}
+    explicit auto_ptr(T* p = 0) : ptr_(p) {}
    explicit auto_ptr(Deletor d) : ptr_(0), del_(d) {}
    ~auto_ptr() 
    {
@@ -71,14 +70,13 @@ public:
    }
-    auto_ptr(auto_ptr& other) : ptr_(other.release()), del_(other.del_) {}
+    auto_ptr(auto_ptr& other) : ptr_(other.release()) {}
    auto_ptr& operator=(auto_ptr& that)
    {
        if (this != &that) {
            Destroy();
            ptr_ = that.release();
            del_ = that.del_;
        }
        return *this;
    }
@@ -115,14 +113,13 @@ public:
    }
    // auto_ptr_ref conversions
-    auto_ptr(auto_ptr_ref<T> ref) : ptr_(ref.ptr_), del_(ref.del_) {}
+    auto_ptr(auto_ptr_ref<T> ref) : ptr_(ref.ptr_) {}
    auto_ptr& operator=(auto_ptr_ref<T> ref)
    {
        if (this->ptr_ != ref.ptr_) {
            Destroy();
            ptr_ = ref.ptr_;
            del_ = ref.del_;
        }
        return *this;
    }
@@ -130,13 +127,13 @@ public:
    template<typename T2>
    operator auto_ptr<T2>()
    {
-        return auto_ptr<T2>(this->release(), this->del_);
+        return auto_ptr<T2>(this->release());
    }
    template<typename T2>
    operator auto_ptr_ref<T2>()
    {
-        return auto_ptr_ref<T2>(this->release(), this->del_);
+        return auto_ptr_ref<T2>(this->release());
    }
 };
--- a/extra/yassl/taocrypt/mySTL/memory_array.hpp
+++ b/extra/yassl/taocrypt/mySTL/memory_array.hpp
@@ -0,0 +1,142 @@
 /* mySTL memory_array.hpp                                
 *
 * Copyright (C) 2003 Sawtooth Consulting Ltd.
 *
 * This file is part of yaSSL.
 *
 * yaSSL is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * There are special exceptions to the terms and conditions of the GPL as it
 * is applied to yaSSL. View the full text of the exception in the file
 * FLOSS-EXCEPTIONS in the directory of this software distribution.
 *
 * yaSSL is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
 */
 /* mySTL memory_arry implements auto_array
 *
 */
 #ifndef mySTL_MEMORY_ARRAY_HPP
 #define mySTL_MEMORY_ARRAY_HPP
 #ifdef _MSC_VER
    // disable operator-> warning for builtins
    #pragma warning(disable:4284)
 #endif
 namespace mySTL {
 template<typename T>
 struct auto_array_ref {
    T* ptr_;
    explicit auto_array_ref(T* p) : ptr_(p) {}
 };
 template<typename T>
 class auto_array {
    T*       ptr_;
    void Destroy()
    {
        #ifdef YASSL_LIB
            yaSSL::ysArrayDelete(ptr_);
        #else
            TaoCrypt::tcArrayDelete(ptr_);
        #endif
    }
 public:
    explicit auto_array(T* p = 0) : ptr_(p) {}
    ~auto_array() 
    {
        Destroy();
    }
    auto_array(auto_array& other) : ptr_(other.release()) {}
    auto_array& operator=(auto_array& that)
    {
        if (this != &that) {
            Destroy();
            ptr_ = that.release();
        }
        return *this;
    }
    T* operator->() const
    {
        return ptr_;
    }
    T& operator*() const
    {
        return *ptr_;
    }
    T* get() const 
    { 
        return ptr_; 
    }
    T* release()
    {
        T* tmp = ptr_;
        ptr_ = 0;
        return tmp;
    }
    void reset(T* p = 0)
    {
        if (ptr_ != p) {
            Destroy();
            ptr_ = p;
        }
    }
    // auto_array_ref conversions
    auto_array(auto_array_ref<T> ref) : ptr_(ref.ptr_) {}
    auto_array& operator=(auto_array_ref<T> ref)
    {
        if (this->ptr_ != ref.ptr_) {
            Destroy();
            ptr_ = ref.ptr_;
        }
        return *this;
    }
    template<typename T2>
    operator auto_array<T2>()
    {
        return auto_array<T2>(this->release());
    }
    template<typename T2>
    operator auto_array_ref<T2>()
    {
        return auto_array_ref<T2>(this->release());
    }
 };
 } // namespace mySTL
 #endif // mySTL_MEMORY_ARRAY_HPP
--- a/extra/yassl/taocrypt/mySTL/pair.hpp
+++ b/extra/yassl/taocrypt/mySTL/pair.hpp
--- a/extra/yassl/taocrypt/mySTL/stdexcept.hpp
+++ b/extra/yassl/taocrypt/mySTL/stdexcept.hpp
--- a/extra/yassl/taocrypt/mySTL/vector.hpp
+++ b/extra/yassl/taocrypt/mySTL/vector.hpp
@@ -34,7 +34,6 @@
 #include "helpers.hpp"    // construct, destory, fill, etc.
 #include "algorithm.hpp"  // swap
 #include <assert.h>       // assert
 #include <stdlib.h>       // malloc
 namespace mySTL {
@@ -49,14 +48,15 @@ struct vector_base {
    vector_base() : start_(0), finish_(0), end_of_storage_(0) {}
    vector_base(size_t n)
    {
-        // Don't allow malloc(0), if n is 0 use 1
+        start_ = GetArrayMemory<T>(n);
        start_ = static_cast<T*>(malloc((n ? n : 1) * sizeof(T)));
        if (!start_) abort();
        finish_ = start_;
        end_of_storage_ = start_ + n;
    }
-    ~vector_base() { if (start_) free(start_); }
+    ~vector_base() 
    { 
        FreeArrayMemory(start_);
    }
    void Swap(vector_base& that) 
    {
@@ -71,6 +71,9 @@ struct vector_base {
 template <typename T>
 class vector {
 public:
    typedef T*       iterator;
    typedef const T* const_iterator;
    vector() {}
    explicit vector(size_t n) : vec_(n) 
    { 
--- a/extra/yassl/taocrypt/src/Makefile.am
+++ b/extra/yassl/taocrypt/src/Makefile.am
@@ -1,4 +1,4 @@
-INCLUDES = -I../include -I../../mySTL
+INCLUDES = -I../include -I../mySTL
 noinst_LTLIBRARIES = libtaocrypt.la
--- a/extra/yassl/taocrypt/src/algebra.cpp
+++ b/extra/yassl/taocrypt/src/algebra.cpp
@@ -29,7 +29,10 @@
 #include "runtime.hpp"
 #include "algebra.hpp"
-#include "vector.hpp"   // mySTL::vector (simple)
+#include STL_VECTOR_FILE
 namespace STL = STL_NAMESPACE;
 namespace TaoCrypt {
@@ -82,7 +85,7 @@ const Integer& AbstractEuclideanDomain::Mod(const Element &a,
 const Integer& AbstractEuclideanDomain::Gcd(const Element &a,
                                            const Element &b) const
 {
-    mySTL::vector<Element> g(3);
+    STL::vector<Element> g(3);
    g[0]= b;
    g[1]= a;
    unsigned int i0=0, i1=1, i2=2;
@@ -115,7 +118,7 @@ Integer AbstractGroup::CascadeScalarMultiply(const Element &x,
    const unsigned w = (expLen <= 46 ? 1 : (expLen <= 260 ? 2 : 3));
    const unsigned tableSize = 1<<w;
-    mySTL::vector<Element> powerTable(tableSize << w);
+    STL::vector<Element> powerTable(tableSize << w);
    powerTable[1] = x;
    powerTable[tableSize] = y;
@@ -240,8 +243,8 @@ struct WindowSlider
 void AbstractGroup::SimultaneousMultiply(Integer *results, const Integer &base,
                          const Integer *expBegin, unsigned int expCount) const
 {
-    mySTL::vector<mySTL::vector<Element> > buckets(expCount);
+    STL::vector<STL::vector<Element> > buckets(expCount);
-    mySTL::vector<WindowSlider> exponents;
+    STL::vector<WindowSlider> exponents;
    exponents.reserve(expCount);
    unsigned int i;
@@ -332,6 +335,8 @@ void AbstractRing::SimultaneousExponentiate(Integer *results,
 namespace mySTL {
 template TaoCrypt::WindowSlider* uninit_copy<TaoCrypt::WindowSlider*, TaoCrypt::WindowSlider*>(TaoCrypt::WindowSlider*, TaoCrypt::WindowSlider*, TaoCrypt::WindowSlider*);
 template void destroy<TaoCrypt::WindowSlider*>(TaoCrypt::WindowSlider*, TaoCrypt::WindowSlider*);
 template TaoCrypt::WindowSlider* GetArrayMemory<TaoCrypt::WindowSlider>(size_t);
 template void FreeArrayMemory<TaoCrypt::WindowSlider>(TaoCrypt::WindowSlider*);
 }
 #endif
--- a/extra/yassl/taocrypt/src/asn.cpp
+++ b/extra/yassl/taocrypt/src/asn.cpp
@@ -38,7 +38,8 @@
 #include "sha.hpp"
 #include "coding.hpp"
 #include <time.h>     // gmtime();
-#include "memory.hpp"   // mySTL::auto_ptr
+#include "memory.hpp" // some auto_ptr don't have reset, also need auto_array
 namespace TaoCrypt {
@@ -202,13 +203,13 @@ void PublicKey::SetKey(const byte* k)
 void PublicKey::AddToEnd(const byte* data, word32 len)
 {
-    mySTL::auto_ptr<byte> tmp(NEW_TC byte[sz_ + len], tcArrayDelete);
+    mySTL::auto_array<byte> tmp(NEW_TC byte[sz_ + len]);
    memcpy(tmp.get(), key_, sz_);
    memcpy(tmp.get() + sz_, data, len);
    byte* del = 0;
-    mySTL::swap(del, key_);
+    STL::swap(del, key_);
    tcArrayDelete(del);
    key_ = tmp.release();
@@ -856,7 +857,7 @@ bool CertDecoder::ValidateSignature(SignerList* signers)
 bool CertDecoder::ConfirmSignature(Source& pub)
 {
    HashType ht;
-    mySTL::auto_ptr<HASH> hasher(tcDelete);
+    mySTL::auto_ptr<HASH> hasher;
    if (signatureOID_ == MD5wRSA) {
        hasher.reset(NEW_TC MD5);
--- a/extra/yassl/taocrypt/src/blowfish.cpp
+++ b/extra/yassl/taocrypt/src/blowfish.cpp
@@ -133,7 +133,7 @@ void Blowfish::SetKey(const byte* key_string, word32 keylength, CipherDir dir)
 	if (dir==DECRYPTION)
 		for (i=0; i<(ROUNDS+2)/2; i++)
-			mySTL::swap(pbox_[i], pbox_[ROUNDS+1-i]);
+			STL::swap(pbox_[i], pbox_[ROUNDS+1-i]);
 }
--- a/extra/yassl/taocrypt/src/des.cpp
+++ b/extra/yassl/taocrypt/src/des.cpp
@@ -34,7 +34,10 @@
 #include "runtime.hpp"
 #include "des.hpp"
-#include "algorithm.hpp"    // mySTL::swap
+#include STL_ALGORITHM_FILE
 namespace STL = STL_NAMESPACE;
 #if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM)
@@ -265,8 +268,8 @@ void BasicDES::SetKey(const byte* key, word32 /*length*/, CipherDir dir)
    // reverse key schedule order
    if (dir == DECRYPTION)
        for (i = 0; i < 16; i += 2) {
-            mySTL::swap(k_[i],   k_[32 - 2 - i]);
+            STL::swap(k_[i],   k_[32 - 2 - i]);
-            mySTL::swap(k_[i+1], k_[32 - 1 - i]);
+            STL::swap(k_[i+1], k_[32 - 1 - i]);
        }
 }
--- a/extra/yassl/taocrypt/src/dh.cpp
+++ b/extra/yassl/taocrypt/src/dh.cpp
@@ -61,7 +61,7 @@ void DH::GenerateKeyPair(RandomNumberGenerator& rng, byte* priv, byte* pub)
 // Generate private value
 void DH::GeneratePrivate(RandomNumberGenerator& rng, byte* priv)
 {
-    Integer x(rng, Integer::One(), mySTL::min(p_ - 1,
+    Integer x(rng, Integer::One(), min(p_ - 1,
        Integer::Power2(2*DiscreteLogWorkFactor(p_.BitCount())) ) );
    x.Encode(priv, p_.ByteCount());
 }
--- a/extra/yassl/taocrypt/src/integer.cpp
+++ b/extra/yassl/taocrypt/src/integer.cpp
@@ -1094,7 +1094,7 @@ static bool IsP4()
    word32 cpuid[4];
    CpuId(0, cpuid);
-    mySTL::swap(cpuid[2], cpuid[3]);
+    STL::swap(cpuid[2], cpuid[3]);
    if (memcmp(cpuid+1, "GenuineIntel", 12) != 0)
        return false;
@@ -2384,8 +2384,8 @@ void AsymmetricMultiply(word *R, word *T, const word *A, unsigned int NA,
    if (NA > NB)
    {
-        mySTL::swap(A, B);
+        STL::swap(A, B);
-        mySTL::swap(NA, NB);
+        STL::swap(NA, NB);
    }
    assert(NB % NA == 0);
@@ -2521,8 +2521,8 @@ unsigned int AlmostInverse(word *R, word *T, const word *A, unsigned int NA,
        if (Compare(f, g, fgLen)==-1)
        {
-            mySTL::swap(f, g);
+            STL::swap(f, g);
-            mySTL::swap(b, c);
+            STL::swap(b, c);
            s++;
        }
@@ -3162,7 +3162,7 @@ signed long Integer::ConvertToLong() const
 void Integer::Swap(Integer& a)
 {
    reg_.Swap(a.reg_);
-    mySTL::swap(sign_, a.sign_);
+    STL::swap(sign_, a.sign_);
 }
--- a/extra/yassl/taocrypt/src/md4.cpp
+++ b/extra/yassl/taocrypt/src/md4.cpp
@@ -28,9 +28,11 @@
 #include "runtime.hpp"
 #include "md4.hpp"
-#include "algorithm.hpp"    // mySTL::swap
+#include STL_ALGORITHM_FILE
 namespace STL = STL_NAMESPACE;
 namespace TaoCrypt {
@@ -69,9 +71,9 @@ MD4& MD4::operator= (const MD4& that)
 void MD4::Swap(MD4& other)
 {
-    mySTL::swap(loLen_,   other.loLen_);
+    STL::swap(loLen_,   other.loLen_);
-    mySTL::swap(hiLen_,   other.hiLen_);
+    STL::swap(hiLen_,   other.hiLen_);
-    mySTL::swap(buffLen_, other.buffLen_);
+    STL::swap(buffLen_, other.buffLen_);
    memcpy(digest_, other.digest_, DIGEST_SIZE);
    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
--- a/extra/yassl/taocrypt/src/md5.cpp
+++ b/extra/yassl/taocrypt/src/md5.cpp
@@ -28,7 +28,10 @@
 #include "runtime.hpp"
 #include "md5.hpp"
-#include "algorithm.hpp"    // mySTL::swap
+#include STL_ALGORITHM_FILE
 namespace STL = STL_NAMESPACE;
 #if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM)
@@ -72,9 +75,9 @@ MD5& MD5::operator= (const MD5& that)
 void MD5::Swap(MD5& other)
 {
-    mySTL::swap(loLen_,   other.loLen_);
+    STL::swap(loLen_,   other.loLen_);
-    mySTL::swap(hiLen_,   other.hiLen_);
+    STL::swap(hiLen_,   other.hiLen_);
-    mySTL::swap(buffLen_, other.buffLen_);
+    STL::swap(buffLen_, other.buffLen_);
    memcpy(digest_, other.digest_, DIGEST_SIZE);
    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
--- a/extra/yassl/taocrypt/src/misc.cpp
+++ b/extra/yassl/taocrypt/src/misc.cpp
@@ -29,16 +29,6 @@
 #include "runtime.hpp"
 #include "misc.hpp"
 #if !defined(YASSL_MYSQL_COMPATIBLE)
 extern "C" {
    // for libcurl configure test, these are the signatures they use
    // locking handled internally by library
    char CRYPTO_lock() { return 0;}
    char CRYPTO_add_lock() { return 0;}
 }  // extern "C"
 #endif
 #ifdef YASSL_PURE_C
    void* operator new(size_t sz, TaoCrypt::new_t)
--- a/extra/yassl/taocrypt/src/random.cpp
+++ b/extra/yassl/taocrypt/src/random.cpp
@@ -31,7 +31,7 @@
 #include "runtime.hpp"
 #include "random.hpp"
 #include <string.h>
-
+#include <time.h>
 #if defined(_WIN32)
    #define _WIN32_WINNT 0x0400
@@ -74,6 +74,8 @@ byte RandomNumberGenerator::GenerateByte()
 #if defined(_WIN32)
 /* The OS_Seed implementation for windows */
 OS_Seed::OS_Seed()
 {
    if(!CryptAcquireContext(&handle_, 0, 0, PROV_RSA_FULL,
@@ -95,8 +97,70 @@ void OS_Seed::GenerateSeed(byte* output, word32 sz)
 }
-#else // _WIN32
+#elif defined(__NETWARE__)
 /* The OS_Seed implementation for Netware */
 #include <nks/thread.h>
 #include <nks/plat.h>
 // Loop on high resulution Read Time Stamp Counter
 static void NetwareSeed(byte* output, word32 sz)
 {
    word32 tscResult;
    for (word32 i = 0; i < sz; i += sizeof(tscResult)) {
        #if defined(__GNUC__)
            asm volatile("rdtsc" : "=A" (tscResult));
        #else
            #ifdef __MWERKS__
                asm {
            #else
                __asm {
            #endif
                    rdtsc
                    mov tscResult, eax
            }
        #endif
        memcpy(output, &tscResult, sizeof(tscResult));
        output += sizeof(tscResult);
        NXThreadYield();   // induce more variance
    }
 }
 OS_Seed::OS_Seed()
 {
 }
 OS_Seed::~OS_Seed()
 {
 }
 void OS_Seed::GenerateSeed(byte* output, word32 sz)
 {
  /*
    Try to use NXSeedRandom as it will generate a strong
    seed using the onboard 82802 chip
    As it's not always supported, fallback to default
    implementation if an error is returned
  */
  if (NXSeedRandom(sz, output) != 0)
  {
    NetwareSeed(output, sz);
  }
 }
 #else
 /* The default OS_Seed implementation */
 OS_Seed::OS_Seed() 
 {
--- a/extra/yassl/taocrypt/src/ripemd.cpp
+++ b/extra/yassl/taocrypt/src/ripemd.cpp
@@ -28,9 +28,11 @@
 #include "runtime.hpp"
 #include "ripemd.hpp"
-#include "algorithm.hpp"    // mySTL::swap
+#include STL_ALGORITHM_FILE
 namespace STL = STL_NAMESPACE;
 #if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM)
    #define DO_RIPEMD_ASM
@@ -75,9 +77,9 @@ RIPEMD160& RIPEMD160::operator= (const RIPEMD160& that)
 void RIPEMD160::Swap(RIPEMD160& other)
 {
-    mySTL::swap(loLen_,   other.loLen_);
+    STL::swap(loLen_,   other.loLen_);
-    mySTL::swap(hiLen_,   other.hiLen_);
+    STL::swap(hiLen_,   other.hiLen_);
-    mySTL::swap(buffLen_, other.buffLen_);
+    STL::swap(buffLen_, other.buffLen_);
    memcpy(digest_, other.digest_, DIGEST_SIZE);
    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
--- a/extra/yassl/taocrypt/src/sha.cpp
+++ b/extra/yassl/taocrypt/src/sha.cpp
@@ -27,8 +27,11 @@
 #include "runtime.hpp"
 #include <string.h>
 #include "algorithm.hpp"    // mySTL::swap
 #include "sha.hpp"
 #include STL_ALGORITHM_FILE
 namespace STL = STL_NAMESPACE;
 #if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM)
@@ -96,9 +99,9 @@ SHA& SHA::operator= (const SHA& that)
 void SHA::Swap(SHA& other)
 {
-    mySTL::swap(loLen_,   other.loLen_);
+    STL::swap(loLen_,   other.loLen_);
-    mySTL::swap(hiLen_,   other.hiLen_);
+    STL::swap(hiLen_,   other.hiLen_);
-    mySTL::swap(buffLen_, other.buffLen_);
+    STL::swap(buffLen_, other.buffLen_);
    memcpy(digest_, other.digest_, DIGEST_SIZE);
    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
--- a/extra/yassl/taocrypt/src/template_instnt.cpp
+++ b/extra/yassl/taocrypt/src/template_instnt.cpp
@@ -77,6 +77,13 @@ template void destroy<vector<TaoCrypt::Integer>*>(vector<TaoCrypt::Integer>*, ve
 template TaoCrypt::Integer* uninit_copy<TaoCrypt::Integer*, TaoCrypt::Integer*>(TaoCrypt::Integer*, TaoCrypt::Integer*, TaoCrypt::Integer*);
 template TaoCrypt::Integer* uninit_fill_n<TaoCrypt::Integer*, size_t, TaoCrypt::Integer>(TaoCrypt::Integer*, size_t, TaoCrypt::Integer const&);
 template void destroy<TaoCrypt::Integer*>(TaoCrypt::Integer*, TaoCrypt::Integer*);
 template TaoCrypt::byte* GetArrayMemory<TaoCrypt::byte>(size_t);
 template void FreeArrayMemory<TaoCrypt::byte>(TaoCrypt::byte*);
 template TaoCrypt::Integer* GetArrayMemory<TaoCrypt::Integer>(size_t);
 template void FreeArrayMemory<TaoCrypt::Integer>(TaoCrypt::Integer*);
 template vector<TaoCrypt::Integer>* GetArrayMemory<vector<TaoCrypt::Integer> >(size_t);
 template void FreeArrayMemory<vector<TaoCrypt::Integer> >(vector<TaoCrypt::Integer>*);
 template void FreeArrayMemory<void>(void*);
 }
 #endif
--- a/extra/yassl/taocrypt/test/Makefile.am
+++ b/extra/yassl/taocrypt/test/Makefile.am
@@ -1,4 +1,4 @@
-INCLUDES = -I../include -I../../mySTL
+INCLUDES = -I../include -I../mySTL
 bin_PROGRAMS = test
 test_SOURCES = test.cpp
 test_LDFLAGS  = -L../src
--- a/extra/yassl/testsuite/Makefile.am
+++ b/extra/yassl/testsuite/Makefile.am
@@ -1,4 +1,4 @@
-INCLUDES = -I../include -I../taocrypt/include -I../mySTL
+INCLUDES = -I../include -I../taocrypt/include -I../taocrypt/mySTL
 bin_PROGRAMS       = testsuite
 testsuite_SOURCES  = testsuite.cpp ../taocrypt/test/test.cpp \
 	../examples/client/client.cpp ../examples/server/server.cpp \
--- a/extra/yassl/testsuite/test.hpp
+++ b/extra/yassl/testsuite/test.hpp
@@ -27,22 +27,25 @@
 #endif /* _WIN32 */
-#if !defined(_SOCKLEN_T) && defined(_WIN32)
+#if !defined(_SOCKLEN_T) && (defined(_WIN32) || defined(__NETWARE__))
    typedef int socklen_t;
 #endif
 // Check type of third arg to accept
 #if defined(__hpux)
 // HPUX doesn't use socklent_t for third parameter to accept
 #if !defined(__hpux)
    typedef socklen_t* ACCEPT_THIRD_T;
 #else
    typedef int*       ACCEPT_THIRD_T;
-
+#else
-// HPUX does not define _POSIX_THREADS as it's not _fully_ implemented
+    typedef socklen_t* ACCEPT_THIRD_T;
 #ifndef _POSIX_THREADS
 #define _POSIX_THREADS
 #endif
 // Check if _POSIX_THREADS should be forced
 #if !defined(_POSIX_THREADS) && (defined(__NETWARE__) || defined(__hpux))
 // HPUX does not define _POSIX_THREADS as it's not _fully_ implemented
 // Netware supports pthreads but does not announce it
 #define _POSIX_THREADS
 #endif
@@ -148,6 +151,13 @@ inline void err_sys(const char* msg)
 }
 static int PasswordCallBack(char* passwd, int sz, int rw, void* userdata)
 {
    strncpy(passwd, "12345678", sz);
    return 8;
 }
 inline void store_ca(SSL_CTX* ctx)
 {
    // To allow testing from serveral dirs
@@ -168,6 +178,7 @@ inline void store_ca(SSL_CTX* ctx)
 inline void set_certs(SSL_CTX* ctx)
 {
    store_ca(ctx);
    SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
    // To allow testing from serveral dirs
    if (SSL_CTX_use_certificate_file(ctx, cert, SSL_FILETYPE_PEM)
@@ -193,6 +204,7 @@ inline void set_certs(SSL_CTX* ctx)
 inline void set_serverCerts(SSL_CTX* ctx)
 {
    store_ca(ctx);
    SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
    // To allow testing from serveral dirs
    if (SSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)
@@ -258,13 +270,27 @@ inline void tcp_socket(SOCKET_T& sockfd, sockaddr_in& addr)
 }
 inline void tcp_close(SOCKET_T& sockfd)
 {
 #ifdef _WIN32
    closesocket(sockfd);
 #else
    close(sockfd);
 #endif
    sockfd = -1;
 }
 inline void tcp_connect(SOCKET_T& sockfd)
 {
    sockaddr_in addr;
    tcp_socket(sockfd, addr);
    if (connect(sockfd, (const sockaddr*)&addr, sizeof(addr)) != 0)
    {
        tcp_close(sockfd);
        err_sys("tcp connect failed");
    }
 }
@@ -274,9 +300,15 @@ inline void tcp_listen(SOCKET_T& sockfd)
    tcp_socket(sockfd, addr);
    if (bind(sockfd, (const sockaddr*)&addr, sizeof(addr)) != 0)
    {
        tcp_close(sockfd);
        err_sys("tcp bind failed");
    }
    if (listen(sockfd, 3) != 0)
    {
        tcp_close(sockfd);
        err_sys("tcp listen failed");
    }
 }
@@ -299,7 +331,10 @@ inline void tcp_accept(SOCKET_T& sockfd, int& clientfd, func_args& args)
    clientfd = accept(sockfd, (sockaddr*)&client, (ACCEPT_THIRD_T)&client_len);
    if (clientfd == -1)
    {
        tcp_close(sockfd);
        err_sys("tcp accept failed");
    }
 }
`@@ -1,2 +1,2 @@`
	`SUBDIRS = taocrypt src testsuite`	`SUBDIRS = taocrypt src testsuite`
	`EXTRA_DIST = yassl.dsp yassl.dsw $(wildcard mySTL/*.hpp) CMakeLists.txt`	`EXTRA_DIST = yassl.dsp yassl.dsw CMakeLists.txt`
`@@ -1,2 +1,2 @@`
	`SUBDIRS = src test benchmark`	`SUBDIRS = src test benchmark`
	`EXTRA_DIST = taocrypt.dsw taocrypt.dsp CMakeLists.txt`	`EXTRA_DIST = taocrypt.dsw taocrypt.dsp CMakeLists.txt $(wildcard mySTL/*.hpp)`
`@@ -1,4 +1,4 @@`
	`INCLUDES = -I../include -I../../mySTL`	`INCLUDES = -I../include -I../mySTL`

	`noinst_LTLIBRARIES = libtaocrypt.la`	`noinst_LTLIBRARIES = libtaocrypt.la`