Import version 1.50 of yaSSL

extra/yassl/README:
  Import patch yassl.diff
extra/yassl/examples/client/client.cpp:
  Import patch yassl.diff
extra/yassl/examples/echoclient/echoclient.cpp:
  Import patch yassl.diff
extra/yassl/examples/echoserver/echoserver.cpp:
  Import patch yassl.diff
extra/yassl/examples/server/server.cpp:
  Import patch yassl.diff
extra/yassl/include/factory.hpp:
  Import patch yassl.diff
extra/yassl/include/openssl/ssl.h:
  Import patch yassl.diff
extra/yassl/include/socket_wrapper.hpp:
  Import patch yassl.diff
extra/yassl/include/yassl_error.hpp:
  Import patch yassl.diff
extra/yassl/include/yassl_imp.hpp:
  Import patch yassl.diff
extra/yassl/include/yassl_int.hpp:
  Import patch yassl.diff
extra/yassl/include/yassl_types.hpp:
  Import patch yassl.diff
extra/yassl/src/handshake.cpp:
  Import patch yassl.diff
extra/yassl/src/make.bat:
  Import patch yassl.diff
extra/yassl/src/socket_wrapper.cpp:
  Import patch yassl.diff
extra/yassl/src/ssl.cpp:
  Import patch yassl.diff
extra/yassl/src/yassl_error.cpp:
  Import patch yassl.diff
extra/yassl/src/yassl_imp.cpp:
  Import patch yassl.diff
extra/yassl/src/yassl_int.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/benchmark/make.bat:
  Import patch yassl.diff
extra/yassl/taocrypt/include/aes.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/algebra.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/arc4.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/asn.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/block.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/blowfish.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/des.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/integer.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/md5.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/misc.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/modes.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/ripemd.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/rsa.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/sha.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/include/twofish.hpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/aes.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/algebra.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/arc4.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/blowfish.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/des.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/integer.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/make.bat:
  Import patch yassl.diff
extra/yassl/taocrypt/src/md4.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/md5.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/misc.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/random.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/ripemd.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/sha.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/src/twofish.cpp:
  Import patch yassl.diff
extra/yassl/taocrypt/test/make.bat:
  Import patch yassl.diff
extra/yassl/taocrypt/test/test.cpp:
  Import patch yassl.diff
extra/yassl/testsuite/make.bat:
  Import patch yassl.diff
extra/yassl/testsuite/test.hpp:
  Import patch yassl.diff
extra/yassl/include/openssl/prefix_ssl.h:
  New prefic file for ssl.h generated

8 files changed, 42 insertions, 18 deletions

diff --git a/extra/yassl/include/factory.hpp b/extra/yassl/include/factory.hpp
index 04d742431dc..dc25cf0ee70 100644
--- a/extra/yassl/include/factory.hpp
+++ b/extra/yassl/include/factory.hpp
@@ -42,12 +42,7 @@
 namespace STL = STL_NAMESPACE;
 
 
-// VC60 workaround: it doesn't allow typename in some places
-#if defined(_MSC_VER) && (_MSC_VER < 1300)
-    #define CPP_TYPENAME
-#else
-    #define CPP_TYPENAME typename
-#endif
+
 
 
 namespace yaSSL {
diff --git a/extra/yassl/include/openssl/prefix_ssl.h b/extra/yassl/include/openssl/prefix_ssl.h
index aa3f799cf80..dc6e3ef81f0 100644
--- a/extra/yassl/include/openssl/prefix_ssl.h
+++ b/extra/yassl/include/openssl/prefix_ssl.h
@@ -52,6 +52,7 @@
 #define SSL_set_session yaSSL_set_session
 #define SSL_get_session yaSSL_get_session
 #define SSL_SESSION_set_timeout yaSSL_SESSION_set_timeout
+#define SSL_CTX_set_session_cache_mode yaSSL_CTX_set_session_cache_mode
 #define SSL_get_peer_certificate yaSSL_get_peer_certificate
 #define SSL_get_verify_result yaSSL_get_verify_result
 #define SSL_CTX_set_verify yaSSL_CTX_set_verify
@@ -98,6 +99,8 @@
 #define SSLv3_client_method yaSSLv3_client_method
 #define TLSv1_server_method yaTLSv1_server_method
 #define TLSv1_client_method yaTLSv1_client_method
+#define TLSv1_1_server_method yaTLSv1_1_server_method
+#define TLSv1_1_client_method yaTLSv1_1_client_method
 #define SSLv23_server_method yaSSLv23_server_method
 #define SSL_CTX_use_certificate_file yaSSL_CTX_use_certificate_file
 #define SSL_CTX_use_PrivateKey_file yaSSL_CTX_use_PrivateKey_file
@@ -159,3 +162,4 @@
 #define MD5_Init yaMD5_Init
 #define MD5_Update yaMD5_Update
 #define MD5_Final yaMD5_Final
+#define SSL_set_compression yaSSL_set_compression
diff --git a/extra/yassl/include/openssl/ssl.h b/extra/yassl/include/openssl/ssl.h
index 5e7290d2a7a..67c49a808fd 100644
--- a/extra/yassl/include/openssl/ssl.h
+++ b/extra/yassl/include/openssl/ssl.h
@@ -41,7 +41,7 @@
 #include "rsa.h"
 
 
-#define YASSL_VERSION "1.4.3"
+#define YASSL_VERSION "1.5.0"
 
 
 #if defined(__cplusplus)
@@ -228,6 +228,7 @@ void SSL_load_error_strings(void);
 int          SSL_set_session(SSL *ssl, SSL_SESSION *session);
 SSL_SESSION* SSL_get_session(SSL* ssl);
 long         SSL_SESSION_set_timeout(SSL_SESSION*, long);
+long         SSL_CTX_set_session_cache_mode(SSL_CTX* ctx, long mode);
 X509*        SSL_get_peer_certificate(SSL*);
 long         SSL_get_verify_result(SSL*);
 
@@ -361,6 +362,8 @@ SSL_METHOD *SSLv3_server_method(void);
 SSL_METHOD *SSLv3_client_method(void);
 SSL_METHOD *TLSv1_server_method(void);  
 SSL_METHOD *TLSv1_client_method(void);
+SSL_METHOD *TLSv1_1_server_method(void);
+SSL_METHOD *TLSv1_1_client_method(void);
 SSL_METHOD *SSLv23_server_method(void);
 
 int SSL_CTX_use_certificate_file(SSL_CTX*, const char*, int);
@@ -531,6 +534,10 @@ void MD5_Final(unsigned char*, MD5_CTX*);
 #define SSL_DEFAULT_CIPHER_LIST ""   /* default all */
 
 
+/* yaSSL adds */
+int SSL_set_compression(SSL*);   /* turn on yaSSL zlib compression */
+
+
 
 
 #if defined(__cplusplus) && !defined(YASSL_MYSQL_COMPATIBLE)
diff --git a/extra/yassl/include/socket_wrapper.hpp b/extra/yassl/include/socket_wrapper.hpp
index 9fc0d62f90e..bc82384d85e 100644
--- a/extra/yassl/include/socket_wrapper.hpp
+++ b/extra/yassl/include/socket_wrapper.hpp
@@ -70,8 +70,8 @@ typedef unsigned char byte;
 // Wraps Windows Sockets and BSD Sockets
 class Socket {
     socket_t socket_;                    // underlying socket descriptor
-    bool     wouldBlock_;                // for non-blocking data
-    bool     blocking_;                  // is option set
+    bool     wouldBlock_;                // if non-blocking data, for last read 
+    bool     nonBlocking_;               // is option set
 public:
     explicit Socket(socket_t s = INVALID_SOCKET);
     ~Socket();
@@ -85,7 +85,7 @@ public:
 
     bool wait();
     bool WouldBlock() const;
-    bool IsBlocking() const;
+    bool IsNonBlocking() const;
 
     void closeSocket();
     void shutDown(int how = SD_SEND);
diff --git a/extra/yassl/include/yassl_error.hpp b/extra/yassl/include/yassl_error.hpp
index 72b79b05dbd..f820e5811d9 100644
--- a/extra/yassl/include/yassl_error.hpp
+++ b/extra/yassl/include/yassl_error.hpp
@@ -56,7 +56,10 @@ enum YasslError {
     receive_error       = 114,
     certificate_error   = 115,
     privateKey_error    = 116,
-    badVersion_error    = 117
+    badVersion_error    = 117,
+    compress_error      = 118,
+    decompress_error    = 119,
+    pms_version_error   = 120
 
     // !!!! add error message to .cpp !!!!
 
diff --git a/extra/yassl/include/yassl_imp.hpp b/extra/yassl/include/yassl_imp.hpp
index 180d7fe7fe1..f51a902b2a5 100644
--- a/extra/yassl/include/yassl_imp.hpp
+++ b/extra/yassl/include/yassl_imp.hpp
@@ -132,7 +132,6 @@ class Data : public Message {
 public:
     Data();
     Data(uint16 len, opaque* b);
-    Data(uint16 len, const opaque* w);
 
     friend output_buffer& operator<<(output_buffer&, const Data&);
 
@@ -141,9 +140,9 @@ public:
 
     ContentType   get_type()     const;
     uint16        get_length()   const;
-    const opaque* get_buffer()   const;
     void          set_length(uint16 l);
     opaque*       set_buffer();
+    void          SetData(uint16, const opaque*);
     void Process(input_buffer&, SSL&);
 private:
     Data(const Data&);            // hide copy
@@ -232,11 +231,11 @@ public:
     void Process(input_buffer&, SSL&);
 
     const opaque* get_random() const;
-    friend void buildClientHello(SSL&, ClientHello&, CompressionMethod);
+    friend void buildClientHello(SSL&, ClientHello&);
     friend void ProcessOldClientHello(input_buffer& input, SSL& ssl);
 
     ClientHello();
-    explicit ClientHello(ProtocolVersion pv);
+    ClientHello(ProtocolVersion pv, bool useCompression);
 private:
     ClientHello(const ClientHello&);            // hide copy
     ClientHello& operator=(const ClientHello&); // and assign
@@ -253,7 +252,7 @@ class ServerHello : public HandShakeBase {
     opaque              cipher_suite_[SUITE_LEN];
     CompressionMethod   compression_method_;
 public:
-    explicit ServerHello(ProtocolVersion pv);
+    ServerHello(ProtocolVersion pv, bool useCompression);
     ServerHello();
           
     friend input_buffer&  operator>>(input_buffer&, ServerHello&);
@@ -629,8 +628,11 @@ struct Connection {
     bool            send_server_key_;                  // server key exchange?
     bool            master_clean_;                     // master secret clean?
     bool            TLS_;                              // TLSv1 or greater
+    bool            TLSv1_1_;                          // TLSv1.1 or greater
     bool            sessionID_Set_;                    // do we have a session
-    ProtocolVersion version_;
+    bool            compression_;                      // zlib compression?
+    ProtocolVersion version_;                          // negotiated version
+    ProtocolVersion chVersion_;                        // client hello version
     RandomPool&     random_;
 
     Connection(ProtocolVersion v, RandomPool& ran);
@@ -640,6 +642,7 @@ struct Connection {
     void CleanPreMaster();
     void CleanMaster();
     void TurnOffTLS();
+    void TurnOffTLS1_1();
 private:
     Connection(const Connection&);              // hide copy
     Connection& operator=(const Connection&);   // and assign
diff --git a/extra/yassl/include/yassl_int.hpp b/extra/yassl/include/yassl_int.hpp
index 0edff289b61..4a3c0ba4e20 100644
--- a/extra/yassl/include/yassl_int.hpp
+++ b/extra/yassl/include/yassl_int.hpp
@@ -431,6 +431,7 @@ private:
     DH_Parms    dhParms_;
     pem_password_cb passwordCb_;
     void*           userData_;
+    bool            sessionCacheOff_;
     Stats       stats_;
     Mutex       mutex_;         // for Stats
 public:
@@ -445,6 +446,7 @@ public:
     const Stats&      GetStats()    const;
     pem_password_cb   GetPasswordCb() const;
           void*       GetUserData()   const;
+          bool        GetSessionCacheOff() const;
 
     void setVerifyPeer();
     void setVerifyNone();
@@ -453,6 +455,7 @@ public:
     bool SetDH(const DH&);
     void SetPasswordCb(pem_password_cb cb);
     void SetUserData(void*);
+    void SetSessionCacheOff();
    
     void            IncrementStats(StatsField);
     void            AddCA(x509* ca);
@@ -600,6 +603,7 @@ public:
     const Socket&     getSocket()   const;
           YasslError  GetError()    const;
           bool        GetMultiProtocol() const;
+          bool        CompressionOn()    const;
 
     Crypto&    useCrypto();
     Security&  useSecurity();
@@ -617,9 +621,12 @@ public:
     void set_preMaster(const opaque*, uint);
     void set_masterSecret(const opaque*);
     void SetError(YasslError);
+    int  SetCompression();
+    void UnSetCompression();
 
     // helpers
     bool isTLS() const;
+    bool isTLSv1_1() const;
     void order_error();
     void makeMasterSecret();
     void makeTLSMasterSecret();
@@ -653,6 +660,10 @@ private:
 };
 
 
+// compression
+int Compress(const byte*, int, input_buffer&);
+int DeCompress(input_buffer&, int, input_buffer&);
+
 
 // conversion functions
 void c32to24(uint32, uint24&);
diff --git a/extra/yassl/include/yassl_types.hpp b/extra/yassl/include/yassl_types.hpp
index e602ee180bf..646c71afddf 100644
--- a/extra/yassl/include/yassl_types.hpp
+++ b/extra/yassl/include/yassl_types.hpp
@@ -211,6 +211,7 @@ const int FINISHED_LABEL_SZ =  15;  // TLS finished lable length
 const int SEED_LEN          = RAN_LEN * 2; // TLS seed, client + server random
 const int DEFAULT_TIMEOUT   = 500;  // Default Session timeout in seconds
 const int MAX_RECORD_SIZE   = 16384; // 2^14, max size by standard
+const int COMPRESS_EXTRA    = 1024;  // extra compression possible addition
 
 
 typedef uint8 Cipher;             // first byte is always 0x00 for SSLv3 & TLS
@@ -222,7 +223,7 @@ typedef opaque* DistinguishedName;
 typedef bool IsExportable;
 
 
-enum CompressionMethod { no_compression = 0 };
+enum CompressionMethod { no_compression = 0, zlib = 221 };
 
 enum CipherType { stream, block };