Bug #13706828: UPGRADE YASSL FROM 1.7.2 TO 2.1.4

$SUBJ$
1. Took a diff between the previous base version and the
mysql sources.
2. Added the new 2.1.4 base version.
3. Reviewed and re-applied the diff from step #1.

15 files changed, 166 insertions, 76 deletions

diff --git a/extra/yassl/taocrypt/include/asn.hpp b/extra/yassl/taocrypt/include/asn.hpp
index ece7140741a..c20387d86c7 100644
--- a/extra/yassl/taocrypt/include/asn.hpp
+++ b/extra/yassl/taocrypt/include/asn.hpp
@@ -167,6 +167,7 @@ public:
     void Decode(RSA_PublicKey&);
 private:
     void ReadHeader();
+    void ReadHeaderOpenSSL();
 };
 
 
diff --git a/extra/yassl/taocrypt/include/block.hpp b/extra/yassl/taocrypt/include/block.hpp
index ad3dcf2db59..ae3df8a3009 100644
--- a/extra/yassl/taocrypt/include/block.hpp
+++ b/extra/yassl/taocrypt/include/block.hpp
@@ -61,10 +61,6 @@ public:
     void          destroy(pointer p) {p->~T();}
     size_type     max_size() const {return ~size_type(0)/sizeof(T);}
 protected:
-    static void CheckSize(size_t n)
-    {
-        assert(n <= ~size_t(0) / sizeof(T));
-    }
 };
 
 
@@ -101,7 +97,8 @@ public:
 
     pointer allocate(size_type n, const void* = 0)
     {
-        this->CheckSize(n);
+        if (n > this->max_size())
+            return 0;
         if (n == 0)
             return 0;
         return NEW_TC T[n];
@@ -144,9 +141,8 @@ public:
         return *this;
     }
 
-    T& operator[] (word32 i) { assert(i < sz_); return buffer_[i]; }
-    const T& operator[] (word32 i) const 
-        { assert(i < sz_); return buffer_[i]; }
+    T& operator[] (word32 i) { return buffer_[i]; }
+    const T& operator[] (word32 i) const { return buffer_[i]; }
 
     T* operator+ (word32 i) { return buffer_ + i; }
     const T* operator+ (word32 i) const { return buffer_ + i; }
diff --git a/extra/yassl/taocrypt/include/blowfish.hpp b/extra/yassl/taocrypt/include/blowfish.hpp
index 99d932353df..3ad2aedc587 100644
--- a/extra/yassl/taocrypt/include/blowfish.hpp
+++ b/extra/yassl/taocrypt/include/blowfish.hpp
@@ -59,11 +59,11 @@ public:
     void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION);
     void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); }
 private:
-	static const word32 p_init_[ROUNDS + 2];
-	static const word32 s_init_[4 * 256];
+    static const word32 p_init_[ROUNDS + 2];
+    static const word32 s_init_[4 * 256];
 
-	word32 pbox_[ROUNDS + 2 + 4 * 256];
-	word32* sbox_;
+    word32 pbox_[ROUNDS + 2 + 4 * 256];
+    word32* sbox_;
 
     void crypt_block(const word32 in[2], word32 out[2]) const;
     void AsmProcess(const byte* in, byte* out) const;
diff --git a/extra/yassl/taocrypt/include/des.hpp b/extra/yassl/taocrypt/include/des.hpp
index f99a289392f..2bc41fc2628 100644
--- a/extra/yassl/taocrypt/include/des.hpp
+++ b/extra/yassl/taocrypt/include/des.hpp
@@ -84,7 +84,7 @@ private:
 // DES_EDE3
 class DES_EDE3 : public Mode_BASE {
 public:
-    DES_EDE3(CipherDir DIR, Mode MODE) 
+    DES_EDE3(CipherDir DIR, Mode MODE)
         : Mode_BASE(DES_BLOCK_SIZE, DIR, MODE) {}
 
     void SetKey(const byte*, word32, CipherDir dir);
diff --git a/extra/yassl/taocrypt/include/hash.hpp b/extra/yassl/taocrypt/include/hash.hpp
index fa5f6c04720..4ebc82e073d 100644
--- a/extra/yassl/taocrypt/include/hash.hpp
+++ b/extra/yassl/taocrypt/include/hash.hpp
@@ -63,8 +63,8 @@ protected:
     word32          buffLen_;   // in bytes
     HashLengthType  loLen_;     // length in bytes
     HashLengthType  hiLen_;     // length in bytes
-    word32  digest_[MaxDigestSz];
-    word32  buffer_[MaxBufferSz / sizeof(word32)];
+    word32          digest_[MaxDigestSz];
+    word32          buffer_[MaxBufferSz / sizeof(word32)];
 
     virtual void Transform() = 0;
 
diff --git a/extra/yassl/taocrypt/include/hc128.hpp b/extra/yassl/taocrypt/include/hc128.hpp
new file mode 100644
index 00000000000..d1cf5f075f2
--- /dev/null
+++ b/extra/yassl/taocrypt/include/hc128.hpp
@@ -0,0 +1,63 @@
+/*
+   Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
+ 
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 of the License.
+ 
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+ 
+   You should have received a copy of the GNU General Public License
+   along with this program; see the file COPYING. If not, write to the
+   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
+   MA  02110-1301  USA.
+*/
+
+/* hc128.hpp defines HC128
+*/
+
+
+#ifndef TAO_CRYPT_HC128_HPP
+#define TAO_CRYPT_HC128_HPP
+
+#include "misc.hpp"
+
+namespace TaoCrypt {
+
+
+// HC128 encryption and decryption
+class HC128 {
+public:
+
+    typedef HC128 Encryption;
+    typedef HC128 Decryption;
+
+
+    HC128() {}
+
+    void Process(byte*, const byte*, word32);
+    void SetKey(const byte*, const byte*);
+private:
+    word32 T_[1024];             /* P[i] = T[i];  Q[i] = T[1024 + i ]; */
+    word32 X_[16];
+    word32 Y_[16];
+    word32 counter1024_;         /* counter1024 = i mod 1024 at the ith step */
+    word32 key_[8];
+    word32 iv_[8];
+
+    void SetIV(const byte*);
+    void GenerateKeystream(word32*);
+    void SetupUpdate();
+
+    HC128(const HC128&);                  // hide copy
+    const HC128 operator=(const HC128&);  // and assign
+};
+
+} // namespace
+
+
+#endif // TAO_CRYPT_HC128_HPP
+
diff --git a/extra/yassl/taocrypt/include/integer.hpp b/extra/yassl/taocrypt/include/integer.hpp
index 186d62bb866..256573cf622 100644
--- a/extra/yassl/taocrypt/include/integer.hpp
+++ b/extra/yassl/taocrypt/include/integer.hpp
@@ -110,13 +110,6 @@ namespace TaoCrypt {
 #endif
 
 
-// general MIN
-template<typename T> inline
-const T& min(const T& a, const T& b)
-{
-    return a < b ? a : b;
-}
-
 
 // general MAX
 template<typename T> inline
diff --git a/extra/yassl/taocrypt/include/kernelc.hpp b/extra/yassl/taocrypt/include/kernelc.hpp
index daa3762d5dd..5bdf1cffa3f 100644
--- a/extra/yassl/taocrypt/include/kernelc.hpp
+++ b/extra/yassl/taocrypt/include/kernelc.hpp
@@ -30,17 +30,5 @@ extern "C" void* memcpy(void*, const void*, size_t);
 extern "C" void* memset(void*, int, size_t);
 extern "C" void  printk(char *fmt, ...);
 
-#define KERN_ERR "<3>"   /* error conditions */
-
-#if defined(NDEBUG)
-    #define assert(p)  	((void)0)
-#else
-    #define assert(expr)   \
-    if (!(expr))         { \
-         printk(KERN_ERR "Assertion failed! %s,%s,%s,line=%d\n", \
-         #expr,__FILE__,__FUNCTION__,__LINE__); }
-#endif
-
-
 
 #endif // TAOCRYPT_KERNELC_HPP
diff --git a/extra/yassl/taocrypt/include/misc.hpp b/extra/yassl/taocrypt/include/misc.hpp
index a375b17eb1e..b6925f916f8 100644
--- a/extra/yassl/taocrypt/include/misc.hpp
+++ b/extra/yassl/taocrypt/include/misc.hpp
@@ -24,7 +24,6 @@
 
 #if !defined(DO_TAOCRYPT_KERNEL_MODE)
     #include <stdlib.h>
-    #include <assert.h>
     #include <string.h>
 #else
     #include "kernelc.hpp"
@@ -62,30 +61,30 @@ void CleanUp();
     template<typename T>
     void tcDelete(T* ptr)
     {
-    if (ptr) ptr->~T();
-    ::operator delete(ptr, TaoCrypt::tc);
+        if (ptr) ptr->~T();
+        ::operator delete(ptr, TaoCrypt::tc);
     }
 
     template<typename T>
     void tcArrayDelete(T* ptr)
     {
-    // can't do array placement destruction since not tracking size in
-    // allocation, only allow builtins to use array placement since they
-    // don't need destructors called
-    typedef char builtin[IsFundamentalType<T>::Yes ? 1 : -1];
-    (void)sizeof(builtin);
+        // can't do array placement destruction since not tracking size in
+        // allocation, only allow builtins to use array placement since they
+        // don't need destructors called
+        typedef char builtin[IsFundamentalType<T>::Yes ? 1 : -1];
+        (void)sizeof(builtin);
 
-    ::operator delete[](ptr, TaoCrypt::tc);
+        ::operator delete[](ptr, TaoCrypt::tc);
     }
 
     #define NEW_TC new (TaoCrypt::tc)
 
 
     // to resolve compiler generated operator delete on base classes with
-    // virtual destructors (when on stack), make sure doesn't get called
+    // virtual destructors (when on stack)
     class virtual_base {
     public:
-    static void operator delete(void*) { assert(0); }
+        static void operator delete(void*) { }
     };
 
 #else // YASSL_PURE_C
@@ -366,7 +365,6 @@ inline bool IsPowerOf2(T n)
 template <class T1, class T2>
 inline T2 ModPowerOf2(T1 a, T2 b)
 {
-    assert(IsPowerOf2(b));
     return T2(a) & (b-1);
 }
 
@@ -409,14 +407,12 @@ inline bool IsAligned(const void* p, T* dummy = 0)	// VC60 workaround
 
 template <class T> inline T rotlFixed(T x, unsigned int y)
 {
-    assert(y < sizeof(T)*8);
-        return (x<<y) | (x>>(sizeof(T)*8-y));
+    return (x<<y) | (x>>(sizeof(T)*8-y));
 }
 
 template <class T> inline T rotrFixed(T x, unsigned int y)
 {
-    assert(y < sizeof(T)*8);
-        return (x>>y) | (x<<(sizeof(T)*8-y));
+    return (x>>y) | (x<<(sizeof(T)*8-y));
 }
 
 #ifdef INTEL_INTRINSICS
@@ -425,13 +421,11 @@ template <class T> inline T rotrFixed(T x, unsigned int y)
 
 template<> inline word32 rotlFixed(word32 x, word32 y)
 {
-    assert(y < 32);
     return y ? _lrotl(x, y) : x;
 }
 
 template<> inline word32 rotrFixed(word32 x, word32 y)
 {
-    assert(y < 32);
     return y ? _lrotr(x, y) : x;
 }
 
@@ -441,7 +435,9 @@ template<> inline word32 rotrFixed(word32 x, word32 y)
 #undef min
 #endif 
 
-inline word32 min(word32 a, word32 b)
+
+template <class T>
+inline const T& min(const T& a, const T& b)
 {
     return a < b ? a : b;
 }
@@ -486,7 +482,6 @@ inline word64 ByteReverse(word64 value)
 template <typename T>
 inline void ByteReverse(T* out, const T* in, word32 byteCount)
 {
-    assert(byteCount % sizeof(T) == 0);
     word32 count = byteCount/sizeof(T);
     for (word32 i=0; i<count; i++)
         out[i] = ByteReverse(in[i]);
@@ -574,7 +569,6 @@ inline void GetUserKey(ByteOrder order, T* out, word32 outlen, const byte* in,
                        word32 inlen)
 {
     const unsigned int U = sizeof(T);
-    assert(inlen <= outlen*U);
     memcpy(out, in, inlen);
     memset((byte *)out+inlen, 0, outlen*U-inlen);
     ByteReverseIf(out, out, RoundUpToMultipleOf(inlen, U), order);
@@ -583,7 +577,8 @@ inline void GetUserKey(ByteOrder order, T* out, word32 outlen, const byte* in,
 
 #ifdef _MSC_VER
     // disable conversion warning
-    #pragma warning(disable:4244)
+    // 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy
+    #pragma warning(disable:4244 4996)
 #endif
 
 
@@ -678,10 +673,7 @@ template <class T>
 inline T GetWord(bool assumeAligned, ByteOrder order, const byte *block)
 {
     if (assumeAligned)
-    {
-        assert(IsAligned<T>(block));
         return ByteReverseIf(*reinterpret_cast<const T *>(block), order);
-    }
     else
         return UnalignedGetWord<T>(order, block);
 }
@@ -699,7 +691,6 @@ inline void PutWord(bool assumeAligned, ByteOrder order, byte* block, T value,
 {
     if (assumeAligned)
     {
-        assert(IsAligned<T>(block));
         if (xorBlock)
             *reinterpret_cast<T *>(block) = ByteReverseIf(value, order) 
                 ^ *reinterpret_cast<const T *>(xorBlock);
@@ -812,7 +803,6 @@ inline T SafeLeftShift(T value)
 inline
 word ShiftWordsLeftByBits(word* r, unsigned int n, unsigned int shiftBits)
 {
-    assert (shiftBits<WORD_BITS);
     word u, carry=0;
     if (shiftBits)
         for (unsigned int i=0; i<n; i++)
@@ -828,7 +818,6 @@ word ShiftWordsLeftByBits(word* r, unsigned int n, unsigned int shiftBits)
 inline
 word ShiftWordsRightByBits(word* r, unsigned int n, unsigned int shiftBits)
 {
-    assert (shiftBits<WORD_BITS);
     word u, carry=0;
     if (shiftBits)
         for (int i=n-1; i>=0; i--)
diff --git a/extra/yassl/taocrypt/include/modes.hpp b/extra/yassl/taocrypt/include/modes.hpp
index 2285bd0e845..5fd36b80d3e 100644
--- a/extra/yassl/taocrypt/include/modes.hpp
+++ b/extra/yassl/taocrypt/include/modes.hpp
@@ -61,9 +61,7 @@ public:
     explicit Mode_BASE(int sz, CipherDir dir, Mode mode) 
         : blockSz_(sz), reg_(reinterpret_cast<byte*>(r_)),
           tmp_(reinterpret_cast<byte*>(t_)), dir_(dir), mode_(mode)
-    { 
-        assert(sz <= MaxBlockSz);
-    }
+    {}
     virtual ~Mode_BASE() {}
 
     virtual void Process(byte*, const byte*, word32);
@@ -96,8 +94,7 @@ inline void Mode_BASE::Process(byte* out, const byte* in, word32 sz)
 {
     if (mode_ == ECB)
         ECB_Process(out, in, sz);
-    else if (mode_ == CBC)
-    {
+    else if (mode_ == CBC) {
         if (dir_ == ENCRYPTION)
             CBC_Encrypt(out, in, sz);
         else
diff --git a/extra/yassl/taocrypt/include/pwdbased.hpp b/extra/yassl/taocrypt/include/pwdbased.hpp
index 5ece1a8f43b..f40a336e2c3 100644
--- a/extra/yassl/taocrypt/include/pwdbased.hpp
+++ b/extra/yassl/taocrypt/include/pwdbased.hpp
@@ -48,8 +48,9 @@ word32 PBKDF2_HMAC<T>::DeriveKey(byte* derived, word32 dLen, const byte* pwd,
                                  word32 pLen, const byte* salt, word32 sLen,
                                  word32 iterations) const
 {
-	assert(dLen <= MaxDerivedKeyLength());
-	assert(iterations > 0);
+	if (dLen > MaxDerivedKeyLength())
+        return 0;
+
 
     ByteBlock buffer(T::DIGEST_SIZE);
 	HMAC<T>   hmac;
diff --git a/extra/yassl/taocrypt/include/rabbit.hpp b/extra/yassl/taocrypt/include/rabbit.hpp
new file mode 100644
index 00000000000..1e7276dd8ec
--- /dev/null
+++ b/extra/yassl/taocrypt/include/rabbit.hpp
@@ -0,0 +1,65 @@
+/*
+   Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
+ 
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 of the License.
+ 
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+ 
+   You should have received a copy of the GNU General Public License
+   along with this program; see the file COPYING. If not, write to the
+   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
+   MA  02110-1301  USA.
+*/
+
+/* rabbit.hpp defines Rabbit
+*/
+
+
+#ifndef TAO_CRYPT_RABBIT_HPP
+#define TAO_CRYPT_RABBIT_HPP
+
+#include "misc.hpp"
+
+namespace TaoCrypt {
+
+
+// Rabbit encryption and decryption
+class Rabbit {
+public:
+
+    typedef Rabbit Encryption;
+    typedef Rabbit Decryption;
+
+    enum RabbitCtx { Master = 0, Work = 1 };
+
+    Rabbit() {}
+
+    void Process(byte*, const byte*, word32);
+    void SetKey(const byte*, const byte*);
+private:
+    struct Ctx {
+        word32 x[8];
+        word32 c[8];
+        word32 carry;
+    };
+
+    Ctx masterCtx_;
+    Ctx workCtx_;
+
+    void NextState(RabbitCtx);
+    void SetIV(const byte*);
+
+    Rabbit(const Rabbit&);                  // hide copy
+    const Rabbit operator=(const Rabbit&);  // and assign
+};
+
+} // namespace
+
+
+#endif // TAO_CRYPT_RABBIT_HPP
+
diff --git a/extra/yassl/taocrypt/include/rsa.hpp b/extra/yassl/taocrypt/include/rsa.hpp
index c895ab6fd34..11a4ccfd039 100644
--- a/extra/yassl/taocrypt/include/rsa.hpp
+++ b/extra/yassl/taocrypt/include/rsa.hpp
@@ -178,7 +178,8 @@ void RSA_Encryptor<Pad>::Encrypt(const byte* plain, word32 sz, byte* cipher,
                                  RandomNumberGenerator& rng)
 {
     PK_Lengths lengths(key_.GetModulus());
-    assert(sz <= lengths.FixedMaxPlaintextLength());
+    if (sz > lengths.FixedMaxPlaintextLength())
+        return;
 
     ByteBlock paddedBlock(lengths.PaddedBlockByteLength());
     padding_.Pad(plain, sz, paddedBlock.get_buffer(),
@@ -195,7 +196,6 @@ word32 RSA_Decryptor<Pad>::Decrypt(const byte* cipher, word32 sz, byte* plain,
                                    RandomNumberGenerator& rng)
 {
     PK_Lengths lengths(key_.GetModulus());
-    assert(sz == lengths.FixedCiphertextLength());
 
     if (sz != lengths.FixedCiphertextLength())
         return 0;
diff --git a/extra/yassl/taocrypt/include/runtime.hpp b/extra/yassl/taocrypt/include/runtime.hpp
index ad66a5bf9d0..568c0b3afd8 100644
--- a/extra/yassl/taocrypt/include/runtime.hpp
+++ b/extra/yassl/taocrypt/include/runtime.hpp
@@ -31,7 +31,6 @@
 
 #ifdef __sun
  
-#include <assert.h>
 
 // Handler for pure virtual functions
 namespace __Crun {
@@ -46,9 +45,7 @@ namespace __Crun {
 #if __GNUC__ > 2
 
 extern "C" {
-#if !defined(DO_TAOCRYPT_KERNEL_MODE)
-    #include <assert.h>
-#else
+#if defined(DO_TAOCRYPT_KERNEL_MODE)
     #include "kernelc.hpp"
 #endif
     int __cxa_pure_virtual () __attribute__ ((weak));
diff --git a/extra/yassl/taocrypt/include/types.hpp b/extra/yassl/taocrypt/include/types.hpp
index 3efdcdfbccb..5d8bc9f0683 100644
--- a/extra/yassl/taocrypt/include/types.hpp
+++ b/extra/yassl/taocrypt/include/types.hpp
@@ -62,7 +62,7 @@ typedef unsigned int   word32;
 // compilers we've found 64-bit multiply insructions for
 #if defined(__GNUC__) || defined(_MSC_VER) || defined(__DECCXX)
     #if !(defined(__ICC) || defined(__INTEL_COMPILER))
-    #define HAVE_64_MULTIPLY
+        #define HAVE_64_MULTIPLY
     #endif
 #endif