15 files changed, 72 insertions, 58 deletions

diff --git a/extra/yassl/examples/client/client.cpp b/extra/yassl/examples/client/client.cpp
index 3acd091baad..94bf753210b 100644
--- a/extra/yassl/examples/client/client.cpp
+++ b/extra/yassl/examples/client/client.cpp
@@ -89,6 +89,8 @@ void client_test(void* args)
         args.argv = argv;
 
         client_test(&args);
+        yaSSL_CleanUp();
+
         return args.return_code;
     }
 
diff --git a/extra/yassl/examples/echoclient/echoclient.cpp b/extra/yassl/examples/echoclient/echoclient.cpp
index ca557cca8af..fd3f7dd48a3 100644
--- a/extra/yassl/examples/echoclient/echoclient.cpp
+++ b/extra/yassl/examples/echoclient/echoclient.cpp
@@ -82,6 +82,7 @@ void echoclient_test(void* args)
         args.argv = argv;
 
         echoclient_test(&args);
+        yaSSL_CleanUp();
 
         return args.return_code;
     }
diff --git a/extra/yassl/examples/echoserver/echoserver.cpp b/extra/yassl/examples/echoserver/echoserver.cpp
index 14a37a7e175..3243cc21a7c 100644
--- a/extra/yassl/examples/echoserver/echoserver.cpp
+++ b/extra/yassl/examples/echoserver/echoserver.cpp
@@ -15,6 +15,8 @@
         args.argv = argv;
 
         echoserver_test(&args);
+        yaSSL_CleanUp();
+
         return args.return_code;
     }
 
diff --git a/extra/yassl/examples/server/server.cpp b/extra/yassl/examples/server/server.cpp
index 4d3f121cf2c..73cff19e371 100644
--- a/extra/yassl/examples/server/server.cpp
+++ b/extra/yassl/examples/server/server.cpp
@@ -67,6 +67,8 @@ THREAD_RETURN YASSL_API server_test(void* args)
         args.argv = argv;
 
         server_test(&args);
+        yaSSL_CleanUp();
+
         return args.return_code;
     }
 
diff --git a/extra/yassl/include/openssl/ssl.h b/extra/yassl/include/openssl/ssl.h
index 03a0cfad15b..08075a8df5b 100644
--- a/extra/yassl/include/openssl/ssl.h
+++ b/extra/yassl/include/openssl/ssl.h
@@ -32,6 +32,12 @@
 #include "opensslv.h" /* for version number */
 #include "rsa.h"
 
+
+extern "C" void yaSSL_CleanUp();   /* call once at end of application use to
+                                      free static singleton memory holders,
+                                      not a leak per se, but helpful when 
+                                      looking for them                      */
+
 #if defined(__cplusplus) && !defined(YASSL_MYSQL_COMPATIBLE)
 namespace yaSSL {
 extern "C" {
diff --git a/extra/yassl/include/yassl_types.hpp b/extra/yassl/include/yassl_types.hpp
index bfb6467182b..76c807cd05f 100644
--- a/extra/yassl/include/yassl_types.hpp
+++ b/extra/yassl/include/yassl_types.hpp
@@ -35,10 +35,6 @@
 namespace yaSSL {
 
 
-// Delete static singleton memory holders
-void CleanUp();
-
-
 #ifdef YASSL_PURE_C
 
     // library allocation
diff --git a/extra/yassl/src/make.bat b/extra/yassl/src/make.bat
index 4c79a9c6406..148427a6f41 100644
--- a/extra/yassl/src/make.bat
+++ b/extra/yassl/src/make.bat
@@ -1,4 +1,4 @@
-# quick and dirty build file for testing different MSDEVs
+REM quick and dirty build file for testing different MSDEVs
 setlocal 
 
 set myFLAGS= /I../include /I../mySTL /I../taocrypt/include /W3 /c /ZI
diff --git a/extra/yassl/src/ssl.cpp b/extra/yassl/src/ssl.cpp
index 97e0e9a1717..66196514a87 100644
--- a/extra/yassl/src/ssl.cpp
+++ b/extra/yassl/src/ssl.cpp
@@ -53,6 +53,53 @@ namespace yaSSL {
 using mySTL::min;
 
 
+int read_file(SSL_CTX* ctx, const char* file, int format, CertType type)
+{
+    if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM)
+        return SSL_BAD_FILETYPE;
+
+    FILE* input = fopen(file, "rb");
+    if (!input)
+        return SSL_BAD_FILE;
+
+    if (type == CA) {
+        x509* ptr = PemToDer(file, Cert);
+        if (!ptr) {
+            fclose(input);
+            return SSL_BAD_FILE;
+        }
+        ctx->AddCA(ptr);  // takes ownership
+    }
+    else {
+        x509*& x = (type == Cert) ? ctx->certificate_ : ctx->privateKey_;
+
+        if (format == SSL_FILETYPE_ASN1) {
+            fseek(input, 0, SEEK_END);
+            long sz = ftell(input);
+            rewind(input);
+            x = NEW_YS x509(sz); // takes ownership
+            size_t bytes = fread(x->use_buffer(), sz, 1, input);
+            if (bytes != 1) {
+                fclose(input);
+                return SSL_BAD_FILE;
+            }
+        }
+        else {
+            x = PemToDer(file, type);
+            if (!x) {
+                fclose(input);
+                return SSL_BAD_FILE;
+            }
+        }
+    }
+    fclose(input);
+    return SSL_SUCCESS;
+}
+
+
+extern "C" {
+
+
 SSL_METHOD* SSLv3_method()
 {
     return SSLv3_client_method();
@@ -449,50 +496,6 @@ long SSL_CTX_set_tmp_dh(SSL_CTX* ctx, DH* dh)
 }
 
 
-int read_file(SSL_CTX* ctx, const char* file, int format, CertType type)
-{
-    if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM)
-        return SSL_BAD_FILETYPE;
-
-    FILE* input = fopen(file, "rb");
-    if (!input)
-        return SSL_BAD_FILE;
-
-    if (type == CA) {
-        x509* ptr = PemToDer(file, Cert);
-        if (!ptr) {
-            fclose(input);
-            return SSL_BAD_FILE;
-        }
-        ctx->AddCA(ptr);  // takes ownership
-    }
-    else {
-        x509*& x = (type == Cert) ? ctx->certificate_ : ctx->privateKey_;
-
-        if (format == SSL_FILETYPE_ASN1) {
-            fseek(input, 0, SEEK_END);
-            long sz = ftell(input);
-            rewind(input);
-            x = NEW_YS x509(sz); // takes ownership
-            size_t bytes = fread(x->use_buffer(), sz, 1, input);
-            if (bytes != 1) {
-                fclose(input);
-                return SSL_BAD_FILE;
-            }
-        }
-        else {
-            x = PemToDer(file, type);
-            if (!x) {
-                fclose(input);
-                return SSL_BAD_FILE;
-            }
-        }
-    }
-    fclose(input);
-    return SSL_SUCCESS;
-}
-
-
 int SSL_CTX_use_certificate_file(SSL_CTX* ctx, const char* file, int format)
 {
     return read_file(ctx, file, format, Cert);
@@ -1080,7 +1083,7 @@ int X509_NAME_get_index_by_NID(X509_NAME* name,int nid, int lastpos)
 
     switch (nid) {
     case NID_commonName:
-        char* found = strstr(start, "/CN=");
+        const char* found = strstr(start, "/CN=");
         if (found) {
             found += 4;  // advance to str
             idx = found - start + lastpos + 1;
@@ -1401,4 +1404,5 @@ void MD5_Final(unsigned char* hash, MD5_CTX* md5)
     // end stunnel needs
 
 
+} // extern "C"
 } // namespace
diff --git a/extra/yassl/src/yassl_imp.cpp b/extra/yassl/src/yassl_imp.cpp
index 1d2d5396ea0..4d6d1fc7aff 100644
--- a/extra/yassl/src/yassl_imp.cpp
+++ b/extra/yassl/src/yassl_imp.cpp
@@ -1975,7 +1975,9 @@ Connection::Connection(ProtocolVersion v, RandomPool& ran)
     : pre_master_secret_(0), sequence_number_(0), peer_sequence_number_(0),
       pre_secret_len_(0), send_server_key_(false), master_clean_(false),
       TLS_(v.major_ >= 3 && v.minor_ >= 1), version_(v), random_(ran) 
-{}
+{
+    memset(sessionID_, 0, sizeof(sessionID_));
+}
 
 
 Connection::~Connection() 
diff --git a/extra/yassl/src/yassl_int.cpp b/extra/yassl/src/yassl_int.cpp
index 2847217b417..f7fb1abfa3f 100644
--- a/extra/yassl/src/yassl_int.cpp
+++ b/extra/yassl/src/yassl_int.cpp
@@ -1415,7 +1415,7 @@ BulkCipher* CryptProvider::NewDesEde()
 }
 
 
-void CleanUp()
+extern "C" void yaSSL_CleanUp()
 {
     TaoCrypt::CleanUp();
     ysDelete(cryptProviderInstance);
diff --git a/extra/yassl/taocrypt/benchmark/make.bat b/extra/yassl/taocrypt/benchmark/make.bat
index 63391578cfa..4ebe4b32417 100644
--- a/extra/yassl/taocrypt/benchmark/make.bat
+++ b/extra/yassl/taocrypt/benchmark/make.bat
@@ -1,10 +1,9 @@
-# quick and dirty build file for testing different MSDEVs
+REM quick and dirty build file for testing different MSDEVs
 setlocal 
 
 set myFLAGS= /I../include /I../../mySTL /c /W3 /G6 /O2
-#set myFLAGS= /I../include /I../../mySTL /c /W3 
 
 cl %myFLAGS% benchmark.cpp
 
-link.exe  /out:benchmark.exe ../src/taocrypt.lib benchmark.obj
+link.exe  /out:benchmark.exe ../src/taocrypt.lib benchmark.obj advapi32.lib
 
diff --git a/extra/yassl/taocrypt/src/make.bat b/extra/yassl/taocrypt/src/make.bat
index 3acd50fc875..ecf7e8f8469 100644
--- a/extra/yassl/taocrypt/src/make.bat
+++ b/extra/yassl/taocrypt/src/make.bat
@@ -2,7 +2,6 @@ REM quick and dirty build file for testing different MSDEVs
 setlocal 
 
 set myFLAGS= /I../include /I../../mySTL /c /W3 /G6 /O2 
-#set myFLAGS= /I../include /I../../mySTL /c /W3 /O1
 
 cl %myFLAGS% aes.cpp
 cl %myFLAGS% aestables.cpp
diff --git a/extra/yassl/taocrypt/test/make.bat b/extra/yassl/taocrypt/test/make.bat
index e1a4cbce7cd..5f01db68d0d 100644
--- a/extra/yassl/taocrypt/test/make.bat
+++ b/extra/yassl/taocrypt/test/make.bat
@@ -1,4 +1,4 @@
-# quick and dirty build file for testing different MSDEVs
+REM quick and dirty build file for testing different MSDEVs
 setlocal 
 
 set myFLAGS= /I../include /I../../mySTL /c /W3 /G6 /O2
diff --git a/extra/yassl/testsuite/make.bat b/extra/yassl/testsuite/make.bat
index d8a55b0d3af..1bc7ce0513d 100644
--- a/extra/yassl/testsuite/make.bat
+++ b/extra/yassl/testsuite/make.bat
@@ -1,4 +1,4 @@
-# quick and dirty build file for testing different MSDEVs
+REM quick and dirty build file for testing different MSDEVs
 setlocal 
 
 set myFLAGS= /I../include /I../taocrypt/include /I../mySTL /c /W3 /G6 /O2 /MT /D"WIN32" /D"NO_MAIN_DRIVER"
diff --git a/extra/yassl/testsuite/testsuite.cpp b/extra/yassl/testsuite/testsuite.cpp
index f8bbf698c70..1cf6a78ebe7 100644
--- a/extra/yassl/testsuite/testsuite.cpp
+++ b/extra/yassl/testsuite/testsuite.cpp
@@ -91,6 +91,7 @@ int main(int argc, char** argv)
     assert(memcmp(input, output, sizeof(input)) == 0);
 
     printf("\nAll tests passed!\n");
+    yaSSL_CleanUp();
 
     return 0;
 }