patch to Vanilla Tomato 1.28

6 files changed, 1166 insertions, 0 deletions

diff --git a/release/src/router/matrixssl/src/os/debug.c b/release/src/router/matrixssl/src/os/debug.c
new file mode 100644
index 00000000..4ca0f9f5
--- /dev/null
+++ b/release/src/router/matrixssl/src/os/debug.c
@@ -0,0 +1,62 @@
+/*
+ *	debug.c
+ *	Release $Name: MATRIXSSL_1_8_8_OPEN $
+ */
+/*
+ *	Copyright (c) PeerSec Networks, 2002-2009. All Rights Reserved.
+ *	The latest version of this code is available at http://www.matrixssl.org
+ *
+ *	This software is open source; you can redistribute it and/or modify
+ *	it under the terms of the GNU General Public License as published by
+ *	the Free Software Foundation; either version 2 of the License, or
+ *	(at your option) any later version.
+ *
+ *	This General Public License does NOT permit incorporating this software 
+ *	into proprietary programs.  If you are unable to comply with the GPL, a 
+ *	commercial license for this software may be purchased from PeerSec Networks
+ *	at http://www.peersec.com
+ *	
+ *	This program is distributed in WITHOUT ANY WARRANTY; without even the 
+ *	implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
+ *	See the GNU General Public License for more details.
+ *	
+ *	You should have received a copy of the GNU General Public License
+ *	along with this program; if not, write to the Free Software
+ *	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ *	http://www.gnu.org/copyleft/gpl.html
+ */
+
+#include "osLayer.h"
+
+/******************************************************************************/
+/*
+	Debugging APIs
+*/
+#ifdef DEBUG
+
+/* message should contain one %s, unless value is NULL */
+void matrixStrDebugMsg(char *message, char *value)
+{
+	if (value) {
+		printf(message, value);
+	} else {
+		printf(message);
+	}
+}
+
+/* message should contain one %d */
+void matrixIntDebugMsg(char *message, int32 value)
+{
+	printf(message, value);
+}
+
+/* message should contain one %p */
+void matrixPtrDebugMsg(char *message, void *value)
+{
+	printf(message, value);
+}
+
+#endif /* DEBUG */
+
+/******************************************************************************/
+
diff --git a/release/src/router/matrixssl/src/os/linux/linux.c b/release/src/router/matrixssl/src/os/linux/linux.c
new file mode 100644
index 00000000..a01297d6
--- /dev/null
+++ b/release/src/router/matrixssl/src/os/linux/linux.c
@@ -0,0 +1,381 @@
+/*
+ *	linux.c
+ *	Release $Name: MATRIXSSL_1_8_8_OPEN $
+ *
+ *	Linux compatibility layer
+ *	Other UNIX like operating systems should also be able to use this
+ *	implementation without change.
+ */
+/*
+ *	Copyright (c) PeerSec Networks, 2002-2009. All Rights Reserved.
+ *	The latest version of this code is available at http://www.matrixssl.org
+ *
+ *	This software is open source; you can redistribute it and/or modify
+ *	it under the terms of the GNU General Public License as published by
+ *	the Free Software Foundation; either version 2 of the License, or
+ *	(at your option) any later version.
+ *
+ *	This General Public License does NOT permit incorporating this software 
+ *	into proprietary programs.  If you are unable to comply with the GPL, a 
+ *	commercial license for this software may be purchased from PeerSec Networks
+ *	at http://www.peersec.com
+ *	
+ *	This program is distributed in WITHOUT ANY WARRANTY; without even the 
+ *	implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
+ *	See the GNU General Public License for more details.
+ *	
+ *	You should have received a copy of the GNU General Public License
+ *	along with this program; if not, write to the Free Software
+ *	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ *	http://www.gnu.org/copyleft/gpl.html
+ */
+/******************************************************************************/
+#ifdef LINUX
+#include <unistd.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <sys/times.h>
+#include <time.h>
+
+#include "../osLayer.h"
+
+#if defined(USE_RDTSCLL_TIME) || defined(RDTSC)
+#include <asm/timex.h>
+/*
+	As defined in asm/timex.h for x386:
+*/
+#ifndef rdtscll
+	#define rdtscll(val) __asm__ __volatile__("rdtsc" : "=A" (val))
+#endif
+
+static sslTime_t	hiresStart; 	/* zero-time */
+static sslTime_t	hiresFreq; 		/* tics per second */
+#else /* USE_RDTSCLL_TIME */
+static uint32		prevTicks; 		/* Check wrap */
+static sslTime_t	elapsedTime; 	/* Last elapsed time */
+#endif
+
+#ifdef USE_MULTITHREADING
+#include <pthread.h>
+static pthread_mutexattr_t	attr;
+#endif
+
+/* max sure we don't retry reads forever */
+#define	MAX_RAND_READS		1024
+
+static 	int32	urandfd = -1;
+static 	int32	randfd	= -1;
+
+int32 sslOpenOsdep(void)
+{
+#if defined(USE_RDTSCLL_TIME) || defined(RDTSC)
+	FILE		*cpuInfo;
+	double		mhz;
+	char		line[80] = "";
+	char		*tmpstr;
+	int32 		c;
+#endif 
+/*
+	Open /dev/random access non-blocking.
+*/
+	if ((randfd = open("/dev/random", O_RDONLY | O_NONBLOCK)) < 0) {
+		return -1;
+	}
+	if ((urandfd = open("/dev/urandom", O_RDONLY)) < 0) {
+		close(randfd);
+		return -1;
+	}
+/*
+	Initialize times
+*/
+#if defined(USE_RDTSCLL_TIME) || defined(RDTSC)
+	if ((cpuInfo = fopen ("/proc/cpuinfo","r")) == NULL) {
+		matrixStrDebugMsg("Error opening /proc/cpuinfo\n", NULL);
+		return -2;
+	}
+
+	while ((!feof(cpuInfo)) && (strncasecmp(line,"cpu MHz",7) != 0)){
+		fgets(line,79,cpuInfo);
+	}
+
+	if (strncasecmp(line,"cpu MHz",7) == 0){ 
+		tmpstr = strchr(line,':');
+		tmpstr++;
+		c = strspn(tmpstr, " \t");
+		tmpstr +=c;
+		c = strcspn(tmpstr, " \t\n\r");
+		tmpstr[c] = '\0';
+		mhz = 1000000 * atof(tmpstr);
+		hiresFreq = (sslTime_t)mhz;
+		fclose (cpuInfo);	
+	} else {
+		fclose (cpuInfo);
+		hiresStart = 0;
+		return -3;
+	}
+	rdtscll(hiresStart);
+#endif /* USE_RDTSCLL_TIME */
+/*
+	FUTURE - Solaris doesn't support recursive mutexes!
+	We don't use them internally anyway, so this is not an issue,
+	but we like to set this if we can because it's silly for a thread to lock
+	itself, rather than error or recursive lock
+*/
+#ifdef USE_MULTITHREADING
+	pthread_mutexattr_init(&attr);
+#ifndef OSX
+	pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_RECURSIVE_NP);
+#endif /* !OSX */
+#endif /* USE_MULTITHREADING */
+	return psOpenMalloc(MAX_MEMORY_USAGE);
+}
+
+int32 sslCloseOsdep(void)
+{
+	psCloseMalloc();
+#ifdef USE_MULTITHREADING
+	pthread_mutexattr_destroy(&attr);
+#endif
+	close(randfd);
+	close(urandfd);
+	return 0;
+}
+
+/*
+	Read from /dev/random non-blocking first, then from urandom if it would 
+	block.  Also, handle file closure case and re-open.
+*/
+
+int32 sslGetEntropy(unsigned char *bytes, int32 size)
+{
+	int32				rc, sanity, retry, readBytes;
+	unsigned char 	*where = bytes;
+
+	sanity = retry = rc = readBytes = 0;
+
+	while (size) {
+		if ((rc = read(randfd, where, size)) < 0 || sanity > MAX_RAND_READS) {
+			if (errno == EINTR) {
+				if (sanity > MAX_RAND_READS) {
+					return -1;
+				}
+				sanity++;
+				continue;
+			} else if (errno == EAGAIN) {
+				break;
+			} else if (errno == EBADF && retry == 0) {
+				close(randfd);
+				if ((randfd = open("/dev/random", O_RDONLY | O_NONBLOCK)) < 0) {
+					break;
+				}
+				retry++;
+				continue;
+			} else {
+				break;
+			}
+		}
+		readBytes += rc;
+		where += rc;
+		size -= rc;
+	}
+
+
+	sanity = retry = 0;	
+	while (size) {
+		if ((rc = read(urandfd, where, size)) < 0 || sanity > MAX_RAND_READS) {
+			if (errno == EINTR) {
+				if (sanity > MAX_RAND_READS) {
+					return -1;
+				}
+				sanity++;
+				continue;
+			} else if (errno == EBADF && retry == 0) {
+				close(urandfd);
+				if ((urandfd = 
+					open("/dev/urandom", O_RDONLY | O_NONBLOCK)) < 0) {
+					return -1;
+				}
+				retry++;
+				continue;
+			} else {
+				return -1;
+			}
+		}
+		readBytes += rc;
+		where += rc;
+		size -= rc;
+	}
+	return readBytes;
+}
+
+#ifdef DEBUG
+void psBreak(void)
+{
+	abort();
+}
+#endif
+
+/******************************************************************************/
+
+#ifdef USE_MULTITHREADING
+
+int32 sslCreateMutex(sslMutex_t *mutex)
+{
+
+	if (pthread_mutex_init(mutex, &attr) != 0) {
+		return -1;
+	}	
+	return 0;
+}
+
+int32 sslLockMutex(sslMutex_t *mutex)
+{
+	if (pthread_mutex_lock(mutex) != 0) {
+		return -1;
+	}
+	return 0;
+}
+
+int32 sslUnlockMutex(sslMutex_t *mutex)
+{
+	if (pthread_mutex_unlock(mutex) != 0) {
+		return -1;
+	}
+	return 0;
+}
+
+void sslDestroyMutex(sslMutex_t *mutex)
+{
+	pthread_mutex_destroy(mutex);
+}
+#endif /* USE_MULTITHREADING */
+
+/*****************************************************************************/
+/*
+	Use a platform specific high resolution timer
+*/
+#if defined(USE_RDTSCLL_TIME) || defined(RDTSC)
+
+int32 sslInitMsecs(sslTime_t *t)
+{
+	unsigned long long	diff;
+	int32					d;
+
+	rdtscll(*t);
+	diff = *t - hiresStart;
+	d = (int32)((diff * 1000) / hiresFreq);
+	return d;
+}
+
+/*
+	Return the delta in seconds between two time values
+*/
+long sslDiffMsecs(sslTime_t then, sslTime_t now)
+{
+	unsigned long long	diff;
+
+	diff = now - then;
+	return (long)((diff * 1000) / hiresFreq);
+}
+
+/*
+	Return the delta in seconds between two time values
+*/
+int32 sslDiffSecs(sslTime_t then, sslTime_t now)
+{
+	unsigned long long	diff;
+
+	diff = now - then;
+	return (int32)(diff / hiresFreq);
+}
+
+/*
+	Time comparison.  1 if 'a' is less than or equal.  0 if 'a' is greater
+*/
+int32	sslCompareTime(sslTime_t a, sslTime_t b)
+{
+	if (a <= b) {
+		return 1;
+	}
+	return 0;
+}
+
+#else /* USE_RDTSCLL_TIME */
+
+int32 sslInitMsecs(sslTime_t *timePtr)
+{
+	struct tms		tbuff;
+	uint32	t, deltat, deltaticks;
+                                                                                
+/*
+ *	times() returns the number of clock ticks since the system
+ *	was booted.  If it is less than the last time we did this, the
+ *	clock has wrapped around 0xFFFFFFFF, so compute the delta, otherwise
+ *	the delta is just the difference between the new ticks and the last
+ *	ticks.  Convert the elapsed ticks to elapsed msecs using rounding.
+ */
+	if ((t = times(&tbuff)) >= prevTicks) {
+		deltaticks = t - prevTicks;
+	} else {
+		deltaticks = (0xFFFFFFFF - prevTicks) + 1 + t;
+	}
+	deltat = ((deltaticks * 1000) + (CLK_TCK / 2)) / CLK_TCK;
+                                                                     
+/*
+ *	Add the delta to the previous elapsed time.
+ */
+	elapsedTime.usec += ((deltat % 1000) * 1000);
+	if (elapsedTime.usec >= 1000000) {
+		elapsedTime.usec -= 1000000;
+		deltat += 1000;
+	}
+	elapsedTime.sec += (deltat / 1000);
+	prevTicks = t;
+                                                                                
+/*
+ *	Return the current elapsed time.
+ */
+	timePtr->usec = elapsedTime.usec;
+	timePtr->sec = elapsedTime.sec;
+	return (timePtr->usec / 1000) + timePtr->sec * 1000;
+}
+
+/*
+	Return the delta in seconds between two time values
+*/
+long sslDiffMsecs(sslTime_t then, sslTime_t now)
+{
+	return (long)((now.sec - then.sec) * 1000);
+}
+
+/*
+	Return the delta in seconds between two time values
+*/
+int32 sslDiffSecs(sslTime_t then, sslTime_t now)
+{
+	return (int32)(now.sec - then.sec);
+}
+
+/*
+	Time comparison.  1 if 'a' is less than or equal.  0 if 'a' is greater
+*/
+int32	sslCompareTime(sslTime_t a, sslTime_t b)
+{
+	if (a.sec < b.sec) {
+		return 1;
+	} else if (a.sec == b.sec) {
+		if (a.usec <= b.usec) {
+			return 1;
+		} else {
+			return 0;
+		}
+	}	
+	return 0;
+}
+
+#endif /* USE_RDTSCLL_TIME */
+
+
+#endif /* LINUX */
+
+/******************************************************************************/
diff --git a/release/src/router/matrixssl/src/os/osLayer.h b/release/src/router/matrixssl/src/os/osLayer.h
new file mode 100644
index 00000000..00872198
--- /dev/null
+++ b/release/src/router/matrixssl/src/os/osLayer.h
@@ -0,0 +1,200 @@
+/*
+ *	osLayer.h
+ *	Release $Name: MATRIXSSL_1_8_8_OPEN $
+ *	
+ *	Layered header for OS specific functions
+ *	Contributors adding new OS support must implement all functions 
+ *	externed below.
+ */
+/*
+ *	Copyright (c) PeerSec Networks, 2002-2009. All Rights Reserved.
+ *	The latest version of this code is available at http://www.matrixssl.org
+ *
+ *	This software is open source; you can redistribute it and/or modify
+ *	it under the terms of the GNU General Public License as published by
+ *	the Free Software Foundation; either version 2 of the License, or
+ *	(at your option) any later version.
+ *
+ *	This General Public License does NOT permit incorporating this software 
+ *	into proprietary programs.  If you are unable to comply with the GPL, a 
+ *	commercial license for this software may be purchased from PeerSec Networks
+ *	at http://www.peersec.com
+ *	
+ *	This program is distributed in WITHOUT ANY WARRANTY; without even the 
+ *	implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
+ *	See the GNU General Public License for more details.
+ *	
+ *	You should have received a copy of the GNU General Public License
+ *	along with this program; if not, write to the Free Software
+ *	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ *	http://www.gnu.org/copyleft/gpl.html
+ */
+/******************************************************************************/
+
+#ifndef _h_OS_LAYER
+#define _h_OS_LAYER
+#define _h_EXPORT_SYMBOLS
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#ifndef WINCE
+#include <time.h>
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/******************************************************************************/
+
+#include "../../matrixCommon.h"
+#include "psMalloc.h"
+
+/*
+	Functions defined at OS level
+*/
+extern int32	sslOpenOsdep(void);
+extern int32	sslCloseOsdep(void);
+extern int32	sslGetEntropy(unsigned char *bytes, int32 size);
+
+/*
+	Defines to make library multithreading safe
+*/
+#ifdef USE_MULTITHREADING
+
+#if WIN32 || WINCE
+#include <windows.h>
+
+typedef CRITICAL_SECTION sslMutex_t;
+#define sslCreateMutex(M)	InitializeCriticalSection((CRITICAL_SECTION *) M);
+#define sslLockMutex(M)		EnterCriticalSection((CRITICAL_SECTION *) M);
+#define sslUnlockMutex(M)	LeaveCriticalSection((CRITICAL_SECTION *) M);
+#define sslDestroyMutex(M)	DeleteCriticalSection((CRITICAL_SECTION *) M);
+
+#elif LINUX
+#include <pthread.h>
+#include <string.h>
+
+typedef pthread_mutex_t sslMutex_t;
+extern int32	sslCreateMutex(sslMutex_t *mutex);
+extern int32	sslLockMutex(sslMutex_t *mutex);
+extern int32	sslUnlockMutex(sslMutex_t *mutex);
+extern void	sslDestroyMutex(sslMutex_t *mutex);
+#elif VXWORKS
+#include "semLib.h"
+
+typedef SEM_ID		sslMutex_t; 
+extern int32	sslCreateMutex(sslMutex_t *mutex);
+extern int32	sslLockMutex(sslMutex_t *mutex);
+extern int32	sslUnlockMutex(sslMutex_t *mutex);
+extern void	sslDestroyMutex(sslMutex_t *mutex);
+#endif /* WIN32 || CE */
+
+#else /* USE_MULTITHREADING */
+typedef int32	sslMutex_t;
+#define sslCreateMutex(M)
+#define sslLockMutex(M)
+#define sslUnlockMutex(M)
+#define sslDestroyMutex(M)
+
+#endif /* USE_MULTITHREADING */
+
+/*
+	Make sslTime_t an opaque time value.
+	FUTURE - use high res time instead of time_t
+*/
+#ifdef LINUX
+/*
+	On some *NIX versions such as MAC OS X 10.4, CLK_TCK has been deprecated
+*/
+#ifndef CLK_TCK
+#define CLK_TCK		CLOCKS_PER_SEC
+#endif /* CLK_TCK */
+#endif /* LINUX */
+
+#if defined(WIN32)
+#include <windows.h>
+typedef LARGE_INTEGER sslTime_t;
+#elif VXWORKS
+typedef struct {
+		long sec;
+		long usec;
+	} sslTime_t;
+#elif (defined(USE_RDTSCLL_TIME) || defined(RDTSC))
+typedef unsigned long long LARGE_INTEGER;
+typedef LARGE_INTEGER sslTime_t;
+#elif WINCE
+#include <windows.h>
+
+typedef LARGE_INTEGER sslTime_t;
+#else
+typedef struct {
+		long sec;
+		long usec;
+	} sslTime_t;
+#endif
+
+/******************************************************************************/
+/*
+	We define our own stat for CE.
+*/
+#if WINCE
+
+extern int32 stat(char *filename, struct stat *sbuf);
+
+struct stat {
+	unsigned long st_size;	/* file size in bytes				*/
+	unsigned long st_mode;
+	time_t st_atime;		/* time of last access				*/
+	time_t st_mtime;		/* time of last data modification	*/
+	time_t st_ctime;		/* time of last file status change	*/
+};
+
+#define			S_IFREG 0100000
+#define			S_IFDIR 0040000
+
+extern time_t time();
+
+#endif /* WINCE */
+
+extern int32		sslInitMsecs(sslTime_t *t);
+extern int32		sslCompareTime(sslTime_t a, sslTime_t b);
+extern int32		sslDiffSecs(sslTime_t then, sslTime_t now);
+extern long		sslDiffMsecs(sslTime_t then, sslTime_t now);
+
+
+/******************************************************************************/
+/*
+	Debugging functionality.  
+	
+	If DEBUG is defined matrixStrDebugMsg and matrixIntDebugMsg messages are
+	output to stdout, sslAsserts go to stderror and call psBreak.
+
+	In non-DEBUG builds matrixStrDebugMsg and matrixIntDebugMsg are 
+	compiled out.  sslAsserts still go to stderr, but psBreak is not called.
+
+*/
+
+#if DEBUG
+extern void psBreak(void);
+extern void matrixStrDebugMsg(char *message, char *arg);
+extern void matrixIntDebugMsg(char *message, int32 arg);
+extern void matrixPtrDebugMsg(char *message, void *arg);
+#define sslAssert(C)  if (C) ; else \
+	{fprintf(stderr, "%s:%d sslAssert(%s)\n",__FILE__, __LINE__, #C); psBreak(); }
+#else
+#define matrixStrDebugMsg(x, y)
+#define matrixIntDebugMsg(x, y)
+#define matrixPtrDebugMsg(x, y)
+#define sslAssert(C)  if (C) ; else \
+	{fprintf(stderr, "%s:%d sslAssert(%s)\n",__FILE__, __LINE__, #C); }
+#endif /* DEBUG */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _h_OS_LAYER */
+
+/******************************************************************************/
diff --git a/release/src/router/matrixssl/src/os/psMalloc.h b/release/src/router/matrixssl/src/os/psMalloc.h
new file mode 100644
index 00000000..3ba4bec5
--- /dev/null
+++ b/release/src/router/matrixssl/src/os/psMalloc.h
@@ -0,0 +1,63 @@
+/*
+ *	psMalloc.h
+ *	Release $Name: MATRIXSSL_1_8_8_OPEN $
+ *	
+ *	Header for psMalloc functions
+ */
+/*
+ *	Copyright (c) PeerSec Networks, 2002-2009. All Rights Reserved.
+ *	The latest version of this code is available at http://www.matrixssl.org
+ *
+ *	This software is open source; you can redistribute it and/or modify
+ *	it under the terms of the GNU General Public License as published by
+ *	the Free Software Foundation; either version 2 of the License, or
+ *	(at your option) any later version.
+ *
+ *	This General Public License does NOT permit incorporating this software 
+ *	into proprietary programs.  If you are unable to comply with the GPL, a 
+ *	commercial license for this software may be purchased from PeerSec Networks
+ *	at http://www.peersec.com
+ *	
+ *	This program is distributed in WITHOUT ANY WARRANTY; without even the 
+ *	implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
+ *	See the GNU General Public License for more details.
+ *	
+ *	You should have received a copy of the GNU General Public License
+ *	along with this program; if not, write to the Free Software
+ *	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ *	http://www.gnu.org/copyleft/gpl.html
+ */
+/******************************************************************************/
+
+#ifndef _h_PS_MALLOC
+#define _h_PS_MALLOC
+
+#define PEERSEC_BASE_POOL 0
+#define PEERSEC_NO_POOL	(void *)0x00001
+
+/******************************************************************************/
+/*
+	Because a set of public APIs are exposed here there is a dependence on
+	the package.  The config layer header must be parsed to determine what
+	defines are configured
+*/
+#include "../../matrixCommon.h"
+
+/*
+	Native memory routines
+*/
+#define MAX_MEMORY_USAGE	0
+#define psOpenMalloc(A) 0
+#define psCloseMalloc()
+#define psMalloc(A, B)		malloc(B)
+#define psCalloc(A, B, C)	calloc(B, C)
+#define psRealloc	realloc
+#define psFree		free
+#define psMemset	memset
+#define psMemcpy	memcpy
+typedef int32 psPool_t;
+
+#endif /* _h_PS_MALLOC */
+
+
+
diff --git a/release/src/router/matrixssl/src/os/vxworks/vxworks.c b/release/src/router/matrixssl/src/os/vxworks/vxworks.c
new file mode 100644
index 00000000..68f99e95
--- /dev/null
+++ b/release/src/router/matrixssl/src/os/vxworks/vxworks.c
@@ -0,0 +1,219 @@
+/*
+ *	vxworks.c
+ *	Release $Name: MATRIXSSL_1_8_8_OPEN $
+ *
+ *	VXWORKS compatibility layer
+ *	Other UNIX like operating systems should also be able to use this
+ *	implementation without change.
+ */
+/*
+ *	Copyright (c) PeerSec Networks, 2002-2009. All Rights Reserved.
+ *	The latest version of this code is available at http://www.matrixssl.org
+ *
+ *	This software is open source; you can redistribute it and/or modify
+ *	it under the terms of the GNU General Public License as published by
+ *	the Free Software Foundation; either version 2 of the License, or
+ *	(at your option) any later version.
+ *
+ *	This General Public License does NOT permit incorporating this software 
+ *	into proprietary programs.  If you are unable to comply with the GPL, a 
+ *	commercial license for this software may be purchased from PeerSec Networks
+ *	at http://www.peersec.com
+ *	
+ *	This program is distributed in WITHOUT ANY WARRANTY; without even the 
+ *	implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
+ *	See the GNU General Public License for more details.
+ *	
+ *	You should have received a copy of the GNU General Public License
+ *	along with this program; if not, write to the Free Software
+ *	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ *	http://www.gnu.org/copyleft/gpl.html
+ */
+/******************************************************************************/
+
+#ifdef VXWORKS
+#include <fcntl.h>
+#include <errno.h>
+
+#include "../../matrixInternal.h"
+
+#include <sys/times.h>
+#include <time.h>
+
+static unsigned	int prevTicks; 		/* Check wrap */
+static int			tickspersec;	/* system clock rate */
+static sslTime_t	elapsedTime; 	/* Last elapsed time */
+
+/******************************************************************************/
+/*
+	OS dependent Open.
+ */
+int sslOpenOsdep(void)
+{
+	tickspersec = sysClkRateGet();
+
+	psOpenMalloc(MAX_MEMORY_USAGE);
+	return 0;
+}
+
+/******************************************************************************/
+/*
+	sslClose
+ */
+int sslCloseOsdep(void)
+{
+	psCloseMalloc();
+	return 0;
+}
+
+/******************************************************************************/
+/*
+	TODO:  hardware dependent entropy function.  Implement 
+	depending on platform.
+ */
+
+int sslGetEntropy(unsigned char *bytes, int size)
+{
+	return 0;
+}
+
+/******************************************************************************/
+/*
+	debug break.
+ */
+void sslBreak(void)
+{
+	abort();
+}
+
+/******************************************************************************/
+/*
+	Init a time structure.
+ */
+int sslInitMsecs(sslTime_t *timePtr)
+{
+	unsigned int	t, deltat, deltaticks;
+
+/*
+ 	tickGet returns the number of clock ticks since the system
+ 	was booted. If it is less than the last time we did this, the
+ 	clock has wrapped around 0xFFFFFFFF, so compute the delta, otherwise
+ 	the delta is just the difference between the new ticks and the last
+ 	ticks. Convert the elapsed ticks to elapsed msecs using rounding.
+ */
+	if ((t = tickGet()) >= prevTicks) {
+		deltaticks = t - prevTicks;
+	} else {
+		deltaticks = (0xFFFFFFFF - prevTicks) + 1 + t;
+	}
+	deltat = ((deltaticks * 1000) + (tickspersec / 2)) / tickspersec;
+
+/*
+ *	Add the delta to the previous elapsed time.
+ */
+	elapsedTime.usec += ((deltat % 1000) * 1000);
+	if (elapsedTime.usec >= 1000000) {
+		elapsedTime.usec -= 1000000;
+		deltat += 1000;
+	}
+	elapsedTime.sec += (deltat / 1000);
+	prevTicks = t;
+
+/*
+ *	Return the current elapsed time.
+ */
+	timePtr->usec = elapsedTime.usec;
+	timePtr->sec = elapsedTime.sec;
+}
+
+int sslDiffSecs(sslTime_t then, sslTime_t now)
+{
+	return (int)(now.sec - then.sec); 
+}
+
+/******************************************************************************/
+/*
+	Time comparison.  1 if 'a' is less than or equal.  0 if 'a' is greater
+*/
+int	sslCompareTime(sslTime_t a, sslTime_t b)
+{
+
+	if (a.sec < b.sec) {
+		return 1;
+	} else if (a.sec == b.sec) {
+		if (a.usec <= b.usec) {
+			return 1;
+		} else {
+			return 0;
+		}
+	}	
+	return 0;
+}
+
+/******************************************************************************/
+/*
+ 	Initialize a mutex structure.
+ */
+
+int sslCreateMutex(sslMutex_t *mutex)
+{
+	memset (mutex,0x0,sizeof(sslMutex_t));
+
+/*
+ *	Create and initialize a mutual-exclusion semaphore
+ */
+	*mutex = semMCreate(SEM_Q_PRIORITY | SEM_DELETE_SAFE | SEM_INVERSION_SAFE);
+	return 0;
+}
+
+/******************************************************************************/
+/*
+ 	Lock a mutex structure.
+ */
+
+int sslLockMutex(sslMutex_t *mutex)
+{
+	STATUS		stat;
+	int			err;
+
+/*
+	Currently waits forever until semaphore is released.
+*/
+	if ((stat = semTake((SEM_ID) mutex, WAIT_FOREVER)) == ERROR) {
+		return -1;
+	}
+	return stat;
+}
+
+/******************************************************************************/
+/*
+ 	Unlock a mutex structure.
+ */
+
+int sslUnlockMutex(sslMutex_t *mutex)
+{
+	if (mutex != NULL) {
+		if (semGive((SEM_ID) mutex) == ERROR) {
+			return -1;
+		}
+	}
+	return 0;
+}
+
+/******************************************************************************/
+/*
+	Destroy mutex.
+ */
+
+void sslDestroyMutex(sslMutex_t *mutex)
+{
+	if (mutex == NULL) {
+		return;
+	}
+	sslLockMutex(mutex);
+	semDelete((SEM_ID) mutex);
+}
+
+#endif /* VXWORKS */
+
+/******************************************************************************/
diff --git a/release/src/router/matrixssl/src/os/win/win.c b/release/src/router/matrixssl/src/os/win/win.c
new file mode 100644
index 00000000..b4d9afa6
--- /dev/null
+++ b/release/src/router/matrixssl/src/os/win/win.c
@@ -0,0 +1,241 @@
+/*
+ *	win.c
+ *	Release $Name: MATRIXSSL_1_8_8_OPEN $
+ *
+ *	Microsoft Windows compatibility layer.
+ */
+/*
+ *	Copyright (c) PeerSec Networks, 2002-2009. All Rights Reserved.
+ *	The latest version of this code is available at http://www.matrixssl.org
+ *
+ *	This software is open source; you can redistribute it and/or modify
+ *	it under the terms of the GNU General Public License as published by
+ *	the Free Software Foundation; either version 2 of the License, or
+ *	(at your option) any later version.
+ *
+ *	This General Public License does NOT permit incorporating this software 
+ *	into proprietary programs.  If you are unable to comply with the GPL, a 
+ *	commercial license for this software may be purchased from PeerSec Networks
+ *	at http://www.peersec.com
+ *	
+ *	This program is distributed in WITHOUT ANY WARRANTY; without even the 
+ *	implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
+ *	See the GNU General Public License for more details.
+ *	
+ *	You should have received a copy of the GNU General Public License
+ *	along with this program; if not, write to the Free Software
+ *	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ *	http://www.gnu.org/copyleft/gpl.html
+ */
+ /******************************************************************************/
+
+#include "../osLayer.h"
+
+#include <windows.h>
+#include <wincrypt.h>
+
+#ifndef WINCE
+#include <process.h>
+#endif
+
+#include <limits.h>
+
+#if defined(WIN32) || defined(WINCE)
+
+#define	MAX_INT			0x7FFFFFFF
+
+static LARGE_INTEGER	hiresStart; /* zero-time */
+static LARGE_INTEGER	hiresFreq; /* tics per second */
+
+/* For backwards compatibility */
+#ifndef CRYPT_SILENT
+#define CRYPT_SILENT 0
+#endif
+
+static HCRYPTPROV		hProv;	/* Crypto context for random bytes */
+
+int32 sslOpenOsdep()
+{
+	int32		rc;
+
+	if ((rc = psOpenMalloc(MAX_MEMORY_USAGE)) < 0) {
+		return rc;
+	}
+/*
+	Hires time init
+*/
+	QueryPerformanceFrequency(&hiresFreq);
+	QueryPerformanceCounter(&hiresStart);
+
+	if (!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, 
+			CRYPT_VERIFYCONTEXT))  {
+		return -1;
+	}
+	return 0;
+}
+
+int32 sslCloseOsdep()
+{
+	CryptReleaseContext(hProv, 0);
+	psCloseMalloc();
+	return 0;
+}
+
+int32 sslGetEntropy(unsigned char *bytes, int32 size)
+{
+	if (CryptGenRandom(hProv, size, bytes)) {
+		return size;
+	}
+	return -1;
+}
+
+#ifdef DEBUG
+void psBreak()
+{
+	int32	i = 0; i++;	/* Prevent the compiler optimizing this function away */
+
+	DebugBreak();
+}
+#endif
+
+int32 sslInitMsecs(sslTime_t *t)
+{
+	__int64		diff;
+	int32			d;
+
+	QueryPerformanceCounter(t);
+	diff = t->QuadPart - hiresStart.QuadPart;
+	d = (int32)((diff * 1000) / hiresFreq.QuadPart);
+	return d;
+}
+
+int32 sslDiffSecs(sslTime_t then, sslTime_t now)
+{
+	__int64	diff;
+
+	diff = now.QuadPart - then.QuadPart;
+	return (int32)(diff / hiresFreq.QuadPart);
+}
+
+/*
+	Time comparison.  1 if 'a' is less than or equal.  0 if 'a' is greater
+*/
+int32 sslCompareTime(sslTime_t a, sslTime_t b)
+{
+	if (a.QuadPart <= b.QuadPart) {
+		return 1;
+	}
+	return 0;
+}
+
+#ifdef WINCE
+/******************************************************************************/
+/*
+ 	Our implementation of wide character stat: get file information.
+ 
+ 	NOTES:
+ 		only gets the file size currently
+ */
+int32 stat(char *filename, struct stat *sbuf)
+{
+	DWORD	dwAttributes;
+	HANDLE	hFile;
+	int32		rc, size;
+
+	unsigned short uniFile[512];
+
+	rc = 0;
+	memset(sbuf, 0, sizeof(struct stat));
+
+	MultiByteToWideChar(CP_ACP, 0, filename, -1, uniFile, 256);
+	dwAttributes = GetFileAttributes(uniFile);
+	if (dwAttributes != 0xFFFFFFFF && dwAttributes & FILE_ATTRIBUTE_DIRECTORY) {
+		sbuf->st_mode = S_IFDIR;
+		return 0;
+	}
+	sbuf->st_mode = S_IFREG;
+
+	if ((hFile = CreateFile(uniFile, GENERIC_READ, FILE_SHARE_READ && FILE_SHARE_WRITE, NULL,
+		OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL)) == INVALID_HANDLE_VALUE) {
+		return -1;
+	}
+	
+/*
+ *	 Get the file size.
+ */
+	size = GetFileSize(hFile, NULL);
+	sbuf->st_size = size;
+	
+	CloseHandle(hFile);
+	return rc;
+}
+
+/******************************************************************************/
+/*
+ 	The following functions implement a unixlike time() function.
+ */
+
+static FILETIME YearToFileTime(WORD wYear)
+{	
+	SYSTEMTIME sbase;
+	FILETIME fbase;
+
+	sbase.wYear         = wYear;
+	sbase.wMonth        = 1;
+	sbase.wDayOfWeek    = 1; //assumed
+	sbase.wDay          = 1;
+	sbase.wHour         = 0;
+	sbase.wMinute       = 0;
+	sbase.wSecond       = 0;
+	sbase.wMilliseconds = 0;
+
+	SystemTimeToFileTime( &sbase, &fbase );
+
+	return fbase;
+}
+
+time_t time() {
+
+	__int64 time1, time2, iTimeDiff;
+	FILETIME fileTime1, fileTime2;
+	SYSTEMTIME  sysTime;
+
+/*
+	Get 1970's filetime.
+*/
+	fileTime1 = YearToFileTime(1970);
+
+/*
+	Get the current filetime time.
+*/
+	GetSystemTime(&sysTime);
+	SystemTimeToFileTime(&sysTime, &fileTime2);
+
+
+/* 
+	Stuff the 2 FILETIMEs into their own __int64s.
+*/	
+	time1 = fileTime1.dwHighDateTime;
+	time1 <<= 32;				
+	time1 |= fileTime1.dwLowDateTime;
+
+	time2 = fileTime2.dwHighDateTime;
+	time2 <<= 32;				
+	time2 |= fileTime2.dwLowDateTime;
+
+/*
+	Get the difference of the two64-bit ints.
+
+	This is he number of 100-nanosecond intervals since Jan. 1970.  So
+	we divide by 10000 to get seconds.
+ */
+	iTimeDiff = (time2 - time1) / 10000000;
+	return (int32)iTimeDiff;
+}
+#endif /* WINCE */
+
+
+
+#endif /* WIN32 */
+
+/******************************************************************************/