--- configure.orig	2011-01-24 22:47:29.000000000 +0100
+++ configure	2011-03-16 00:54:36.882829739 +0100
@@ -11827,13 +11827,13 @@
 { $as_echo "$as_me:${as_lineno-$LINENO}: **************************************** SSL" >&5
 $as_echo "$as_me: **************************************** SSL" >&6;}
 checkssldir() { :
-    if test -f "$1/include/openssl/ssl.h"
+    if test -f "$1/include${OPENSSL_ALTERNATIVE+/${OPENSSL_ALTERNATIVE}}/openssl/ssl.h"
     then $as_echo "#define HAVE_OPENSSL 1" >>confdefs.h
 
         ssldir="$1"
         return 0
     fi
-    if test -f "$1/include/ssl.h"
+    if test -f "$1/include${OPENSSL_ALTERNATIVE+/${OPENSSL_ALTERNATIVE}}/ssl.h"
     then ssldir="$1"
         return 0
     fi
@@ -11881,8 +11881,13 @@
 
 
 # Add SSL includes and libraries
-CFLAGS="$CFLAGS -I$ssldir/include"
+CFLAGS="$CFLAGS -I$ssldir/include${OPENSSL_ALTERNATIVE+/${OPENSSL_ALTERNATIVE}}"
+if [ -z "$OPENSSL_ALTERNATIVE" ]; then
 LIBS="$LIBS -L$ssldir/lib64 -L$ssldir/lib -lssl -lcrypto"
+else
+CFLAGS="$CFLAGS -DUSE_OPENSSL_ALTERNATIVE=$OPENSSL_ALTERNATIVE -DOPENSSL_NO_DH -DOPENSSL_NO_ECDH"
+LIBS="$LIBS -L$ssldir/lib -l$OPENSSL_ALTERNATIVE"
+fi
 
 # Check for obsolete RSAref library
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for obsolete RSAref library" >&5
@@ -11911,6 +11916,7 @@
 rm -f core conftest.err conftest.$ac_objext \
     conftest$ac_exeext conftest.$ac_ext
 
+if [ -z "$OPENSSL_ALTERNATIVE" ]; then
 as_ac_Header=`$as_echo "ac_cv_header_$ssldir/include/openssl/engine.h" | $as_tr_sh`
 ac_fn_c_check_header_mongrel "$LINENO" "$ssldir/include/openssl/engine.h" "$as_ac_Header" "$ac_includes_default"
 if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
@@ -11920,6 +11926,7 @@
   { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: OpenSSL engine header not found" >&5
 $as_echo "$as_me: WARNING: OpenSSL engine header not found" >&2;}
 fi
+fi
 
 
 
--- src/ctx.c	2011-01-30 23:57:32.000000000 +0100
+++ src/ctx.c	2011-03-16 00:54:36.882829739 +0100
@@ -43,7 +43,9 @@
     RSA *key;
     time_t timeout;
 } key_table[KEY_CACHE_LENGTH];
+#if !(defined(USE_OPENSSL_ALTERNATIVE) && USE_OPENSSL_ALTERNATIVE==cyassl)
 static BIGNUM *e_value;
+#endif
 #endif /* OPENSSL_NO_RSA */
 
 /**************************************** prototypes */
@@ -120,6 +122,7 @@
             key_table[i].key=NULL;
             key_table[i].timeout=0;
         }
+#if !(defined(USE_OPENSSL_ALTERNATIVE) && USE_OPENSSL_ALTERNATIVE==cyassl)
         e_value=BN_new();
         if(!e_value) {
             sslerror("BN_new");
@@ -129,6 +132,7 @@
             sslerror("BN_set_word");
             return 0;
         }
+#endif
         SSL_CTX_set_tmp_rsa_callback(section->ctx, tmp_rsa_cb);
 #endif /* OPENSSL_NO_RSA */
 #ifndef OPENSSL_NO_DH
@@ -210,6 +214,9 @@
     RSA *rsa;
 
     s_log(LOG_DEBUG, "Generating %d bit temporary RSA key...", keylen);
+#if (defined(USE_OPENSSL_ALTERNATIVE) && USE_OPENSSL_ALTERNATIVE==cyassl)
+    rsa=RSA_generate_key(keylen, RSA_F4, NULL, NULL);
+#else
     rsa=RSA_new();
     if(!rsa) {
         sslerror("RSA_new");
@@ -219,6 +226,7 @@
         sslerror("RSA_generate_key_ex");
         return NULL;
     }
+#endif
     s_log(LOG_DEBUG, "Temporary RSA key created");
     return rsa;
 }
@@ -389,6 +389,7 @@
 #define CACHE_RESP_OK     0x81
 
 static int sess_new_cb(SSL *ssl, SSL_SESSION *sess) {
+#if !(defined(USE_OPENSSL_ALTERNATIVE) && USE_OPENSSL_ALTERNATIVE==cyassl)
     unsigned char *val, *val_tmp;
     int val_len;
 
@@ -401,11 +402,15 @@
     cache_transfer(ssl->ctx, CACHE_CMD_NEW, SSL_SESSION_get_timeout(sess),
         sess->session_id, sess->session_id_length, val, val_len, NULL, NULL);
     free(val);
+#endif
     return 1; /* leave the session in local cache for reuse */
 }
 
 static SSL_SESSION *sess_get_cb(SSL *ssl,
         unsigned char *key, int key_len, int *do_copy) {
+#if (defined(USE_OPENSSL_ALTERNATIVE) && USE_OPENSSL_ALTERNATIVE==cyassl)
+    return NULL;
+#else
     unsigned char *val, *val_tmp=NULL;
     unsigned int val_len=0;
     SSL_SESSION *sess;
@@ -419,11 +424,14 @@
     sess=d2i_SSL_SESSION(NULL, (const unsigned char **)&val_tmp, val_len);
     free(val);
     return sess;
+#endif
 }
 
 static void sess_remove_cb(SSL_CTX *ctx, SSL_SESSION *sess) {
+#if !(defined(USE_OPENSSL_ALTERNATIVE) && USE_OPENSSL_ALTERNATIVE==cyassl)
     cache_transfer(ctx, CACHE_CMD_REMOVE, 0,
         sess->session_id, sess->session_id_length, NULL, 0, NULL, NULL);
+#endif
 }
 
 #define MAX_VAL_LEN 512
@@ -439,6 +447,7 @@
         const unsigned char *key, const unsigned int key_len,
         const unsigned char *val, const unsigned int val_len,
         unsigned char **ret, unsigned int *ret_len) {
+#if !(defined(USE_OPENSSL_ALTERNATIVE) && USE_OPENSSL_ALTERNATIVE==cyassl)
     char session_id_txt[2*SSL_MAX_SSL_SESSION_ID_LENGTH+1];
     const char hex[16]="0123456789ABCDEF";
     const char *type_description[]={"new", "get", "remove"};
@@ -555,6 +564,7 @@
     s_log(LOG_INFO, "cache_transfer: session found");
     memcpy(*ret, packet->val, *ret_len);
     free(packet);
+#endif
 }
 
 /**************************************** informational callback */
@@ -570,8 +580,10 @@
             where & SSL_CB_READ ? "read" : "write",
             SSL_alert_type_string_long(ret),
             SSL_alert_desc_string_long(ret));
+#if !(defined(USE_OPENSSL_ALTERNATIVE) && USE_OPENSSL_ALTERNATIVE==cyassl)
     else if(where==SSL_CB_HANDSHAKE_DONE)
         print_stats(ssl->ctx);
+#endif
 }
 
 static void print_stats(SSL_CTX *ctx) { /* print statistics */