diff --git a/commit-tests.sh b/commit-tests.sh
index f76d6ba3f..96bc7fd03 100755
--- a/commit-tests.sh
+++ b/commit-tests.sh
@@ -23,7 +23,7 @@ RESULT=$?
 
 # make sure full config is ok
 echo -e "\n\nTesting full config as well...\n\n"
-./configure --enable-opensslExtra --enable-fastmath --enable-dtls --enable-aesgcm --enable-hc128 --enable-sniffer --enable-psk;
+./configure --enable-opensslExtra --enable-fastmath --enable-dtls --enable-aesgcm --enable-hc128 --enable-sniffer --enable-psk --enable-rabbit;
 RESULT=$?
 [ $RESULT -ne 0 ] && echo -e "\n\nFull config ./configure failed" && exit 1
 
diff --git a/configure.ac b/configure.ac
index 659d842d7..81f46581d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -459,6 +459,23 @@ fi
 AM_CONDITIONAL([BUILD_HC128], [test "x$ENABLED_HC128" = "xyes"])
 
 
+# RABBIT
+AC_ARG_ENABLE(rabbit,
+    [  --enable-rabbit         Enable RABBIT (default: disabled)],
+    [ ENABLED_RABBIT=$enableval ],
+    [ ENABLED_RABBIT=no ]
+    )
+
+if test "$ENABLED_RABBIT" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_RABBIT"
+else
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_RABBIT"
+fi
+
+AM_CONDITIONAL([BUILD_RABBIT], [test "x$ENABLED_RABBIT" = "xyes"])
+
+
 # PSK 
 AC_ARG_ENABLE(psk,
     [  --enable-psk            Enable PSK (default: disabled)],
diff --git a/ctaocrypt/src/rabbit.c b/ctaocrypt/src/rabbit.c
index 008dffe2e..d1ecc3421 100644
--- a/ctaocrypt/src/rabbit.c
+++ b/ctaocrypt/src/rabbit.c
@@ -39,7 +39,7 @@
     #define LITTLE32(x) (x)
 #endif
 
-#define U32V(x) (word32)(x)
+#define U32V(x) ((word32)(x) & 0xFFFFFFFFU)
 
 
 /* Square a 32-bit unsigned integer to obtain the 64-bit result and return */
diff --git a/m4/ax_harden_compiler_flags.m4 b/m4/ax_harden_compiler_flags.m4
index ef93c5fa1..154104cb6 100644
--- a/m4/ax_harden_compiler_flags.m4
+++ b/m4/ax_harden_compiler_flags.m4
@@ -58,7 +58,6 @@
 # AX_APPEND_COMPILE_FLAGS([-Wold-style-definition],,[$ax_append_compile_cflags_extra])
 # AX_APPEND_COMPILE_FLAGS([-std=c99],,[$ax_append_compile_cflags_extra])
 # AX_APPEND_COMPILE_FLAGS([-Wlogical-op],,[$ax_append_compile_cflags_extra])
-# AX_APPEND_COMPILE_FLAGS([-Wshorten-64-to-32],,[$ax_append_compile_cflags_extra])
 
 #serial 4
 
@@ -143,6 +142,7 @@
       AX_APPEND_COMPILE_FLAGS([-Wpointer-sign],,[$ax_append_compile_cflags_extra])
       AX_APPEND_COMPILE_FLAGS([-Wredundant-decls],,[$ax_append_compile_cflags_extra])
       AX_APPEND_COMPILE_FLAGS([-Wshadow],,[$ax_append_compile_cflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wshorten-64-to-32],,[$ax_append_compile_cflags_extra])
       AX_APPEND_COMPILE_FLAGS([-Wsign-compare],,[$ax_append_compile_cflags_extra])
       AX_APPEND_COMPILE_FLAGS([-Wstrict-overflow=1],,[$ax_append_compile_cflags_extra])
       AX_APPEND_COMPILE_FLAGS([-Wstrict-prototypes],,[$ax_append_compile_cflags_extra])
@@ -205,6 +205,7 @@
       AX_APPEND_COMPILE_FLAGS([-Wpointer-arith],,[$ax_append_compile_cxxflags_extra])
       AX_APPEND_COMPILE_FLAGS([-Wredundant-decls],,[$ax_append_compile_cxxflags_extra])
       AX_APPEND_COMPILE_FLAGS([-Wshadow],,[$ax_append_compile_cxxflags_extra])
+      AX_APPEND_COMPILE_FLAGS([-Wshorten-64-to-32],,[$ax_append_compile_cxxflags_extra])
       AX_APPEND_COMPILE_FLAGS([-Wsign-compare],,[$ax_append_compile_cxxflags_extra])
       AX_APPEND_COMPILE_FLAGS([-Wstrict-overflow=1],,[$ax_append_compile_cxxflags_extra])
       AX_APPEND_COMPILE_FLAGS([-Wswitch-enum],,[$ax_append_compile_cxxflags_extra])
diff --git a/src/include.am b/src/include.am
index c6ce57491..0bdd84fb1 100644
--- a/src/include.am
+++ b/src/include.am
@@ -23,7 +23,6 @@ src_libcyassl_la_SOURCES = \
 			   ctaocrypt/src/dh.c \
 			   ctaocrypt/src/dsa.c \
 			   ctaocrypt/src/arc4.c \
-			   ctaocrypt/src/rabbit.c \
 			   ctaocrypt/src/pwdbased.c \
 			   ctaocrypt/src/logging.c \
 			   ctaocrypt/src/memory.c
@@ -56,6 +55,10 @@ if BUILD_HC128
 src_libcyassl_la_SOURCES += ctaocrypt/src/hc128.c
 endif
 
+if BUILD_RABBIT
+src_libcyassl_la_SOURCES += ctaocrypt/src/rabbit.c
+endif
+
 if BUILD_NOINLINE
 src_libcyassl_la_SOURCES += ctaocrypt/src/misc.c
 endif
diff --git a/tests/suites.c b/tests/suites.c
index b7e375e5f..b997154a0 100644
--- a/tests/suites.c
+++ b/tests/suites.c
@@ -272,6 +272,17 @@ int SuiteTest(void)
     }
 #endif
 
+#ifdef HAVE_RABBIT
+    /* add rabbit extra suites */
+    strcpy(argv0[1], "tests/test-rabbit.conf");
+    printf("starting rabbit extra cipher suite tests\n");
+    test_harness(&args);
+    if (args.return_code != 0) {
+        printf("error from script %d\n", args.return_code);
+        exit(EXIT_FAILURE);  
+    }
+#endif
+
 #ifndef NO_PSK
     /* add psk extra suites */
     strcpy(argv0[1], "tests/test-psk.conf");
diff --git a/tests/test-dtls.conf b/tests/test-dtls.conf
index 18fdd89dd..ae877574f 100644
--- a/tests/test-dtls.conf
+++ b/tests/test-dtls.conf
@@ -54,14 +54,6 @@
 -u
 -l AES256-SHA256
 
-# server DTLSv1 RABBIT-SHA
--u
--l RABBIT-SHA
-
-# client DTLSv1 RABBIT-SHA
--u
--l RABBIT-SHA
-
 # server DTLSv1 RC4-SHA NON-BLOCKING
 -u
 -l RC4-SHA
@@ -132,13 +124,3 @@
 -l AES256-SHA256
 -N
 
-# server DTLSv1 RABBIT-SHA NON-BLOCKING
--u
--l RABBIT-SHA
--N
-
-# client DTLSv1 RABBIT-SHA NON-BLOCKING
--u
--l RABBIT-SHA
--N
-
diff --git a/tests/test-rabbit.conf b/tests/test-rabbit.conf
new file mode 100644
index 000000000..4e22779c8
--- /dev/null
+++ b/tests/test-rabbit.conf
@@ -0,0 +1,24 @@
+# server TLSv1 RABBIT-SHA
+-v 1
+-l RABBIT-SHA
+
+# client TLSv1 RABBIT-SHA
+-v 1
+-l RABBIT-SHA
+
+# server TLSv1.1 RABBIT-SHA
+-v 2
+-l RABBIT-SHA
+
+# client TLSv1.1 RABBIT-SHA
+-v 2
+-l RABBIT-SHA
+
+# server TLSv1.2 RABBIT-SHA
+-v 3
+-l RABBIT-SHA
+
+# client TLSv1.2 RABBIT-SHA
+-v 3
+-l RABBIT-SHA
+
diff --git a/tests/test.conf b/tests/test.conf
index dfba31965..04e055f08 100644
--- a/tests/test.conf
+++ b/tests/test.conf
@@ -78,14 +78,6 @@
 -v 1
 -l AES256-SHA256
 
-# server TLSv1 RABBIT-SHA
--v 1
--l RABBIT-SHA
-
-# client TLSv1 RABBIT-SHA
--v 1
--l RABBIT-SHA
-
 # server TLSv1.1 RC4-SHA
 -v 2
 -l RC4-SHA
@@ -142,14 +134,6 @@
 -v 2
 -l AES256-SHA256
 
-# server TLSv1.1 RABBIT-SHA
--v 2
--l RABBIT-SHA
-
-# client TLSv1.1 RABBIT-SHA
--v 2
--l RABBIT-SHA
-
 # server TLSv1.2 RC4-SHA
 -v 3
 -l RC4-SHA
@@ -206,14 +190,6 @@
 -v 3
 -l AES256-SHA256
 
-# server TLSv1.2 RABBIT-SHA
--v 3
--l RABBIT-SHA
-
-# client TLSv1.2 RABBIT-SHA
--v 3
--l RABBIT-SHA
-
 # server SSLv3 RC4-SHA NON-BLOCKING
 -v 0
 -l RC4-SHA
@@ -314,16 +290,6 @@
 -l AES256-SHA256
 -N
 
-# server TLSv1 RABBIT-SHA NON-BLOCKING
--v 1
--l RABBIT-SHA
--N
-
-# client TLSv1 RABBIT-SHA NON-BLOCKING
--v 1
--l RABBIT-SHA
--N
-
 # server TLSv1.1 RC4-SHA NON-BLOCKING
 -v 2
 -l RC4-SHA
@@ -394,16 +360,6 @@
 -l AES256-SHA256
 -N
 
-# server TLSv1.1 RABBIT-SHA NON-BLOCKING
--v 2
--l RABBIT-SHA
--N
-
-# client TLSv1.1 RABBIT-SHA NON-BLOCKING
--v 2
--l RABBIT-SHA
--N
-
 # server TLSv1.2 RC4-SHA NON-BLOCKING
 -v 3
 -l RC4-SHA
@@ -474,13 +430,3 @@
 -l AES256-SHA256
 -N
 
-# server TLSv1.2 RABBIT-SHA NON-BLOCKING
--v 3
--l RABBIT-SHA
--N
-
-# client TLSv1.2 RABBIT-SHA NON-BLOCKING
--v 3
--l RABBIT-SHA
--N
-