Merge 'development' into iotssl-411-port-reuse

Conflicts:
	ChangeLog

ChangeLog

@@ -1,8 +1,13 @@
 mbed TLS ChangeLog (Sorted per branch, date)
 
-= mbed TLS 2.1.1 released 2015-09-??
+= mbed TLS 2.1.1 released 2015-09-16
+
+Bugfix
+   * Fix warning when using a 64bit platform. (found by embedthis) (#275)
 
 Changes
+   * Made X509 profile pointer const in mbedtls_ssl_conf_cert_profile() to allow
+     use of mbedtls_x509_crt_profile_next. (found by NWilson)
    * When a client initiates a reconnect from the same port as a live
      connection, if cookie verification is available
      (MBEDTLS_SSL_DTLS_HELLO_VERIFY defined in config.h, and usable cookie

README.md

@@ -29,7 +29,7 @@ The Make and CMake build systems create three libraries: libmbedcrypto, libmbedx
 
 ### Yotta
 
-[yotta](http://yottabuild.org) is a package manager and build system developped by mbed; it is the build system of mbed OS. To install it on your platform, please follow the yotta [installation instructions](http://docs.yottabuild.org/#installing).
+[yotta](http://yottabuild.org) is a package manager and build system developed by mbed; it is the build system of mbed OS. To install it on your platform, please follow the yotta [installation instructions](http://docs.yottabuild.org/#installing).
 
 Once yotta is installed, you can use it to download the latest version of mbed TLS form the yotta registry with:
 
@@ -64,7 +64,7 @@ In order to run the tests, enter:
 
     make check
 
-The tests need Perl to be built and run. If you don't have Perl installed, you can skip buiding the tests with:
+The tests need Perl to be built and run. If you don't have Perl installed, you can skip building the tests with:
 
     make no_test
 
@@ -122,7 +122,7 @@ To list other available CMake options, use:
 
     cmake -LH
 
-Note that, with CMake, if you want to change the compiler or its options after you already ran CMake, you need to clear its cache first, eg (using GNU find):
+Note that, with CMake, if you want to change the compiler or its options after you already ran CMake, you need to clear its cache first, e.g. (using GNU find):
 
     find . -iname '*cmake*' -not -name CMakeLists.txt -exec rm -rf {} +
     CC=gcc CFLAGS='-fstack-protector-strong -Wa,--noexecstack' cmake .

include/mbedtls/ssl.h

@@ -1387,7 +1387,7 @@ void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
  * \param profile  Profile to use
  */
 void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
-                                    mbedtls_x509_crt_profile *profile );
+                                    const mbedtls_x509_crt_profile *profile );
 
 /**
  * \brief          Set the data required to verify peer certificate

library/net.c

@@ -319,7 +319,7 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
         /* UDP: wait for a message, but keep it in the queue */
         char buf[1] = { 0 };
 
-        ret = recvfrom( bind_ctx->fd, buf, sizeof( buf ), MSG_PEEK,
+        ret = (int) recvfrom( bind_ctx->fd, buf, sizeof( buf ), MSG_PEEK,
                         (struct sockaddr *) &client_addr, &n );
 
 #if defined(_WIN32)

library/ssl_tls.c

@@ -5603,7 +5603,7 @@ void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
 
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
 void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
-                                    mbedtls_x509_crt_profile *profile )
+                                    const mbedtls_x509_crt_profile *profile )
 {
     conf->cert_profile = profile;
 }

scripts/memory.sh

@@ -52,6 +52,8 @@ do_config()
         scripts/config.pl unset $FLAG
     done
 
+    grep -F SSL_MAX_CONTENT_LEN $CONFIG_H || echo 'SSL_MAX_CONTENT_LEN=16384'
+
     printf "    Executable size... "
 
     make clean