Merge 'development' into iotssl-411-port-reuse

Conflicts:
	ChangeLog
This commit is contained in:
Simon Butcher 2015-09-16 15:25:53 +01:00
commit 5793e7ef01
6 changed files with 14 additions and 7 deletions

View File

@ -1,8 +1,13 @@
mbed TLS ChangeLog (Sorted per branch, date) mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS 2.1.1 released 2015-09-?? = mbed TLS 2.1.1 released 2015-09-16
Bugfix
* Fix warning when using a 64bit platform. (found by embedthis) (#275)
Changes Changes
* Made X509 profile pointer const in mbedtls_ssl_conf_cert_profile() to allow
use of mbedtls_x509_crt_profile_next. (found by NWilson)
* When a client initiates a reconnect from the same port as a live * When a client initiates a reconnect from the same port as a live
connection, if cookie verification is available connection, if cookie verification is available
(MBEDTLS_SSL_DTLS_HELLO_VERIFY defined in config.h, and usable cookie (MBEDTLS_SSL_DTLS_HELLO_VERIFY defined in config.h, and usable cookie

View File

@ -29,7 +29,7 @@ The Make and CMake build systems create three libraries: libmbedcrypto, libmbedx
### Yotta ### Yotta
[yotta](http://yottabuild.org) is a package manager and build system developped by mbed; it is the build system of mbed OS. To install it on your platform, please follow the yotta [installation instructions](http://docs.yottabuild.org/#installing). [yotta](http://yottabuild.org) is a package manager and build system developed by mbed; it is the build system of mbed OS. To install it on your platform, please follow the yotta [installation instructions](http://docs.yottabuild.org/#installing).
Once yotta is installed, you can use it to download the latest version of mbed TLS form the yotta registry with: Once yotta is installed, you can use it to download the latest version of mbed TLS form the yotta registry with:
@ -64,7 +64,7 @@ In order to run the tests, enter:
make check make check
The tests need Perl to be built and run. If you don't have Perl installed, you can skip buiding the tests with: The tests need Perl to be built and run. If you don't have Perl installed, you can skip building the tests with:
make no_test make no_test
@ -122,7 +122,7 @@ To list other available CMake options, use:
cmake -LH cmake -LH
Note that, with CMake, if you want to change the compiler or its options after you already ran CMake, you need to clear its cache first, eg (using GNU find): Note that, with CMake, if you want to change the compiler or its options after you already ran CMake, you need to clear its cache first, e.g. (using GNU find):
find . -iname '*cmake*' -not -name CMakeLists.txt -exec rm -rf {} + find . -iname '*cmake*' -not -name CMakeLists.txt -exec rm -rf {} +
CC=gcc CFLAGS='-fstack-protector-strong -Wa,--noexecstack' cmake . CC=gcc CFLAGS='-fstack-protector-strong -Wa,--noexecstack' cmake .

View File

@ -1387,7 +1387,7 @@ void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
* \param profile Profile to use * \param profile Profile to use
*/ */
void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
mbedtls_x509_crt_profile *profile ); const mbedtls_x509_crt_profile *profile );
/** /**
* \brief Set the data required to verify peer certificate * \brief Set the data required to verify peer certificate

View File

@ -319,7 +319,7 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
/* UDP: wait for a message, but keep it in the queue */ /* UDP: wait for a message, but keep it in the queue */
char buf[1] = { 0 }; char buf[1] = { 0 };
ret = recvfrom( bind_ctx->fd, buf, sizeof( buf ), MSG_PEEK, ret = (int) recvfrom( bind_ctx->fd, buf, sizeof( buf ), MSG_PEEK,
(struct sockaddr *) &client_addr, &n ); (struct sockaddr *) &client_addr, &n );
#if defined(_WIN32) #if defined(_WIN32)

View File

@ -5603,7 +5603,7 @@ void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
mbedtls_x509_crt_profile *profile ) const mbedtls_x509_crt_profile *profile )
{ {
conf->cert_profile = profile; conf->cert_profile = profile;
} }

View File

@ -52,6 +52,8 @@ do_config()
scripts/config.pl unset $FLAG scripts/config.pl unset $FLAG
done done
grep -F SSL_MAX_CONTENT_LEN $CONFIG_H || echo 'SSL_MAX_CONTENT_LEN=16384'
printf " Executable size... " printf " Executable size... "
make clean make clean