From 5e9f14d4d988222aacb49b8eb15eedd266e9f147 Mon Sep 17 00:00:00 2001
From: Ron Eldor <Ron.Eldor@arm.com>
Date: Sun, 28 May 2017 10:46:38 +0300
Subject: [PATCH 1/2] Set correct minimal versions in default conf

Set `MBEDTLS_SSL_MIN_MAJOR_VERSION` and `MBEDTLS_SSL_MIN_MINOR_VERSION`
instead of `MBEDTLS_SSL_MAJOR_VERSION_3` and `MBEDTLS_SSL_MINOR_VERSION_1`
---
 ChangeLog                      | 26 +++++++++++++++-----------
 include/mbedtls/ssl_internal.h |  3 +++
 library/ssl_tls.c              | 10 ++++++++--
 3 files changed, 26 insertions(+), 13 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index a6fa6bbda..6dab645dc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -41,17 +41,6 @@ New deprecations
    * Direct manipulation of structure fields of RSA contexts is deprecated.
      Users are advised to use the extended RSA API instead.
 
-API Changes
-   * Extend RSA interface by multiple functions allowing structure-
-     independent setup and export of RSA contexts. Most notably,
-     mbedtls_rsa_import and mbedtls_rsa_complete are introduced for setting
-     up RSA contexts from partial key material and having them completed to the
-     needs of the implementation automatically. This allows to setup private RSA
-     contexts from keys consisting of N,D,E only, even if P,Q are needed for the
-     purpose or CRT and/or blinding.
-   * The configuration option MBEDTLS_RSA_ALT can be used to define alternative
-     implementations of the RSA interface declared in rsa.h.
-
 Bugfix
    * Fix ssl_parse_record_header() to silently discard invalid DTLS records
      as recommended in RFC 6347 Section 4.1.2.7.
@@ -101,6 +90,10 @@ Bugfix
      RSA test suite where the failure of CTR DRBG initialization lead to
      freeing an RSA context and several MPI's without proper initialization
      beforehand.
+   * Fix setting version TLSv1 as minimal version, even if TLS 1
+     is not enabled. Set `MBEDTLS_SSL_MIN_MAJOR_VERSION`
+     and `MBEDTLS_SSL_MIN_MINOR_VERSION` instead
+     of `MBEDTLS_SSL_MAJOR_VERSION_3` and `MBEDTLS_SSL_MINOR_VERSION_1`
 
 Changes
    * Extend cert_write example program by options to set the CRT version
@@ -114,6 +107,17 @@ Changes
    * Tighten the RSA PKCS#1 v1.5 signature verification code and remove the
      undeclared dependency of the RSA module on the ASN.1 module.
 
+API Changes
+   * Extend RSA interface by multiple functions allowing structure-
+     independent setup and export of RSA contexts. Most notably,
+     mbedtls_rsa_import and mbedtls_rsa_complete are introduced for setting
+     up RSA contexts from partial key material and having them completed to the
+     needs of the implementation automatically. This allows to setup private RSA
+     contexts from keys consisting of N,D,E only, even if P,Q are needed for the
+     purpose or CRT and/or blinding.
+   * The configuration option MBEDTLS_RSA_ALT can be used to define alternative
+     implementations of the RSA interface declared in rsa.h.
+
 = mbed TLS 2.6.0 branch released 2017-08-10
 
 Security
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 756360b18..56e376b88 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -69,6 +69,9 @@
 #endif /* MBEDTLS_SSL_PROTO_TLS1   */
 #endif /* MBEDTLS_SSL_PROTO_SSL3   */
 
+#define MBEDTLS_SSL_MIN_VALID_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1
+#define MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3
+
 /* Determine maximum supported version */
 #define MBEDTLS_SSL_MAX_MAJOR_VERSION           MBEDTLS_SSL_MAJOR_VERSION_3
 
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 2690e4673..bc98708f6 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -7602,8 +7602,14 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
          * Default
          */
         default:
-            conf->min_major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
-            conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_1; /* TLS 1.0 */
+            conf->min_major_ver = ( MBEDTLS_SSL_MIN_MAJOR_VERSION >
+                                    MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION ) ?
+                                    MBEDTLS_SSL_MIN_MAJOR_VERSION :
+                                    MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION;
+            conf->min_minor_ver = ( MBEDTLS_SSL_MIN_MINOR_VERSION >
+                                    MBEDTLS_SSL_MIN_VALID_MINOR_VERSION ) ?
+                                    MBEDTLS_SSL_MIN_MINOR_VERSION :
+                                    MBEDTLS_SSL_MIN_VALID_MINOR_VERSION;
             conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
             conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION;
 

From 3f1b89d251bd654c77cd61ddf3aac64ebee9be21 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sun, 11 Mar 2018 00:35:39 +0100
Subject: [PATCH 2/2] This fixes #664

---
 ChangeLog | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 6dab645dc..40aa075b6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -91,9 +91,9 @@ Bugfix
      freeing an RSA context and several MPI's without proper initialization
      beforehand.
    * Fix setting version TLSv1 as minimal version, even if TLS 1
-     is not enabled. Set `MBEDTLS_SSL_MIN_MAJOR_VERSION`
-     and `MBEDTLS_SSL_MIN_MINOR_VERSION` instead
-     of `MBEDTLS_SSL_MAJOR_VERSION_3` and `MBEDTLS_SSL_MINOR_VERSION_1`
+     is not enabled. Set MBEDTLS_SSL_MIN_MAJOR_VERSION
+     and MBEDTLS_SSL_MIN_MINOR_VERSION instead of
+     MBEDTLS_SSL_MAJOR_VERSION_3 and MBEDTLS_SSL_MINOR_VERSION_1. #664
 
 Changes
    * Extend cert_write example program by options to set the CRT version