diff --git a/ChangeLog b/ChangeLog index 50a372417..c7d86ad8a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -9,13 +9,12 @@ Features to override the whole module. API Changes + * All public identifiers moved to the mbedtls_* or MBEDTLS_* namespace. + Migration helpers scripts/rename.pl and include/mbedlts/compat-1.3.h are + provided. + * Headers are now found in the 'mbedtls' directory (previously 'polarssl'). * In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now return void. - * Configuration options POLARSSL_HAVE_LONGLONG was removed (now always on). - * Configuration options POLARSSL_HAVE_INT8 and POLARSSL_HAVE_INT16 have - been removed (compiler is required to support 32-bit operations). - * Configuration option POLARSSL_HAVE_IPV6 was removed (always enabled). - * All public identifiers moved to the mbedtls_* or MBEDTLS_* namespace. * ecdsa_write_signature() gained an addtional md_alg argument and ecdsa_write_signature_det() was deprecated. * pk_sign() no longer accepts md_alg == POLARSSL_MD_NONE with ECDSA. @@ -24,25 +23,33 @@ API Changes available if POLARSSL_PEM_PARSE_C is defined (it never worked without). * Test certificates in certs.c are no longer guaranteed to be nul-terminated strings; use the new *_len variables instead of strlen(). - * Removed individual mdX_hmac and shaX_hmac functions (use generic - md_hmac functions from md.h) - * Some constness fixes * Signature of mpi_mul_mpi() changed to make the last argument unsigned - * Remove the PBKDF2 module (use PKCS5). - * Remove POLARSSL_ERROR_STRERROR_BC (use mbedtls_strerror()). - * Headers are now found in the 'mbedtls' directory (previously 'polarssl'). * Change SSL_DISABLE_RENEGOTIATION config.h flag to SSL_RENEGOTIATION (support for renegotiation now needs explicit enabling in config.h). - * Remove compat-1.2.h (helper for migrating from 1.2 to 1.3). - * Remove openssl.h (very partial OpenSSL compatibility layer). * net_connect() and net_bind() have a new 'proto' argument to choose between TCP and UDP, using the macros NET_PROTO_TCP or NET_PROTO_UDP. * ssl_set_bio() now requires that p_send == p_recv. + * Some constness fixes + +Removals + * Removed individual mdX_hmac and shaX_hmac functions (use generic + md_hmac functions from md.h) + * Removed the PBKDF2 module (use PKCS5). + * Removed POLARSSL_ERROR_STRERROR_BC (use mbedtls_strerror()). + * Removed compat-1.2.h (helper for migrating from 1.2 to 1.3). + * Removed openssl.h (very partial OpenSSL compatibility layer). + * Configuration options POLARSSL_HAVE_LONGLONG was removed (now always on). + * Configuration options POLARSSL_HAVE_INT8 and POLARSSL_HAVE_INT16 have + been removed (compiler is required to support 32-bit operations). + * Configuration option POLARSSL_HAVE_IPV6 was removed (always enabled). + * Removed test program o_p_test, the script compat.sh does more. + * Removed test program ssl_test, superseded by ssl-opt.sh. + * Removed helper script active-config.pl New deprecations * md_init_ctx() is deprecated in favour of md_setup(), that adds a third argument (allowing memory savings if HMAC is not used) - * ssl_set_bio() is deprecated in favor of ssl_set_bio_timeout(). + * ssl_set_bio() is deprecated in favour of ssl_set_bio_timeout(). Semi-API changes (technically public, morally private) * Changed md_info_t into an opaque structure (use md_get_xxx() accessors). @@ -62,12 +69,9 @@ Default behavior changes enabled in the default configuration, this is only noticeable if using a custom config.h -Changes +Reauirement changes * The minimum MSVC version required is now 2010 (better C99 support). * The NET layer now unconditionnaly relies on getaddrinfo(). - * Remove test program o_p_test, the script compat.sh does more. - * Remove test program ssl_test, superseded by ssl-opt.sh. - * Remove helper script active-config.pl = mbed TLS 1.3 branch