Merge remote-tracking branch 'origin/pr/2526' into mbedtls-2.16

* origin/pr/2526:
  Update library version to 2.16.1
This commit is contained in:
Jaeden Amero 2019-03-26 15:27:56 +00:00
commit f2357f8903
6 changed files with 33 additions and 27 deletions

View File

@ -2,6 +2,28 @@ mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS 2.x.x branch released xxxx-xx-xx = mbed TLS 2.x.x branch released xxxx-xx-xx
Bugfix
* Server's RSA certificate in certs.c was SHA-1 signed. In the default
mbedTLS configuration only SHA-2 signed certificates are accepted.
This certificate is used in the demo server programs, which lead the
client programs to fail at the peer's certificate verification
due to an unacceptable hash signature. The certificate has been
updated to one that is SHA-256 signed. Fix contributed by
Illya Gerasymchuk.
* Fix private key DER output in the key_app_writer example. File contents
were shifted by one byte, creating an invalid ASN.1 tag. Fixed by
Christian Walther in #2239.
Changes
* Return from various debugging routines immediately if the
provided SSL context is unset.
* Remove dead code from bignum.c in the default configuration.
Found by Coverity, reported and fixed by Peter Kolbus (Garmin). Fixes #2309.
* Add test for minimal value of MBEDTLS_MPI_WINDOW_SIZE to all.sh.
Contributed by Peter Kolbus (Garmin).
= mbed TLS 2.16.1 branch released 2019-03-19
Features Features
* Add MBEDTLS_REMOVE_3DES_CIPHERSUITES to allow removing 3DES ciphersuites * Add MBEDTLS_REMOVE_3DES_CIPHERSUITES to allow removing 3DES ciphersuites
from the default list (enabled by default). See from the default list (enabled by default). See
@ -37,16 +59,6 @@ Bugfix
extensions in CSRs and CRTs that caused these bitstrings to not be encoded extensions in CSRs and CRTs that caused these bitstrings to not be encoded
correctly as trailing zeroes were not accounted for as unused bits in the correctly as trailing zeroes were not accounted for as unused bits in the
leading content octet. Fixes #1610. leading content octet. Fixes #1610.
* Server's RSA certificate in certs.c was SHA-1 signed. In the default
mbedTLS configuration only SHA-2 signed certificates are accepted.
This certificate is used in the demo server programs, which lead the
client programs to fail at the peer's certificate verification
due to an unacceptable hash signature. The certificate has been
updated to one that is SHA-256 signed. Fix contributed by
Illya Gerasymchuk.
* Fix private key DER output in the key_app_writer example. File contents
were shifted by one byte, creating an invalid ASN.1 tag. Fixed by
Christian Walther in #2239.
Changes Changes
* Include configuration file in all header files that use configuration, * Include configuration file in all header files that use configuration,
@ -62,12 +74,6 @@ Changes
been disabled for lack of a sufficiently recent version of GnuTLS on the CI. been disabled for lack of a sufficiently recent version of GnuTLS on the CI.
* Ciphersuites based on 3DES now have the lowest priority by default when * Ciphersuites based on 3DES now have the lowest priority by default when
they are enabled. they are enabled.
* Return from various debugging routines immediately if the
provided SSL context is unset.
* Remove dead code from bignum.c in the default configuration.
Found by Coverity, reported and fixed by Peter Kolbus (Garmin). Fixes #2309.
* Add test for minimal value of MBEDTLS_MPI_WINDOW_SIZE to all.sh.
Contributed by Peter Kolbus (Garmin).
= mbed TLS 2.16.0 branch released 2018-12-21 = mbed TLS 2.16.0 branch released 2018-12-21

View File

@ -24,7 +24,7 @@
*/ */
/** /**
* @mainpage mbed TLS v2.16.0 source code documentation * @mainpage mbed TLS v2.16.1 source code documentation
* *
* This documentation describes the internal structure of mbed TLS. It was * This documentation describes the internal structure of mbed TLS. It was
* automatically generated from specially formatted comment blocks in * automatically generated from specially formatted comment blocks in

View File

@ -28,7 +28,7 @@ DOXYFILE_ENCODING = UTF-8
# identify the project. Note that if you do not use Doxywizard you need # identify the project. Note that if you do not use Doxywizard you need
# to put quotes around the project name if it contains spaces. # to put quotes around the project name if it contains spaces.
PROJECT_NAME = "mbed TLS v2.16.0" PROJECT_NAME = "mbed TLS v2.16.1"
# The PROJECT_NUMBER tag can be used to enter a project or revision number. # The PROJECT_NUMBER tag can be used to enter a project or revision number.
# This could be handy for archiving the generated documentation or # This could be handy for archiving the generated documentation or

View File

@ -40,16 +40,16 @@
*/ */
#define MBEDTLS_VERSION_MAJOR 2 #define MBEDTLS_VERSION_MAJOR 2
#define MBEDTLS_VERSION_MINOR 16 #define MBEDTLS_VERSION_MINOR 16
#define MBEDTLS_VERSION_PATCH 0 #define MBEDTLS_VERSION_PATCH 1
/** /**
* The single version number has the following structure: * The single version number has the following structure:
* MMNNPP00 * MMNNPP00
* Major version | Minor version | Patch version * Major version | Minor version | Patch version
*/ */
#define MBEDTLS_VERSION_NUMBER 0x02100000 #define MBEDTLS_VERSION_NUMBER 0x02100100
#define MBEDTLS_VERSION_STRING "2.16.0" #define MBEDTLS_VERSION_STRING "2.16.1"
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.0" #define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.1"
#if defined(MBEDTLS_VERSION_C) #if defined(MBEDTLS_VERSION_C)

View File

@ -165,15 +165,15 @@ endif(USE_STATIC_MBEDTLS_LIBRARY)
if(USE_SHARED_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY)
add_library(mbedcrypto SHARED ${src_crypto}) add_library(mbedcrypto SHARED ${src_crypto})
set_target_properties(mbedcrypto PROPERTIES VERSION 2.16.0 SOVERSION 3) set_target_properties(mbedcrypto PROPERTIES VERSION 2.16.1 SOVERSION 3)
target_link_libraries(mbedcrypto ${libs}) target_link_libraries(mbedcrypto ${libs})
add_library(mbedx509 SHARED ${src_x509}) add_library(mbedx509 SHARED ${src_x509})
set_target_properties(mbedx509 PROPERTIES VERSION 2.16.0 SOVERSION 0) set_target_properties(mbedx509 PROPERTIES VERSION 2.16.1 SOVERSION 0)
target_link_libraries(mbedx509 ${libs} mbedcrypto) target_link_libraries(mbedx509 ${libs} mbedcrypto)
add_library(mbedtls SHARED ${src_tls}) add_library(mbedtls SHARED ${src_tls})
set_target_properties(mbedtls PROPERTIES VERSION 2.16.0 SOVERSION 12) set_target_properties(mbedtls PROPERTIES VERSION 2.16.1 SOVERSION 12)
target_link_libraries(mbedtls ${libs} mbedx509) target_link_libraries(mbedtls ${libs} mbedx509)
install(TARGETS mbedtls mbedx509 mbedcrypto install(TARGETS mbedtls mbedx509 mbedcrypto

View File

@ -1,8 +1,8 @@
Check compiletime library version Check compiletime library version
check_compiletime_version:"2.16.0" check_compiletime_version:"2.16.1"
Check runtime library version Check runtime library version
check_runtime_version:"2.16.0" check_runtime_version:"2.16.1"
Check for MBEDTLS_VERSION_C Check for MBEDTLS_VERSION_C
check_feature:"MBEDTLS_VERSION_C":0 check_feature:"MBEDTLS_VERSION_C":0