* origin/pr/2612:
Adjust backport's documentation to account for missing features
Backport a doxygen note from development for `mbedtls_ssl_conf_max_frag_len()`
Update change log
Reword ssl_conf_max_frag_len documentation for clarity
* restricted/pr/529:
Fix order of sections in the ChangeLog
Fix failure in SSLv3 per-version suites test
Adjust DES exclude lists in test scripts
Clarify 3DES changes in ChangeLog
Fix documentation for 3DES removal
Exclude 3DES tests in test scripts
Fix wording of ChangeLog and 3DES_REMOVE docs
Reduce priority of 3DES ciphersuites
Refactor the function mbedtls_asn1_write_bitstring() that removes
trailing 0s at the end of DER encoded bitstrings. The function is
implemented according to Hanno Becker's suggestions.
This commit also changes the functions x509write_crt_set_ns_cert_type
and crt_set_key_usage to call the new function as the use named
bitstrings instead of the regular bitstrings.
Add inclusion to configration file in header files,
instead of relying on other header files to include
the configuration file. This issue resolves#1371
Previously, mbedtls_pkcs5_pbes2() was unconditionally declared
in `pkcs5.h` but defined as a stub returning
`MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE` in case
MBEDTLS_ASN1_PARSE_C was not defined.
In line with the previous commits, this commit removes declaration
and definition from both `pkcs5.h` and `pkcs5.c` in case
MBEDTLS_ASN1_PARSE_C is not defined.
The `id` parameter of the public `MBEDTLS_X509_ID_FLAG` macro was
used in a subtraction without being surrounded by parentheses.
Since some operators bind less strongly than subtraction, this
could lead to erroneous evaluation of `MBEDTLS_X509_ID_FLAG`.
For example, `MBEDTLS_X509_ID_FLAG( 1 << 2 )` would evaluate
evaluate to
`1 << ( 1 << 2 - 1 ) == 1 << ( 1 << 1 ) == 4`
instead of the intended
`1 << ( ( 1 << 2 ) - 1 ) == 1 << ( 4 - 1 ) == 8`.
This commit fixes this by adding parentheses about the `id`
parameter in the definition of `MBEDTLS_X509_ID_FLAG`.
Remove the trailing whitespace from the inline assembly for AMD64 target, to
overcome a warning in Clang, which was objecting to the string literal
generated by the inline assembly being greater than 4096 characters specified
by the ISO C99 standard. (-Woverlength-strings)
This is a cosmetic change and doesn't change the logic of the code in any way.
This change only fixes the problem for AMD64 target, and leaves other targets as
they are.
Fixes#482.
Deprecate mbedtls_hmac_drbg_update (which returns void) in favor of a
new function mbedtls_hmac_drbg_update_ret which reports error. The old
function is not officially marked as deprecated in this branch because
this is a stable maintenance branch.
Deprecate mbedtls_ctr_drbg_update (which returns void) in favor of a
new function mbedtls_ctr_drbg_update_ret which reports error. The old
function is not officially marked as deprecated in this branch because
this is a stable maintenance branch.