xref: /AliOS-Things-master/components/mbedtls/ChangeLog

172    * Zeroize memory used for buffering or reassembling handshake messages
234    * Add support for fragmentation of outgoing DTLS handshake messages. This
239      handshake when flights do not get through (RFC 6347, section 4.1.1.1,
243    * Add support for buffering out-of-order handshake messages in DTLS.
266    * Fix a bug that caused SSL/TLS clients to incorrectly abort the handshake
287    * Add support for buffering of out-of-order handshake messages.
615      In the context of SSL, this resulted in handshake failure. Reported by
798    * Fix handling of handshake messages in mbedtls_ssl_read() in case
804    * Add size-checks for record and handshake message content, securing
830    * Fix status handshake status message in programs/ssl/dtls_client.c. Found
863      (the default), the handshake was correctly aborted).
886    * With authmode set to optional, the TLS handshake is now aborted if the
1231    * Disable MD5 handshake signatures in TLS 1.2 by default to prevent the
1348      tries to continue the handshake after it failed (a misuse of the API).
1366      handshake with the same context. (See RFC 6347 section 4.2.8.)
1653      ssl_write() is called before the handshake is finished (introduced in
1746    * ssl_get_verify_result() now works even if the handshake was aborted due
1998      "triple handshake" attack when authentication mode is 'optional' (the
2245    * ssl_get_verify_result() now works even if the handshake was aborted due
2303      "triple handshake" attack when authentication mode is optional (the
2472    * Added ssl_handshake_step() to allow single stepping the handshake process
2771      after the handshake.
3064     * Fixed ssl_read_record() to properly update the handshake

Last Index update Sun Aug 20 00:18:20 CST 2023