xref: /mbedtls-development/ChangeLog

58    * Remove the MBEDTLS_TEST_NULL_ENTROPY config option. Fixes #4388.
70    * Replace MBEDTLS_SHA512_NO_SHA384 config option with MBEDTLS_SHA384_C.
71      This separates config option enabling the SHA384 algorithm from option
74      This separates config option enabling the SHA224 algorithm from option
230    * Remove the MBEDTLS_SSL_DTLS_BADMAC_LIMIT config.h option. Fixes #4403.
245    * Remove MBEDTLS_ECDH_LEGACY_CONTEXT config option since this was purely for
250    * Remove the  MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION config.h
254      MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE config.h options and let the code
267      MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT config option. Users are better served by
379    * Remove outdated check-config.h check that prevented implementing the
428    * Remove configs/config-psa-crypto.h, which no longer had any intended
448    * Add CMake package config generation for CMake projects consuming Mbed TLS.
449    * config.h has been split into build_info.h and mbedtls_config.h
455    * A config file version symbol, MBEDTLS_CONFIG_VERSION was introduced.
457      the config file in a way that's compatible with the config file format
996      happen when MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE was enabled in config.h
1283    * Make it easier to define MBEDTLS_PARAM_FAILED as assert (which config.h
1441      (e.g. config.h.bak). Fixed by Peter Kolbus (Garmin) #2407.
1478    * Add a new config.h option of MBEDTLS_CHECK_PARAMS that enables validation
1484      disabled by default. See its API documentation in config.h for additional
1736      in mbedtls/config.h.
1914      (RFC 6209). Disabled by default, see MBEDTLS_ARIA_C in config.h
2070      config.h. Found by Andreas Walz (ivESK, Offenburg University of
2161      config and the application data buffer passed to mbedtls_ssl_write
2201      MBEDTLS_ECDSDA_GENKEY_AT in config.h.
2207      MBEDTLS_ECDH_GEN_PUBLIC_ALT in config.h.
2409    * Added config.h option MBEDTLS_NO_UDBL_DIVISION, to prevent the use of
2416      config-no-entropy.h to reduce the RAM footprint.
2542      x509_csr.c that are reported when building mbed TLS with a config.h that
2607    * Added a configuration file config-no-entropy.h that configures the subset of
2609    * Added the macro MBEDTLS_ENTROPY_MIN_HARDWARE in config.h. This allows users
2689      ECDSA was disabled in config.h . The leak didn't occur by default.
2828    * Fixed paths for check_config.h in example config files. (Found by bachp)
2852      (MBEDTLS_SSL_DTLS_HELLO_VERIFY defined in config.h, and usable cookie
2899      end of the default config.h by defining MBEDTLS_USER_CONFIG_FILE on the
3001    * Change SSL_DISABLE_RENEGOTIATION config.h flag to SSL_RENEGOTIATION
3002      (support for renegotiation now needs explicit enabling in config.h).
3004      in config.h
3029    * Removed helper script active-config.pl
3055      custom config.h
3121    * Add config flag POLARSSL_DEPRECATED_WARNING (off by default) to produce
3123    * Add config flag POLARSSL_DEPRECATED_REMOVED (off by default) to produce
3156      POLARSSL_SSL_SSESSION_TICKETS where both enabled in config.h (introduced
3247      switch back to random with POLARSSL_SSL_AEAD_RANDOM_IV in config.h).
3320    * Add example config.h for PSK with CCM, optimized for low RAM usage.
3321    * Optimize for RAM usage in example config.h for NSA Suite B profile.
3326    * Add SSL_CIPHERSUITES config.h flag to allow specifying a list of
3614    * config.h is more script-friendly
3874    * Centralized module option values in config.h to allow user-defined
3884      config.h)

Last Index update Sun Aug 20 00:18:20 CST 2023