TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 008d304d1ba1737d0b8288c67fd613a5304e9ee8^! / .
commit008d304d1ba1737d0b8288c67fd613a5304e9ee8[log] [tgz]
authorHanno Becker <hanno.becker@arm.com>Thu Feb 28 16:51:01 2019 +0000
committerHanno Becker <hanno.becker@arm.com>Tue Jun 25 09:07:16 2019 +0100
tree3f48f73e298207792c9531dfcb8ded5a42d563ec
parent5d9021e7f24b4b1c3e8cff73bbec905630dbaa87 [diff]
Adapt ChangeLog

diff --git a/ChangeLog b/ChangeLog
index 49c3acf..e3c335e 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -49,6 +49,13 @@
      always return NULL, and removes the peer_cert field from the
      mbedtls_ssl_session structure which otherwise stores the peer's
      certificate.
+   * Add a new compile-time option `MBEDTLS_X509_ON_DEMAND_PARSING`,
+     disabled by default, which allows to parse and cache X.509 CRTs
+     on demand only, at the benefit of lower RAM usage. Enabling
+     this option breaks the structure API of X.509 in that most
+     fields of `mbedtls_x509_crt` are removed, but it keeps the
+     X.509 function API. See the API changes section as well as
+     the documentation in `config.h` for more information.
 
 Bugfix
    * Server's RSA certificate in certs.c was SHA-1 signed. In the default