TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 13a977667652ec3a7a3e9ad45b9e6bad09b2539b^! / .
commit13a977667652ec3a7a3e9ad45b9e6bad09b2539b[log] [tgz]
authorManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Mon Jun 07 12:00:04 2021 +0200
committerManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Mon Jun 07 12:00:04 2021 +0200
tree9055e68fb42f037d9d6c6faf26e7f6b1e3834c8d
parent3b5a7c198c51e09342ed83947057375533aaff36 [diff]
Editorial improvements

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

diff --git a/ChangeLog.d/issue4286.txt b/ChangeLog.d/issue4286.txt
index 427b37c..75d2f09 100644
--- a/ChangeLog.d/issue4286.txt
+++ b/ChangeLog.d/issue4286.txt

@@ -2,13 +2,9 @@
    * Remove support for TLS 1.0, TLS 1.1 and DTLS 1.0, as well as support for
      CBC record splitting, fallback SCSV, and the ability to configure
      ciphersuites per version, which are no longer relevant. This removes the
-     following public constants: MBEDTLS_SSL_PROTO_TLS1,
-     MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_MINOR_VERSION_1,
-     MBEDTLS_SSL_MINOR_VERSION_2, MBEDTLS_SSL_CBC_RECORD_SPLITTING,
-     MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED,
-     MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED,
-     MBEDTLS_SSL_FALLBACK_SCSV, MBEDTLS_SSL_FALLBACK_SCSV_VALUE,
-     MBEDTLS_SSL_IS_FALLBACK, MBEDTLS_SSL_IS_NOT_FALLBACK; and functions:
+     configuration options MBEDTLS_SSL_PROTO_TLS1,
+     MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_CBC_RECORD_SPLITTING and
+     MBEDTLS_SSL_FALLBACK_SCSV as well as the functions
      mbedtls_ssl_conf_cbc_record_splitting(),
      mbedtls_ssl_get_key_exchange_md_ssl_tls(), mbedtls_ssl_conf_fallback(),
-     mbedtls_ssl_conf_ciphersuites_for_version(). Fixes #4286.
+     and mbedtls_ssl_conf_ciphersuites_for_version(). Fixes #4286.

diff --git a/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md b/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md
index b1afe64..73d621f 100644
--- a/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md
+++ b/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md

@@ -10,9 +10,9 @@
 
 The migration path is to adopt the latest versions of the protocol.
 
-As a consequence of removing 1.0, support for CBC record splitting was also
-removed, as it was a work-around for a weakness in this particular version.
-There is no migration path is no longer makes sense with newer versions.
+As a consequence of removing TLS 1.0, support for CBC record splitting was
+also removed, as it was a work-around for a weakness in this particular
+version. There is no migration path since the feature is no longer relevant.
 
 As a consequence of currently supporting only one version of (D)TLS (and in the
 future 1.3 which will have a different version negociation mechanism), support