Make it easier to define MBEDTLS_PARAM_FAILED as assert Introduce a new configuration option MBEDTLS_CHECK_PARAMS_ASSERT, which is disabled by default. When this option is enabled, MBEDTLS_PARAM_FAILED defaults to assert rather than to a call to mbedtls_param_failed, and <assert.h> is included. This fixes #2671 (no easy way to make MBEDTLS_PARAM_FAILED assert) without breaking backward compatibility. With this change, `config.pl full` runs tests with MBEDTLS_PARAM_FAILED set to assert, so the tests will fail if a validation check fails, and programs don't need to provide their own definition of mbedtls_param_failed().

commit: 30346f639edf6a4c67e9068ed9253c9655448c5d [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Thu Jun 13 16:44:19 2019 +0200
committer: Gilles Peskine <Gilles.Peskine@arm.com> Mon Jun 17 19:07:42 2019 +0200
tree: 33a4c64ba0d16010a9f381aebc7ec7edfc83f76e
parent: 137d31bf5a500736f53acf2e21eaf30ac985f184 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index cec77d2..13034fd 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -57,6 +57,8 @@
    * Change wording in the `mbedtls_ssl_conf_max_frag_len()`'s documentation to
      improve clarity. Fixes #2258.
    * Replace multiple uses of MD2 by SHA-256 in X.509 test suite. Fixes #821.
+   * Make it easier to define MBEDTLS_PARAM_FAILED as assert (which config.h
+     suggests). #2671
 
 = mbed TLS 2.16.1 branch released 2019-03-19
commit	30346f639edf6a4c67e9068ed9253c9655448c5d	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Thu Jun 13 16:44:19 2019 +0200
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Mon Jun 17 19:07:42 2019 +0200
tree	33a4c64ba0d16010a9f381aebc7ec7edfc83f76e
parent	137d31bf5a500736f53acf2e21eaf30ac985f184 [diff] [blame]