Merge 'development' into iotssl-411-port-reuse
Conflicts:
ChangeLog
diff --git a/ChangeLog b/ChangeLog
index b4b1f61..aa5890e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,8 +1,13 @@
mbed TLS ChangeLog (Sorted per branch, date)
-= mbed TLS 2.1.1 released 2015-09-??
+= mbed TLS 2.1.1 released 2015-09-16
+
+Bugfix
+ * Fix warning when using a 64bit platform. (found by embedthis) (#275)
Changes
+ * Made X509 profile pointer const in mbedtls_ssl_conf_cert_profile() to allow
+ use of mbedtls_x509_crt_profile_next. (found by NWilson)
* When a client initiates a reconnect from the same port as a live
connection, if cookie verification is available
(MBEDTLS_SSL_DTLS_HELLO_VERIFY defined in config.h, and usable cookie
diff --git a/README.md b/README.md
index 79943d1..bcc0a32 100644
--- a/README.md
+++ b/README.md
@@ -29,7 +29,7 @@
### Yotta
-[yotta](http://yottabuild.org) is a package manager and build system developped by mbed; it is the build system of mbed OS. To install it on your platform, please follow the yotta [installation instructions](http://docs.yottabuild.org/#installing).
+[yotta](http://yottabuild.org) is a package manager and build system developed by mbed; it is the build system of mbed OS. To install it on your platform, please follow the yotta [installation instructions](http://docs.yottabuild.org/#installing).
Once yotta is installed, you can use it to download the latest version of mbed TLS form the yotta registry with:
@@ -64,7 +64,7 @@
make check
-The tests need Perl to be built and run. If you don't have Perl installed, you can skip buiding the tests with:
+The tests need Perl to be built and run. If you don't have Perl installed, you can skip building the tests with:
make no_test
@@ -122,7 +122,7 @@
cmake -LH
-Note that, with CMake, if you want to change the compiler or its options after you already ran CMake, you need to clear its cache first, eg (using GNU find):
+Note that, with CMake, if you want to change the compiler or its options after you already ran CMake, you need to clear its cache first, e.g. (using GNU find):
find . -iname '*cmake*' -not -name CMakeLists.txt -exec rm -rf {} +
CC=gcc CFLAGS='-fstack-protector-strong -Wa,--noexecstack' cmake .
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 512c767..2d7beb3 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1387,7 +1387,7 @@
* \param profile Profile to use
*/
void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
- mbedtls_x509_crt_profile *profile );
+ const mbedtls_x509_crt_profile *profile );
/**
* \brief Set the data required to verify peer certificate
diff --git a/library/net.c b/library/net.c
index b892df9..b5d0688 100644
--- a/library/net.c
+++ b/library/net.c
@@ -319,7 +319,7 @@
/* UDP: wait for a message, but keep it in the queue */
char buf[1] = { 0 };
- ret = recvfrom( bind_ctx->fd, buf, sizeof( buf ), MSG_PEEK,
+ ret = (int) recvfrom( bind_ctx->fd, buf, sizeof( buf ), MSG_PEEK,
(struct sockaddr *) &client_addr, &n );
#if defined(_WIN32)
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 463a6b1..d9b05fd 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -5603,7 +5603,7 @@
#if defined(MBEDTLS_X509_CRT_PARSE_C)
void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
- mbedtls_x509_crt_profile *profile )
+ const mbedtls_x509_crt_profile *profile )
{
conf->cert_profile = profile;
}
diff --git a/scripts/memory.sh b/scripts/memory.sh
index 0738e7d..3dad289 100755
--- a/scripts/memory.sh
+++ b/scripts/memory.sh
@@ -52,6 +52,8 @@
scripts/config.pl unset $FLAG
done
+ grep -F SSL_MAX_CONTENT_LEN $CONFIG_H || echo 'SSL_MAX_CONTENT_LEN=16384'
+
printf " Executable size... "
make clean