Update Mbed TLS feature to 2.18.0-rc2

2019-05-27 13:56:47 +02:00 · 2019-05-27 13:56:47 +02:00 · 948d4379d8
parent 303d0f0c0c
commit 948d4379d8
4 changed files with 13 additions and 6 deletions
--- a/features/mbedtls/VERSION.txt
+++ b/features/mbedtls/VERSION.txt
@ -1 +1 @@
-mbedtls-2.18.0-rc1
+mbedtls-2.18.0-rc2
--- a/features/mbedtls/importer/Makefile
+++ b/features/mbedtls/importer/Makefile
@ -27,7 +27,7 @@
 #

 # Set the mbed TLS release to import (this can/should be edited before import)
-MBED_TLS_RELEASE ?= mbedtls-2.18.0-rc1
+MBED_TLS_RELEASE ?= mbedtls-2.18.0-rc2
 MBED_TLS_REPO_URL ?= git@github.com:ARMmbed/mbedtls-restricted.git

 # Translate between mbed TLS namespace and mbed namespace
--- a/features/mbedtls/inc/mbedtls/ssl.h
+++ b/features/mbedtls/inc/mbedtls/ssl.h
@ -2820,13 +2820,19 @@ void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf,

 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
 /**
- * \brief          Set the maximum fragment length to emit and/or negotiate
- *                 (Default: the smaller of MBEDTLS_SSL_IN_CONTENT_LEN and
- *                 MBEDTLS_SSL_OUT_CONTENT_LEN, usually 2^14 bytes)
+ * \brief          Set the maximum fragment length to emit and/or negotiate.
+ *                 (Typical: the smaller of #MBEDTLS_SSL_IN_CONTENT_LEN and
+ *                 #MBEDTLS_SSL_OUT_CONTENT_LEN, usually `2^14` bytes)
 *                 (Server: set maximum fragment length to emit,
- *                 usually negotiated by the client during handshake
+ *                 usually negotiated by the client during handshake)
 *                 (Client: set maximum fragment length to emit *and*
 *                 negotiate with the server during handshake)
+ *                 (Default: #MBEDTLS_SSL_MAX_FRAG_LEN_NONE)
+ *
+ * \note           On the client side, the maximum fragment length extension
+ *                 *will not* be used, unless the maximum fragment length has
+ *                 been set via this function to a value different than
+ *                 #MBEDTLS_SSL_MAX_FRAG_LEN_NONE.
 *
 * \note           With TLS, this currently only affects ApplicationData (sent
 *                 with \c mbedtls_ssl_read()), not handshake messages.
--- a/features/mbedtls/src/x509_crt.c
+++ b/features/mbedtls/src/x509_crt.c
@ -681,6 +681,7 @@ static int x509_get_subject_alt_name( unsigned char **p,
                                          sizeof( mbedtls_x509_sequence ) );
                mbedtls_free( seq_prv );
            }
+            subject_alt_name->next = NULL;
            return( ret );
        }