mbed TLS 2.1.0 发布,此版本遵循 Apache 2.0 协议。此版本是首次作为 mbed OS 的yotta module。
因为某些项目只能使用 GPL 协议,所以同时提供 Apache 协议和 GPL 协议的 mbed TLS 版本。
下载:
Apache: mbedtls-2.1.0-apache.tgz
mbedtls-2.1.0-apache.tgz :
SHA-1 : 13fcb4858145e972f8abaedf029ceb5c8461408e SHA-256: debd652ecf621ba3eea32c4a7eefb4c477d014d651f8ac117696e46ddaaf1b55
mbedtls-2.1.0-gpl.tgz:
SHA-1 : 4edf1f42871b5e2c68a86320da778cb16f173b04 SHA-256: b61b5fe6aa33ed365289478ac48f1496b97eef0fb813295e534e0c2bd435dcfc
此版本主要改进如下:
新特性
* Added support for yotta as a build system.
* Primary open source license changed to Apache 2.0 license.
Bug 修复
* Fix segfault in the benchmark program when benchmarking DHM.
* Fix build error with CMake and pre-4.5 versions of GCC (found by Hugo
Leisink).
* Fix bug when parsing a ServerHello without extensions (found by David
Sears).
* Fix bug in CMake lists that caused libmbedcrypto.a not to be installed
(found by Benoit Lecocq).
* Fix bug in Makefile that caused libmbedcrypto and libmbedx509 not to be
installed (found by Rawi666).
* Fix compile error with armcc 5 with –gnu option.
* Fix bug in Makefile that caused programs not to be installed correctly
(found by robotanarchy) (#232).
* Fix bug in Makefile that prevented from installing without building the
tests (found by robotanarchy) (#232).
* Fix missing -static-libgcc when building shared libraries for Windows
with make.
* Fix link error when building shared libraries for Windows with make.
* Fix error when loading libmbedtls.so.
* Fix bug in mbedtls_ssl_conf_default() that caused the default preset to
be always used (found by dcb314) (#235)
* Fix bug in mbedtls_rsa_public() and mbedtls_rsa_private() that could
result trying to unlock an unlocked mutex on invalid input (found by
Fredrik Axelsson) (#257)
* Fix -Wshadow warnings (found by hnrkp) (#240)
* Fix memory corruption on client with overlong PSK identity, around
SSL_MAX_CONTENT_LEN or higher – not triggerrable remotely (found by
Aleksandrs Saveljevs) (#238)
* Fix unused function warning when using MBEDTLS_MDx_ALT or
MBEDTLS_SHAxxx_ALT (found by Henrik) (#239)
* Fix memory corruption in pkey programs (found by yankuncheng) (#210)
改进
* The PEM parser now accepts a trailing space at end of lines (#226).
* It is now possible to #include a user-provided configuration file at the
end of the default config.h by defining MBEDTLS_USER_CONFIG_FILE on the
compiler’s command line.
* When verifying a certificate chain, if an intermediate certificate is
trusted, no later cert is checked. (suggested by hannes-landeholm)
(#220).
* Prepend a “thread identifier” to debug messages (issue pointed out by
Hugo Leisink) (#210).
* Add mbedtls_ssl_get_max_frag_len() to query the current maximum fragment
length.
更多内容请看发行说明。
PolarSSL 源码,也许是最小巧的ssl代码库。高效、便于移植和集成。尤其适合嵌入式应用。
目前 PolarSSL 已经被 ARM 公司收购,并改名为 mbed TLS。许可证也由 GPL 改为 Apache。