mbed TLS 2.1.0 发布,遵循 Apache 2.0

jopen 9年前

PolarSSL 源码,也许是最小巧的ssl代码库。高效、便于移植和集成。尤其适合嵌入式应用。

目前 PolarSSL 已经被 ARM 公司收购,并改名为 mbed TLS。许可证也由 GPL 改为 Apache。

mbed TLS 2.1.0 发布,此版本遵循 Apache 2.0 协议。此版本是首次作为 mbed OS 的 yotta module

因为某些项目只能使用 GPL 协议,所以同时提供 Apache 协议和 GPL 协议的 mbed TLS 版本。

下载:

Apache: mbedtls-2.1.0-apache.tgz

mbedtls-2.1.0-apache.tgz : 

SHA-1  : 13fcb4858145e972f8abaedf029ceb5c8461408e  SHA-256: debd652ecf621ba3eea32c4a7eefb4c477d014d651f8ac117696e46ddaaf1b55

GPL:mbedtls-2.1.0-gpl.tgz

mbedtls-2.1.0-gpl.tgz: 

SHA-1  : 4edf1f42871b5e2c68a86320da778cb16f173b04  SHA-256: b61b5fe6aa33ed365289478ac48f1496b97eef0fb813295e534e0c2bd435dcfc

此版本主要改进如下:

新特性
   * Added support for yotta as a build system.
   * Primary open source license changed to Apache 2.0 license.

Bug 修复
   * Fix segfault in the benchmark program when benchmarking DHM.
   * Fix build error with CMake and pre-4.5 versions of GCC (found by Hugo
     Leisink).
   * Fix bug when parsing a ServerHello without extensions (found by David
     Sears).
   * Fix bug in CMake lists that caused libmbedcrypto.a not to be installed
     (found by Benoit Lecocq).
   * Fix bug in Makefile that caused libmbedcrypto and libmbedx509 not to be
     installed (found by Rawi666).
   * Fix compile error with armcc 5 with --gnu option.
   * Fix bug in Makefile that caused programs not to be installed correctly
     (found by robotanarchy) (#232).
   * Fix bug in Makefile that prevented from installing without building the
     tests (found by robotanarchy) (#232).
   * Fix missing -static-libgcc when building shared libraries for Windows
     with make.
   * Fix link error when building shared libraries for Windows with make.
   * Fix error when loading libmbedtls.so.
   * Fix bug in mbedtls_ssl_conf_default() that caused the default preset to
     be always used (found by dcb314) (#235)
   * Fix bug in mbedtls_rsa_public() and mbedtls_rsa_private() that could
     result trying to unlock an unlocked mutex on invalid input (found by
     Fredrik Axelsson) (#257)
   * Fix -Wshadow warnings (found by hnrkp) (#240)
   * Fix memory corruption on client with overlong PSK identity, around
     SSL_MAX_CONTENT_LEN or higher - not triggerrable remotely (found by
     Aleksandrs Saveljevs) (#238)
   * Fix unused function warning when using MBEDTLS_MDx_ALT or
     MBEDTLS_SHAxxx_ALT (found by Henrik) (#239)
   * Fix memory corruption in pkey programs (found by yankuncheng) (#210)

改进
   * The PEM parser now accepts a trailing space at end of lines (#226).
   * It is now possible to #include a user-provided configuration file at the
     end of the default config.h by defining MBEDTLS_USER_CONFIG_FILE on the
     compiler's command line.
   * When verifying a certificate chain, if an intermediate certificate is
     trusted, no later cert is checked. (suggested by hannes-landeholm)
     (#220).
   * Prepend a "thread identifier" to debug messages (issue pointed out by
     Hugo Leisink) (#210).
   * Add mbedtls_ssl_get_max_frag_len() to query the current maximum fragment
     length.

更多内容请看发行说明


来自:http://www.oschina.net/news/65958/mbed-tls-2-1-0