diff --git a/ChangeLog b/ChangeLog index 2da6a2ad3..b61c2c585 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,11 @@ mbed TLS ChangeLog (Sorted per branch, date) += mbed TLS 1.3.13 reladsed 2015-??-?? + +Bugfix + * Setting SSL_MIN_DHM_BYTES in config.h had no effect (overriden in ssl.h) + (found by Fabio Solari) (#256) + = mbed TLS 1.3.12 released 2015-08-11 Security diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index 9c6a0c5b0..1f9f8be63 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -287,7 +287,9 @@ * The default is 1024 bits (128 bytes) for compatibility reasons. * From a purely security perspective, 2048 bits would be better. */ +#if !defined(SSL_MIN_DHM_BYTES) #define SSL_MIN_DHM_BYTES 128 /**< Min size of the Diffie-Hellman prime */ +#endif /* \} name SECTION: Module settings */ /*