mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-11-12 18:15:02 +00:00
d3d02900f2
Look for changes that remove X509/SSL functionality.
```
git diff 'HEAD^{/^Merge}~1' HEAD --diff-filter=M -- . ':!library/error.c' ':!library/version_features.c' ':!programs/test/query_config.c' ':!visualc' ':!*.pdf' ':!*.der' | grep -E "^-.*MBEDTLS_(ERR_)?(PKCS11|X509|NET|SSL)_"
```
All of these removals are in `config.h` or `check_config.h`. Selectively revert the differences in these two files.
```
git diff 'HEAD^{/^Merge}~1' 'HEAD^{/^Merge}' include/mbedtls/config.h include/mbedtls/check_config.h | git apply -p1 -R
```
* `include/mbedtls/check_config.h`:
* ARIA for GCM: don't remove it.
* `MBEDTLS_PSA_CRYPTO_SE_C`: don't remove it.
* `MBEDTLS_SHA512_NO_SHA384`: don't remove it.
* `MBEDTLS_SSL_DTLS_CONNECTION_ID`: restore it.
* `include/mbedtls/config.h`:
* warning about `MBEDTLS_ECDSA_SIGN_ALT`: don't remove it.
* `MBEDTLS_CTR_DRBG_USE_128_BIT_KEY` full paragraph: don't remove it.
* `MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER`: don't remove it.
* `MBEDTLS_SHA512_SMALLER`…: don't remove it.
* `MBEDTLS_SSL_RECORD_CHECKING`: restore it.
* `MBEDTLS_SSL_CONTEXT_SERIALIZATION`: restore it.
* `MBEDTLS_USE_PSA_CRYPTO` note: don't restore the tls version.
* `MBEDTLS_USE_PSA_CRYPTO` warning: restore the tls version.
* `MBEDTLS_CMAC_C`: restore it to being disabled by default. It's a minor API change in Mbed TLS because it changes the layout of `mbedtls_cipher_context_t`.
* `MBEDTLS_CTR_DRBG_C`: don't restore the older version of the description from tls.
* `MBEDTLS_GCM_C`: don't restore the older description from tls.
* `MBEDTLS_PSA_CRYPTO_C`: don't restore `crypto/`.
* `MBEDTLS_PSA_CRYPTO_SE_C`: don't remove it.
* `MBEDTLS_PSA_CRYPTO_STORAGE_C`: don't restore `crypto/`. Don't disable it by default.
* `MBEDTLS_PSA_ITS_FILE_C`: don't restore, like for ``MBEDTLS_PSA_CRYPTO_STORAGE_C``.
* `MBEDTLS_CTR_DRBG_USE_128_BIT_KEY` single line: don't restore it since there is now a full paragraph in the proper section above.
* `MBEDTLS_SSL_CID_IN_LEN_MAX`…: restore it.
* `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES`: restore the version without a space to format the line like the others.
|
||
|---|---|---|
| .. | ||
| aes.h | ||
| aesni.h | ||
| arc4.h | ||
| aria.h | ||
| asn1.h | ||
| asn1write.h | ||
| base64.h | ||
| bignum.h | ||
| blowfish.h | ||
| bn_mul.h | ||
| camellia.h | ||
| ccm.h | ||
| certs.h | ||
| chacha20.h | ||
| chachapoly.h | ||
| check_config.h | ||
| cipher.h | ||
| cipher_internal.h | ||
| cmac.h | ||
| compat-1.3.h | ||
| config.h | ||
| ctr_drbg.h | ||
| debug.h | ||
| des.h | ||
| dhm.h | ||
| ecdh.h | ||
| ecdsa.h | ||
| ecjpake.h | ||
| ecp.h | ||
| ecp_internal.h | ||
| entropy.h | ||
| entropy_poll.h | ||
| error.h | ||
| gcm.h | ||
| havege.h | ||
| hkdf.h | ||
| hmac_drbg.h | ||
| md.h | ||
| md2.h | ||
| md4.h | ||
| md5.h | ||
| md_internal.h | ||
| memory_buffer_alloc.h | ||
| net.h | ||
| net_sockets.h | ||
| nist_kw.h | ||
| oid.h | ||
| padlock.h | ||
| pem.h | ||
| pk.h | ||
| pk_internal.h | ||
| pkcs5.h | ||
| pkcs11.h | ||
| pkcs12.h | ||
| platform.h | ||
| platform_time.h | ||
| platform_util.h | ||
| poly1305.h | ||
| psa_util.h | ||
| ripemd160.h | ||
| rsa.h | ||
| rsa_internal.h | ||
| sha1.h | ||
| sha256.h | ||
| sha512.h | ||
| ssl.h | ||
| ssl_cache.h | ||
| ssl_ciphersuites.h | ||
| ssl_cookie.h | ||
| ssl_internal.h | ||
| ssl_ticket.h | ||
| threading.h | ||
| timing.h | ||
| version.h | ||
| x509.h | ||
| x509_crl.h | ||
| x509_crt.h | ||
| x509_csr.h | ||
| xtea.h | ||