Fix language in Changelog for clarity

2017-08-10 10:48:01 +01:00 · 2017-08-10 10:48:01 +01:00 · 01971d094e
commit 01971d094e
parent 85b602e5d0
1 changed files with 12 additions and 13 deletions
--- a/25
+++ b/25
@ -3,11 +3,11 @@ mbed TLS ChangeLog (Sorted per branch, date)
 = mbed TLS x.x.x branch released xxxx-xx-xx

 Security
-   * Fix authentication bypass in SSL/TLS: when auth_mode is set to optional,
+   * Fix authentication bypass in SSL/TLS: when authmode is set to optional,
     mbedtls_ssl_get_verify_result() would incorrectly return 0 when the peer's
     X.509 certificate chain had more than MBEDTLS_X509_MAX_INTERMEDIATE_CA
-     (default: 8) intermediates, even when it was not trusted. Could be
-     triggered remotely on both sides. (With auth_mode set to 'required'
+     (default: 8) intermediates, even when it was not trusted. This could be
+     triggered remotely from either side. (With authmode set to 'required'
     (the default), the handshake was correctly aborted).
   * Reliably wipe sensitive data after use in the AES example applications
     programs/aes/aescrypt2 and programs/aes/crypt_and_hash.
@ -19,8 +19,8 @@ Features
     platform-specific setup and teardown operations. The macro
     MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT allows the functions to be overridden
     by the user in a platform_alt.h file. These new functions are required in
-     some embedded environments to provide a means to initialise underlying
-     hardware acceleration.
+     some embedded environments to provide a means of initialising underlying
+     cryptographic acceleration hardware.

 API Changes
   * Reverted API/ABI breaking changes introduced in mbed TLS 2.5.1, to make the
@ -31,19 +31,18 @@ API Changes
   * Certificate verification functions now set flags to -1 in case the full
     chain was not verified due to an internal error (including in the verify
     callback) or chain length limitations.
-   * With authmode set to optional, handshake is now aborted if the
+   * With authmode set to optional, the TLS handshake is now aborted if the
     verification of the peer's certificate failed due to an overlong chain or
-     a fatal error in the vrfy callback.
+     a fatal error in the verify callback.

 Bugfix
-   * Add a check if iv_len is zero, and return an error if it is zero. Reported
-     by roberto. #716
-   * Replace preproccessor condition from #if defined(MBEDTLS_THREADING_PTHREAD)
+   * Add a check if iv_len is zero in GCM, and return an error if it is zero.
+     Reported by roberto. #716
+   * Replace preprocessor condition from #if defined(MBEDTLS_THREADING_PTHREAD)
     to #if defined(MBEDTLS_THREADING_C) as the library cannot assume they will
     always be implemented by pthread support. #696
-   * Fix resource leak on windows platform, in mbedtls_x509_crt_parse_path.
-     In case of failure, when an error occures, goto cleanup.
-     Found by redplait. #590
+   * Fix a resource leak on Windows platforms in mbedtls_x509_crt_parse_path(),
+     in the case of an error. Found by redplait. #590
   * Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random.
     Reported and fix suggested by guidovranken. #740
   * Fix conditional preprocessor directives in bignum.h to enable 64-bit