)]}'
{
  "commit": "b99bd39b4ea131e873b580736c256c0b248d0bf2",
  "tree": "1539b12d748b6c9f8e0dcc319de6179755b060f2",
  "parents": [
    "9a9d7ba42bd29bfbf29a8b0b689ec6dab0f0ca8f",
    "43aa905d1e0c5c3e8fbec98adc496bcd7d46b51f"
  ],
  "author": {
    "name": "Gilles Peskine",
    "email": "Gilles.Peskine@arm.com",
    "time": "Thu Mar 19 15:38:54 2020 +0100"
  },
  "committer": {
    "name": "Gilles Peskine",
    "email": "Gilles.Peskine@arm.com",
    "time": "Mon Mar 23 17:54:46 2020 +0100"
  },
  "message": "Merge mbed-crypto into mbedtls: the merge commit\n\nMerge `unremove-non-crypto` into `mbedtls/development`. The branch\n`unremove-non-crypto` was obtained by starting from `mbed-crypto/development`,\nthen reverting many commits that removed X.509 and TLS functionality when Mbed\nCrypto forked from Mbed TLS (the “unremoval”), then make a few tweaks to\nfacilitate the merge.\n\nThe unremoval step restored old versions of some tls files. If a file doesn\u0027t\nexist in mbed-crypto, check out the mbedtls version, regardless of what\nhappened during the unremoval of tls files in the crypto tree. Also\nunconditionally take the mbedtls version of a few files where the\nmodifications are completely project-specific and are not relevant in\nmbed-crypto:\n\n* `.github/issue_template.md`: completely different. We may want to reconcile\n  them independently as a follow-up.\n* `.travis.yml`: would only be reverted to an earlier tls version.\n* `README.md`: completely different. We may want to reconcile them\n  independently as a follow-up.\n* `doxygen/input/doc_mainpage.h`: the changes in crypto were minimal and not\n  relevant except as a stopgap as mbed-crypto did not have its own product\n  versioning in the Doxygen documentation.\n* `tests/.jenkins/Jenkinsfile`: completely different.\n* `tests/data_files/Makefile`: there were no changes in mbed-crypto,\n  but the unremoval step restored an old version.\n\nShell script for everything to do after the merge apart from the conflict\nresolution:\n```\ntls_files\u003d($(comm -23 \u003c(git ls-tree -r --name-only HEAD) \u003c(git ls-tree -r --name-only $(git merge-base upstream-crypto/development MERGE_HEAD))))\ntls_files+\u003d($tls_files .github/issue_template.md .travis.yml README.md doxygen/input/doc_mainpage.h tests/.jenkins/Jenkinsfile tests/data_files/Makefile)\ngit checkout --theirs HEAD -- $tls_files\ngit add -- $tls_files\n```\n\nResolve the remaining conflicts:\n\n* `library/CMakeLists.txt`:\n    * Keep the TLS definition of `src_crypto`\n    * `USE_SHARED_MBEDTLS_LIBRARY`: keep all three libraries, with both\n      `include` and `crypto/include` in `target_include_directories`, all with\n      version `2.21.0`.\n* `programs/Makefile`:\n    * Reconcile the APPS lists (add/add from a differently-formatted common\n      ancestor): insert the `psa/*` from crypto into the tls list.\n    * Keep the `fuzz` target defined only in tls version.\n    * Keep the recipe (only in tls version) cleaning `ssl_pthread_server`\n      stuff for the `clean` target.\n* `scripts/config.py`:\n    * `include_in_full`: add/add conflict. Keep both.\n* `tests/scripts/all.sh`:\n    * `component_test_no_use_psa_crypto_full_cmake_asan`: partially old\n      version in crypto. Take the tls version.\n    * `component_test_malloc_0_null` and more: take\n      `component_test_malloc_0_null` from crypto (with `config.py` rather than\n      `config.pl`, and with `$ASAN_FLAGS` rather than an explicit list), but\n      add the call to `ssl-opt.sh` from tls. Take the other components from\n      crypto.\n\nWith this commit, building and running the unit tests with both `make ` and\n`cmake` work in the default configuration on Linux. Other platforms, build\nsystems and configurations are likely not to work, and there is some\nregression in test coverage.\n\nThere is some loss of functionality because the unremoval step restored older\nversions of tls content. This commit contains the latest tls version of\ntls-only files, but some changes from the tls side in files that existed on\nboth sides have regressed. Most problematic changes are hunks that remove some\ntls-specific feature and contain either a C preprocessor symbol identifying a\ntls-specific module or option, or the name of a tls-specific file. Hunks\nthat remove a tls-specific preprocessor symbol can be identified with the\nregular expression `^-.*MBEDTLS_(ERR_)?(PKCS11|X509|NET|SSL)_`.\n\nSubsequent commits will revert a few parts of the patch from this merge commit\nin order to restore the tls functionality that it removes, ensure that the\ntest coverage includes what was covered in either branch, and fix test\nfailures.\n",
  "tree_diff": []
}