commit f9734b35b53fd9707ed3c44925f06068a2c442b6
author Hanno Becker <hanno.becker@arm.com> Tue Oct 03 12:09:22 2017 +0100
committer Hanno Becker <hanno.becker@arm.com> Tue Oct 03 12:09:22 2017 +0100
tree d48f79fb295d1c34f1b0e9f88bfc9697137cfd9e
parent f240ea0b50c16dcae781c23294eba2468fdd59c2

Change wording of warnings

include/mbedtls/config.h

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index b490e33..cff9391 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -619,11 +619,11 @@
  *      MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
  *      MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
  *
- * \warning    The possibility for the use of custom groups
- *             in the use of DHM in TLS constitutes a security
- *             risk. If possible, it is recommended to use
- *             EC-based key exchanges instead. See the documentation
- *             at the top of dhm.h for more information.
+ * \warning    Using DHE constitutes a security risk as it
+ *             is not possible to validate custom DH parameters.
+ *             If possible, it is recommended users should consider
+ *             preferring other methods of key exchange.
+ *             See dhm.h for more details.
  *
  */
 #define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
@@ -725,11 +725,11 @@
  *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
  *      MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  *
- * \warning    The possibility for the use of custom groups
- *             in the use of DHM in TLS constitutes a security
- *             risk. If possible, it is recommended to use
- *             EC-based key exchanges instead. See the documentation
- *             at the top of dhm.h for more information.
+ * \warning    Using DHE constitutes a security risk as it
+ *             is not possible to validate custom DH parameters.
+ *             If possible, it is recommended users should consider
+ *             preferring other methods of key exchange.
+ *             See dhm.h for more details.
  *
  */
 #define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
@@ -1850,11 +1850,11 @@
  * This module is used by the following key exchanges:
  *      DHE-RSA, DHE-PSK
  *
- * \warning    The possibility for the use of custom groups
- *             in the use of DHM in TLS constitutes a security
- *             risk. If possible, it is recommended to use
- *             EC-based key exchanges instead. See the documentation
- *             at the top of dhm.h for more information.
+ * \warning    Using DHE constitutes a security risk as it
+ *             is not possible to validate custom DH parameters.
+ *             If possible, it is recommended users should consider
+ *             preferring other methods of key exchange.
+ *             See dhm.h for more details.
  *
  */
 #define MBEDTLS_DHM_C