Diff below brings mbedtls to 2.14.0, which brings some new features, and fixes some security issues and bugs. Details can be found at https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.0-2.7.7-and-2.1.16-released
Major number of the three shared libs have been bumped as symbols have been removed (and a couple of new ones have been added). 'make test' runs successfully on amd64, and I have seen no complaints from its consumers. OK? Index: Makefile =================================================================== RCS file: /cvs/ports/security/polarssl/Makefile,v retrieving revision 1.24 diff -u -p -r1.24 Makefile --- Makefile 8 Oct 2018 11:58:07 -0000 1.24 +++ Makefile 26 Nov 2018 06:09:04 -0000 @@ -2,13 +2,13 @@ COMMENT= SSL library with an intuitive API and readable source code -DISTNAME= mbedtls-2.13.0 +DISTNAME= mbedtls-2.14.0 EXTRACT_SUFX= -gpl.tgz # check SOVERSION -SHARED_LIBS += mbedtls 5.0 # 12 -SHARED_LIBS += mbedcrypto 3.0 # 3 -SHARED_LIBS += mbedx509 2.0 # 0 +SHARED_LIBS += mbedtls 6.0 # 12 +SHARED_LIBS += mbedcrypto 4.0 # 3 +SHARED_LIBS += mbedx509 3.0 # 0 CATEGORIES= security Index: distinfo =================================================================== RCS file: /cvs/ports/security/polarssl/distinfo,v retrieving revision 1.16 diff -u -p -r1.16 distinfo --- distinfo 2 Oct 2018 15:13:04 -0000 1.16 +++ distinfo 26 Nov 2018 06:09:04 -0000 @@ -1,2 +1,2 @@ -SHA256 (mbedtls-2.13.0-gpl.tgz) = oI3fCKrlX8T0j7xigfywi8XFPtU//RU1XuDXXsMrU64= -SIZE (mbedtls-2.13.0-gpl.tgz) = 2419726 +SHA256 (mbedtls-2.14.0-gpl.tgz) = fGLsAqV348ygHujNFh4eNpU3cUoUjvqv55iHudlVppE= +SIZE (mbedtls-2.14.0-gpl.tgz) = 2471418 Index: patches/patch-CMakeLists_txt =================================================================== RCS file: /cvs/ports/security/polarssl/patches/patch-CMakeLists_txt,v retrieving revision 1.7 diff -u -p -r1.7 patch-CMakeLists_txt --- patches/patch-CMakeLists_txt 2 Oct 2018 15:13:04 -0000 1.7 +++ patches/patch-CMakeLists_txt 26 Nov 2018 06:09:04 -0000 @@ -2,7 +2,7 @@ $OpenBSD: patch-CMakeLists_txt,v 1.7 201 Index: CMakeLists.txt --- CMakeLists.txt.orig +++ CMakeLists.txt -@@ -108,8 +108,6 @@ if(CMAKE_COMPILER_IS_GNU) +@@ -125,8 +125,6 @@ if(CMAKE_COMPILER_IS_GNU) if (GCC_VERSION VERSION_GREATER 4.8 OR GCC_VERSION VERSION_EQUAL 4.8) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wshadow") endif() @@ -11,7 +11,7 @@ Index: CMakeLists.txt set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage") set(CMAKE_C_FLAGS_ASAN "-Werror -fsanitize=address -fno-common -O3") set(CMAKE_C_FLAGS_ASANDBG "-Werror -fsanitize=address -fno-common -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls ") -@@ -119,8 +117,6 @@ endif(CMAKE_COMPILER_IS_GNU) +@@ -136,8 +134,6 @@ endif(CMAKE_COMPILER_IS_GNU) if(CMAKE_COMPILER_IS_CLANG) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -W -Wdeclaration-after-statement -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow") Index: patches/patch-include_mbedtls_config_h =================================================================== RCS file: /cvs/ports/security/polarssl/patches/patch-include_mbedtls_config_h,v retrieving revision 1.6 diff -u -p -r1.6 patch-include_mbedtls_config_h --- patches/patch-include_mbedtls_config_h 8 Aug 2018 12:51:09 -0000 1.6 +++ patches/patch-include_mbedtls_config_h 26 Nov 2018 06:09:04 -0000 @@ -6,7 +6,7 @@ www/hiawatha. Index: include/mbedtls/config.h --- include/mbedtls/config.h.orig +++ include/mbedtls/config.h -@@ -1549,7 +1549,7 @@ +@@ -1582,7 +1582,7 @@ * * Uncomment this to enable pthread mutexes. */ @@ -15,7 +15,7 @@ Index: include/mbedtls/config.h /** * \def MBEDTLS_VERSION_FEATURES -@@ -2739,7 +2739,7 @@ +@@ -2774,7 +2774,7 @@ * * Enable this layer to allow use of mutexes within mbed TLS */