Merge pull request #4325 from gilles-peskine-arm/dhm_min_bitlen-bits-2.16

Backport 2.16: Enforce dhm_min_bitlen exactly

ChangeLog.d/dhm_min_bitlen.txt

@@ -0,0 +1,4 @@
+Bugfix
+   * In a TLS client, enforce the Diffie-Hellman minimum parameter size
+     set with mbedtls_ssl_conf_dhm_min_bitlen() precisely. Before, the
+     minimum size was rounded down to the nearest multiple of 8.