ustream-mbedtls: add missing psa_crypto_init call

Required for a few features, including TLS1.3 on newer mbedtls versions

Signed-off-by: Felix Fietkau <nbd@nbd.name>

diff --git a/ustream-mbedtls.c b/ustream-mbedtls.c
index 18ffe065a5eb891603ef257b1e9493fb451ccb63..13785ce6e587dd1be9d400ad7ab37bfc4299cf41 100644 (file)
--- a/ustream-mbedtls.c
+++ b/ustream-mbedtls.c
@@ -25,6 +25,7 @@
 
 #include "ustream-ssl.h"
 #include "ustream-internal.h"
+#include <psa/crypto.h>
 
 static int s_ustream_read(void *ctx, unsigned char *buf, size_t len)
 {
@@ -136,6 +137,13 @@ __ustream_ssl_context_new(bool server)
        mbedtls_ssl_config *conf;
        int ep;
 
+#ifdef MBEDTLS_PSA_CRYPTO_C
+       static bool psa_init;
+
+       if (!psa_init && !psa_crypto_init())
+               psa_init = true;
+#endif
+
        ctx = calloc(1, sizeof(*ctx));
        if (!ctx)
                return NULL;