mbedtls: disable TLS 1.3 in client mode when skipping verification

mbedtls currently forces verification for TLS 1.3 client connections.
At some point in the future, this can probably be worked around with an
extra callback, but for now disabling TLS 1.3 is the only way.

Signed-off-by: Felix Fietkau <nbd@nbd.name>

diff --git a/ustream-mbedtls.c b/ustream-mbedtls.c
index c2eb2d4a8bc09f4a345d0476246a4b692f1a8504..73c4a5eee1be378b0062ef5408a3a5e0fa4ee424 100644 (file)
--- a/ustream-mbedtls.c
+++ b/ustream-mbedtls.c
@@ -350,6 +350,10 @@ __hidden int __ustream_ssl_set_require_validation(struct ustream_ssl_ctx *ctx, b
        if (!require)
                mode = MBEDTLS_SSL_VERIFY_NONE;
 
+       /* force TLS 1.2 when not requiring validation for now */
+       if (!require && !ctx->server)
+               mbedtls_ssl_conf_max_version(&ctx->conf, MBEDTLS_SSL_MAJOR_VERSION_3,
+                                            MBEDTLS_SSL_MINOR_VERSION_3);
        mbedtls_ssl_conf_authmode(&ctx->conf, mode);
 
        return 0;