godotengine/godot
1
0
Fork 0
mirror of https://github.com/godotengine/godot.git synced 2025-11-04 12:00:25 +00:00
Code Releases Wiki Activity

mbedtls: Don't set TLS max version on Mbed TLS < 3.0

Browse Source 
Relevant for Linux distribution packages which may link against system Mbed TLS.

Fixes #102957.
This commit is contained in:
Rémi Verschelde
2025-02-17 17:51:08 +01:00
parent 93d2706930
commit 5f8b5a34c6
2 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
modules/mbedtls/tls_context_mbedtls.cpp
View File

@@ -147,9 +147,11 @@ Error TLSContextMbedTLS::init_server(int p_transport, Ref<TLSOptions> p_options,
mbedtls_ssl_conf_dtls_cookies(&conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, &(cookies->cookie_ctx));
}
#if MBEDTLS_VERSION_MAJOR >= 3
if (Engine::get_singleton()->is_editor_hint() || !(bool)GLOBAL_GET("network/tls/enable_tls_v1.3")) {
mbedtls_ssl_conf_max_tls_version(&conf, MBEDTLS_SSL_VERSION_TLS1_2);
}
#endif
mbedtls_ssl_setup(&tls, &conf);
return OK;
@@ -194,9 +196,11 @@ Error TLSContextMbedTLS::init_client(int p_transport, const String &p_hostname,
}
}
#if MBEDTLS_VERSION_MAJOR >= 3
if (Engine::get_singleton()->is_editor_hint() || !(bool)GLOBAL_GET("network/tls/enable_tls_v1.3")) {
mbedtls_ssl_conf_max_tls_version(&conf, MBEDTLS_SSL_VERSION_TLS1_2);
}
#endif
// Set valid CAs
mbedtls_ssl_conf_ca_chain(&conf, &(cas->cert), nullptr);