Merge pull request #102964 from akien-mga/mbedtls-2.28-compat

mbedtls: Don't set TLS max version on Mbed TLS < 3.0

doc/classes/ProjectSettings.xml

@@ -2207,6 +2207,7 @@
 		<member name="network/tls/enable_tls_v1.3" type="bool" setter="" getter="" default="false">
 			If [code]true[/code], enable TLSv1.3 negotiation.
 			[b]Note:[/b] This is experimental, and may cause connections to fail in some cases (notably, if the remote server uses TLS handshake fragmentation).
+			[b]Note:[/b] Only supported when using Mbed TLS 3.0 or later (Linux distribution packages may be compiled against older system Mbed TLS packages), otherwise the maximum supported TLS version is always TLSv1.2.
 		</member>
 		<member name="physics/2d/default_angular_damp" type="float" setter="" getter="" default="1.0">
 			The default rotational motion damping in 2D. Damping is used to gradually slow down physical objects over time. RigidBodies will fall back to this value when combining their own damping values and no area damping value is present.

modules/mbedtls/tls_context_mbedtls.cpp

@@ -147,9 +147,11 @@ Error TLSContextMbedTLS::init_server(int p_transport, Ref<TLSOptions> p_options,
 		mbedtls_ssl_conf_dtls_cookies(&conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, &(cookies->cookie_ctx));
 	}
 
+#if MBEDTLS_VERSION_MAJOR >= 3
 	if (Engine::get_singleton()->is_editor_hint() || !(bool)GLOBAL_GET("network/tls/enable_tls_v1.3")) {
 		mbedtls_ssl_conf_max_tls_version(&conf, MBEDTLS_SSL_VERSION_TLS1_2);
 	}
+#endif
 
 	mbedtls_ssl_setup(&tls, &conf);
 	return OK;
@@ -194,9 +196,11 @@ Error TLSContextMbedTLS::init_client(int p_transport, const String &p_hostname,
 		}
 	}
 
+#if MBEDTLS_VERSION_MAJOR >= 3
 	if (Engine::get_singleton()->is_editor_hint() || !(bool)GLOBAL_GET("network/tls/enable_tls_v1.3")) {
 		mbedtls_ssl_conf_max_tls_version(&conf, MBEDTLS_SSL_VERSION_TLS1_2);
 	}
+#endif
 
 	// Set valid CAs
 	mbedtls_ssl_conf_ca_chain(&conf, &(cas->cert), nullptr);