From 6ad25f991d4bcde1d952e9d0a606398bfce166c0 Mon Sep 17 00:00:00 2001 From: Laukik Hase Date: Tue, 17 May 2022 14:28:12 +0530 Subject: [PATCH] https_mbedtls: Prefer TLS 1.3 connection when enabled over TLS 1.2 Closes https://github.com/espressif/esp-idf/issues/8960 --- .../https_mbedtls/main/https_mbedtls_example_main.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/examples/protocols/https_mbedtls/main/https_mbedtls_example_main.c b/examples/protocols/https_mbedtls/main/https_mbedtls_example_main.c index a04cb51691..97f2f0dae5 100644 --- a/examples/protocols/https_mbedtls/main/https_mbedtls_example_main.c +++ b/examples/protocols/https_mbedtls/main/https_mbedtls_example_main.c @@ -121,6 +121,11 @@ static void https_get_task(void *pvParameters) mbedtls_esp_enable_debug_log(&conf, CONFIG_MBEDTLS_DEBUG_LEVEL); #endif +#ifdef CONFIG_MBEDTLS_SSL_PROTO_TLS1_3 + mbedtls_ssl_conf_min_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4); + mbedtls_ssl_conf_max_version(&conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4); +#endif + if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { ESP_LOGE(TAG, "mbedtls_ssl_setup returned -0x%x\n\n", -ret);