1Bugfix 2 * Fixed a regression introduced in 3.6.0 where the CA callback set with 3 mbedtls_ssl_conf_ca_cb() would stop working when connections were 4 upgraded to TLS 1.3. Fixed by adding support for the CA callback with TLS 5 1.3. 6 * Fixed a regression introduced in 3.6.0 where clients that relied on 7 optional/none authentication mode, by calling mbedtls_ssl_conf_authmode() 8 with MBEDTLS_SSL_VERIFY_OPTIONAL or MBEDTLS_SSL_VERIFY_NONE, would stop 9 working when connections were upgraded to TLS 1.3. Fixed by adding 10 support for optional/none with TLS 1.3 as well. Note that the TLS 1.3 11 standard makes server authentication mandatory; users are advised not to 12 use authmode none, and to carefully check the results when using optional 13 mode. 14 * Fixed a regression introduced in 3.6.0 where context-specific certificate 15 verify callbacks, set with mbedtls_ssl_set_verify() as opposed to 16 mbedtls_ssl_conf_verify(), would stop working when connections were 17 upgraded to TLS 1.3. Fixed by adding support for context-specific verify 18 callback in TLS 1.3. 19