mbedtls: add support for 4.0.0
After this patch libcurl requires (as already documented)
the `curl_global_init()` call when using the `curl_formadd()` API with
mbedTLS.
Note: NTLM is not supported with mbedTLS 4+, because it lacks
the necessary crypto primitive: DES.
Also:
- lib: de-dupe mbedTLS minimum version checks into `curl_setup.h`.
- lib: initialize PSA Crypto as part of `curl_global_init()`.
For MD5, SHA-256, `curl_formadd()`, and MultiSSL builds with mbedTLS
but where mbedTLS isn't the default backend.
- lib1308: fix to call `curl_global_init()` (for the Form API).
- curl_ntlm_core: disable with mbedTLS 4+.
- md4: disable mbedTLS implementation when building against 4.x.
- md5: use mbedTLS PSA Crypto API when available, otherwise use
the default local implementation.
- sha256: use mbedTLS PSA Crypto API when available, otherwise use
the default local implementation.
- vtls/mbedtls: drop PSA Crypto initialization in favor of
`curl_global_init()`.
- vtls/mbedtls: use PSA Crypto random API with all mbedTLS versions.
- vtls/mbedtls: do the same for the SHA-256 callback.
- autotools: detect mbedTLS 4+, and disable NTLM for 3.x.
- cmake: disable NTLM for mbedTLS 3.x.
- GHA/linux: keep building mbedTLS 3.x manually and use it in
an existing job, while also enabling pytest in it.
- GHA/linux: bump to mbedTLS 4.0.0.
Closes #19075
Closes #19074
Refs:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-4.0.0
https://github.com/Mbed-TLS/mbedtls/blob/mbedtls-4.0.0/docs/4.0-migration-guide.md
https://github.com/Mbed-TLS/mbedtls/blob/mbedtls-4.0.0/tf-psa-crypto/docs/1.0-migration-guide.md [404]
https://github.com/Mbed-TLS/TF-PSA-Crypto/blob/tf-psa-crypto-1.0.0/docs/1.0-migration-guide.md
https://github.com/Mbed-TLS/TF-PSA-Crypto/blob/tf-psa-crypto-1.0.0/docs/psa-transition.md
https://github.com/Mbed-TLS/TF-PSA-Crypto/tree/
627f727bbed3d9319ed548f1c0839a29c223414e/docs/4.0-migration-guide
Closes #19077
projects / thirdparty / curl.git / commit
