mbedtls_ssl_get_version() does not support TLS 1.3

[mpg]

mbedtls_ssl_get_version() currently returns unkown when the connection is using TLS 1.3. It should return TLSv1.3 instead, and a test in ssl-opt.sh should make sure that it does. (Client side for now, and also server-side in the future. Also, when we add version negotiation, we should make sure this keeps working.)

Originally reported in #5331.

[gstrauss]

I can submit a PR, but is a test required for this feature?

diff --git a/ChangeLog.d/mbedtls_ssl_get_version-extend.txt b/ChangeLog.d/mbedtls_ssl_get_version-extend.txt
new file mode 100644
index 000000000..32a913ed4
--- /dev/null
+++ b/ChangeLog.d/mbedtls_ssl_get_version-extend.txt
@@ -0,0 +1,2 @@
+Feature
+   * Extend mbedtls_ssl_get_version() for "TLSv1.3".
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index d868e4965..fd5b82d5c 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4375,6 +4375,8 @@ const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl )
         {
             case MBEDTLS_SSL_MINOR_VERSION_3:
                 return( "DTLSv1.2" );
+            case MBEDTLS_SSL_MINOR_VERSION_4:
+                return( "DTLSv1.3" );
 
             default:
                 return( "unknown (DTLS)" );
@@ -4386,6 +4388,8 @@ const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl )
     {
         case MBEDTLS_SSL_MINOR_VERSION_3:
             return( "TLSv1.2" );
+        case MBEDTLS_SSL_MINOR_VERSION_4:
+            return( "TLSv1.3" );
 
         default:
             return( "unknown" );

[gilles-peskine-arm]

A test would confirm that it works and would, in the future, confirm that it's still working.

ssl_client2 and ssl_server2 print a message with the version, so it's just a matter of adding a -c/-s check to a run_test somewhere.