MariaDB connector shipped in 3.20 has a TLS issue

[mtgag]

Describe the bug

In MariaDB connector 3.5.2, there is an issue with TLSv1.3 connections. See also: https://jira.mariadb.org/browse/CONJ-1240. The 3.20 LTS version uses this connector.

Expected behavior

The expected behavior is that it should be possible to connect to a MariaDB server when only TLSv1.3 is configured.

Actual behavior

When only TLSv1.3 is configured on the MariaDB server, it is not possible to connect at all. When both TLSv1.2 and TLSv1.3 are configured, only TLSv1.2 is used for the connection.

How to Reproduce?

MariaDB should start with the option --tls_version=TLSv1.3 and other relevant TLS options (--ssl_ca, --ssl_key, --ssl_cert). On the first connection to MariaDB a connection error occurs:

Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: protocol_version

Output of uname -a or ver

No response

Output of java -version

No response

Quarkus version or git rev

3.20

Build tool (ie. output of mvnw --version or gradlew --version)

No response

Additional information

Updating MariaDB connector to 3.5.3 should fix this issue. Already tried as a astandalone application doing a simple select to the database.

[quarkus-bot]

/cc @barreiro (jdbc)

[geoand]

I am going to close this as #47053 bumped the MariaDB driver version to 3.5.3.
What remains is to determine whether that PR should be backported to 3.20 (cc @gsmet)