TLS-PSK mismatch fix.

Produce an error if a TLS-PSK client tries to connect to a broker
that is not configured with TLS-PSK.

ChangeLog.txt

@@ -7,6 +7,13 @@ Broker:
  users this is not a risk. Closes #567213.
 - Fix `max_connections` option not being correctly counted.
 
+Client library:
+- If a client uses TLS-PSK then force the default cipher list to use "PSK"
+ ciphers only. This means that a client connecting to a broker configured
+ with x509 certificates only will now fail. Prior to this, the client would
+ connect successfully without verifying certificates, because they were not
+ configured.
+
 Clients:
 - mosquitto_sub and mosquitto_rr now open stdout in binary mode on Windows
  so binary payloads are not modified when printing.

lib/net_mosq.c

@@ -857,6 +857,9 @@ static int net__init_ssl_ctx(struct mosquitto *mosq)
 #ifdef FINAL_WITH_TLS_PSK
  }else if(mosq->tls_psk){
  SSL_CTX_set_psk_client_callback(mosq->ssl_ctx, psk_client_callback);
+ if(mosq->tls_ciphers == NULL){
+ SSL_CTX_set_cipher_list(mosq->ssl_ctx, "PSK");
+ }
 #endif
  }
  }