Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[mosq]: Added TLS transport to mosquitto port #610

Merged
merged 3 commits into from
Oct 11, 2024
Merged

[mosq]: Added TLS transport to mosquitto port #610

merged 3 commits into from
Oct 11, 2024

Conversation

david-cermak
Copy link
Collaborator

  • Using ESP-TLS to implement mosq__net.c

@david-cermak david-cermak self-assigned this Jul 8, 2024
@david-cermak david-cermak mentioned this pull request Sep 30, 2024
Closed
euripedesrocha
euripedesrocha approved these changes Oct 8, 2024
View reviewed changes
components/mosquitto/api.md Outdated Show resolved Hide resolved
components/mosquitto/examples/broker/README.md Outdated Show resolved Hide resolved
@euripedesrocha
Copy link
Collaborator

Question: How is the client authentication handled?

@david-cermak
Copy link
Collaborator Author

Question: How is the client authentication handled?

Using esp-tls when accepting a connection:

esp-protocols/components/mosquitto/port/net__esp_tls.c

Lines 115 to 136 in 99bb0f0

// Finds first free spot in the context array
int ctx;
for (ctx = 0; ctx < MAX_CONNECTIONS; ++ctx) {
if (tls_ctx[ctx].sock == INVALID_SOCKET) {
tls_ctx[ctx].sock = new_sock;
tls_ctx[ctx].tls = esp_tls_init();
if (!tls_ctx[ctx].tls) {
log__printf(NULL, MOSQ_LOG_ERR, "Faled to create a new ESP-TLS context");
return NULL;
}
break;
}
}
if (ctx >= MAX_CONNECTIONS) {
log__printf(NULL, MOSQ_LOG_ERR, "Unable to create new ESP-TLS connection. Try increasing \"MAX_CONNECTIONS\"");
return NULL;
}
int ret = esp_tls_server_session_create(tls_cfg, new_sock, tls_ctx[ctx].tls);
if (ret != 0) {
log__printf(NULL, MOSQ_LOG_ERR, "Unable to create new ESP-TLS session");
return NULL;
}

@david-cermak
Copy link
Collaborator Author

Question: How is the client authentication handled?

Add a link to ESP-TLS docs for more details on specific TLS configs

@david-cermak
feat(mosq): Added support for TLS transport using ESP-TLS
1af4bbe
@david-cermak
docs(mosq): Prepare mosquitto component for publishing
c2c4bf8
@david-cermak
bump(mosq): Initial version v2.0.28~0
f613c70 
2.0.28~0
Features
- Added support for TLS transport using ESP-TLS (1af4bbe)
- Add API docs, memory consideration and tests (a20c0c9)
- Add target tests with localhost broker-client (5c850cd)
- Initial moquitto v2.0.18 port (TCP only) (de4531e)
Bug Fixes
- Fix clean compilation addressing _GNU_SOURCE redefined (e2392c3)
Updated
- docs(mosq): Prepare mosquitto component for publishing (c2c4bf8)
@david-cermak david-cermak merged commit 73b3293 into espressif:master Oct 11, 2024
32 checks passed
@david-cermak david-cermak mentioned this pull request Oct 11, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@espressif-abhikroy espressif-abhikroy espressif-abhikroy left review comments

@euripedesrocha euripedesrocha euripedesrocha approved these changes

@alisitsyn alisitsyn Awaiting requested review from alisitsyn

@kostaond kostaond Awaiting requested review from kostaond

@bogdankolendovskyy bogdankolendovskyy Awaiting requested review from bogdankolendovskyy

Assignees

@david-cermak david-cermak

Labels
mosquitto
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@david-cermak @euripedesrocha @espressif-abhikroy @tomassebestik