Fix use of MOSQ_OPT_SSL_CTX when used with MOSQ_OPT_SSL_CTX_DEFAULTS
Closes #2463. Thanks to Tim Nordell.
This commit is contained in:
parent
f9fa19ce6a
commit
02b92b97ef
@ -28,6 +28,8 @@ Client library:
|
||||
- Don't set SIGPIPE to ignore, use MSG_NOSIGNAL instead. Closes #2564.
|
||||
- Add documentation of struct mosquitto_message to header. Closes #2561.
|
||||
- Fix documentation omission around mosquitto_reinitialise. Closes #2489.
|
||||
- Fix use of MOSQ_OPT_SSL_CTX when used in conjunction with
|
||||
MOSQ_OPT_SSL_CTX_DEFAULTS. Closes #2463.
|
||||
|
||||
Clients:
|
||||
- Fix mosquitto_pub incorrectly reusing topic aliases when reconnecting.
|
||||
|
@ -661,8 +661,8 @@ static int net__init_ssl_ctx(struct mosquitto *mosq)
|
||||
* has not been set, or if both of MOSQ_OPT_SSL_CTX and
|
||||
* MOSQ_OPT_SSL_CTX_WITH_DEFAULTS are set. */
|
||||
if(mosq->tls_cafile || mosq->tls_capath || mosq->tls_psk || mosq->tls_use_os_certs){
|
||||
net__init_tls();
|
||||
if(!mosq->ssl_ctx){
|
||||
net__init_tls();
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
mosq->ssl_ctx = SSL_CTX_new(SSLv23_client_method());
|
||||
|
@ -65,6 +65,8 @@ ifeq ($(WITH_TLS),yes)
|
||||
./08-ssl-bad-cacert.py $@/08-ssl-bad-cacert.test
|
||||
./08-ssl-connect-cert-auth-enc.py $@/08-ssl-connect-cert-auth-enc.test
|
||||
./08-ssl-connect-cert-auth.py $@/08-ssl-connect-cert-auth.test
|
||||
./08-ssl-connect-cert-auth.py $@/08-ssl-connect-cert-auth-custom-ssl-ctx.test
|
||||
./08-ssl-connect-cert-auth.py $@/08-ssl-connect-cert-auth-custom-ssl-ctx-default.test
|
||||
./08-ssl-connect-no-auth.py $@/08-ssl-connect-no-auth.test
|
||||
endif
|
||||
./09-util-topic-tokenise.py $@/09-util-topic-tokenise.test
|
||||
|
59
test/lib/c/08-ssl-connect-cert-auth-custom-ssl-ctx-default.c
Normal file
59
test/lib/c/08-ssl-connect-cert-auth-custom-ssl-ctx-default.c
Normal file
@ -0,0 +1,59 @@
|
||||
#include <errno.h>
|
||||
#include <stdbool.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <mosquitto.h>
|
||||
#include <openssl/ssl.h>
|
||||
|
||||
static int run = -1;
|
||||
|
||||
void on_connect(struct mosquitto *mosq, void *obj, int rc)
|
||||
{
|
||||
if(rc){
|
||||
exit(1);
|
||||
}else{
|
||||
mosquitto_disconnect(mosq);
|
||||
}
|
||||
}
|
||||
|
||||
void on_disconnect(struct mosquitto *mosq, void *obj, int rc)
|
||||
{
|
||||
run = rc;
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
int rc;
|
||||
struct mosquitto *mosq;
|
||||
SSL_CTX *ssl_ctx;
|
||||
int port = atoi(argv[1]);
|
||||
|
||||
mosquitto_lib_init();
|
||||
|
||||
OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
|
||||
| OPENSSL_INIT_ADD_ALL_DIGESTS \
|
||||
| OPENSSL_INIT_LOAD_CONFIG, NULL);
|
||||
ssl_ctx = SSL_CTX_new(TLS_client_method());
|
||||
|
||||
mosq = mosquitto_new("08-ssl-connect-crt-auth", true, NULL);
|
||||
if(mosq == NULL){
|
||||
return 1;
|
||||
}
|
||||
|
||||
mosquitto_int_option(mosq, MOSQ_OPT_SSL_CTX_WITH_DEFAULTS, 1);
|
||||
mosquitto_void_option(mosq, MOSQ_OPT_SSL_CTX, ssl_ctx);
|
||||
|
||||
mosquitto_tls_set(mosq, "../ssl/test-root-ca.crt", "../ssl/certs", "../ssl/client.crt", "../ssl/client.key", NULL);
|
||||
mosquitto_connect_callback_set(mosq, on_connect);
|
||||
mosquitto_disconnect_callback_set(mosq, on_disconnect);
|
||||
|
||||
rc = mosquitto_connect(mosq, "localhost", port, 60);
|
||||
|
||||
while(run == -1){
|
||||
mosquitto_loop(mosq, -1, 1);
|
||||
}
|
||||
mosquitto_destroy(mosq);
|
||||
|
||||
mosquitto_lib_cleanup();
|
||||
return run;
|
||||
}
|
63
test/lib/c/08-ssl-connect-cert-auth-custom-ssl-ctx.c
Normal file
63
test/lib/c/08-ssl-connect-cert-auth-custom-ssl-ctx.c
Normal file
@ -0,0 +1,63 @@
|
||||
#include <errno.h>
|
||||
#include <stdbool.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <mosquitto.h>
|
||||
#include <openssl/ssl.h>
|
||||
|
||||
static int run = -1;
|
||||
|
||||
void on_connect(struct mosquitto *mosq, void *obj, int rc)
|
||||
{
|
||||
if(rc){
|
||||
exit(1);
|
||||
}else{
|
||||
mosquitto_disconnect(mosq);
|
||||
}
|
||||
}
|
||||
|
||||
void on_disconnect(struct mosquitto *mosq, void *obj, int rc)
|
||||
{
|
||||
run = rc;
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
int rc;
|
||||
struct mosquitto *mosq;
|
||||
SSL_CTX *ssl_ctx;
|
||||
int port = atoi(argv[1]);
|
||||
|
||||
mosquitto_lib_init();
|
||||
|
||||
OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
|
||||
| OPENSSL_INIT_ADD_ALL_DIGESTS \
|
||||
| OPENSSL_INIT_LOAD_CONFIG, NULL);
|
||||
ssl_ctx = SSL_CTX_new(TLS_client_method());
|
||||
|
||||
SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL);
|
||||
SSL_CTX_use_certificate_chain_file(ssl_ctx, "../ssl/client.crt");
|
||||
SSL_CTX_use_PrivateKey_file(ssl_ctx, "../ssl/client.key", SSL_FILETYPE_PEM);
|
||||
SSL_CTX_load_verify_locations(ssl_ctx, "../ssl/test-root-ca.crt", "../ssl/certs");
|
||||
|
||||
mosq = mosquitto_new("08-ssl-connect-crt-auth", true, NULL);
|
||||
if(mosq == NULL){
|
||||
return 1;
|
||||
}
|
||||
mosquitto_tls_set(mosq, "../ssl/test-root-ca.crt", "../ssl/certs", "../ssl/client.crt", "../ssl/client.key", NULL);
|
||||
mosquitto_connect_callback_set(mosq, on_connect);
|
||||
mosquitto_disconnect_callback_set(mosq, on_disconnect);
|
||||
|
||||
mosquitto_int_option(mosq, MOSQ_OPT_SSL_CTX_WITH_DEFAULTS, 0);
|
||||
mosquitto_void_option(mosq, MOSQ_OPT_SSL_CTX, ssl_ctx);
|
||||
|
||||
rc = mosquitto_connect(mosq, "localhost", port, 60);
|
||||
|
||||
while(run == -1){
|
||||
mosquitto_loop(mosq, -1, 1);
|
||||
}
|
||||
mosquitto_destroy(mosq);
|
||||
|
||||
mosquitto_lib_cleanup();
|
||||
return run;
|
||||
}
|
@ -1,3 +1,5 @@
|
||||
include ../../../config.mk
|
||||
|
||||
.PHONY: all clean reallyclean
|
||||
|
||||
CFLAGS=-I../../../include -Werror
|
||||
@ -55,6 +57,13 @@ SRC = \
|
||||
11-prop-send-payload-format.c \
|
||||
11-prop-send-content-type.c
|
||||
|
||||
ifeq ($(WITH_TLS),yes)
|
||||
SRC += \
|
||||
08-ssl-connect-cert-auth-custom-ssl-ctx.c \
|
||||
08-ssl-connect-cert-auth-custom-ssl-ctx-default.c
|
||||
LIBS += -lssl -lcrypto
|
||||
endif
|
||||
|
||||
TESTS = ${SRC:.c=.test}
|
||||
|
||||
all : ${TESTS}
|
||||
|
@ -48,6 +48,8 @@ tests = [
|
||||
(1, ['./08-ssl-bad-cacert.py', 'c/08-ssl-bad-cacert.test']),
|
||||
(1, ['./08-ssl-connect-cert-auth-enc.py', 'c/08-ssl-connect-cert-auth-enc.test']),
|
||||
(1, ['./08-ssl-connect-cert-auth.py', 'c/08-ssl-connect-cert-auth.test']),
|
||||
(1, ['./08-ssl-connect-cert-auth.py', 'c/08-ssl-connect-cert-auth-custom-ssl-ctx.test']),
|
||||
(1, ['./08-ssl-connect-cert-auth.py', 'c/08-ssl-connect-cert-auth-custom-ssl-ctx-default.test']),
|
||||
(1, ['./08-ssl-connect-no-auth.py', 'c/08-ssl-connect-no-auth.test']),
|
||||
|
||||
(1, ['./09-util-topic-tokenise.py', 'c/09-util-topic-tokenise.test']),
|
||||
|
Loading…
Reference in New Issue
Block a user