OK, I believe I found the source of the bug In altcp_mbedtls_setup, after setting up the SSL, it should call the ssl_handshake, e.g.
mbedtls_ssl_set_bio(&state->ssl_context, conn, altcp_mbedtls_bio_send, altcp_mbedtls_bio_recv, NULL); mbedtls_ssl_handshake(&state->ssl_context); Otherwise, it would not even try to connect. With the line added, I am connecting with MQTT/TLS. THANK you for great piece of work! On Sat, Aug 4, 2018 at 3:33 PM, Richard Man <[email protected]> wrote: > Further: tracing through the code, with altcp.c, altcp_tcp.c, and > altcp_tls_mbedtls.c enabled, looks like the flow of control is this > > mqtt_client_connect calls altcp_connect, which using the indirect table, > calls > altcp_mbedtls_connect, which calls altcp_connect again, with the > "innerconn" > atlcp_connect this times, calls > altcp_tcp_connect, which basically just calls tcp_connect > > So am I correct to think that this chain completely replaces the > mbedtls_net_connect call? > > The problem I have is that the callback function originally supplied to > mqtt_client_connect > never gets called. > > > > On Fri, Aug 3, 2018 at 11:34 PM, goldsimon <[email protected]> wrote: > >> >> >> Am 4. August 2018 04:52:36 MESZ schrieb Richard Man < >> [email protected]>: >> >Hello pardon me for asking newbie question. >> > >> >With the requisite call >> > >> >mqtt_client_info.tls_config = altcp_tls_create_config_client(cert, >> >sizeof(cert)); >> > >> > >> >Let's say I am using an embedded system with no file system support. I >> >am >> >communicating with a server only and will not be acting as a server for >> >other clients. TLS is used for MQTT data encryption. >> > >> >Is it correct that in this scenario I can use a self-signing >> >certificate? >> >> This is more of an mbedtls related question. Honestly, without looking at >> the code, I can't even tell you whether this is really a client certificate >> or the certificate chain to trust for server certificates... >> >> >I used Java Keytool to create a .cer file. Is it the case that I can >> >convert >> >the .cer file into a C array, and then use it in the call above? >> >> This is also mbedtls related. Lwip just passed the certificate through to >> mbedtls code. I think I used openssl to create the certificates. >> >> Simon >> >> _______________________________________________ >> lwip-users mailing list >> [email protected] >> https://lists.nongnu.org/mailman/listinfo/lwip-users >> > > > > -- > // richard http://imagecraft.com > Beyond Arduino - When you're ready to get serious... > JumpStart C Tools for Atmel AVR and Cortex-M, The Better Alternative > -- // richard http://imagecraft.com Beyond Arduino - When you're ready to get serious... JumpStart C Tools for Atmel AVR and Cortex-M, The Better Alternative
_______________________________________________ lwip-users mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/lwip-users
