I wonder if it is depending on the MQTT broker. My change is literally just adding a call to mbedtls_ssl_handshake() in altcp_mbedtls_setup. The current code only does the handshake "on demand" when data is received. In my case, data is never initiated unless the handshake is done first.
Anyway, I will submit a patch. Thanks On Mon, Aug 6, 2018 at 1:17 AM, [email protected] <[email protected]> wrote: > On 05.08.2018 02:09, Richard Man wrote: > > OK, I believe I found the source of the bug > > > If you found a bug in our mbedtls adaption, could you please send a patch? > It's not really clear from your mail what should be changed. > > Aside from that, it worked for me, so this is somewhat strange... > > > Simon > > > > > In altcp_mbedtls_setup, after setting up the SSL, it should call the > ssl_handshake, e.g. > > mbedtls_ssl_set_bio(&state->ssl_context, conn, altcp_mbedtls_bio_send, > altcp_mbedtls_bio_recv, NULL); > > mbedtls_ssl_handshake(&state->ssl_context); > > Otherwise, it would not even try to connect. With the line added, I am > connecting with MQTT/TLS. > > THANK you for great piece of work! > > > On Sat, Aug 4, 2018 at 3:33 PM, Richard Man <[email protected]> > wrote: > >> Further: tracing through the code, with altcp.c, altcp_tcp.c, and >> altcp_tls_mbedtls.c enabled, looks like the flow of control is this >> >> mqtt_client_connect calls altcp_connect, which using the indirect table, >> calls >> altcp_mbedtls_connect, which calls altcp_connect again, with the >> "innerconn" >> atlcp_connect this times, calls >> altcp_tcp_connect, which basically just calls tcp_connect >> >> So am I correct to think that this chain completely replaces the >> mbedtls_net_connect call? >> >> The problem I have is that the callback function originally supplied to >> mqtt_client_connect >> never gets called. >> >> >> >> On Fri, Aug 3, 2018 at 11:34 PM, goldsimon <[email protected]> wrote: >> >>> >>> >>> Am 4. August 2018 04:52:36 MESZ schrieb Richard Man < >>> [email protected]>: >>> >Hello pardon me for asking newbie question. >>> > >>> >With the requisite call >>> > >>> >mqtt_client_info.tls_config = altcp_tls_create_config_client(cert, >>> >sizeof(cert)); >>> > >>> > >>> >Let's say I am using an embedded system with no file system support. I >>> >am >>> >communicating with a server only and will not be acting as a server for >>> >other clients. TLS is used for MQTT data encryption. >>> > >>> >Is it correct that in this scenario I can use a self-signing >>> >certificate? >>> >>> This is more of an mbedtls related question. Honestly, without looking >>> at the code, I can't even tell you whether this is really a client >>> certificate or the certificate chain to trust for server certificates... >>> >>> >I used Java Keytool to create a .cer file. Is it the case that I can >>> >convert >>> >the .cer file into a C array, and then use it in the call above? >>> >>> This is also mbedtls related. Lwip just passed the certificate through >>> to mbedtls code. I think I used openssl to create the certificates. >>> >>> Simon >>> >>> _______________________________________________ >>> lwip-users mailing list >>> [email protected] >>> https://lists.nongnu.org/mailman/listinfo/lwip-users >>> >> >> >> >> -- >> // richard http://imagecraft.com >> Beyond Arduino - When you're ready to get serious... >> JumpStart C Tools for Atmel AVR and Cortex-M, The Better Alternative >> > > > > -- > // richard http://imagecraft.com > Beyond Arduino - When you're ready to get serious... > JumpStart C Tools for Atmel AVR and Cortex-M, The Better Alternative > > > _______________________________________________ > lwip-users mailing > [email protected]https://lists.nongnu.org/mailman/listinfo/lwip-users > > > > _______________________________________________ > lwip-users mailing list > [email protected] > https://lists.nongnu.org/mailman/listinfo/lwip-users > -- // richard http://imagecraft.com Beyond Arduino - When you're ready to get serious... JumpStart C Tools for Atmel AVR and Cortex-M, The Better Alternative
_______________________________________________ lwip-users mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/lwip-users
