lwip-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [lwip-users] Request for ALTCP example etc.

From: address@hidden
Subject: Re: [lwip-users] Request for ALTCP example etc.
Date: Mon, 6 Aug 2018 10:17:22 +0200
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
On 05.08.2018 02:09, Richard Man wrote:
OK, I believe I found the source of the bug

If you found a bug in our mbedtls adaption, could you please send a patch? It's not really clear from your mail what should be changed.

Aside from that, it worked for me, so this is somewhat strange...


Simon



In altcp_mbedtls_setup, after setting up the SSL, it should call the ssl_handshake, e.g.

  mbedtls_ssl_set_bio(&state->ssl_context, conn, altcp_mbedtls_bio_send, altcp_mbedtls_bio_recv, NULL);

  mbedtls_ssl_handshake(&state->ssl_context);

Otherwise, it would not even try to connect. With the line added, I am connecting with MQTT/TLS.

THANK you for great piece of work!


On Sat, Aug 4, 2018 at 3:33 PM, Richard Man <address@hidden> wrote:
Further: tracing through the code, with altcp.c, altcp_tcp.c, and altcp_tls_mbedtls.c enabled, looks like the flow of control is this

mqtt_client_connect calls altcp_connect, which using the indirect table, calls
altcp_mbedtls_connect, which calls altcp_connect again, with the "innerconn"
atlcp_connect this times, calls 
altcp_tcp_connect, which basically just calls tcp_connect

So am I correct to think that this chain completely replaces the mbedtls_net_connect call?

The problem I have is that the callback function originally supplied to  mqtt_client_connect never gets called. 



On Fri, Aug 3, 2018 at 11:34 PM, goldsimon <address@hidden> wrote:


Am 4. August 2018 04:52:36 MESZ schrieb Richard Man <address@hidden>:
>Hello pardon me for asking newbie question.
>
>With the requisite call
>
>mqtt_client_info.tls_config = altcp_tls_create_config_client(cert,
>sizeof(cert));
>
>
>Let's say I am using an embedded system with no file system support. I
>am
>communicating with a server only and will not be acting as a server for
>other clients. TLS is used for MQTT data encryption.
>
>Is it correct that in this scenario I can use a self-signing
>certificate?

This is more of an mbedtls related question. Honestly, without looking at the code, I can't even tell you whether this is really a client certificate or the certificate chain to trust for server certificates...

>I used Java Keytool to create a .cer file. Is it the case that I can
>convert
>the .cer file into a C array, and then use it in the call above?

This is also mbedtls related. Lwip just passed the certificate through to mbedtls code. I think I used openssl to create the certificates.

Simon

_______________________________________________
lwip-users mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/lwip-users



--
// richard http://imagecraft.com
Beyond Arduino - When you're ready to get serious...
JumpStart C Tools for Atmel AVR and Cortex-M, The Better Alternative



--
// richard http://imagecraft.com
Beyond Arduino - When you're ready to get serious...
JumpStart C Tools for Atmel AVR and Cortex-M, The Better Alternative


_______________________________________________
lwip-users mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/lwip-users


reply via email to
[Prev in Thread] Current Thread [Next in Thread]