Hi there!
I am a software engineer, and our company (Technicolor) is using the Eclipse mosquitto package. We think that this package is great! Unfortunately, due to customer requirements, there is a constraint to this package, and would like some insight/feedback. I have read through the man pages and the community forms but have come short.
How we are using mosquitto:
We are using the LUA API library to the mosquitto package as an MQTT client. The version is mosquitto-1.4.12
Problem:
Currently we are using the lua binded function mosquitto:tls_set(nil, caPath, certPath, keyFilePath) to leverage a secure connection.
For security reasons, we need to use a custom made OpenSSL EVP_PKEY structure. That key is generated in a separate C module.
Our Proposed Work Around:
Due to short term deadlines we thought of a work around.
- Create the EVP_PKEY struct in a separate C Shared Object file
- Pass the key onto the LUA Stack (Using userdata)
- Pass that key from our LUA application to the mosquitto LUA tls_set() funciton (Which goes back to the c libaries)
- Used that passed EVP_PKEY and ignore the keyfile string value within the mosquitto code.
The above requires a custom made patch to the mosquitto code, which is not ideal for long term support. Our work around is temporary but we would like some advice on how to approach this particular issue. Perhaps an alternate solution is to have a ssl_ctx callback function, similar to libcurl?
Your time and input is greatly appreciated!
Thanks,
Emilio
