| Re: [mosquitto-dev] Request for support on mosquitto package |
Perhaps have a look at https://github.com/eclipse/mosquitto/pull/567 and see if it would help? Emilio Lopez <eslopez92@xxxxxxxxx> wrote: > Hi Karl, > > Thanks for the input. > > To simplify the question. We would like to hook a preconfigured > EVP_PKEY (created in a custom C .so file) within the same > process space, to the OpenSSL ctx calls that the Mosquitto > package uses. More specifically using the lua binded API to > mosquitto to hook onto a certain openssl. Perhaps it can hook > onto a global pkey within the process space. I'm sure there are > multiple ways to approach this problem. Please forgive me as my > development with OpenSSL is still new. > > Thanks, > Emilio > > > On Wed, Aug 30, 2017 at 11:58 AM, Karl Palsson > <karlp@xxxxxxxxxxxx> wrote: > > > > > You can make this question a lot simpler by leaving the lua > > bindings out of it :) > > > > Talk about how you would solve this problem with the libmosquitto > > API, and what may or may not need to be added there, and _then_ > > we can easily add that to the lua bindings. (It's still great to > > see other people using the lua bindings!) > > > > Sincerely, > > Karl Palsson > > > > > > Emilio Lopez <eslopez92@xxxxxxxxx> wrote: > > > Hi there! > > > > > > I am a software engineer, and our company (Technicolor) is > > > using the Eclipse mosquitto package. We think that this package > > > is great! Unfortunately, due to customer requirements, there is > > > a constraint to this package, and would like some > > > insight/feedback. I have read through the man pages and the > > > community forms but have come short. > > > > > > *How we are using mosquitto:* > > > We are using the LUA API library to the mosquitto package as an > > > MQTT client. The version is *mosquitto-1.4.12* > > > > > > *Problem:* > > > Currently we are using the lua binded function > > > mosquitto:tls_set(nil, caPath, certPath, keyFilePath) to > > > leverage a secure connection. For security reasons, we need to > > > use a custom made OpenSSL EVP_PKEY structure. That key is > > > generated in a separate C module. > > > > > > *Our Proposed Work Around:* > > > Due to short term deadlines we thought of a work around. > > > > > > 1. Create the EVP_PKEY struct in a separate C Shared Object file > > > 2. Pass the key onto the LUA Stack (Using userdata) > > > 3. Pass that key from our LUA application to the mosquitto LUA > > tls_set() > > > funciton (Which goes back to the c libaries) > > > 4. Used that passed EVP_PKEY and ignore the keyfile string value > > within > > > the mosquitto code. > > > > > > > > > The above requires a custom made patch to the mosquitto code, > > > which is not ideal for long term support. Our work around is > > > temporary but we would like some advice on how to approach this > > > particular issue. Perhaps an alternate solution is to have a > > > ssl_ctx callback function, similar to libcurl? > > > > > > Your time and input is greatly appreciated! > > > > > > Thanks, > > > Emilio > > > > > > p.s. I tried registering with my company email > > > (emilio.lopez@xxxxxxxxxxxxxxx) but never received a > > > confirmation email. > > > _______________________________________________ mosquitto-dev > > > mailing list mosquitto-dev@xxxxxxxxxxx To change your delivery > > > options, retrieve your password, or unsubscribe from this list, > > > visit https://dev.eclipse.org/mailman/listinfo/mosquitto-dev
Attachment:
signature.html
Description: OpenPGP Digital Signature