[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [paho-dev] MQTTSNGateway and AWS IoT

Hello Tomoaki,

Looks like the problem in the function
    int Network::recv(uint8_t* buf, uint16_t len)
called with len == 0 from function
    int MQTTGWPacket::recv(Network* network)
line
    int remlen = network->recv(_data, _remainingLength);

Then, the SSL_read() call fails with SSL_ERROR_SYSCALL, and next
SSL_read() call always fails with SSL_ERROR_ZERO_RETURN.

I've add simple check to the begin of Network::recv() function:
    if (!buf)
        return -1;
    if (!len)
        return 0;
And subscribing to a topic messages starts to work normally.

However, after each publish operation (message successfully sent to the
AWS message broker) the SSL_read() call fails with
SSL_ERROR_ZERO_RETURN. I don't understand why yet.

Therefore looks like there are problems in the SSL code of the
MQTTSNGateway. I checked my AWS IoT configuration using RSMB+Mosquitto,
and all works well (using same SSL certificates, of course).


With best regards, Sergey.


19.07.2017 14:24, Tomoaki Yamaguchi wrote:
> Hi Sergey,
> 
> I checked the gateway was working with AWS IoT before.
> I will check it again.
> 
> could you try TLS 1.2 ï
> 
> 
> 
> Tomy Technology
> Tomoaki  YAMAGUCHI
> 
> 2017-07-19 20:17 GMT+09:00 Sergey Semernin <sergey.semernin@xxxxxxxxx
> <mailto:sergey.semernin@xxxxxxxxx>>:
> 
>     Hello Tomoaki,
> 
>     Thank you for the answer, and sorry for my english.
> 
>     Yes, of course. I also tried to change client identification string, and
>     then I got error message that client is rejected by the gateway. So,
>     client authentication is working well.
> 
>     Build system: Debian GNU/Linux 9.0, SSL version 1.1.0f.
> 
>     I see successful SSL connection handshake between Gateway and AWS
>     server. But then, the Gateway somehow closing this connection.
>     I tried to deactivate AWS keypair, and then I got "connection error to
>     the broker" on gateway, as expected. So, keypairs is valid too. Some
>     problem in send()/recv() cycle, I suppose.
> 
> 
>     With best regards, Sergey.
> 
> 
>     19.07.2017 14:05, Tomoaki Yamaguchi wrote:
>     > Hi,
>     >
>     > Did you register your ClientID and Sensorïet Address address to
>     > clients.conf ?
>     >
>     > In order to authenticate ïïï client, the gateway confirms that the ID
>     > and Sensorïet Address are registered in clients.conf in case of TLS
>     > connection.
>     >
>     >
>     > Tomy Technology
>     > Tomoaki  YAMAGUCHI
>     >
>     > 2017-07-19 18:21 GMT+09:00 Sergey Semernin <sergey.semernin@xxxxxxxxx <mailto:sergey.semernin@xxxxxxxxx>
>     > <mailto:sergey.semernin@xxxxxxxxx
>     <mailto:sergey.semernin@xxxxxxxxx>>>:
>     >
>     >     Hello All!
>     >
>     >     I'm new to transparent MQTT-SN gateway that published in Paho project.
>     >     I'm trying to test this gateway with Amazon MQTT message broker. I set
>     >     up SSL/TLS certificates, test connection to the MQTT, and it works.
>     >
>     >     Then, I setup gateway:
>     >
>     >     BrokerName=....iot.eu-central-1.amazonaws.com <http://iot.eu-central-1.amazonaws.com>
>     >     <http://iot.eu-central-1.amazonaws.com
>     <http://iot.eu-central-1.amazonaws.com>>
>     >     BrokerPortNo=1883
>     >     BrokerSecurePortNo=8883
>     >     ClientAuthentication=YES
>     >     ClientsList=clients.conf
>     >
>     >     RootCAfile=root-CA.crt
>     >     CertKey=my-certificate.pem.crt
>     >     PrivateKey=my-private.pem.key
>     >
>     >     GatewayID=1
>     >     GatewayName=PahoGateway-01
>     >     KeepAlive=900
>     >
>     >     GatewayPortNo=10000
>     >     MulticastIP=225.1.1.1
>     >     MulticastPortNo=1883
>     >
>     >     And I'm trying to publish or subscribe with mqtt-sn-tools.
>     >     Each time I got this error:
>     >
>     >     20170719 120527.230   CONNECT           <---  mqtt-sn-tools-7142
>     >              04 04 01 00 0A 6D 71 74 74 2D 73 6E 2D 74 6F 6F 6C 73
>     2D 37 31
>     >     34 32
>     >     20170719 120527.910   CONNECT           --->  mqtt-sn-tools-7142
>     >              10 1E 00 04 4D 51 54 54 04 02 00 0A 00 12 6D 71 74 74
>     2D 73 6E
>     >     2D 74 6F 6F 6C 73 2D 37 31 34 32
>     >     Error: BrokerRecvTask can't receive a packet from the broker
>     errno=0
>     >     mqtt-sn-tools-7142
>     >
>     >     I checked traffic with tcpdump and saw that SSL/TLS connection
>     with AWS
>     >     cloud is present. But nothing more.
>     >
>     >     What I missed? Or this gateway just not working/not tested
>     with AWS MQTT
>     >     broker?
>     >
>     >
>     >     With best regards, Sergey.
>     >     _______________________________________________
>     >     paho-dev mailing list
>     >     paho-dev@xxxxxxxxxxx <mailto:paho-dev@xxxxxxxxxxx>
>     <mailto:paho-dev@xxxxxxxxxxx <mailto:paho-dev@xxxxxxxxxxx>>
>     >     To change your delivery options, retrieve your password, or
>     >     unsubscribe from this list, visit
>     >     https://dev.eclipse.org/mailman/listinfo/paho-dev
>     <https://dev.eclipse.org/mailman/listinfo/paho-dev>
>     >     <https://dev.eclipse.org/mailman/listinfo/paho-dev
>     <https://dev.eclipse.org/mailman/listinfo/paho-dev>>
>     >
>     >
>     >
>     >
>     > _______________________________________________
>     > paho-dev mailing list
>     > paho-dev@xxxxxxxxxxx <mailto:paho-dev@xxxxxxxxxxx>
>     > To change your delivery options, retrieve your password, or
>     unsubscribe from this list, visit
>     > https://dev.eclipse.org/mailman/listinfo/paho-dev
>     <https://dev.eclipse.org/mailman/listinfo/paho-dev>
>     >
>     _______________________________________________
>     paho-dev mailing list
>     paho-dev@xxxxxxxxxxx <mailto:paho-dev@xxxxxxxxxxx>
>     To change your delivery options, retrieve your password, or
>     unsubscribe from this list, visit
>     https://dev.eclipse.org/mailman/listinfo/paho-dev
>     <https://dev.eclipse.org/mailman/listinfo/paho-dev>
> 
> 
> 
> 
> _______________________________________________
> paho-dev mailing list
> paho-dev@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe from this list, visit
> https://dev.eclipse.org/mailman/listinfo/paho-dev
>