Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
镜像
Eclipse Foundation
Eclipse Mosquitto
提交
4093dad0
E
Eclipse Mosquitto
项目概览
镜像
/
Eclipse Foundation
/
Eclipse Mosquitto
9 个月 前同步成功
通知
36
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
E
Eclipse Mosquitto
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
未验证
提交
4093dad0
编写于
8月 15, 2023
作者:
R
Roger Light
提交者:
GitHub
8月 15, 2023
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #2827 from bdesplanq/fix-engine-support
Fix engine keyfile support.
上级
cb90e911
105e30ff
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
34 addition
and
24 deletion
+34
-24
apps/mosquitto_ctrl/options.c
apps/mosquitto_ctrl/options.c
+5
-5
client/client_shared.c
client/client_shared.c
+5
-5
lib/options.c
lib/options.c
+18
-11
man/mosquitto.conf.5.xml
man/mosquitto.conf.5.xml
+6
-3
未找到文件。
apps/mosquitto_ctrl/options.c
浏览文件 @
4093dad0
...
@@ -593,6 +593,11 @@ int client_opts_set(struct mosquitto *mosq, struct mosq_config *cfg)
...
@@ -593,6 +593,11 @@ int client_opts_set(struct mosquitto *mosq, struct mosq_config *cfg)
return
1
;
return
1
;
}
}
#ifdef WITH_TLS
#ifdef WITH_TLS
if
(
cfg
->
keyform
&&
mosquitto_string_option
(
mosq
,
MOSQ_OPT_TLS_KEYFORM
,
cfg
->
keyform
)){
fprintf
(
stderr
,
"Error: Problem setting key form, it must be one of 'pem' or 'engine'.
\n
"
);
mosquitto_lib_cleanup
();
return
1
;
}
if
(
cfg
->
cafile
||
cfg
->
capath
){
if
(
cfg
->
cafile
||
cfg
->
capath
){
rc
=
mosquitto_tls_set
(
mosq
,
cfg
->
cafile
,
cfg
->
capath
,
cfg
->
certfile
,
cfg
->
keyfile
,
NULL
);
rc
=
mosquitto_tls_set
(
mosq
,
cfg
->
cafile
,
cfg
->
capath
,
cfg
->
certfile
,
cfg
->
keyfile
,
NULL
);
if
(
rc
){
if
(
rc
){
...
@@ -615,11 +620,6 @@ int client_opts_set(struct mosquitto *mosq, struct mosq_config *cfg)
...
@@ -615,11 +620,6 @@ int client_opts_set(struct mosquitto *mosq, struct mosq_config *cfg)
mosquitto_lib_cleanup
();
mosquitto_lib_cleanup
();
return
1
;
return
1
;
}
}
if
(
cfg
->
keyform
&&
mosquitto_string_option
(
mosq
,
MOSQ_OPT_TLS_KEYFORM
,
cfg
->
keyform
)){
fprintf
(
stderr
,
"Error: Problem setting key form, it must be one of 'pem' or 'engine'.
\n
"
);
mosquitto_lib_cleanup
();
return
1
;
}
if
(
cfg
->
tls_engine_kpass_sha1
&&
mosquitto_string_option
(
mosq
,
MOSQ_OPT_TLS_ENGINE_KPASS_SHA1
,
cfg
->
tls_engine_kpass_sha1
)){
if
(
cfg
->
tls_engine_kpass_sha1
&&
mosquitto_string_option
(
mosq
,
MOSQ_OPT_TLS_ENGINE_KPASS_SHA1
,
cfg
->
tls_engine_kpass_sha1
)){
fprintf
(
stderr
,
"Error: Problem setting TLS engine key pass sha, is it a 40 character hex string?
\n
"
);
fprintf
(
stderr
,
"Error: Problem setting TLS engine key pass sha, is it a 40 character hex string?
\n
"
);
mosquitto_lib_cleanup
();
mosquitto_lib_cleanup
();
...
...
client/client_shared.c
浏览文件 @
4093dad0
...
@@ -1253,6 +1253,11 @@ int client_opts_set(struct mosquitto *mosq, struct mosq_config *cfg)
...
@@ -1253,6 +1253,11 @@ int client_opts_set(struct mosquitto *mosq, struct mosq_config *cfg)
return
1
;
return
1
;
}
}
#ifdef WITH_TLS
#ifdef WITH_TLS
if
(
cfg
->
keyform
&&
mosquitto_string_option
(
mosq
,
MOSQ_OPT_TLS_KEYFORM
,
cfg
->
keyform
)){
err_printf
(
cfg
,
"Error: Problem setting key form, it must be one of 'pem' or 'engine'.
\n
"
);
mosquitto_lib_cleanup
();
return
1
;
}
if
(
cfg
->
cafile
||
cfg
->
capath
){
if
(
cfg
->
cafile
||
cfg
->
capath
){
rc
=
mosquitto_tls_set
(
mosq
,
cfg
->
cafile
,
cfg
->
capath
,
cfg
->
certfile
,
cfg
->
keyfile
,
NULL
);
rc
=
mosquitto_tls_set
(
mosq
,
cfg
->
cafile
,
cfg
->
capath
,
cfg
->
certfile
,
cfg
->
keyfile
,
NULL
);
if
(
rc
){
if
(
rc
){
...
@@ -1289,11 +1294,6 @@ int client_opts_set(struct mosquitto *mosq, struct mosq_config *cfg)
...
@@ -1289,11 +1294,6 @@ int client_opts_set(struct mosquitto *mosq, struct mosq_config *cfg)
mosquitto_lib_cleanup
();
mosquitto_lib_cleanup
();
return
1
;
return
1
;
}
}
if
(
cfg
->
keyform
&&
mosquitto_string_option
(
mosq
,
MOSQ_OPT_TLS_KEYFORM
,
cfg
->
keyform
)){
err_printf
(
cfg
,
"Error: Problem setting key form, it must be one of 'pem' or 'engine'.
\n
"
);
mosquitto_lib_cleanup
();
return
1
;
}
if
(
cfg
->
tls_engine_kpass_sha1
&&
mosquitto_string_option
(
mosq
,
MOSQ_OPT_TLS_ENGINE_KPASS_SHA1
,
cfg
->
tls_engine_kpass_sha1
)){
if
(
cfg
->
tls_engine_kpass_sha1
&&
mosquitto_string_option
(
mosq
,
MOSQ_OPT_TLS_ENGINE_KPASS_SHA1
,
cfg
->
tls_engine_kpass_sha1
)){
err_printf
(
cfg
,
"Error: Problem setting TLS engine key pass sha, is it a 40 character hex string?
\n
"
);
err_printf
(
cfg
,
"Error: Problem setting TLS engine key pass sha, is it a 40 character hex string?
\n
"
);
mosquitto_lib_cleanup
();
mosquitto_lib_cleanup
();
...
...
lib/options.c
浏览文件 @
4093dad0
...
@@ -179,19 +179,21 @@ int mosquitto_tls_set(struct mosquitto *mosq, const char *cafile, const char *ca
...
@@ -179,19 +179,21 @@ int mosquitto_tls_set(struct mosquitto *mosq, const char *cafile, const char *ca
mosquitto__free
(
mosq
->
tls_keyfile
);
mosquitto__free
(
mosq
->
tls_keyfile
);
mosq
->
tls_keyfile
=
NULL
;
mosq
->
tls_keyfile
=
NULL
;
if
(
keyfile
){
if
(
keyfile
){
fptr
=
mosquitto__fopen
(
keyfile
,
"rt"
,
false
);
if
(
mosq
->
tls_keyform
==
mosq_k_pem
){
if
(
fptr
){
fptr
=
mosquitto__fopen
(
keyfile
,
"rt"
,
false
);
fclose
(
fptr
);
if
(
fptr
){
}
else
{
fclose
(
fptr
);
mosquitto__free
(
mosq
->
tls_cafile
);
}
else
{
mosq
->
tls_cafile
=
NULL
;
mosquitto__free
(
mosq
->
tls_cafile
);
mosq
->
tls_cafile
=
NULL
;
mosquitto__free
(
mosq
->
tls_capath
);
mosquitto__free
(
mosq
->
tls_capath
);
mosq
->
tls_capath
=
NULL
;
mosq
->
tls_capath
=
NULL
;
mosquitto__free
(
mosq
->
tls_certfile
);
mosquitto__free
(
mosq
->
tls_certfile
);
mosq
->
tls_certfile
=
NULL
;
mosq
->
tls_certfile
=
NULL
;
return
MOSQ_ERR_INVAL
;
return
MOSQ_ERR_INVAL
;
}
}
}
mosq
->
tls_keyfile
=
mosquitto__strdup
(
keyfile
);
mosq
->
tls_keyfile
=
mosquitto__strdup
(
keyfile
);
if
(
!
mosq
->
tls_keyfile
){
if
(
!
mosq
->
tls_keyfile
){
...
@@ -290,6 +292,11 @@ int mosquitto_string_option(struct mosquitto *mosq, enum mosq_opt_t option, cons
...
@@ -290,6 +292,11 @@ int mosquitto_string_option(struct mosquitto *mosq, enum mosq_opt_t option, cons
#if defined(WITH_TLS) && !defined(OPENSSL_NO_ENGINE)
#if defined(WITH_TLS) && !defined(OPENSSL_NO_ENGINE)
mosquitto__free
(
mosq
->
tls_engine
);
mosquitto__free
(
mosq
->
tls_engine
);
if
(
value
){
if
(
value
){
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
/* The "Dynamic" OpenSSL engine is not initialized by default but
is required by ENGINE_by_id() to find dynamically loadable engines */
OPENSSL_init_crypto
(
OPENSSL_INIT_ENGINE_DYNAMIC
,
NULL
);
#endif
eng
=
ENGINE_by_id
(
value
);
eng
=
ENGINE_by_id
(
value
);
if
(
!
eng
){
if
(
!
eng
){
return
MOSQ_ERR_INVAL
;
return
MOSQ_ERR_INVAL
;
...
...
man/mosquitto.conf.5.xml
浏览文件 @
4093dad0
...
@@ -1391,9 +1391,12 @@ openssl dhparam -out dhparam.pem 2048</programlisting>
...
@@ -1391,9 +1391,12 @@ openssl dhparam -out dhparam.pem 2048</programlisting>
<term><option>
keyfile
</option>
<replaceable>
file path
</replaceable></term>
<term><option>
keyfile
</option>
<replaceable>
file path
</replaceable></term>
<listitem>
<listitem>
<para>
<para>
Path to the PEM encoded server key. This
If
<option>
tls_keyform
</option>
equals "pem" this is the
option and
<option>
certfile
</option>
must be present
path to the PEM encoded server key. This option
to enable certificate based TLS encryption.
and
<option>
certfile
</option>
must be present
to enable certificate based TLS encryption. If
<option>
tls_keyform
</option>
is "engine" this represents
the engine handle of the private key.
</para>
</para>
<para>
<para>
The private key pointed to by this option will be
The private key pointed to by this option will be
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录