From 77f657ecbdab9754216919efc103b35c0d8bbaa1 Mon Sep 17 00:00:00 2001 From: dcgaws <33439635+dcgaws@users.noreply.github.com> Date: Tue, 27 Feb 2018 12:01:40 -0800 Subject: [PATCH] Use AWS IoT Core support for MQTT over port 443 (#141) * Use AWS IoT Core support for MQTT over port 443 in the five sample projects (this is done using ALPN during TLS negotiation). Also, fix a compiler warning in the three subscribe/publish projects. * Use AWS IoT Core support for MQTT over port 443 in the tests. --- include/aws_iot_shadow_interface.h | 2 +- platform/linux/mbedtls/network_mbedtls_wrapper.c | 10 ++++++++++ samples/linux/jobs_sample/aws_iot_config.h | 2 +- samples/linux/shadow_sample/aws_iot_config.h | 2 +- .../linux/shadow_sample_console_echo/aws_iot_config.h | 2 +- .../subscribe_publish_cpp_sample/aws_iot_config.h | 2 +- .../subscribe_publish_cpp_sample.cpp | 2 +- .../subscribe_publish_library_sample/aws_iot_config.h | 2 +- .../subscribe_publish_library_sample.c | 2 +- .../linux/subscribe_publish_sample/aws_iot_config.h | 2 +- .../subscribe_publish_sample.c | 2 +- tests/integration/include/aws_iot_config.h | 2 +- .../aws_iot_test_multithreading_validation.c | 2 +- tests/integration/src/aws_iot_test_auto_reconnect.c | 2 +- .../integration/src/aws_iot_test_basic_connectivity.c | 2 +- tests/integration/src/aws_iot_test_jobs_api.c | 2 +- tests/integration/src/aws_iot_test_multiple_clients.c | 2 +- tests/unit/include/aws_iot_config.h | 2 +- tests/unit/src/aws_iot_tests_unit_disconnect_helper.c | 2 +- 19 files changed, 28 insertions(+), 18 deletions(-) diff --git a/include/aws_iot_shadow_interface.h b/include/aws_iot_shadow_interface.h index 15c9bd2765..53b06cf096 100644 --- a/include/aws_iot_shadow_interface.h +++ b/include/aws_iot_shadow_interface.h @@ -51,7 +51,7 @@ extern "C" { */ typedef struct { char *pHost; ///< This will be unique to a customer and can be retrieved from the console - uint16_t port; ///< By default the port is 8883 + uint16_t port; ///< Network port for TCP/IP socket char *pRootCA; ///< Location with the Filename of the Root CA char *pClientCRT; ///< Location of Device certs signed by AWS IoT service char *pClientKey; ///< Location of Device private key diff --git a/platform/linux/mbedtls/network_mbedtls_wrapper.c b/platform/linux/mbedtls/network_mbedtls_wrapper.c index 75dc1db20d..7443d174b5 100644 --- a/platform/linux/mbedtls/network_mbedtls_wrapper.c +++ b/platform/linux/mbedtls/network_mbedtls_wrapper.c @@ -101,6 +101,7 @@ IoT_Error_t iot_tls_connect(Network *pNetwork, TLSConnectParams *params) { TLSDataParams *tlsDataParams = NULL; char portBuffer[6]; char vrfy_buf[512]; + const char *alpnProtocols[] = { "x-amzn-mqtt-ca", NULL }; #ifdef ENABLE_IOT_DEBUG unsigned char buf[MBEDTLS_DEBUG_BUFFER_SIZE]; @@ -202,6 +203,15 @@ IoT_Error_t iot_tls_connect(Network *pNetwork, TLSConnectParams *params) { mbedtls_ssl_conf_read_timeout(&(tlsDataParams->conf), pNetwork->tlsConnectParams.timeout_ms); + /* Use the AWS IoT ALPN extension for MQTT if port 443 is requested. */ + if(443 == pNetwork->tlsConnectParams.DestinationPort) { + if((ret = mbedtls_ssl_conf_alpn_protocols(&(tlsDataParams->conf), alpnProtocols)) != 0) { + IOT_ERROR(" failed\n ! mbedtls_ssl_conf_alpn_protocols returned -0x%x\n\n", -ret); + return SSL_CONNECTION_ERROR; + } + } + + /* Assign the resulting configuration to the SSL context. */ if((ret = mbedtls_ssl_setup(&(tlsDataParams->ssl), &(tlsDataParams->conf))) != 0) { IOT_ERROR(" failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", -ret); return SSL_CONNECTION_ERROR; diff --git a/samples/linux/jobs_sample/aws_iot_config.h b/samples/linux/jobs_sample/aws_iot_config.h index 8bd8a7dac0..3238ce1081 100644 --- a/samples/linux/jobs_sample/aws_iot_config.h +++ b/samples/linux/jobs_sample/aws_iot_config.h @@ -24,7 +24,7 @@ // Get from console // ================================================= #define AWS_IOT_MQTT_HOST "" ///< Customer specific MQTT HOST. The same will be used for Thing Shadow -#define AWS_IOT_MQTT_PORT 8883 ///< default port for MQTT/S +#define AWS_IOT_MQTT_PORT 443 ///< default port for MQTT/S #define AWS_IOT_MQTT_CLIENT_ID "c-sdk-client-id" ///< MQTT client ID should be unique for every device #define AWS_IOT_MY_THING_NAME "AWS-IoT-C-SDK" ///< Thing Name of the Shadow this device is associated with #define AWS_IOT_ROOT_CA_FILENAME "rootCA.crt" ///< Root CA file name diff --git a/samples/linux/shadow_sample/aws_iot_config.h b/samples/linux/shadow_sample/aws_iot_config.h index 62abce4a2a..8af3dd9697 100644 --- a/samples/linux/shadow_sample/aws_iot_config.h +++ b/samples/linux/shadow_sample/aws_iot_config.h @@ -24,7 +24,7 @@ // Get from console // ================================================= #define AWS_IOT_MQTT_HOST "" ///< Customer specific MQTT HOST. The same will be used for Thing Shadow -#define AWS_IOT_MQTT_PORT 8883 ///< default port for MQTT/S +#define AWS_IOT_MQTT_PORT 443 ///< default port for MQTT/S #define AWS_IOT_MQTT_CLIENT_ID "c-sdk-client-id" ///< MQTT client ID should be unique for every device #define AWS_IOT_MY_THING_NAME "AWS-IoT-C-SDK" ///< Thing Name of the Shadow this device is associated with #define AWS_IOT_ROOT_CA_FILENAME "rootCA.crt" ///< Root CA file name diff --git a/samples/linux/shadow_sample_console_echo/aws_iot_config.h b/samples/linux/shadow_sample_console_echo/aws_iot_config.h index 62abce4a2a..8af3dd9697 100644 --- a/samples/linux/shadow_sample_console_echo/aws_iot_config.h +++ b/samples/linux/shadow_sample_console_echo/aws_iot_config.h @@ -24,7 +24,7 @@ // Get from console // ================================================= #define AWS_IOT_MQTT_HOST "" ///< Customer specific MQTT HOST. The same will be used for Thing Shadow -#define AWS_IOT_MQTT_PORT 8883 ///< default port for MQTT/S +#define AWS_IOT_MQTT_PORT 443 ///< default port for MQTT/S #define AWS_IOT_MQTT_CLIENT_ID "c-sdk-client-id" ///< MQTT client ID should be unique for every device #define AWS_IOT_MY_THING_NAME "AWS-IoT-C-SDK" ///< Thing Name of the Shadow this device is associated with #define AWS_IOT_ROOT_CA_FILENAME "rootCA.crt" ///< Root CA file name diff --git a/samples/linux/subscribe_publish_cpp_sample/aws_iot_config.h b/samples/linux/subscribe_publish_cpp_sample/aws_iot_config.h index 62abce4a2a..8af3dd9697 100644 --- a/samples/linux/subscribe_publish_cpp_sample/aws_iot_config.h +++ b/samples/linux/subscribe_publish_cpp_sample/aws_iot_config.h @@ -24,7 +24,7 @@ // Get from console // ================================================= #define AWS_IOT_MQTT_HOST "" ///< Customer specific MQTT HOST. The same will be used for Thing Shadow -#define AWS_IOT_MQTT_PORT 8883 ///< default port for MQTT/S +#define AWS_IOT_MQTT_PORT 443 ///< default port for MQTT/S #define AWS_IOT_MQTT_CLIENT_ID "c-sdk-client-id" ///< MQTT client ID should be unique for every device #define AWS_IOT_MY_THING_NAME "AWS-IoT-C-SDK" ///< Thing Name of the Shadow this device is associated with #define AWS_IOT_ROOT_CA_FILENAME "rootCA.crt" ///< Root CA file name diff --git a/samples/linux/subscribe_publish_cpp_sample/subscribe_publish_cpp_sample.cpp b/samples/linux/subscribe_publish_cpp_sample/subscribe_publish_cpp_sample.cpp index 20fee197f1..29832a6f4b 100644 --- a/samples/linux/subscribe_publish_cpp_sample/subscribe_publish_cpp_sample.cpp +++ b/samples/linux/subscribe_publish_cpp_sample/subscribe_publish_cpp_sample.cpp @@ -62,7 +62,7 @@ void iot_subscribe_callback_handler(AWS_IoT_Client *pClient, char *topicName, ui IOT_UNUSED(pData); IOT_UNUSED(pClient); IOT_INFO("Subscribe callback"); - IOT_INFO("%.*s\t%.*s", topicNameLen, topicName, (int) params->payloadLen, params->payload); + IOT_INFO("%.*s\t%.*s", topicNameLen, topicName, (int) params->payloadLen, (char *) params->payload); } void disconnectCallbackHandler(AWS_IoT_Client *pClient, void *data) { diff --git a/samples/linux/subscribe_publish_library_sample/aws_iot_config.h b/samples/linux/subscribe_publish_library_sample/aws_iot_config.h index 62abce4a2a..8af3dd9697 100644 --- a/samples/linux/subscribe_publish_library_sample/aws_iot_config.h +++ b/samples/linux/subscribe_publish_library_sample/aws_iot_config.h @@ -24,7 +24,7 @@ // Get from console // ================================================= #define AWS_IOT_MQTT_HOST "" ///< Customer specific MQTT HOST. The same will be used for Thing Shadow -#define AWS_IOT_MQTT_PORT 8883 ///< default port for MQTT/S +#define AWS_IOT_MQTT_PORT 443 ///< default port for MQTT/S #define AWS_IOT_MQTT_CLIENT_ID "c-sdk-client-id" ///< MQTT client ID should be unique for every device #define AWS_IOT_MY_THING_NAME "AWS-IoT-C-SDK" ///< Thing Name of the Shadow this device is associated with #define AWS_IOT_ROOT_CA_FILENAME "rootCA.crt" ///< Root CA file name diff --git a/samples/linux/subscribe_publish_library_sample/subscribe_publish_library_sample.c b/samples/linux/subscribe_publish_library_sample/subscribe_publish_library_sample.c index b4c2929363..4602f319cc 100644 --- a/samples/linux/subscribe_publish_library_sample/subscribe_publish_library_sample.c +++ b/samples/linux/subscribe_publish_library_sample/subscribe_publish_library_sample.c @@ -62,7 +62,7 @@ void iot_subscribe_callback_handler(AWS_IoT_Client *pClient, char *topicName, ui IOT_UNUSED(pData); IOT_UNUSED(pClient); IOT_INFO("Subscribe callback"); - IOT_INFO("%.*s\t%.*s", topicNameLen, topicName, (int) params->payloadLen, params->payload); + IOT_INFO("%.*s\t%.*s", topicNameLen, topicName, (int) params->payloadLen, (char *) params->payload); } void disconnectCallbackHandler(AWS_IoT_Client *pClient, void *data) { diff --git a/samples/linux/subscribe_publish_sample/aws_iot_config.h b/samples/linux/subscribe_publish_sample/aws_iot_config.h index 62abce4a2a..8af3dd9697 100644 --- a/samples/linux/subscribe_publish_sample/aws_iot_config.h +++ b/samples/linux/subscribe_publish_sample/aws_iot_config.h @@ -24,7 +24,7 @@ // Get from console // ================================================= #define AWS_IOT_MQTT_HOST "" ///< Customer specific MQTT HOST. The same will be used for Thing Shadow -#define AWS_IOT_MQTT_PORT 8883 ///< default port for MQTT/S +#define AWS_IOT_MQTT_PORT 443 ///< default port for MQTT/S #define AWS_IOT_MQTT_CLIENT_ID "c-sdk-client-id" ///< MQTT client ID should be unique for every device #define AWS_IOT_MY_THING_NAME "AWS-IoT-C-SDK" ///< Thing Name of the Shadow this device is associated with #define AWS_IOT_ROOT_CA_FILENAME "rootCA.crt" ///< Root CA file name diff --git a/samples/linux/subscribe_publish_sample/subscribe_publish_sample.c b/samples/linux/subscribe_publish_sample/subscribe_publish_sample.c index 5d4e968dd1..a49d255076 100644 --- a/samples/linux/subscribe_publish_sample/subscribe_publish_sample.c +++ b/samples/linux/subscribe_publish_sample/subscribe_publish_sample.c @@ -62,7 +62,7 @@ void iot_subscribe_callback_handler(AWS_IoT_Client *pClient, char *topicName, ui IOT_UNUSED(pData); IOT_UNUSED(pClient); IOT_INFO("Subscribe callback"); - IOT_INFO("%.*s\t%.*s", topicNameLen, topicName, (int) params->payloadLen, params->payload); + IOT_INFO("%.*s\t%.*s", topicNameLen, topicName, (int) params->payloadLen, (char *) params->payload); } void disconnectCallbackHandler(AWS_IoT_Client *pClient, void *data) { diff --git a/tests/integration/include/aws_iot_config.h b/tests/integration/include/aws_iot_config.h index 2c80973a55..4683023cee 100644 --- a/tests/integration/include/aws_iot_config.h +++ b/tests/integration/include/aws_iot_config.h @@ -19,7 +19,7 @@ // Get from console // ================================================= #define AWS_IOT_MQTT_HOST "" ///< Customer specific MQTT HOST. The same will be used for Thing Shadow -#define AWS_IOT_MQTT_PORT 8883 ///< default port for MQTT/S +#define AWS_IOT_MQTT_PORT 443 ///< default port for MQTT/S #define AWS_IOT_MQTT_CLIENT_ID "c-sdk-client-id" ///< MQTT client ID should be unique for every device #define AWS_IOT_MY_THING_NAME "AWS-IoT-C-SDK" ///< Thing Name of the Shadow this device is associated with #define AWS_IOT_ROOT_CA_FILENAME "rootCA.crt" ///< Root CA file name diff --git a/tests/integration/multithreadingTest/aws_iot_test_multithreading_validation.c b/tests/integration/multithreadingTest/aws_iot_test_multithreading_validation.c index cee6ad2055..65baf10a9f 100644 --- a/tests/integration/multithreadingTest/aws_iot_test_multithreading_validation.c +++ b/tests/integration/multithreadingTest/aws_iot_test_multithreading_validation.c @@ -226,7 +226,7 @@ int aws_iot_mqtt_tests_multi_threading_validation() { IOT_DEBUG(" Root CA Path : %s\n clientCRT : %s\n clientKey : %s\n", root_CA, clientCRT, clientKey); initParams.pHostURL = AWS_IOT_MQTT_HOST; - initParams.port = 8883; + initParams.port = AWS_IOT_MQTT_PORT; initParams.pRootCALocation = root_CA; initParams.pDeviceCertLocation = clientCRT; initParams.pDevicePrivateKeyLocation = clientKey; diff --git a/tests/integration/src/aws_iot_test_auto_reconnect.c b/tests/integration/src/aws_iot_test_auto_reconnect.c index 140af676c1..8db0d00460 100644 --- a/tests/integration/src/aws_iot_test_auto_reconnect.c +++ b/tests/integration/src/aws_iot_test_auto_reconnect.c @@ -101,7 +101,7 @@ int aws_iot_mqtt_tests_auto_reconnect() { printf(" Root CA Path : %s\n clientCRT : %s\n clientKey : %s\n", root_CA, clientCRT, clientKey); IoT_Client_Init_Params initParams; initParams.pHostURL = AWS_IOT_MQTT_HOST; - initParams.port = 8883; + initParams.port = AWS_IOT_MQTT_PORT; initParams.pRootCALocation = root_CA; initParams.pDeviceCertLocation = clientCRT; initParams.pDevicePrivateKeyLocation = clientKey; diff --git a/tests/integration/src/aws_iot_test_basic_connectivity.c b/tests/integration/src/aws_iot_test_basic_connectivity.c index 217e06d827..9182635227 100644 --- a/tests/integration/src/aws_iot_test_basic_connectivity.c +++ b/tests/integration/src/aws_iot_test_basic_connectivity.c @@ -190,7 +190,7 @@ int aws_iot_mqtt_tests_basic_connectivity() { IOT_DEBUG("Root CA Path : %s\n clientCRT : %s\n clientKey : %s\n", root_CA, clientCRT, clientKey); initParams.pHostURL = AWS_IOT_MQTT_HOST; - initParams.port = 8883; + initParams.port = AWS_IOT_MQTT_PORT; initParams.pRootCALocation = root_CA; initParams.pDeviceCertLocation = clientCRT; initParams.pDevicePrivateKeyLocation = clientKey; diff --git a/tests/integration/src/aws_iot_test_jobs_api.c b/tests/integration/src/aws_iot_test_jobs_api.c index a7e4ce00d7..f8103deff9 100644 --- a/tests/integration/src/aws_iot_test_jobs_api.c +++ b/tests/integration/src/aws_iot_test_jobs_api.c @@ -191,7 +191,7 @@ int aws_iot_jobs_basic_test() { IOT_DEBUG("Root CA Path : %s\n clientCRT : %s\n clientKey : %s\n", root_CA, clientCRT, clientKey); initParams.pHostURL = AWS_IOT_MQTT_HOST; - initParams.port = 8883; + initParams.port = AWS_IOT_MQTT_PORT; initParams.pRootCALocation = root_CA; initParams.pDeviceCertLocation = clientCRT; initParams.pDevicePrivateKeyLocation = clientKey; diff --git a/tests/integration/src/aws_iot_test_multiple_clients.c b/tests/integration/src/aws_iot_test_multiple_clients.c index d017e4fbc1..6435ab6d37 100644 --- a/tests/integration/src/aws_iot_test_multiple_clients.c +++ b/tests/integration/src/aws_iot_test_multiple_clients.c @@ -66,7 +66,7 @@ static IoT_Error_t aws_iot_mqtt_tests_connect_client_to_service(AWS_IoT_Client * struct timeval start, end; initParams.pHostURL = AWS_IOT_MQTT_HOST; - initParams.port = 8883; + initParams.port = AWS_IOT_MQTT_PORT; initParams.pRootCALocation = rootCA; initParams.pDeviceCertLocation = clientCRT; initParams.pDevicePrivateKeyLocation = clientKey; diff --git a/tests/unit/include/aws_iot_config.h b/tests/unit/include/aws_iot_config.h index 248baede29..b75d6e3b40 100644 --- a/tests/unit/include/aws_iot_config.h +++ b/tests/unit/include/aws_iot_config.h @@ -24,7 +24,7 @@ // Get from console // ================================================= #define AWS_IOT_MQTT_HOST "localhost" -#define AWS_IOT_MQTT_PORT 8883 +#define AWS_IOT_MQTT_PORT 443 #define AWS_IOT_MQTT_CLIENT_ID "C-SDK_UnitTestClient" #define AWS_IOT_MY_THING_NAME "C-SDK_UnitTestThing" #define AWS_IOT_ROOT_CA_FILENAME "rootCA.crt" diff --git a/tests/unit/src/aws_iot_tests_unit_disconnect_helper.c b/tests/unit/src/aws_iot_tests_unit_disconnect_helper.c index 161a1e4786..681862b437 100644 --- a/tests/unit/src/aws_iot_tests_unit_disconnect_helper.c +++ b/tests/unit/src/aws_iot_tests_unit_disconnect_helper.c @@ -179,7 +179,7 @@ TEST_C(DisconnectTests, SetHandlerAndInvokedOnDisconnect) { IOT_DEBUG("-->Running Disconnect Tests - F:7 - Disconnect, with set handler and invoked on disconnect \n"); handlerInvoked = false; - InitMQTTParamsSetup(&initParams, "localhost", 8883, false, NULL); + InitMQTTParamsSetup(&initParams, "localhost", AWS_IOT_MQTT_PORT, false, NULL); rc = aws_iot_mqtt_init(&iotClient, &initParams); CHECK_EQUAL_C_INT(SUCCESS, rc);