Skip to content
Permalink
Browse files

net: mqtt: Modify SOCKS5 based connections

Current SOCKS5 based connections in mqtt are only
TCP (nonsecure) based. To support TLS based SOCKS5
connections, new methods needs to be introduced.

Instead, removed CONFIG_MQTT_LIB_SOCKS based implementation.
And now mqtt provides an api to set proxy
(mqtt_client_set_proxy()) details. That's enough,
socket layer will take care of making connections through
proxy server.

Fixes: #17037

Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
  • Loading branch information...
rveerama1 authored and jukkar committed Aug 1, 2019
1 parent 39ed77e commit 8e70bd6f489a4d4b7e5445e707b0a4f746006748
@@ -27,6 +27,7 @@
#include <zephyr.h>
#include <zephyr/types.h>
#include <net/tls_credentials.h>
#include <net/net_ip.h>
#include <sys/mutex.h>

#ifdef __cplusplus
@@ -349,11 +350,6 @@ enum mqtt_transport_type {
MQTT_TRANSPORT_SECURE,
#endif /* CONFIG_MQTT_LIB_TLS */

#if defined(CONFIG_MQTT_LIB_SOCKS)
/** Use SOCKS5 proxy for MQTT connection. */
MQTT_TRANSPORT_SOCKS,
#endif /* CONFIG_MQTT_LIB_SOCKS */

/** Shall not be used as a transport type.
* Indicator of maximum transport types possible.
*/
@@ -387,19 +383,14 @@ struct mqtt_transport {
struct mqtt_sec_config config;
} tls;
#endif /* CONFIG_MQTT_LIB_TLS */

#if defined(CONFIG_MQTT_LIB_SOCKS)
/* SOCKS5 proxy transport for MQTT */
struct {
/** Socket descriptor. */
int sock;

/** SOCKS5 proxy address. */
struct sockaddr_storage *proxy;
} socks5;
#endif /* CONFIG_MQTT_LIB_SOCKS */

};

#if defined(CONFIG_SOCKS)
struct {
struct sockaddr addr;
socklen_t addrlen;
} proxy;
#endif
};

/** @brief MQTT internal state. */
@@ -505,6 +496,24 @@ struct mqtt_client {
*/
void mqtt_client_init(struct mqtt_client *client);

#if defined(CONFIG_SOCKS)
/*
* @brief Set proxy server details
*
* @param[in] client Client instance for which the procedure is requested,
* Shall not be NULL.
* @param[in] proxy_addr Proxy server address.
* @param[in] addrlen Proxy server address length.
*
* @return 0 or a negative error code (errno.h) indicating reason of failure.
*
* @note Must be called before calling mqtt_connect().
*/
int mqtt_client_set_proxy(struct mqtt_client *client,
struct sockaddr *proxy_addr,
socklen_t addrlen);
#endif

/**
* @brief API to request new MQTT client connection.
*
@@ -14,7 +14,3 @@ zephyr_library_sources(
zephyr_library_sources_ifdef(CONFIG_MQTT_LIB_TLS
mqtt_transport_socket_tls.c
)

zephyr_library_sources_ifdef(CONFIG_MQTT_LIB_SOCKS
mqtt_transport_socks.c
)
@@ -32,10 +32,4 @@ config MQTT_LIB_TLS
help
Enable TLS support for socket MQTT Library

config MQTT_LIB_SOCKS
bool "SOCKS proxy support for socket MQTT Library"
select SOCKS
help
Enable SOCKS proxy support for socket MQTT Library

endif # MQTT_LIB
@@ -171,6 +171,26 @@ void mqtt_client_init(struct mqtt_client *client)
client->keepalive = MQTT_KEEPALIVE;
}

#if defined(CONFIG_SOCKS)
int mqtt_client_set_proxy(struct mqtt_client *client,
struct sockaddr *proxy_addr,
socklen_t addrlen)
{
if (IS_ENABLED(CONFIG_SOCKS)) {
if (!client || !proxy_addr) {
return -EINVAL;
}

client->transport.proxy.addrlen = addrlen;
memcpy(&client->transport.proxy.addr, proxy_addr, addrlen);

return 0;
}

return -ENOTSUP;
}
#endif

int mqtt_connect(struct mqtt_client *client)
{
int err_code;
@@ -29,11 +29,6 @@ extern int mqtt_client_tls_read(struct mqtt_client *client, u8_t *data,
extern int mqtt_client_tls_disconnect(struct mqtt_client *client);
#endif /* CONFIG_MQTT_LIB_TLS */

#if defined(CONFIG_MQTT_LIB_SOCKS)
/* Transport handler functions for SOCKS5 proxy socket transport. */
extern int mqtt_client_socks5_connect(struct mqtt_client *client);
#endif /* CONFIG_MQTT_LIB_SOCKS */

/**@brief Function pointer array for TCP/TLS transport handlers. */
const struct transport_procedure transport_fn[MQTT_TRANSPORT_NUM] = {
{
@@ -50,14 +45,6 @@ const struct transport_procedure transport_fn[MQTT_TRANSPORT_NUM] = {
mqtt_client_tls_disconnect,
},
#endif /* CONFIG_MQTT_LIB_TLS */
#if defined(CONFIG_MQTT_LIB_SOCKS)
{
mqtt_client_socks5_connect,
mqtt_client_tcp_write,
mqtt_client_tcp_read,
mqtt_client_tcp_disconnect,
},
#endif /* CONFIG_MQTT_LIB_SOCKS */
};

int mqtt_transport_connect(struct mqtt_client *client)
@@ -35,6 +35,18 @@ int mqtt_client_tcp_connect(struct mqtt_client *client)
return -errno;
}

#if defined(CONFIG_SOCKS)
if (client->transport.proxy.addrlen != 0) {
ret = setsockopt(client->transport.tcp.sock,
SOL_SOCKET, SO_SOCKS5,
&client->transport.proxy.addr,
client->transport.proxy.addrlen);
if (ret < 0) {
return -errno;
}
}
#endif

MQTT_TRC("Created socket %d", client->transport.tcp.sock);

size_t peer_addr_size = sizeof(struct sockaddr_in6);
@@ -38,6 +38,17 @@ int mqtt_client_tls_connect(struct mqtt_client *client)

MQTT_TRC("Created socket %d", client->transport.tls.sock);

#if defined(CONFIG_SOCKS)
if (client->transport.proxy.addrlen != 0) {
ret = setsockopt(client->transport.tls.sock,
SOL_SOCKET, SO_SOCKS5,
&client->transport.proxy.addr,
client->transport.proxy.addrlen);
if (ret < 0) {
return -errno;
}
}
#endif
/* Set secure socket options. */
ret = setsockopt(client->transport.tls.sock, SOL_TLS, TLS_PEER_VERIFY,
&tls_config->peer_verify,

This file was deleted.

0 comments on commit 8e70bd6

Please sign in to comment.
You can’t perform that action at this time.