net: mqtt: Modify SOCKS5 based connections
Current SOCKS5 based connections in mqtt are only TCP (nonsecure) based. To support TLS based SOCKS5 connections, new methods needs to be introduced. Instead, removed CONFIG_MQTT_LIB_SOCKS based implementation. And now mqtt provides an api to set proxy (mqtt_client_set_proxy()) details. That's enough, socket layer will take care of making connections through proxy server. Fixes: #17037 Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@linux.intel.com>
This commit is contained in:
Ravi kumar Veeramally
Jukka Rissanen
parent
39ed77e438
commit
8e70bd6f48
|
|
@ -27,6 +27,7 @@
|
|||
#include <zephyr.h>
|
||||
#include <zephyr/types.h>
|
||||
#include <net/tls_credentials.h>
|
||||
#include <net/net_ip.h>
|
||||
#include <sys/mutex.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
@ -349,11 +350,6 @@ enum mqtt_transport_type {
|
|||
MQTT_TRANSPORT_SECURE,
|
||||
#endif /* CONFIG_MQTT_LIB_TLS */
|
||||
|
||||
#if defined(CONFIG_MQTT_LIB_SOCKS)
|
||||
/** Use SOCKS5 proxy for MQTT connection. */
|
||||
MQTT_TRANSPORT_SOCKS,
|
||||
#endif /* CONFIG_MQTT_LIB_SOCKS */
|
||||
|
||||
/** Shall not be used as a transport type.
|
||||
* Indicator of maximum transport types possible.
|
||||
*/
|
||||
|
|
@ -387,19 +383,14 @@ struct mqtt_transport {
|
|||
struct mqtt_sec_config config;
|
||||
} tls;
|
||||
#endif /* CONFIG_MQTT_LIB_TLS */
|
||||
|
||||
#if defined(CONFIG_MQTT_LIB_SOCKS)
|
||||
/* SOCKS5 proxy transport for MQTT */
|
||||
struct {
|
||||
/** Socket descriptor. */
|
||||
int sock;
|
||||
|
||||
/** SOCKS5 proxy address. */
|
||||
struct sockaddr_storage *proxy;
|
||||
} socks5;
|
||||
#endif /* CONFIG_MQTT_LIB_SOCKS */
|
||||
|
||||
};
|
||||
|
||||
#if defined(CONFIG_SOCKS)
|
||||
struct {
|
||||
struct sockaddr addr;
|
||||
socklen_t addrlen;
|
||||
} proxy;
|
||||
#endif
|
||||
};
|
||||
|
||||
/** @brief MQTT internal state. */
|
||||
|
|
@ -505,6 +496,24 @@ struct mqtt_client {
|
|||
*/
|
||||
void mqtt_client_init(struct mqtt_client *client);
|
||||
|
||||
#if defined(CONFIG_SOCKS)
|
||||
/*
|
||||
* @brief Set proxy server details
|
||||
*
|
||||
* @param[in] client Client instance for which the procedure is requested,
|
||||
* Shall not be NULL.
|
||||
* @param[in] proxy_addr Proxy server address.
|
||||
* @param[in] addrlen Proxy server address length.
|
||||
*
|
||||
* @return 0 or a negative error code (errno.h) indicating reason of failure.
|
||||
*
|
||||
* @note Must be called before calling mqtt_connect().
|
||||
*/
|
||||
int mqtt_client_set_proxy(struct mqtt_client *client,
|
||||
struct sockaddr *proxy_addr,
|
||||
socklen_t addrlen);
|
||||
#endif
|
||||
|
||||
/**
|
||||
* @brief API to request new MQTT client connection.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -14,7 +14,3 @@ zephyr_library_sources(
|
|||
zephyr_library_sources_ifdef(CONFIG_MQTT_LIB_TLS
|
||||
mqtt_transport_socket_tls.c
|
||||
)
|
||||
|
||||
zephyr_library_sources_ifdef(CONFIG_MQTT_LIB_SOCKS
|
||||
mqtt_transport_socks.c
|
||||
)
|
||||
|
|
|
|||
|
|
@ -32,10 +32,4 @@ config MQTT_LIB_TLS
|
|||
help
|
||||
Enable TLS support for socket MQTT Library
|
||||
|
||||
config MQTT_LIB_SOCKS
|
||||
bool "SOCKS proxy support for socket MQTT Library"
|
||||
select SOCKS
|
||||
help
|
||||
Enable SOCKS proxy support for socket MQTT Library
|
||||
|
||||
endif # MQTT_LIB
|
||||
|
|
|
|||
|
|
@ -171,6 +171,26 @@ void mqtt_client_init(struct mqtt_client *client)
|
|||
client->keepalive = MQTT_KEEPALIVE;
|
||||
}
|
||||
|
||||
#if defined(CONFIG_SOCKS)
|
||||
int mqtt_client_set_proxy(struct mqtt_client *client,
|
||||
struct sockaddr *proxy_addr,
|
||||
socklen_t addrlen)
|
||||
{
|
||||
if (IS_ENABLED(CONFIG_SOCKS)) {
|
||||
if (!client || !proxy_addr) {
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
client->transport.proxy.addrlen = addrlen;
|
||||
memcpy(&client->transport.proxy.addr, proxy_addr, addrlen);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
return -ENOTSUP;
|
||||
}
|
||||
#endif
|
||||
|
||||
int mqtt_connect(struct mqtt_client *client)
|
||||
{
|
||||
int err_code;
|
||||
|
|
|
|||
|
|
@ -29,11 +29,6 @@ extern int mqtt_client_tls_read(struct mqtt_client *client, u8_t *data,
|
|||
extern int mqtt_client_tls_disconnect(struct mqtt_client *client);
|
||||
#endif /* CONFIG_MQTT_LIB_TLS */
|
||||
|
||||
#if defined(CONFIG_MQTT_LIB_SOCKS)
|
||||
/* Transport handler functions for SOCKS5 proxy socket transport. */
|
||||
extern int mqtt_client_socks5_connect(struct mqtt_client *client);
|
||||
#endif /* CONFIG_MQTT_LIB_SOCKS */
|
||||
|
||||
/**@brief Function pointer array for TCP/TLS transport handlers. */
|
||||
const struct transport_procedure transport_fn[MQTT_TRANSPORT_NUM] = {
|
||||
{
|
||||
|
|
@ -50,14 +45,6 @@ const struct transport_procedure transport_fn[MQTT_TRANSPORT_NUM] = {
|
|||
mqtt_client_tls_disconnect,
|
||||
},
|
||||
#endif /* CONFIG_MQTT_LIB_TLS */
|
||||
#if defined(CONFIG_MQTT_LIB_SOCKS)
|
||||
{
|
||||
mqtt_client_socks5_connect,
|
||||
mqtt_client_tcp_write,
|
||||
mqtt_client_tcp_read,
|
||||
mqtt_client_tcp_disconnect,
|
||||
},
|
||||
#endif /* CONFIG_MQTT_LIB_SOCKS */
|
||||
};
|
||||
|
||||
int mqtt_transport_connect(struct mqtt_client *client)
|
||||
|
|
|
|||
|
|
@ -35,6 +35,18 @@ int mqtt_client_tcp_connect(struct mqtt_client *client)
|
|||
return -errno;
|
||||
}
|
||||
|
||||
#if defined(CONFIG_SOCKS)
|
||||
if (client->transport.proxy.addrlen != 0) {
|
||||
ret = setsockopt(client->transport.tcp.sock,
|
||||
SOL_SOCKET, SO_SOCKS5,
|
||||
&client->transport.proxy.addr,
|
||||
client->transport.proxy.addrlen);
|
||||
if (ret < 0) {
|
||||
return -errno;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
MQTT_TRC("Created socket %d", client->transport.tcp.sock);
|
||||
|
||||
size_t peer_addr_size = sizeof(struct sockaddr_in6);
|
||||
|
|
|
|||
|
|
@ -38,6 +38,17 @@ int mqtt_client_tls_connect(struct mqtt_client *client)
|
|||
|
||||
MQTT_TRC("Created socket %d", client->transport.tls.sock);
|
||||
|
||||
#if defined(CONFIG_SOCKS)
|
||||
if (client->transport.proxy.addrlen != 0) {
|
||||
ret = setsockopt(client->transport.tls.sock,
|
||||
SOL_SOCKET, SO_SOCKS5,
|
||||
&client->transport.proxy.addr,
|
||||
client->transport.proxy.addrlen);
|
||||
if (ret < 0) {
|
||||
return -errno;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
/* Set secure socket options. */
|
||||
ret = setsockopt(client->transport.tls.sock, SOL_TLS, TLS_PEER_VERIFY,
|
||||
&tls_config->peer_verify,
|
||||
|
|
|
|||
|
|
@ -1,47 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 2019 Antmicro Ltd
|
||||
*
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*/
|
||||
|
||||
/** @file mqtt_transport_socks.c
|
||||
*
|
||||
* @brief Internal functions to handle transport over SOCKS5 proxy.
|
||||
*/
|
||||
|
||||
#include <logging/log.h>
|
||||
LOG_MODULE_REGISTER(net_mqtt_socks, CONFIG_MQTT_LOG_LEVEL);
|
||||
|
||||
#include <errno.h>
|
||||
#include <net/socket.h>
|
||||
#include <net/socks.h>
|
||||
#include <net/mqtt.h>
|
||||
|
||||
#include "mqtt_os.h"
|
||||
|
||||
/**@brief Handles connect request for TCP socket transport.
|
||||
*
|
||||
* @param[in] client Identifies the client on which the procedure is requested.
|
||||
*
|
||||
* @retval 0 or an error code indicating reason for failure.
|
||||
*/
|
||||
int mqtt_client_socks5_connect(struct mqtt_client *client)
|
||||
{
|
||||
const struct sockaddr *broker = client->broker;
|
||||
const struct sockaddr *proxy =
|
||||
(struct sockaddr *)client->transport.socks5.proxy;
|
||||
|
||||
if (proxy == NULL || broker == NULL) {
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
client->transport.socks5.sock =
|
||||
socks5_client_tcp_connect(proxy, broker);
|
||||
|
||||
if (client->transport.socks5.sock < 0) {
|
||||
return client->transport.socks5.sock;
|
||||
}
|
||||
|
||||
MQTT_TRC("Connect completed");
|
||||
return 0;
|
||||
}
|
||||
Loading…
Reference in a new issue