Problems staying connected with MQTT/TLS #2692
Replies: 1 comment 5 replies
-
I'm sorry, I don't really get what the problem is or might be. |
Beta Was this translation helpful? Give feedback.
5 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I am working on what I thought was a simple implementation of an auto reconnect from my MQTT secure client and I have run into 2 problems that I am having trouble fixing.
I am using Mongoose 7.11 with OpenSSL 3.0.12. I cannot yet go to Mongoose 7.12 or greater because other parts of my code rely on the removed CHUNK event. Otherwise I would try the latest Mongoose with my issue. My application can have many individual MQTT clients, all being managed by same Mongoose manager instance. Mosquitto is my MQTT broker.
I was able to get things working for the reconnect.
Issue 1: I then wanted to get more detailed TLS information, so I found the mg_tls_cb implementation in Mongoose 7.13 and patched my Mongoose to include the handling of that callback. I then sent the error message back to my application via a MG_EV_USER event initiated from within the OpenSSL callback. This seems to be working ok, but I have noticed that I don't always get the OpenSSL error for a failed connect attempt.
For example, I have one client trying to pass a bad certificate. The connection will fail, I will wait a few seconds then try the connection again. Sometimes I will get an appropriate message from OpenSSL, sometimes I will get nothing, the callback doesn't get invoked. It seems to depend on where in Mongoose it figures out that the connection failed. Sometimes I just get a 10054 or 10035 socket error, other times a full SSL reported error.
Issue 2: Things get even stranger when I run a stress test with 8 clients. 5 try to connect with assorted TLS issues, 3 connect just fine and start publish/subscribe operations. At random times, the connected MQTT clients will disconnect with the OpenSSL errors that other clients are intentionally failing with. If I get the 5 failing clients to all fail with non-TLS issues I don't seem to have this problem. This has me really baffled.
Any hints for what to investigate? I've already spent more than a week investigating this.
Thanks for any assistance.
Beta Was this translation helpful? Give feedback.
All reactions