CLI tools cannot use an OpenSSL engine

Open chessing-c4 opened this issue 3 years ago • 0 comments

It is not possible to use an OpenSSL engine with the CLI tools included with Mosquitto.

In mosquitto_string_option() in options.c, there is a call to ENGINE_by_id() that will always fail because OpenSSL isn't initialized until we call connect.

Commenting out the ENGINE_by_id() call (and related) in options.c, and just having it copy the engine name in to the mosq->tls_engine member, and returning success is all that is necessary to get it working. This seems to align with the other string options handled in that file, but does remove the check to see if the engine is valid.

I have verified that this problem exists at least in versions 2.0.10 through 2.0.14.

May 16 '22 18:05 chessing-c4