paho.mqtt.c icon indicating copy to clipboard operation
paho.mqtt.c copied to clipboard

Published 20 hours ago verified publisher icon eclipse

Add public key pinning

Open DBL2017 opened this issue 10 months ago • 1 comments

Added a configuration item called “publicKey” to represent the server’s public key, which is used for pinning the server certificate with a public key.

DBL2017 avatar Apr 26 '24 11:04 DBL2017

Actually, this might be nice to have.

But, unfortunately, one thing you missed is how the library handles modifications to the public data structures, particularly the options like MQTTAsync_SSLOptions.

Basically, you should preserve the pre-existing binary layout; so only add new elements to the end of the struct. Then update the structure version number, and only access the new elements in the code if the in-memory struct has a version greater-than or equal to the version where you added the new elements.

But be careful when doing this. The current version number of the structs is hard-coded at a few places in the code. This should probably be fixed with some #define constants, but at the moment this is the way.

There's a similar discussion of this in another pending PR: https://github.com/eclipse/paho.mqtt.c/pull/1463#issuecomment-2061196076

fpagliughi avatar Jul 07 '24 16:07 fpagliughi