MQTT with TLS - Deinitialise the openssl library

[Sriram Iyyappan Mamandoor Pandurangan]

Hi All,

I am using mosquitto-2.0.12 client with TLS. This client connects to AWS Active/Standby Broker. Client uses openssl-1.0.2j

I am facing below issue

- Client connects to Active Host 
- Client publishes the data to Broker
- Active & Standby both goes down
- Client receives no connection to Active Host
- Client retries to Standby 
- Client receives no connection to Standby
- Client cleans up using mosquitto_destroy
- openssl library is getting de-initialised and other applications running on the same machine where unable to initiate TLS connections 

Any inputs from anyone for above issue.

regards,

Sriram I

[Sriram Iyyappan Mamandoor Pandurangan]

Missing socketpair initialization in client library #2326 fix is available in 2.0.13 version.

I have upgraded the client to 2.0.15 version. Still i see unknown behavior on host applications on calling mosquitto_destroy multiple times. Currently i see other host applications are loosing their openssl contexts and unable to communicate via HTTPS

[Roger Light]

Hi Sriram,

The mosquitto client library only cleans up the openssl library it is using when mosquitto_lib_cleanup() is called. Are you sure you aren't calling that when your client is cleaning up? If you are sure that isn't the case, please provide a minimal example that shows this behaviour so I can try to reproduce it.

In case you aren't aware, openssl 1.0.2 has been out of support for over three years now, unless you are paying for support. You should upgrade to use openssl 3.0.

Regards,

Roger

--
To learn more about MQTT see https://mqtt.org
---
You received this message because you are subscribed to the Google Groups "MQTT" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mqtt+uns...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/mqtt/9fc5ede6-46a1-49f5-ade4-00e0bef7c0c6n%40googlegroups.com.

[Sriram Iyyappan Mamandoor Pandurangan]

Hi Roger,

Yes my code does not call mosquitto_lib_cleanup().

I have attached the sample code for your reference. 

This sample code is integrated into a host where other applications also run which uses TLS connection.

Step 1:

Below method is called only once after the host system is up

mosquitto_lib_init(); 

Step 2:

Below methods are called before publishing data to broker

mosquitto_new

mosquitto_connect_callback_set
mosquitto_disconnect_callback_set
mosquitto_publish_callback_set
mosquitto_username_pw_set

mosquitto_tls_opts_set

mosquitto_tls_set

mosquitto_tls_insecure_set

mosquitto_connect

Step 3:

To publish data, below methods are called

mosquitto_loop_start

mosquitto_publish

Step 4:

Whenever configuration is getting changed/any connection errors/broker not reachable etc, below method is called

mosquitto_destroy

So below is the sequence

Step 1 - Only once

Step 2 - Initially called later after Step 4

Step 3 - This step will be active always. Because system is streaming the data to broker

Step 4 - Called during error cases. Then goes to Step 2

In my system Step 4 is happening very frequently, due to that Step 2-> Step 3->Step 4 sequence is happening more often.

During the execution of above sequence other applications are not able to send data over HTTPS to external servers due to SSL Context and later system moves into unknown behavior.

regards,

Sriram I