MQTT TLS client certificates using NJS
Dušan Borovčanin
borovcanindusan1 at gmail.com
Thu Mar 14 18:10:00 UTC 2019
Hi,
I'm working on mutual authentication feature between MQTT client and
broker, and I follow these tutorials:
https://www.nginx.com/blog/nginx-plus-iot-load-balancing-mqtt and
https://www.nginx.com/blog/nginx-plus-iot-security-encrypt-authenticate-mqtt/#mqtt-client-certs.
However, the code examples are extremely out of date and this JavaScript
code does not work with recent versions of njs, so I've tried to write my
own code following your example from here:
https://gist.github.com/nginx-gists/0e93fe7813ec131fed8329d10ead70ea#file-mqtt-js
<https://gist.github.com/nginx-gists/0e93fe7813ec131fed8329d10ead70ea#file-mqtt-js>.
However, I can't figure out what is the possible replacement for the
following snippet:
if ( s.buffer.toString().length == 0 ) { // Initial calls may
> s.log("No buffer yet"); // contain no data, so
> return s.AGAIN; // ask that we get called again
} else if ( client_messages == 1 ) { // CONNECT is first packet from the
> client...
>From version 0.2.4, s.(OK, ABORT, AGAIN, DECLINED, ERROR) are replace with
s.(allow(), done(), decline()). In my case, the initial call does not
contain any data. In logs, I can see that I always read only 4 bytes of
data received from the client. So when I send, let say, 50 bytes of data,
an event is triggered, but data passed to `upload` callback is empty. Is
this a bug? Can I somehow trigger this callback again?
Best regards,
Dušan Borovčanin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20190314/17531d1c/attachment.html>
More information about the nginx-devel
mailing list