MQTT TLS client certificates using NJS

Drasko DRASKOVIC drasko.draskovic at gmail.com
Thu Mar 14 18:14:01 UTC 2019


Hi all,
Dusan is refering to an issue https://github.com/nginx/njs/issues/111

BR,
Drasko

On Thu, Mar 14, 2019 at 7:10 PM Dušan Borovčanin
<borovcanindusan1 at gmail.com> wrote:
>
> Hi,
>
> I'm working on mutual authentication feature between MQTT client and broker, and I follow these tutorials: https://www.nginx.com/blog/nginx-plus-iot-load-balancing-mqtt and https://www.nginx.com/blog/nginx-plus-iot-security-encrypt-authenticate-mqtt/#mqtt-client-certs. However, the code examples are extremely out of date and this JavaScript code does not work with recent versions of njs, so I've tried to write my own code following your example from here: https://gist.github.com/nginx-gists/0e93fe7813ec131fed8329d10ead70ea#file-mqtt-js. However, I can't figure out what is the possible replacement for the following snippet:
>
>> if ( s.buffer.toString().length == 0 ) { // Initial calls may
>> s.log("No buffer yet"); // contain no data, so
>> return s.AGAIN; // ask that we get called again
>>
>> } else if ( client_messages == 1 ) { // CONNECT is first packet from the client...
>
> From version 0.2.4, s.(OK, ABORT, AGAIN, DECLINED, ERROR) are replace with s.(allow(), done(), decline()). In my case, the initial call does not contain any data. In logs, I can see that I always read only 4 bytes of data received from the client. So when I send, let say, 50 bytes of data, an event is triggered, but data passed to `upload` callback is empty. Is this a bug? Can I somehow trigger this callback again?
>
> Best regards,
> Dušan Borovčanin
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel


More information about the nginx-devel mailing list