mirrors
/
Tasmota
mirror of https://github.com/arendst/Tasmota.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MQTT add warning if trying to connect without TLS on a port that normally uses TLS (#22175)

This commit is contained in:
s-hadinger 2024-09-19 23:12:46 +02:00 committed by GitHub
parent f43d23e59a
commit be46b95d62
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -13,6 +13,7 @@ All notable changes to this project will be documented in this file.
- Support for RX8010 RTC as used in IOTTIMER (#21376)
- ESP8266 experimental support for second I2C bus
- Berry improve `int64` constructor
- MQTT add warning if trying to connect without TLS on a port that normally uses TLS
### Breaking Changed

17
tasmota/tasmota_xdrv_driver/xdrv_02_9_mqtt.ino
View File

@ -177,6 +177,19 @@ void MqttDisableLogging(bool state) {
TasmotaGlobal.masterlog_level = (Mqtt.disable_logging) ? LOG_LEVEL_DEBUG_MORE : LOG_LEVEL_NONE;
}
// The following emits a warning if the connection is non-TLS on a TLS port
// this makes troubleshooting easier
// This function is called only when a non-TLS connection is detected
void MqttNonTLSWarning(void) {
#ifndef FIRMWARE_MINIMAL // not needed in MINIMAL firmware
if ((443 == Settings->mqtt_port) ||
(8883 == Settings->mqtt_port ) ||
(8443 == Settings->mqtt_port)) {
AddLog(LOG_LEVEL_INFO, PSTR(D_LOG_MQTT "Warning non-TLS connection on TLS port %d"), Settings->mqtt_port);
}
#endif // FIRMWARE_MINIMAL
}
/*********************************************************************************************\
* MQTT driver specific code need to provide the following functions:
*
@ -253,9 +266,11 @@ void MqttInit(void) {
MqttClient.setClient(*tlsClient);
} else {
MqttClient.setClient(EspClient); // non-TLS
MqttNonTLSWarning();
}
#else // USE_MQTT_TLS
MqttClient.setClient(EspClient);
MqttNonTLSWarning();
#endif // USE_MQTT_TLS
MqttClient.setKeepAlive(Settings->mqtt_keepalive);
@ -1152,6 +1167,7 @@ void MqttReconnect(void) {
tlsClient->setDomainName(SettingsText(SET_MQTT_HOST)); // set domain name for TLS SNI (selection of certificate based on domain name)
} else {
MqttClient.setClient(EspClient);
MqttNonTLSWarning();
}
#ifdef USE_MQTT_AWS_IOT
// re-assign private keys in case it was updated in between
@ -1192,6 +1208,7 @@ void MqttReconnect(void) {
}
#else // No USE_MQTT_TLS
MqttClient.setClient(EspClient);
MqttNonTLSWarning();
#endif // USE_MQTT_TLS
char stopic[TOPSZ];