Fix reconnecting failing when MOSQ_OPT_TLS_USE_OS_CERTS was in use, but none
of capath, cafile, psk, nor MOSQ_OPT_SSL_CTX were set, and
MOSQ_OPT_SSL_CTX_WITH_DEFAULTS was set to the default value of true.
Closes#2288. Thanks to Poltorak Serguei.
This would occur if a client was using `mosquitto_loop_start()`, then if
the connection failed due to the remote server being inaccessible they
called `mosquitto_loop_stop(, true)` and recreated the mosquitto object.
See: https://www.eclipse.org/forums/index.php?t=rview&goto=1839865#msg_1839865
- Add `MOSQ_OPT_TLS_USE_OS_CERTS` option, to instruct the client to load and trust OS provided CA certificates for use with TLS connections.
- All clients now load OS provided CA certificates if used with `-L
mqtts://...`, or if port is set to 8883 and no other CA certificates are
used. Closes#1824.
- Add the `--tls-use-os-certs` option to all clients.
Closes#1824. Thanks to Jens Reimann.
Prior to this, duplicate entries could be added to the sock hash, which caused an infinite loop. Only affects bridges with bad settings on startup, and only when compiled using WITH_ADNS=yes.
Closes#1897. Thanks to Rodolfo Ochoa.
This allows a big swath of ifdefs to be removed. It also means savings as the db var is not passed around all of the time, and makes it easier to remove the final broker call to mosquitto_time() call in packet_mosq.c. In one test this reduced the calls to mosquitto_time() from 295k to 48k.
The `tls_version` option now defines the *minimum* TLS protocol version to
be used, rather than the exact version.
Closes#1258. Thanks to Daniele Sluijters.
Roger A. Light
Abilio Marques
Nikolay Raspopov