1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • 3rdp/build/cl-psk-only-client.patch src/sbbs3/mqtt_client.cpp mqtt_cli

    From Deuc¿@VERT to Git commit to main/sbbs/master on Sunday, May 10, 2026 13:19:50
    https://gitlab.synchro.net/main/sbbs/-/commit/9a5dbe39f855800ab3c100dc
    Added Files:
    3rdp/build/cl-psk-only-client.patch src/sbbs3/mqtt_client.cpp mqtt_client.h
    Modified Files:
    3rdp/build/CMakeLists-cl.txt CMakeLists.txt GNUmakefile src/sbbs3/js_mqtt.cpp main.cpp mqtt.c mqtt.h mqtt_broker.cpp mqtt_broker.h mqtt_broker_glue.cpp objects.mk src/sbbs3/qtmonitor/mqttclient.cpp mqttclient.h src/sbbs3/scfg/scfgnet.c src/sbbs3/ver.cpp
    Log Message:
    Add internal MQTT 5.0 client, fix broker user properties and PSK auth

    Internal MQTT 5.0 client (mqtt_client.h/.cpp):
    - Synchronous pump-based client sharing wire protocol with internal broker
    - TLS-PSK and certificate support via Cryptlib
    - Will message support for server disconnect detection
    - IPv6 support via getaddrinfo (iterates all resolved addresses)
    - PINGREQ keepalive (sent at keepalive/2 intervals when idle)
    - C-callable wrappers (mqtt5client_*) for use from mqtt.c
    - mqtt5client_read returns heap-allocated copy; mqtt5client_read_free
    frees from the same heap (safe across DLL boundaries)
    - PSK hex-decode for MQTT_TLS_PSK mode (scfg stores hex, Cryptlib needs raw)
    - Properties support on publish (threaded through to wire protocol)
    - SUBACK/PUBACK/PUBCOMP tracked via m_acked_pids; publish and subscribe
    break early on ack instead of burning full timeout
    - protocol_version validated (must be 5)
    - lprintf passed to ssl.c functions via pthread_once-initialized mutex

    Cryptlib patch (cl-psk-only-client.patch):
    - Client only offers PSK cipher suites when PSK credentials are set
    - Without this, Cryptlib client offers both cert and PSK suites; server
    prefers cert, PSK is never negotiated despite both sides having PSK
    - Added to GNUmakefile, CMakeLists.txt, and CMakeLists-cl.txt

    js_mqtt.cpp restructured:
    - Removed outer #if USE_MOSQUITTO gate; shared code with inline #ifdefs
    - #else path uses mqtt5::Client for TLS connections to remote brokers
    - Local client path for same-process internal broker (no TCP/TLS needed)
    - MQTT JS class always available regardless of USE_MOSQUITTO

    mqtt.c third path (no libmosquitto):
    - mqtt5client_* wrappers for connect/publish/subscribe/disconnect
    - Background pump thread for async message dispatch
    - Proper shutdown: mqtt->connected flag + pump_running join
    - Will message set to "DISCONNECTED" matching mosquitto path
    - mqtt_disconnect only sets connected=false in non-mosquitto path

    Internal broker fixes:
    - User properties threaded through local_publish and publish_sys
    - mqtt_lputs internal path now matches mosquitto: proper user properties
    on both log/{level} and aggregate log topics (was hacked tab-in-payload)
    - broker_lputs_adapter fixed similarly for $SYS/broker/log
    - Broker stops when last local client deregisters (was only static dtor)
    - shutdown() on listen socket before close to unblock accept thread
    - Auth rejection logging with specific reason

    qtmonitor:
    - Reads MQTT 5.0 user properties via QMqttSubscription::messageReceived
    - Falls back to splitTsvPayload when no user properties present
    - Works with both internal broker (user properties) and legacy (tab payload)

    Other:
    - MQTT JS class registered unconditionally (main.cpp)
    - mqtt_libver returns "mqtt5-internal" without mosquitto (ver.cpp)
    - SCFG: selecting Synchronet Broker TLS auto-sets port 8883 + version 5

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net