|Re: [paho-dev] Using m2m.eclipse.org for running Paho tests|
Hi Ian, That's great, it makes a lot of sense. Having a separate broker instance for testing is definitely a good idea as well! We should probably move the ports the tests use so that they don't use 8883 to avoid potential future problems if we allow TLS connections on m2m.eclipse.org. Mosquitto uses the default ciphers that openssl makes available. You can see this list with "openssl ciphers -v", or "openssl ciphers -v 'DEFAULT:!aNULL:!eNULL", which is confusingly the set of options that are used by default. ADH-DES-CBC-SHA is part of the aNULL (null authentication, as you say) cipher group so it isn't available by default. You can configure the available ciphers with the "ciphers" option in the config file, but you'd also have to argue quite hard to convince me that providing support for weak anonymous ciphers was a good idea. I'm inclined to disable more weak ciphers by default, as discussed in this Python bug report: http://bugs.python.org/issue13636 Cheers, Roger On Fri, Aug 9, 2013 at 4:51 PM, Ian Craggs <icraggs@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > Hi Roger, > > Benjamin is happy for us to use m2m.eclipse.org to run an MQTT server to run > Paho tests against. The tests use a variety of SSL configuration on four > ports (currently 8883 to 8886) in addition to 1883. > > We could use the same instance of Mosquitto as is running now, or a separate > instance for added stability. I just imagined that random use of the > sandbox server could interfere with the Paho tests, and that a separate > instance would give us more reliable tests. > > What do you think? > > Ian > > P.S. My SSL C client tests are working against Mosquitto with the exception > of anonymous ciphers (attempting to use ADH-DES-CBC-SHA). Anything special > to consider?
Back to the top