Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [paho-dev] mqttv5 enhanced authentication with paho

Sorry for the delay in replying.  There is no plan at the moment as far as I'm aware.  I'm busy on other things (and partly retired!).  Some options:

- write it yourself and open a PR (let me know if you do).  This should include a test in the test_mqttv5.py file.

- find or encourage someone else to do so.

- encourage me to do so by sponsoring me on Github sponsors.


On 07/04/2021 15:13, Davide Ambrosi wrote:
ok, I understand. Will it be released soon, or it is not planned yet?

At the moment I'm using the latest version of mosquitto as a broker, it claims to have complete MQTTv5 support. I saw in the source code that the code to handle AUTH packets is present, but I wasn't able to make it work.

From the MQTTv5 specifications I found the following information:

·         Client to Server: CONNECT Authentication Method="SCRAM-SHA-1" Authentication Data=""

·         Server to Client: AUTH rc=0x18 Authentication Method="SCRAM-SHA-1" Authentication Data="">

·         Client to Server AUTH rc=0x18 Authentication Method="SCRAM-SHA-1" Authentication Data="">

·         Server to Client CONNACK rc=0 Authentication Method="SCRAM-SHA-1" Authentication Data="">


So I've tried to test it in mosquitto, but it doesn't recognize the authentication method (neither with GS2-KRB5):
$> mosquitto_pub -V 5 -t 'test' -m 'ok' -D CONNECT authentication-method SCRAM-SHA-1
Connection error: Bad authentication method
Error: A network protocol error occurred when communicating with the broker.

The only broker that I've found which clearly claims to support MQTTv5 enhance authentication is HiveMQ, but I didn't test it yet since I don't have a working client with that feature.

Thank you.

Il giorno mer 7 apr 2021 alle ore 14:58 Ian Craggs <icraggs@xxxxxxxxxxxxxxxxxxxxxxx> ha scritto:

I think that's one of the outstanding items for MQTT 5.0 in the Python client.  Possibly the only thing outstanding.  One of the reasons is that I didn't, at the time, have a good understanding of how it might be used.

Are you connecting to a broker with such support?  If so, what is it, and what sort of authentication mechanism?

On 06/04/2021 19:39, Davide Ambrosi wrote:
Hi everyone,

I'm currently developing an MQTT application, but I'm not able to find a way to implement the enhanced authentication mechanism of MQTT v5.

Some context: I'm using the latest version of mosquitto as broker, and paho in python as client, with the following syntax to connect the client:

client = mqtt.Client("client1".encode("utf-8"), protocol=mqtt.MQTTv5)
callback = Callbacks()
callback.register(client)
client.connect("127.0.0.1", port=1883, keepalive=60)

The desired result is to use the AUTH packets among the CONNECT and CONNACK messages to perform a mutual authentication between the client and the broker, but from the paho documentation I'm not able to find anything about it.
Do you know if it is possible? If so do you have a reference for it?

Thank you in advance.

_______________________________________________
paho-dev mailing list
paho-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/paho-dev
-- 
Ian Craggs
Eclipse IoT PMC; Eclipse Paho Project Lead; OASIS MQTT TC Member
_______________________________________________
paho-dev mailing list
paho-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/paho-dev

_______________________________________________
paho-dev mailing list
paho-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/paho-dev
-- 
Ian Craggs
Eclipse IoT PMC; Eclipse Paho Project Lead; OASIS MQTT TC Member

Back to the top