From e6cc320d192b217a1629ad05abdb9689fe434167 Mon Sep 17 00:00:00 2001
From: Andreas Granig <andreas@granig.com>
Date: Mon, 3 Oct 2022 21:41:14 +0200
Subject: [PATCH] Add TLS ALPN option to be set when connecting MQTT

This is required to be set to "mqtt" for instance when connecting
to the AWS IoT Core data endpoint at port 443 to indicate we're
sending MQTT, because in that case websocket and mqtt shares the same
port for whatever reason.
---
 daemon/main.c      | 1 +
 daemon/mqtt.c      | 8 ++++++++
 etc/rtpengine.conf | 1 +
 include/main.h     | 1 +
 4 files changed, 11 insertions(+)

diff --git a/daemon/main.c b/daemon/main.c
index fe630c7de..f4ef249b3 100644
--- a/daemon/main.c
+++ b/daemon/main.c
@@ -559,6 +559,7 @@ static void options(int *argc, char ***argv) {
 #ifdef HAVE_MQTT
 		{ "mqtt-host",0,0,	G_OPTION_ARG_STRING,	&rtpe_config.mqtt_host,	"Mosquitto broker host or address",	"HOST|IP"},
 		{ "mqtt-port",0,0,	G_OPTION_ARG_INT,	&rtpe_config.mqtt_port,	"Mosquitto broker port number",		"INT"},
+		{ "mqtt-tls-alpn",0,0,	G_OPTION_ARG_STRING,	&rtpe_config.mqtt_tls_alpn,	"Mosquitto broker TLS ALPN",	"STRING"},
 		{ "mqtt-id",0,0,	G_OPTION_ARG_STRING,	&rtpe_config.mqtt_id,	"Mosquitto client ID",			"STRING"},
 		{ "mqtt-keepalive",0,0,	G_OPTION_ARG_INT,	&rtpe_config.mqtt_keepalive,"Seconds between mosquitto keepalives","INT"},
 		{ "mqtt-user",0,0,	G_OPTION_ARG_STRING,	&rtpe_config.mqtt_user,	"Username for mosquitto auth",		"USERNAME"},
diff --git a/daemon/mqtt.c b/daemon/mqtt.c
index 8e310c9b5..587b179e3 100644
--- a/daemon/mqtt.c
+++ b/daemon/mqtt.c
@@ -61,6 +61,14 @@ static int mqtt_connect(void) {
 		}
 	}
 
+    if (rtpe_config.mqtt_tls_alpn) {
+		int ret = mosquitto_string_option(mosq, MOSQ_OPT_TLS_ALPN, rtpe_config.mqtt_tls_alpn);
+		if (ret != MOSQ_ERR_SUCCESS) {
+			ilog(LOG_ERR, "Failed to set mosquitto TLS ALPN options: %s", mosquitto_strerror(errno));
+			return -1;
+		}
+    }
+
 	ret = mosquitto_connect(mosq, rtpe_config.mqtt_host, rtpe_config.mqtt_port,
 			rtpe_config.mqtt_keepalive);
 	if (ret != MOSQ_ERR_SUCCESS) {
diff --git a/etc/rtpengine.conf b/etc/rtpengine.conf
index aa41dce5e..813507e6f 100644
--- a/etc/rtpengine.conf
+++ b/etc/rtpengine.conf
@@ -118,6 +118,7 @@ recording-method = proc
 
 # mqtt-host = localhost
 # mqtt-port = 1883
+# mqtt-tls-alpn = mqtt
 # mqtt-id =
 # mqtt-user = foo
 # mqtt-pass = bar
diff --git a/include/main.h b/include/main.h
index c5e3b051a..61260a774 100644
--- a/include/main.h
+++ b/include/main.h
@@ -135,6 +135,7 @@ struct rtpengine_config {
 	int			poller_per_thread;
 	char			*mqtt_host;
 	int			mqtt_port;
+	char			*mqtt_tls_alpn;
 	char			*mqtt_id;
 	int			mqtt_keepalive;
 	char			*mqtt_user;