Allow users to disable MQTT encryption

e.g. for local MQTT on port 1883 encryption will be on by default

Allow users to disable MQTT encryption
e.g. for local MQTT on port 1883 encryption will be on by default
b1e0c365 · Eric Duminil · da1f41c0 · b1e0c365 · b1e0c365 · b1e0c365
Commit b1e0c365 authored 3 years ago by Eric Duminil
Hide whitespace changes
Inline Side-by-side

Showing

with 22 additions and 4 deletions
+22 -4
--- a/ampel-firmware/config.public.h
+++ b/ampel-firmware/config.public.h
@@ -112,6 +112,7 @@
 #  define MQTT_SENDING_INTERVAL 60 // [s]
 #  define MQTT_SERVER "test.mosquitto.org"  // MQTT server URL or IP address
 #  define MQTT_PORT 8883
+#  define MQTT_ENCRYPTED true // Set to false for unencrypted MQTT (e.g. with port 1883). If undefined, MQTT_ENCRYPTED will be set to true.
 #  define MQTT_USER ""
 #  define MQTT_PASSWORD ""


--- a/ampel-firmware/mqtt.cpp
+++ b/ampel-firmware/mqtt.cpp
@@ -12,10 +12,16 @@ namespace config {
  const bool allow_mqtt_commands = ALLOW_MQTT_COMMANDS;
  const unsigned long wait_after_fail = 900; // [s] Wait 15 minutes after an MQTT connection fail, before trying again.
 }
-#if defined(ESP32)
-#  include <WiFiClientSecure.h>
-#endif
+
+#if MQTT_ENCRYPTED
+#  if defined(ESP32)
+#    include <WiFiClientSecure.h>
+#  endif
 WiFiClientSecure espClient;
+#else
+WiFiClient espClient;
+#endif
+
 PubSubClient mqttClient(espClient);

 namespace mqtt {
@@ -30,9 +36,11 @@ namespace mqtt {
  void initialize(const char *sensorId) {
    json_sensor_format = PSTR("{\"time\":\"%s\", \"co2\":%d, \"temp\":%.1f, \"rh\":%.1f}");
    snprintf(publish_topic, sizeof(publish_topic), "CO2sensors/%s", sensorId);
+#if MQTT_ENCRYPTED
    // The sensor doesn't check the fingerprint of the MQTT broker, because otherwise this fingerprint should be updated
    // on the sensor every 3 months. The connection can still be encrypted, though:
    espClient.setInsecure(); // If not available for ESP32, please update Arduino IDE / PlatformIO
+#endif
    mqttClient.setServer(config::mqtt_server, config::mqtt_port);

    sensor_console::defineIntCommand("mqtt", setMQTTinterval, F("60 (Sets MQTT sending interval, in s)"));
@@ -91,7 +99,12 @@ namespace mqtt {
      // No WIFI
      return;
    }
-    Serial.print(F("MQTT - Attempting connection..."));
+
+    Serial.print(F("MQTT - Attempting connection ("));
+    Serial.print(MQTT_ENCRYPTED ? F("Encrypted") : F("Unencrypted"));
+    Serial.print(F(", port "));
+    Serial.print(MQTT_PORT);
+    Serial.print(F(") ..."));

    led_effects::onBoardLEDOn();
    // Wait for connection, at most 15s (default)

--- a/ampel-firmware/mqtt.h
+++ b/ampel-firmware/mqtt.h
@@ -8,6 +8,10 @@
 #include "src/lib/PubSubClient/src/PubSubClient.h"
 #include "wifi_util.h"

+#if !defined(MQTT_ENCRYPTED)
+#  define MQTT_ENCRYPTED true // Old config files might not define it, and encryption was on by default.
+#endif
+
 namespace config {
  extern uint16_t mqtt_sending_interval; // [s]
 }