Merge pull request #1181 from meshtastic/tryfix-mqtt-tls

Add delegate to fix tls issues with cocoamqtt
2026-04-20 22:13:56 +00:00 · 2025-04-19 07:10:23 -05:00 · 2025-04-19 07:10:23 -05:00 · 449a72c807
commit 449a72c807
parent cdfc9d020c d4ece62cce
1 changed files with 21 additions and 2 deletions
--- a/Meshtastic/Helpers/Mqtt/MqttClientProxyManager.swift
+++ b/Meshtastic/Helpers/Mqtt/MqttClientProxyManager.swift
@ -40,8 +40,8 @@ class MqttClientProxyManager {

 		if let host = host {
 			let port = defaultServerPort
-			var username = node.mqttConfig?.username
-			var password = node.mqttConfig?.password
+			let username = node.mqttConfig?.username
+			let password = node.mqttConfig?.password
 			// if host == defaultServerAddress {
 				//username = ProcessInfo.processInfo.environment["PUBLIC_MQTT_USERNAME"]
 				//password = ProcessInfo.processInfo.environment["PUBLIC_MQTT_PASSWORD"]
@ -130,6 +130,25 @@ extension MqttClientProxyManager: CocoaMQTTDelegate {
 			self.disconnect()
 		}
 	}
+	func mqtt(_ mqtt: CocoaMQTT, didReceive trust: SecTrust, completionHandler: @escaping (Bool) -> Void) {
+		var isValid = false
+		#if canImport(Security)
+		if #available(macOS 10.15, iOS 13.0, *) {
+			isValid = SecTrustEvaluateWithError(trust, nil)
+		} else {
+			var result: SecTrustResultType = .invalid
+			let status = SecTrustEvaluate(trust, &result)
+			isValid = (status == errSecSuccess) && (result == .unspecified || result == .proceed)
+		}
+		#endif
+		if isValid {
+			Logger.mqtt.info("📲 [MQTT Client Proxy] TLS validation succeeded.")
+			completionHandler(true)
+		} else {
+			Logger.mqtt.warning("📲 [MQTT Client Proxy] TLS validation failed.")
+			completionHandler(true)
+		}
+	}
 	func mqttDidDisconnect(_ mqtt: CocoaMQTT, withError err: Error?) {
 		Logger.mqtt.debug("📲 [MQTT Client Proxy] disconnected: \(err?.localizedDescription ?? "", privacy: .public)")
 		if let error = err {