Added support for TLS ALPN to connect via MQTT protocol to a TLS encrypted HTTP port 443 (#181)

jonofe · web-flow · commit 82581417df4f · 2024-04-24T16:24:36.000Z
* Update ConnectionSettings.php

added TLS ALPN option

* Update MqttClient.php

Added TLS ALPN option to the TLS options

* Update MqttClient.php

* Update README.md

Added TLS ALPN to the ConnectSettings options
diff --git a/README.md b/README.md
@@ -243,6 +243,10 @@ $connectionSettings = (new \PhpMqtt\Client\ConnectionSettings)
     // This option requires ConnectionSettings::setTlsClientCertificateFile() and
     // ConnectionSettings::setTlsClientCertificateKeyFile() to be used as well.
     ->setTlsClientCertificateKeyPassphrase(null);
+
+     // The TLS ALPN is used to establish a TLS encrypted mqtt connection on port 443,
+     // which usually is reserved for TLS encrypted HTTP traffic.
+     ->setTlsAlpn(null);
 ```
 
 ## Features
diff --git a/src/ConnectionSettings.php b/src/ConnectionSettings.php
@@ -37,6 +37,7 @@ class ConnectionSettings
     private ?string $tlsClientCertificateFile          = null;
     private ?string $tlsClientCertificateKeyFile       = null;
     private ?string $tlsClientCertificateKeyPassphrase = null;
+    private ?string $tlsAlpn                           = null;
 
     /**
      * The username used for authentication when connecting to the broker.
@@ -531,4 +532,25 @@ public function getTlsClientCertificateKeyPassphrase(): ?string
     {
         return $this->tlsClientCertificateKeyPassphrase;
     }
+
+    /**
+     * The TLS ALPN is used to establish a TLS encrypted mqtt connection on port 443,
+     * which usually is reserved for TLS encrypted HTTP traffic.
+     *
+     * @return ConnectionSettings A copy of the original object with the new setting applied.
+     */
+    public function setTlsAlpn(?string $tlsAlpn): ConnectionSettings
+    {
+        $copy = clone $this;
+
+        $copy->tlsAlpn = $tlsAlpn;
+
+        return $copy;
+    }
+
+    public function getTlsAlpn(): ?string
+    {
+        return $this->tlsAlpn;
+    }
+
 }
diff --git a/src/MqttClient.php b/src/MqttClient.php
@@ -197,6 +197,10 @@ protected function establishSocketConnection(): void
                 $tlsOptions['passphrase'] = $this->settings->getTlsClientCertificateKeyPassphrase();
             }
 
+            if ($this->settings->getTlsAlpn() !== null) {
+                $tlsOptions['alpn_protocols'] = $this->settings->getTlsAlpn();
+            }
+ 
             $contextOptions['ssl'] = $tlsOptions;
         }
 

Original file line number	Diff line number	Diff line change
`@@ -197,6 +197,10 @@ protected function establishSocketConnection(): void`
`197`	`197`	`$tlsOptions['passphrase'] = $this->settings->getTlsClientCertificateKeyPassphrase();`
`198`	`198`	`}`
`199`	`199`
	`200`	`+ if ($this->settings->getTlsAlpn() !== null) {`
	`201`	`+ $tlsOptions['alpn_protocols'] = $this->settings->getTlsAlpn();`
	`202`	`+ }`
	`203`	`+`
`200`	`204`	`$contextOptions['ssl'] = $tlsOptions;`
`201`	`205`	`}`
`202`	`206`