aws_iot: add support for MQTT TLS over port 443

Signed-off-by: Mahavir Jain <mahavir@espressif.com>

diff --git a/components/aws_iot/port/network_mbedtls_wrapper.c b/components/aws_iot/port/network_mbedtls_wrapper.c
index 07e2ed4138e6a969fba12c98d27864d96bcec82c..6da6d5dad01fda33c2e12afb2b6ba2dee4f1a096 100644 (file)
--- a/components/aws_iot/port/network_mbedtls_wrapper.c
+++ b/components/aws_iot/port/network_mbedtls_wrapper.c
@@ -236,6 +236,15 @@ IoT_Error_t iot_tls_connect(Network *pNetwork, TLSConnectParams *params) {
 
     mbedtls_ssl_conf_read_timeout(&(tlsDataParams->conf), pNetwork->tlsConnectParams.timeout_ms);
 
+    /* Use the AWS IoT ALPN extension for MQTT, if port 443 is requested */
+    if (pNetwork->tlsConnectParams.DestinationPort == 443) {
+        const char *alpnProtocols[] = { "x-amzn-mqtt-ca", NULL };
+        if ((ret = mbedtls_ssl_conf_alpn_protocols(&(tlsDataParams->conf), alpnProtocols)) != 0) {
+            ESP_LOGE(TAG, "failed! mbedtls_ssl_conf_alpn_protocols returned -0x%x", -ret);
+            return SSL_CONNECTION_ERROR;
+        }
+    }
+
     if((ret = mbedtls_ssl_setup(&(tlsDataParams->ssl), &(tlsDataParams->conf))) != 0) {
         ESP_LOGE(TAG, "failed! mbedtls_ssl_setup returned -0x%x", -ret);
         return SSL_CONNECTION_ERROR;