Skip to content

Fix MQTT client: reset use_tls flag in connection_end (TLS to plain reconnect)#400

Open
EdouardMALOT wants to merge 1 commit into
eclipse-threadx:masterfrom
EdouardMALOT:fix/mqtt-use-tls-flag-reset
Open

Fix MQTT client: reset use_tls flag in connection_end (TLS to plain reconnect)#400
EdouardMALOT wants to merge 1 commit into
eclipse-threadx:masterfrom
EdouardMALOT:fix/mqtt-use-tls-flag-reset

Conversation

@EdouardMALOT

@EdouardMALOT EdouardMALOT commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

Summary

The MQTT client cannot make a non-secure connection after a secure one on the same client instance.

_nxd_mqtt_client_secure_connect() sets nxd_mqtt_client_use_tls = 1 before delegating to _nxd_mqtt_client_connect(), but the flag is never cleared anywhere — _nxd_mqtt_client_connection_end() ends and deletes the TLS session, yet leaves the flag set. A subsequent nxd_mqtt_client_connect() (plain) on the same client inherits the stale flag, calls nx_secure_tls_session_start() on the TLS session that was just deleted, and fails with NXD_MQTT_CONNECT_FAILURE (0x10005).

Typical scenario: a device provisioned over TLS that must fall back to (or be reconfigured for) a plain connection without recreating the NXD_MQTT_CLIENT instance.

Changes

  • addons/mqtt/nxd_mqtt_client.c — in _nxd_mqtt_client_connection_end(), clear nxd_mqtt_client_use_tls after the TCP socket is disconnected and unbound.

The placement matters: clearing the flag before the socket teardown opens a window where a late TLS record (e.g. the peer's close_notify) is read through the plain TCP path and parsed as MQTT bytes; its fixed header bytes decode as a truncated MQTT message that gets parked forever in nxd_mqtt_client_processing_packet, leaking a packet (caught by netx_mqtt_packet_leak_test in the require_secure_build configuration). With the flag cleared only after nx_tcp_client_socket_unbind(), any late TLS data keeps failing through the TLS receive path exactly as it does today.

_nxd_mqtt_client_connection_end() is only reached on terminal paths (connect failure, disconnect processing, timeout, explicit disconnect); every reconnection goes back through nxd_mqtt_client_connect() or nxd_mqtt_client_secure_connect(), and the latter re-runs the TLS setup callback and sets the flag again — so secure reconnection is unaffected.

Behavioral note: an application that (incorrectly) called the plain nxd_mqtt_client_connect() to re-establish a previously secure session used to get NXD_MQTT_CONNECT_FAILURE; it now gets exactly what it requested — a plaintext connection — matching the documented semantics of the two connect APIs.

Test plan

  • secure connect → disconnect → plain connect on the same client: previously failed with 0x10005, now succeeds
  • secure connect → disconnect → secure connect: unchanged (TLS setup callback re-runs)
  • plain-only and secure-only usage: unchanged
  • MQTT regression suite (including netx_mqtt_packet_leak_test in all build configurations)

@EdouardMALOT EdouardMALOT force-pushed the fix/mqtt-use-tls-flag-reset branch from ee120f6 to 116330e Compare July 8, 2026 21:47
…econnect)

_nxd_mqtt_client_secure_connect sets nxd_mqtt_client_use_tls = 1 before
delegating to _nxd_mqtt_client_connect, but the flag is never cleared
afterwards. A subsequent non-secure connect on the same client inherits
the stale flag, triggers nx_secure_tls_session_start on a plain TCP
socket, and returns NXD_MQTT_CONNECT_FAILURE (0x10005).

Clear the flag in _nxd_mqtt_client_connection_end, after the TCP socket
is disconnected and unbound: while the socket can still deliver data, a
late TLS record (e.g. the peer's close_notify) must keep failing through
the TLS receive path rather than being parsed as plaintext MQTT bytes.
Clearing the flag before the socket teardown would let such a record be
misread as a partial MQTT message and parked forever in
nxd_mqtt_client_processing_packet, leaking a packet (caught by
netx_mqtt_packet_leak_test).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant