Add mutual SSL auth config to mqtt_client

README.md

@@ -96,6 +96,8 @@ const esp_mqtt_client_config_t mqtt_cfg = {
 -  `task_prio, task_stack` for MQTT task, default priority is 5, and task_stack = 6144 bytes (or default task stack can be set via `make menucofig`).
 -  `buffer_size` for MQTT send/receive buffer, default is 1024
 -  `cert_pem` pointer to CERT file for server verify (with SSL), default is NULL, not required to verify the server
+-  `client_cert_pem` pointer to CERT file for SSL mutual authentication, default is NULL, not required if mutual authentication is not needed. If it is not NULL, also `client_key_pem` has to be provided.
+-  `client_key_pem` pointer to PEM private key file for SSL mutual authentication, default is NULL, not required if mutual authentication is not needed. If it is not NULL, also `client_cert_pem` has to be provided.
 -  `transport`: override URI transport
     +  `MQTT_TRANSPORT_OVER_TCP`: MQTT over TCP, using scheme: `mqtt`
     +  `MQTT_TRANSPORT_OVER_SSL`: MQTT over SSL, using scheme: `mqtts`

include/mqtt_client.h

@@ -77,6 +77,8 @@ typedef struct {
     int task_stack;
     int buffer_size;
     const char *cert_pem;
+    const char *client_cert_pem;
+    const char *client_key_pem;
     esp_mqtt_transport_t transport;
 } esp_mqtt_client_config_t;
 

mqtt_client.c

@@ -299,6 +299,12 @@ esp_mqtt_client_handle_t esp_mqtt_client_init(const esp_mqtt_client_config_t *co
     if (config->cert_pem) {
         transport_ssl_set_cert_data(ssl, config->cert_pem, strlen(config->cert_pem));
     }
+    if (config->client_cert_pem) {
+        transport_ssl_set_client_cert_data(ssl, config->client_cert_pem, strlen(config->client_cert_pem));
+    }
+    if (config->client_key_pem) {
+        transport_ssl_set_client_key_data(ssl, config->client_key_pem, strlen(config->client_key_pem));
+    }
     transport_list_add(client->transport_list, ssl, "mqtts");
     if (config->transport == MQTT_TRANSPORT_OVER_SSL) {
         client->config->scheme = create_string("mqtts", 5);