From 0a0e9079c37e4d9c9cf9c71f5243da680bed6212 Mon Sep 17 00:00:00 2001
From: Lucas Dietrich <ld.adecy@gmail.com>
Date: Fri, 19 Nov 2021 09:46:33 +0100
Subject: [PATCH] net: mqtt: Add support for TLS option TLS_CERT_NOCOPY

Add an option in MQTT client context to take advantage of the
"TLS_CERT_NOCOPY" option when using  TLS socket transport.

Signed-off-by: Lucas Dietrich <ld.adecy@gmail.com>
---
 include/net/mqtt.h                              | 3 +++
 subsys/net/lib/mqtt/mqtt_transport_socket_tls.c | 9 +++++++++
 2 files changed, 12 insertions(+)

diff --git a/include/net/mqtt.h b/include/net/mqtt.h
index 8e726bdd28d..a939be9f6b0 100644
--- a/include/net/mqtt.h
+++ b/include/net/mqtt.h
@@ -354,6 +354,9 @@ struct mqtt_sec_config {
 	 *  May be NULL to skip hostname verification.
 	 */
 	const char *hostname;
+
+	/** Indicates the preference for copying certificates to the heap. */
+	int cert_nocopy;
 };
 
 /** @brief MQTT transport type. */
diff --git a/subsys/net/lib/mqtt/mqtt_transport_socket_tls.c b/subsys/net/lib/mqtt/mqtt_transport_socket_tls.c
index 7f6faf6e4d5..faf5e5c00c7 100644
--- a/subsys/net/lib/mqtt/mqtt_transport_socket_tls.c
+++ b/subsys/net/lib/mqtt/mqtt_transport_socket_tls.c
@@ -78,6 +78,15 @@ int mqtt_client_tls_connect(struct mqtt_client *client)
 		}
 	}
 
+	if (tls_config->cert_nocopy != TLS_CERT_NOCOPY_NONE) {
+		ret = zsock_setsockopt(client->transport.tls.sock, SOL_TLS,
+				       TLS_CERT_NOCOPY, &tls_config->cert_nocopy,
+				       sizeof(tls_config->cert_nocopy));
+		if (ret < 0) {
+			goto error;
+		}
+	}
+
 	size_t peer_addr_size = sizeof(struct sockaddr_in6);
 
 	if (broker->sa_family == AF_INET) {