Balance security and performance

[carlhoerberg]

1000 iterations seems a bit excessive for simply obfuscating credentials, with these new default MQTT connections can be opened at a rate of 800 connections/s instead of 8 connections/s.

[carlhoerberg]

a nodejs script to churn mqtt connections. (npm install mqtt)

const mqtt = require('mqtt')
const uri = "mqtt://guest:guest@localhost"

function start() {
  const client = mqtt.connect(uri, {
    clean: true,
    connectTimeout: 60000,
    reconnectPeriod: 0,
    rejectUnauthorized: false
  })

  client.on('connect', function () {
    console.log('Connected')
    client.end()
  })

  client.on('close', function() {
    console.log('Close')
  })
}

setInterval(start, 1)

[michaelklishin]

Yes, the idea is primarily to avoid credentials leaking to the logs as part of the process state; we are not looking for best possible security with this library.