Expose CipherPreference to Mqtt Client Builders & Fix Windows CI D disk

.github/workflows/ci.yml

@@ -15,7 +15,6 @@ env:
   RUN: ${{ github.run_id }}-${{ github.run_number }}
   CRT_CI_ROLE: ${{ secrets.CRT_CI_ROLE_ARN }}
   AWS_DEFAULT_REGION: us-east-1
-  WINDOWS_CI_DIR: "C:/a/work"
 
 permissions:
   id-token: write # This is required for requesting the JWT
@@ -234,8 +233,6 @@ jobs:
         aws-region: ${{ env.AWS_DEFAULT_REGION }}
     - name: Build ${{ env.PACKAGE_NAME }} + consumers
       run: |
-        md ${{ env.WINDOWS_CI_DIR }}
-        cd ${{ env.WINDOWS_CI_DIR }}
         python -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder.pyz')"
         python builder.pyz build -p ${{ env.PACKAGE_NAME }}
 
@@ -251,8 +248,6 @@ jobs:
         aws-region: ${{ env.AWS_DEFAULT_REGION }}
     - name: Build ${{ env.PACKAGE_NAME }} + consumers
       run: |
-        md ${{ env.WINDOWS_CI_DIR }}
-        cd ${{ env.WINDOWS_CI_DIR }}
         python -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder.pyz')"
         python builder.pyz build -p ${{ env.PACKAGE_NAME }} --compiler msvc-17 --target windows-${{ matrix.arch }}
 
@@ -265,8 +260,6 @@ jobs:
         aws-region: ${{ env.AWS_DEFAULT_REGION }}
     - name: Build ${{ env.PACKAGE_NAME }} + consumers
       run: |
-        md ${{ env.WINDOWS_CI_DIR }}
-        cd ${{ env.WINDOWS_CI_DIR }}
         python -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder.pyz')"
         python builder.pyz build -p ${{ env.PACKAGE_NAME }} --cmake-extra=-DBUILD_SHARED_LIBS=ON
 
@@ -285,8 +278,6 @@ jobs:
         aws-region: ${{ env.AWS_DEFAULT_REGION }}
     - name: Build ${{ env.PACKAGE_NAME }} + consumers
       run: |
-        md ${{ env.WINDOWS_CI_DIR }}
-        cd ${{ env.WINDOWS_CI_DIR }}
         python -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder.pyz')"
         python builder.pyz build -p ${{ env.PACKAGE_NAME }} --cmake-extra=-DBUILD_SHARED_LIBS=ON
 
@@ -299,8 +290,6 @@ jobs:
         aws-region: ${{ env.AWS_DEFAULT_REGION }}
     - name: Build ${{ env.PACKAGE_NAME }} + consumers
       run: |
-        md ${{ env.WINDOWS_CI_DIR }}
-        cd ${{ env.WINDOWS_CI_DIR }}
         python -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder.pyz')"
         python builder.pyz build -p ${{ env.PACKAGE_NAME }} --cmake-extra=-DUSE_CPU_EXTENSIONS=OFF
 

include/aws/iot/Mqtt5Client.h

@@ -298,6 +298,17 @@ namespace Aws
              */
             Mqtt5ClientBuilder &WithCertificateAuthority(const Crt::ByteCursor &cert) noexcept;
 
+            /**
+             * Sets the tls cipher preference for the tls context options.
+             *
+             * @param cipherPref the tls cipher preference to use for the tls context options.
+             * Warning: aws_tls_cipher_pref::AWS_IO_TLS_CIPHER_PREF_TLSV1_2_2025_07 is only supported on Linux platforms
+             * using the s2n library.
+             *
+             * @return this builder object
+             */
+            Mqtt5ClientBuilder &WithTlsCipherPreference(aws_tls_cipher_pref cipherPref) noexcept;
+
             /**
              * Overrides the socket properties of the underlying MQTT connections made by the client.  Leave undefined
              * to use defaults (no TCP keep alive, 10 second socket timeout).

include/aws/iot/MqttClient.h

@@ -297,6 +297,17 @@ namespace Aws
              */
             MqttClientConnectionConfigBuilder &WithMinimumTlsVersion(aws_tls_versions minimumTlsVersion) noexcept;
 
+            /**
+             * Sets the tls cipher preference for the tls context options.
+             *
+             * @param cipherPref the tls cipher preference to use for the tls context options.
+             * Warning: aws_tls_cipher_pref::AWS_IO_TLS_CIPHER_PREF_TLSV1_2_2025_07 is only supported on Linux platforms
+             * using the s2n library.
+             *
+             * @return this builder object
+             */
+            MqttClientConnectionConfigBuilder &WithTlsCipherPreference(aws_tls_cipher_pref cipherPref) noexcept;
+
             /**
              * Sets http proxy options.
              *

source/iot/Mqtt5Client.cpp

@@ -346,6 +346,15 @@ namespace Aws
             return *this;
         }
 
+        Mqtt5ClientBuilder &Mqtt5ClientBuilder::WithTlsCipherPreference(aws_tls_cipher_pref cipherPref) noexcept
+        {
+            if (m_tlsConnectionOptions)
+            {
+                m_tlsConnectionOptions->SetTlsCipherPreference(cipherPref);
+            }
+            return *this;
+        }
+
         Mqtt5ClientBuilder &Mqtt5ClientBuilder::WithSocketOptions(Crt::Io::SocketOptions socketOptions) noexcept
         {
             m_options->WithSocketOptions(std::move(socketOptions));

source/iot/MqttClient.cpp

@@ -288,7 +288,20 @@ namespace Aws
         MqttClientConnectionConfigBuilder &MqttClientConnectionConfigBuilder::WithMinimumTlsVersion(
             aws_tls_versions minimumTlsVersion) noexcept
         {
-            m_contextOptions.SetMinimumTlsVersion(minimumTlsVersion);
+            if (m_contextOptions)
+            {
+                m_contextOptions.SetMinimumTlsVersion(minimumTlsVersion);
+            }
+            return *this;
+        }
+
+        MqttClientConnectionConfigBuilder &MqttClientConnectionConfigBuilder::WithTlsCipherPreference(
+            aws_tls_cipher_pref cipherPref) noexcept
+        {
+            if (m_contextOptions)
+            {
+                m_contextOptions.SetTlsCipherPreference(cipherPref);
+            }
             return *this;
         }