d0kuhn/mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
04c110183c
mosquitto/apps/mosquitto_ctrl/dynsec_role.c

196 lines
4.6 KiB
C
Raw Normal View History

New dynamic security plugin.
2020-09-23 21:59:31 +00:00
/*
Copyright (c) 2020 Roger Light <roger@atchoo.org>
All rights reserved. This program and the accompanying materials
Update to EPL-2.0
2020-11-25 17:34:21 +00:00
are made available under the terms of the Eclipse Public License 2.0
New dynamic security plugin.
2020-09-23 21:59:31 +00:00
and Eclipse Distribution License v1.0 which accompany this distribution.
The Eclipse Public License is available at
Update to EPL-2.0
2020-11-25 17:34:21 +00:00
https://www.eclipse.org/legal/epl-2.0/
New dynamic security plugin.
2020-09-23 21:59:31 +00:00
and the Eclipse Distribution License is available at
http://www.eclipse.org/org/documents/edl-v10.php.
Contributors:
Roger Light - initial implementation and documentation.
*/
#include <cJSON.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "mosquitto.h"
#include "mosquitto_ctrl.h"
#include "password_mosq.h"
int dynsec_role__create(int argc, char *argv[], cJSON *j_command)
{
char *rolename = NULL;
if(argc == 1){
rolename = argv[0];
}else{
return MOSQ_ERR_INVAL;
}
if(cJSON_AddStringToObject(j_command, "command", "createRole") == NULL
|| cJSON_AddStringToObject(j_command, "rolename", rolename) == NULL
){
return MOSQ_ERR_NOMEM;
}else{
return MOSQ_ERR_SUCCESS;
}
}
int dynsec_role__delete(int argc, char *argv[], cJSON *j_command)
{
char *rolename = NULL;
if(argc == 1){
rolename = argv[0];
}else{
return MOSQ_ERR_INVAL;
}
if(cJSON_AddStringToObject(j_command, "command", "deleteRole") == NULL
|| cJSON_AddStringToObject(j_command, "rolename", rolename) == NULL
){
return MOSQ_ERR_NOMEM;
}else{
return MOSQ_ERR_SUCCESS;
}
}
int dynsec_role__get(int argc, char *argv[], cJSON *j_command)
{
char *rolename = NULL;
if(argc == 1){
rolename = argv[0];
}else{
return MOSQ_ERR_INVAL;
}
if(cJSON_AddStringToObject(j_command, "command", "getRole") == NULL
|| cJSON_AddStringToObject(j_command, "rolename", rolename) == NULL
){
return MOSQ_ERR_NOMEM;
}else{
return MOSQ_ERR_SUCCESS;
}
}
int dynsec_role__list_all(int argc, char *argv[], cJSON *j_command)
{
int count = -1, offset = -1;
if(argc == 0){
/* All roles */
}else if(argc == 1){
count = atoi(argv[0]);
}else if(argc == 2){
count = atoi(argv[0]);
offset = atoi(argv[1]);
}else{
return MOSQ_ERR_INVAL;
}
if(cJSON_AddStringToObject(j_command, "command", "listRoles") == NULL
Ctrl: Fix use of ints in cJSON.
2020-11-04 13:58:40 +00:00
|| (count > 0 && cJSON_AddIntToObject(j_command, "count", count) == NULL)
|| (offset > 0 && cJSON_AddIntToObject(j_command, "offset", offset) == NULL)
New dynamic security plugin.
2020-09-23 21:59:31 +00:00
){
return MOSQ_ERR_NOMEM;
}else{
return MOSQ_ERR_SUCCESS;
}
}
int dynsec_role__add_acl(int argc, char *argv[], cJSON *j_command)
{
char *rolename, *acltype, *topic, *action;
bool allow;
int priority = -1;
if(argc == 5){
rolename = argv[0];
acltype = argv[1];
topic = argv[2];
action = argv[3];
priority = atoi(argv[4]);
}else if(argc == 4){
rolename = argv[0];
acltype = argv[1];
topic = argv[2];
action = argv[3];
}else{
return MOSQ_ERR_INVAL;
}
Dynsec: Rename ACL types for clarity. publishBrokerToClient -> publishClientReceive publishClientToBroker -> publishClientSend
2020-10-28 11:01:26 +00:00
if(strcasecmp(acltype, "publishClientSend")
&& strcasecmp(acltype, "publishClientReceive")
ctrl: Fix incorrect dynsec commands.
2020-10-28 11:46:13 +00:00
&& strcasecmp(acltype, "subscribeLiteral")
&& strcasecmp(acltype, "subscribePattern")
&& strcasecmp(acltype, "unsubscribeLiteral")
&& strcasecmp(acltype, "unsubscribePattern")){
New dynamic security plugin.
2020-09-23 21:59:31 +00:00
return MOSQ_ERR_INVAL;
}
if(!strcasecmp(action, "allow")){
allow = true;
}else if(!strcasecmp(action, "deny")){
allow = false;
}else{
return MOSQ_ERR_INVAL;
}
ctrl: Fix incorrect dynsec commands.
2020-10-28 11:46:13 +00:00
if(cJSON_AddStringToObject(j_command, "command", "addRoleACL") == NULL
New dynamic security plugin.
2020-09-23 21:59:31 +00:00
|| cJSON_AddStringToObject(j_command, "rolename", rolename) == NULL
|| cJSON_AddStringToObject(j_command, "acltype", acltype) == NULL
|| cJSON_AddStringToObject(j_command, "topic", topic) == NULL
|| cJSON_AddBoolToObject(j_command, "allow", allow) == NULL
Ctrl: Fix use of ints in cJSON.
2020-11-04 13:58:40 +00:00
|| (priority != -1 && cJSON_AddIntToObject(j_command, "priority", priority) == NULL)
New dynamic security plugin.
2020-09-23 21:59:31 +00:00
){
return MOSQ_ERR_NOMEM;
}else{
return MOSQ_ERR_SUCCESS;
}
}
int dynsec_role__remove_acl(int argc, char *argv[], cJSON *j_command)
{
char *rolename, *acltype, *topic;
if(argc == 3){
rolename = argv[0];
acltype = argv[1];
topic = argv[2];
}else{
return MOSQ_ERR_INVAL;
}
Dynsec: Rename ACL types for clarity. publishBrokerToClient -> publishClientReceive publishClientToBroker -> publishClientSend
2020-10-28 11:01:26 +00:00
if(strcasecmp(acltype, "publishClientSend")
&& strcasecmp(acltype, "publishClientReceive")
ctrl: Fix acltype names.
2020-10-28 16:18:08 +00:00
&& strcasecmp(acltype, "subscribeLiteral")
&& strcasecmp(acltype, "subscribePattern")
&& strcasecmp(acltype, "unsubscribeLiteral")
&& strcasecmp(acltype, "unsubscribePattern")){
New dynamic security plugin.
2020-09-23 21:59:31 +00:00
return MOSQ_ERR_INVAL;
}
ctrl: Fix incorrect dynsec commands.
2020-10-28 11:46:13 +00:00
if(cJSON_AddStringToObject(j_command, "command", "removeRoleACL") == NULL
New dynamic security plugin.
2020-09-23 21:59:31 +00:00
|| cJSON_AddStringToObject(j_command, "rolename", rolename) == NULL
|| cJSON_AddStringToObject(j_command, "acltype", acltype) == NULL
|| cJSON_AddStringToObject(j_command, "topic", topic) == NULL
){
return MOSQ_ERR_NOMEM;
}else{
return MOSQ_ERR_SUCCESS;
}
}
Reference in New Issue Copy Permalink