Merge 1.3.2-1.3.5 into 1.4.
This commit is contained in:
Roger A. Light
commit
070d783c9f
@ -57,15 +57,55 @@ Client library:
|
||||
- mosquitto_loop_forever now quits after a fatal error, rather than blindly
|
||||
retrying.
|
||||
|
||||
1.3.2 - 2014xxxx
|
||||
1.3.5 - 20141008
|
||||
================
|
||||
|
||||
Broker:
|
||||
- Fix possible memory leak when using a topic that has a leading slash. Fixes
|
||||
bug #1360985.
|
||||
- Fix saving persistent database on Windows.
|
||||
- Temporarily disable ACL checks on subscriptions when using MQTT v3.1.1. This
|
||||
is due to the complexity of checking wildcard ACLs against wildcard
|
||||
subscriptions. This does not have a negative impact on security because
|
||||
checks are still made before a message is sent to a client.
|
||||
Fixes bug #1374291.
|
||||
- When using -v and the broker receives a SIGHUP, verbose logging was being
|
||||
disabled. This has been fixed.
|
||||
|
||||
Client library:
|
||||
- Fix mutex being incorrectly passed by value. Fixes bug #1373785.
|
||||
|
||||
1.3.4 - 20140806
|
||||
================
|
||||
|
||||
Broker:
|
||||
- Don't ask client for certificate when require_certificate is false.
|
||||
- Backout incomplete functionality that was incorrectly included in 1.3.2.
|
||||
|
||||
1.3.3 - 20140801
|
||||
================
|
||||
|
||||
Broker:
|
||||
- Fix incorrect handling of anonymous bridges on the local broker.
|
||||
|
||||
1.3.2 - 20140713
|
||||
================
|
||||
|
||||
Broker:
|
||||
- Don't allow access to clients when authenticating if a security plugin
|
||||
returns an application error. Fixes bug #1340782.
|
||||
- Ensure that bridges verify certificates by default when using TLS.
|
||||
- Fix possible crash when using pattern ACLs that do not include a %u and
|
||||
clients that connect without a username.
|
||||
- Fix subscriptions being deleted when clients subscribed to a topic beginning
|
||||
with a $ but that is not $SYS.
|
||||
- When a durable client reconnects, its queued messages are now checked
|
||||
against ACLs in case of a change in username/ACL state since it last
|
||||
connected.
|
||||
- Fix bug #1324411, which could have had unexpected consequences for delayed
|
||||
messages in rare circumstances.
|
||||
- Anonymous clients are no longer accidently disconnected from the broker
|
||||
after a SIGHUP.
|
||||
|
||||
Client library:
|
||||
- Fix topic matching edge case.
|
||||
|
||||
@ -240,3 +240,4 @@ STRIP?=strip
|
||||
prefix=/usr/local
|
||||
mandir=${prefix}/share/man
|
||||
localedir=${prefix}/share/locale
|
||||
STRIP?=strip
|
||||
|
||||
@ -421,7 +421,6 @@ void my_log_callback(struct mosquitto *mosq, void *userdata, int level, const ch
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
char id[30];
|
||||
int i;
|
||||
char *host = "localhost";
|
||||
int port = 1883;
|
||||
@ -430,13 +429,12 @@ int main(int argc, char *argv[])
|
||||
struct mosquitto *mosq = NULL;
|
||||
|
||||
mosquitto_lib_init();
|
||||
mosq = mosquitto_new(id, clean_session, NULL);
|
||||
mosq = mosquitto_new(NULL, clean_session, NULL);
|
||||
if(!mosq){
|
||||
fprintf(stderr, "Error: Out of memory.\n");
|
||||
return 1;
|
||||
}
|
||||
mosquitto_log_callback_set(mosq, my_log_callback);
|
||||
|
||||
mosquitto_connect_callback_set(mosq, my_connect_callback);
|
||||
mosquitto_message_callback_set(mosq, my_message_callback);
|
||||
mosquitto_subscribe_callback_set(mosq, my_subscribe_callback);
|
||||
@ -446,7 +444,7 @@ int main(int argc, char *argv[])
|
||||
return 1;
|
||||
}
|
||||
|
||||
while(!mosquitto_loop(mosq, -1)){
|
||||
while(!mosquitto_loop(mosq, -1, 1)){
|
||||
}
|
||||
mosquitto_destroy(mosq);
|
||||
mosquitto_lib_cleanup();
|
||||
|
||||
@ -727,13 +727,6 @@
|
||||
# remains valid for the time being.
|
||||
#remote_password
|
||||
|
||||
# Set the username to use on the local broker.
|
||||
#local_username
|
||||
|
||||
# Set the password to use on the local broker.
|
||||
# This option is only used if local_username is also set.
|
||||
#local_password
|
||||
|
||||
# -----------------------------------------------------------------
|
||||
# Certificate based SSL/TLS support
|
||||
# -----------------------------------------------------------------
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
Mosquitto
|
||||
=========
|
||||
|
||||
Mosquitto is an open source implementation of a server for version 3.1 of the
|
||||
MQTT protocol.
|
||||
Mosquitto is an open source implementation of a server for version 3.1 and
|
||||
3.1.1 of the MQTT protocol.
|
||||
|
||||
See the following links for more information on MQTT:
|
||||
|
||||
|
||||
@ -152,13 +152,6 @@ int mqtt3_bridge_connect(struct mosquitto_db *db, struct mosquitto *context)
|
||||
mqtt3_db_messages_delete(context);
|
||||
}
|
||||
|
||||
rc = mosquitto_unpwd_check(db, context->bridge->local_username, context->bridge->local_password);
|
||||
if(rc == MOSQ_ERR_AUTH){
|
||||
_mosquitto_log_printf(NULL, MOSQ_LOG_ERR, "Bridge %s failed authentication on local broker.", context->id);
|
||||
return rc;
|
||||
}
|
||||
rc = 0;
|
||||
|
||||
/* Delete all local subscriptions even for clean_session==false. We don't
|
||||
* remove any messages and the next loop carries out the resubscription
|
||||
* anyway. This means any unwanted subs will be removed.
|
||||
|
||||
@ -387,6 +387,11 @@ int mqtt3_db_backup(struct mosquitto_db *db, bool cleanup, bool shutdown)
|
||||
|
||||
fclose(db_fptr);
|
||||
|
||||
#ifdef WIN32
|
||||
if(remove(db->config->persistence_filepath) != 0){
|
||||
goto error;
|
||||
}
|
||||
#endif
|
||||
if(rename(outfile, db->config->persistence_filepath) != 0){
|
||||
goto error;
|
||||
}
|
||||
|
||||
@ -363,12 +363,20 @@ int mqtt3_handle_connect(struct mosquitto_db *db, struct mosquitto *context)
|
||||
#endif /* WITH_TLS */
|
||||
if(username_flag){
|
||||
rc = mosquitto_unpwd_check(db, username, password);
|
||||
if(rc == MOSQ_ERR_AUTH){
|
||||
_mosquitto_send_connack(context, 0, CONNACK_REFUSED_BAD_USERNAME_PASSWORD);
|
||||
rc = MOSQ_ERR_SUCCESS;
|
||||
goto handle_connect_error;
|
||||
}else if(rc == MOSQ_ERR_INVAL){
|
||||
goto handle_connect_error;
|
||||
switch(rc){
|
||||
case MOSQ_ERR_SUCCESS:
|
||||
break;
|
||||
case MOSQ_ERR_AUTH:
|
||||
_mosquitto_send_connack(context, CONNACK_REFUSED_BAD_USERNAME_PASSWORD);
|
||||
mqtt3_context_disconnect(db, context);
|
||||
rc = MOSQ_ERR_SUCCESS;
|
||||
goto handle_connect_error;
|
||||
break;
|
||||
default:
|
||||
mqtt3_context_disconnect(db, context);
|
||||
rc = MOSQ_ERR_SUCCESS;
|
||||
goto handle_connect_error;
|
||||
break;
|
||||
}
|
||||
context->username = username;
|
||||
context->password = password;
|
||||
@ -728,12 +736,33 @@ int mqtt3_handle_subscribe(struct mosquitto_db *db, struct mosquitto *context)
|
||||
}
|
||||
_mosquitto_log_printf(NULL, MOSQ_LOG_DEBUG, "\t%s (QoS %d)", sub, qos);
|
||||
|
||||
#if 0
|
||||
/* FIXME
|
||||
* This section has been disabled temporarily. mosquitto_acl_check
|
||||
* calls mosquitto_topic_matches_sub, which can't cope with
|
||||
* checking subscriptions that have wildcards against ACLs that
|
||||
* have wildcards. Bug #1374291 is related.
|
||||
*
|
||||
* It's a very difficult problem when an ACL looks like foo/+/bar
|
||||
* and a subscription request to foo/# is made.
|
||||
*
|
||||
* This should be changed to using MOSQ_ACL_SUBSCRIPTION in the
|
||||
* future anyway.
|
||||
*/
|
||||
if(context->protocol == mosq_p_mqtt311){
|
||||
rc = mosquitto_acl_check(db, context, sub, MOSQ_ACL_READ);
|
||||
if(rc == MOSQ_ERR_ACL_DENIED){
|
||||
qos = 0x80;
|
||||
switch(rc){
|
||||
case MOSQ_ERR_SUCCESS:
|
||||
break;
|
||||
case MOSQ_ERR_ACL_DENIED:
|
||||
qos = 0x80;
|
||||
break;
|
||||
default:
|
||||
_mosquitto_free(sub);
|
||||
return rc;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
if(qos != 0x80){
|
||||
rc2 = mqtt3_sub_add(db, context, sub, qos, &db->subs);
|
||||
|
||||
@ -200,15 +200,7 @@ int mosquitto_acl_check(struct mosquitto_db *db, struct mosquitto *context, cons
|
||||
if(!db->auth_plugin.lib){
|
||||
return mosquitto_acl_check_default(db, context, topic, access);
|
||||
}else{
|
||||
#ifdef WITH_BRIDGE
|
||||
if(context->bridge){
|
||||
return db->auth_plugin.acl_check(db->auth_plugin.user_data, context->id, context->bridge->local_username, topic, access);
|
||||
}else{
|
||||
#endif
|
||||
return db->auth_plugin.acl_check(db->auth_plugin.user_data, context->id, context->username, topic, access);
|
||||
#ifdef WITH_BRIDGE
|
||||
}
|
||||
#endif
|
||||
return db->auth_plugin.acl_check(db->auth_plugin.user_data, context->id, context->username, topic, access);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -628,7 +628,7 @@ int mosquitto_unpwd_check_default(struct mosquitto_db *db, const char *username,
|
||||
|
||||
if(!db) return MOSQ_ERR_INVAL;
|
||||
if(!db->unpwd) return MOSQ_ERR_SUCCESS;
|
||||
if(!username) return MOSQ_ERR_INVAL;
|
||||
if(!username) return MOSQ_ERR_INVAL; /* Check must be made only after checking db->unpwd. */
|
||||
|
||||
HASH_ITER(hh, db->unpwd, u, tmp){
|
||||
if(!strcmp(u->username, username)){
|
||||
|
||||
@ -135,7 +135,7 @@ static int _subs_process(struct mosquitto_db *db, struct _mosquitto_subhier *hie
|
||||
}
|
||||
if(mqtt3_db_message_insert(db, leaf->context, mid, mosq_md_out, msg_qos, client_retain, stored) == 1) rc = 1;
|
||||
}else{
|
||||
rc = 1;
|
||||
return 1; /* Application error */
|
||||
}
|
||||
leaf = leaf->next;
|
||||
}
|
||||
|
||||
@ -6,4 +6,5 @@ certfile ../ssl/server.crt
|
||||
keyfile ../ssl/server.key
|
||||
|
||||
use_identity_as_username true
|
||||
require_certificate true
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user