Merge branch 'fixes'
This commit is contained in:
commit
1a6fdfb695
@ -8,7 +8,7 @@ cmake_minimum_required(VERSION 3.0)
|
||||
cmake_policy(SET CMP0042 NEW)
|
||||
|
||||
project(mosquitto)
|
||||
set (VERSION 2.0.9)
|
||||
set (VERSION 2.0.10)
|
||||
|
||||
list(APPEND CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/cmake/")
|
||||
|
||||
|
@ -1,3 +1,36 @@
|
||||
2.0.10 - 2021-04-03
|
||||
==================
|
||||
|
||||
Security:
|
||||
- CVE-xxxx-xxxx: If an authenticated client connected with MQTT v5 sent a
|
||||
malformed CONNACK message to the broker a NULL pointer dereference occurred,
|
||||
most likely resulting in a segfault. This will be updated with the CVE
|
||||
number when it is assigned.
|
||||
Affects versions 2.0.0 to 2.0.9 inclusive.
|
||||
|
||||
Broker:
|
||||
- Don't over write new receive-maximum if a v5 client connects and takes over
|
||||
an old session. Closes #2134.
|
||||
- Fix CVE-xxxx-xxxx. Closes #2163.
|
||||
|
||||
Clients:
|
||||
- Set `receive-maximum` to not exceed the `-C` message count in mosquitto_sub
|
||||
and mosquitto_rr, to avoid potentially lost messages. Closes #2134.
|
||||
- Fix TLS-PSK mode not working with port 8883. Closes #2152.
|
||||
|
||||
Client library:
|
||||
- Fix possible socket leak. This would occur if a client was using
|
||||
`mosquitto_loop_start()`, then if the connection failed due to the remote
|
||||
server being inaccessible they called `mosquitto_loop_stop(, true)` and
|
||||
recreated the mosquitto object.
|
||||
|
||||
Build:
|
||||
- A variety of minor build related fixes, like functions not having previous
|
||||
declarations.
|
||||
- Fix CMake cross compile builds not finding opensslconf.h. Closes #2160.
|
||||
- Fix build on Solaris non-sparc. Closes #2136.
|
||||
|
||||
|
||||
2.0.9 - 2021-03-11
|
||||
==================
|
||||
|
||||
@ -1771,6 +1804,8 @@ Client library:
|
||||
- Add support for MQTT v3.1.1.
|
||||
- Don't quit mosquitto_loop_forever() if broker not available on first
|
||||
connect. Closes bug #453293, but requires more work.
|
||||
- Don't reset queued messages state on CONNACK. Fixes bug with duplicate
|
||||
messages on connection.
|
||||
|
||||
|
||||
1.3.5 - 20141008
|
||||
|
@ -27,6 +27,7 @@ Contributors:
|
||||
#include <sys/stat.h>
|
||||
#include <time.h>
|
||||
|
||||
#include "db_dump.h"
|
||||
#include <mosquitto_broker_internal.h>
|
||||
#include <memory_mosq.h>
|
||||
#include <persist.h>
|
||||
|
@ -19,6 +19,7 @@ Contributors:
|
||||
#include <inttypes.h>
|
||||
#include <stdio.h>
|
||||
|
||||
#include "db_dump.h"
|
||||
#include <mosquitto_broker_internal.h>
|
||||
#include <memory_mosq.h>
|
||||
#include <mqtt_protocol.h>
|
||||
@ -142,7 +143,7 @@ static void print__properties(mosquitto_property *properties)
|
||||
}
|
||||
|
||||
|
||||
void print__client(struct P_client *chunk, int length)
|
||||
void print__client(struct P_client *chunk, uint32_t length)
|
||||
{
|
||||
printf("DB_CHUNK_CLIENT:\n");
|
||||
printf("\tLength: %d\n", length);
|
||||
@ -159,7 +160,7 @@ void print__client(struct P_client *chunk, int length)
|
||||
}
|
||||
|
||||
|
||||
void print__client_msg(struct P_client_msg *chunk, int length)
|
||||
void print__client_msg(struct P_client_msg *chunk, uint32_t length)
|
||||
{
|
||||
printf("DB_CHUNK_CLIENT_MSG:\n");
|
||||
printf("\tLength: %d\n", length);
|
||||
@ -175,8 +176,10 @@ void print__client_msg(struct P_client_msg *chunk, int length)
|
||||
}
|
||||
|
||||
|
||||
void print__msg_store(struct P_msg_store *chunk, int length)
|
||||
void print__msg_store(struct P_msg_store *chunk, uint32_t length)
|
||||
{
|
||||
uint8_t *payload;
|
||||
|
||||
printf("DB_CHUNK_MSG_STORE:\n");
|
||||
printf("\tLength: %d\n", length);
|
||||
printf("\tStore ID: %" PRIu64 "\n", chunk->F.store_id);
|
||||
@ -190,8 +193,6 @@ void print__msg_store(struct P_msg_store *chunk, int length)
|
||||
printf("\tPayload Length: %d\n", chunk->F.payloadlen);
|
||||
printf("\tExpiry Time: %" PRIu64 "\n", chunk->F.expiry_time);
|
||||
|
||||
uint8_t *payload;
|
||||
|
||||
payload = chunk->payload;
|
||||
if(chunk->F.payloadlen < 256){
|
||||
/* Print payloads with UTF-8 data below an arbitrary limit of 256 bytes */
|
||||
|
@ -1,8 +1,14 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "misc_mosq.h"
|
||||
#include "mosquitto_broker_internal.h"
|
||||
#include "mosquitto_internal.h"
|
||||
#include "util_mosq.h"
|
||||
|
||||
#ifndef UNUSED
|
||||
# define UNUSED(A) (void)(A)
|
||||
#endif
|
||||
|
||||
struct mosquitto *context__init(mosq_sock_t sock)
|
||||
{
|
||||
|
@ -12,7 +12,7 @@ LIBMOSQ:=../../lib/libmosquitto.a
|
||||
endif
|
||||
endif
|
||||
|
||||
LOCAL_CPPFLAGS:=-I../mosquitto_passwd
|
||||
LOCAL_CPPFLAGS:=-I../mosquitto_passwd -DWITH_CJSON
|
||||
|
||||
OBJS= mosquitto_ctrl.o \
|
||||
client.o \
|
||||
|
@ -79,6 +79,8 @@ void dynsec__print_usage(void)
|
||||
printf("acltype: publishClientSend|publishClientReceive\n");
|
||||
printf(" |subscribeLiteral|subscribePattern\n");
|
||||
printf(" |unsubscribeLiteral|unsubscribePattern\n");
|
||||
printf("\nFor more information see:\n");
|
||||
printf(" https://mosquitto.org/documentation/dynamic-security/\n\n");
|
||||
}
|
||||
|
||||
cJSON *cJSON_AddIntToObject(cJSON * const object, const char * const name, int number)
|
||||
@ -689,7 +691,7 @@ static cJSON *init_create(const char *username, const char *password, const char
|
||||
}
|
||||
|
||||
/* mosquitto_ctrl dynsec init <filename> <admin-user> <admin-password> [role-name] */
|
||||
int dynsec_init(int argc, char *argv[])
|
||||
static int dynsec_init(int argc, char *argv[])
|
||||
{
|
||||
char *filename;
|
||||
char *admin_user;
|
||||
|
@ -28,7 +28,7 @@ Contributors:
|
||||
#include "mosquitto.h"
|
||||
#include "mosquitto_ctrl.h"
|
||||
|
||||
void print_version(void)
|
||||
static void print_version(void)
|
||||
{
|
||||
int major, minor, revision;
|
||||
|
||||
@ -36,14 +36,15 @@ void print_version(void)
|
||||
printf("mosquitto_ctrl version %s running on libmosquitto %d.%d.%d.\n", VERSION, major, minor, revision);
|
||||
}
|
||||
|
||||
void print_usage(void)
|
||||
static void print_usage(void)
|
||||
{
|
||||
printf("mosquitto_ctrl is a tool for administering certain Mosquitto features.\n");
|
||||
print_version();
|
||||
printf("\nGeneral usage: mosquitto_ctrl <module> <module-command> <command-options>\n");
|
||||
printf("For module specific help use: mosquitto_ctrl <module> help\n");
|
||||
printf("\nModules available: dynsec\n");
|
||||
printf("\nSee https://mosquitto.org/man/mosquitto_ctrl-1.html for more information.\n\n");
|
||||
printf("\nFor more information see:\n");
|
||||
printf(" https://mosquitto.org/man/mosquitto_ctrl-1.html\n\n");
|
||||
}
|
||||
|
||||
|
||||
@ -51,7 +52,7 @@ int main(int argc, char *argv[])
|
||||
{
|
||||
struct mosq_ctrl ctrl;
|
||||
int rc = MOSQ_ERR_SUCCESS;
|
||||
FUNC_ctrl_main ctrl_main = NULL;
|
||||
FUNC_ctrl_main l_ctrl_main = NULL;
|
||||
void *lib = NULL;
|
||||
char lib_name[200];
|
||||
|
||||
@ -76,22 +77,22 @@ int main(int argc, char *argv[])
|
||||
|
||||
/* In built modules */
|
||||
if(!strcasecmp(argv[0], "dynsec")){
|
||||
ctrl_main = dynsec__main;
|
||||
l_ctrl_main = dynsec__main;
|
||||
}else{
|
||||
/* Attempt external module */
|
||||
snprintf(lib_name, sizeof(lib_name), "mosquitto_ctrl_%s.so", argv[0]);
|
||||
lib = LIB_LOAD(lib_name);
|
||||
if(lib){
|
||||
ctrl_main = (FUNC_ctrl_main)LIB_SYM(lib, "ctrl_main");
|
||||
l_ctrl_main = (FUNC_ctrl_main)LIB_SYM(lib, "ctrl_main");
|
||||
}
|
||||
}
|
||||
if(ctrl_main == NULL){
|
||||
if(l_ctrl_main == NULL){
|
||||
fprintf(stderr, "Error: Module '%s' not supported.\n", argv[0]);
|
||||
rc = MOSQ_ERR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
if(ctrl_main){
|
||||
rc = ctrl_main(argc-1, &argv[1], &ctrl);
|
||||
if(l_ctrl_main){
|
||||
rc = l_ctrl_main(argc-1, &argv[1], &ctrl);
|
||||
if(rc < 0){
|
||||
/* Usage print */
|
||||
rc = 0;
|
||||
|
@ -35,7 +35,9 @@ Contributors:
|
||||
# include <sys/stat.h>
|
||||
#endif
|
||||
|
||||
#define MAX_BUFFER_LEN 65536
|
||||
#include "get_password.h"
|
||||
|
||||
#define MAX_BUFFER_LEN 65500
|
||||
#define SALT_LEN 12
|
||||
|
||||
void get_password__reset_term(void)
|
||||
|
@ -52,7 +52,7 @@ Contributors:
|
||||
# include <sys/stat.h>
|
||||
#endif
|
||||
|
||||
#define MAX_BUFFER_LEN 65536
|
||||
#define MAX_BUFFER_LEN 65500
|
||||
#define SALT_LEN 12
|
||||
|
||||
#include "misc_mosq.h"
|
||||
@ -107,7 +107,7 @@ static FILE *mpw_tmpfile(void)
|
||||
#endif
|
||||
|
||||
|
||||
void print_usage(void)
|
||||
static void print_usage(void)
|
||||
{
|
||||
printf("mosquitto_passwd is a tool for managing password files for mosquitto.\n\n");
|
||||
printf("Usage: mosquitto_passwd [-H sha512 | -H sha512-pbkdf2] [-c | -D] passwordfile username\n");
|
||||
@ -122,7 +122,7 @@ void print_usage(void)
|
||||
printf("\nSee https://mosquitto.org/ for more information.\n\n");
|
||||
}
|
||||
|
||||
int output_new_password(FILE *fptr, const char *username, const char *password, int iterations)
|
||||
static int output_new_password(FILE *fptr, const char *username, const char *password, int iterations)
|
||||
{
|
||||
int rc;
|
||||
char *salt64 = NULL, *hash64 = NULL;
|
||||
@ -255,7 +255,7 @@ static int delete_pwuser_cb(FILE *fptr, FILE *ftmp, const char *username, const
|
||||
return 0;
|
||||
}
|
||||
|
||||
int delete_pwuser(FILE *fptr, FILE *ftmp, const char *username)
|
||||
static int delete_pwuser(FILE *fptr, FILE *ftmp, const char *username)
|
||||
{
|
||||
struct cb_helper helper;
|
||||
int rc;
|
||||
@ -288,7 +288,7 @@ static int update_file_cb(FILE *fptr, FILE *ftmp, const char *username, const ch
|
||||
}
|
||||
}
|
||||
|
||||
int update_file(FILE *fptr, FILE *ftmp)
|
||||
static int update_file(FILE *fptr, FILE *ftmp)
|
||||
{
|
||||
return pwfile_iterate(fptr, ftmp, update_file_cb, NULL);
|
||||
}
|
||||
@ -315,7 +315,7 @@ static int update_pwuser_cb(FILE *fptr, FILE *ftmp, const char *username, const
|
||||
return rc;
|
||||
}
|
||||
|
||||
int update_pwuser(FILE *fptr, FILE *ftmp, const char *username, const char *password, int iterations)
|
||||
static int update_pwuser(FILE *fptr, FILE *ftmp, const char *username, const char *password, int iterations)
|
||||
{
|
||||
struct cb_helper helper;
|
||||
int rc;
|
||||
@ -334,7 +334,7 @@ int update_pwuser(FILE *fptr, FILE *ftmp, const char *username, const char *pass
|
||||
}
|
||||
|
||||
|
||||
int copy_contents(FILE *src, FILE *dest)
|
||||
static int copy_contents(FILE *src, FILE *dest)
|
||||
{
|
||||
char buf[MAX_BUFFER_LEN];
|
||||
size_t len;
|
||||
@ -361,7 +361,7 @@ int copy_contents(FILE *src, FILE *dest)
|
||||
return 0;
|
||||
}
|
||||
|
||||
int create_backup(const char *backup_file, FILE *fptr)
|
||||
static int create_backup(const char *backup_file, FILE *fptr)
|
||||
{
|
||||
FILE *fbackup;
|
||||
|
||||
@ -380,7 +380,7 @@ int create_backup(const char *backup_file, FILE *fptr)
|
||||
return 0;
|
||||
}
|
||||
|
||||
void handle_sigint(int signal)
|
||||
static void handle_sigint(int signal)
|
||||
{
|
||||
get_password__reset_term();
|
||||
|
||||
|
@ -183,7 +183,7 @@ static int check_format(const char *str)
|
||||
}
|
||||
|
||||
|
||||
void init_config(struct mosq_config *cfg, int pub_or_sub)
|
||||
static void init_config(struct mosq_config *cfg, int pub_or_sub)
|
||||
{
|
||||
memset(cfg, 0, sizeof(*cfg));
|
||||
cfg->port = PORT_UNDEFINED;
|
||||
@ -485,7 +485,7 @@ int client_config_load(struct mosq_config *cfg, int pub_or_sub, int argc, char *
|
||||
return MOSQ_ERR_SUCCESS;
|
||||
}
|
||||
|
||||
int cfg_add_topic(struct mosq_config *cfg, int type, char *topic, const char *arg)
|
||||
static int cfg_add_topic(struct mosq_config *cfg, int type, char *topic, const char *arg)
|
||||
{
|
||||
if(mosquitto_validate_utf8(topic, (int )strlen(topic))){
|
||||
fprintf(stderr, "Error: Malformed UTF-8 in %s argument.\n\n", arg);
|
||||
@ -1263,6 +1263,14 @@ int client_opts_set(struct mosquitto *mosq, struct mosq_config *cfg)
|
||||
mosquitto_lib_cleanup();
|
||||
return 1;
|
||||
}
|
||||
# ifdef FINAL_WITH_TLS_PSK
|
||||
}else if(cfg->psk){
|
||||
if(mosquitto_tls_psk_set(mosq, cfg->psk, cfg->psk_identity, NULL)){
|
||||
err_printf(cfg, "Error: Problem setting TLS-PSK options.\n");
|
||||
mosquitto_lib_cleanup();
|
||||
return 1;
|
||||
}
|
||||
# endif
|
||||
}else if(cfg->port == 8883){
|
||||
mosquitto_int_option(mosq, MOSQ_OPT_TLS_USE_OS_CERTS, 1);
|
||||
}
|
||||
@ -1295,13 +1303,6 @@ int client_opts_set(struct mosquitto *mosq, struct mosq_config *cfg)
|
||||
mosquitto_lib_cleanup();
|
||||
return 1;
|
||||
}
|
||||
# ifdef FINAL_WITH_TLS_PSK
|
||||
if(cfg->psk && mosquitto_tls_psk_set(mosq, cfg->psk, cfg->psk_identity, NULL)){
|
||||
err_printf(cfg, "Error: Problem setting TLS-PSK options.\n");
|
||||
mosquitto_lib_cleanup();
|
||||
return 1;
|
||||
}
|
||||
# endif
|
||||
if((cfg->tls_version || cfg->ciphers) && mosquitto_tls_opts_set(mosq, 1, cfg->tls_version, cfg->ciphers)){
|
||||
err_printf(cfg, "Error: Problem setting TLS options, check the options are valid.\n");
|
||||
mosquitto_lib_cleanup();
|
||||
@ -1321,6 +1322,13 @@ int client_opts_set(struct mosquitto *mosq, struct mosq_config *cfg)
|
||||
if(cfg->tcp_nodelay){
|
||||
mosquitto_int_option(mosq, MOSQ_OPT_TCP_NODELAY, 1);
|
||||
}
|
||||
|
||||
if(cfg->msg_count > 0 && cfg->msg_count < 20){
|
||||
/* 20 is the default "receive maximum"
|
||||
* If we don't set this, then we can receive > msg_count messages
|
||||
* before we quit.*/
|
||||
mosquitto_int_option(mosq, MOSQ_OPT_RECEIVE_MAXIMUM, cfg->msg_count);
|
||||
}
|
||||
return MOSQ_ERR_SUCCESS;
|
||||
}
|
||||
|
||||
|
@ -27,6 +27,10 @@ Contributors:
|
||||
# include <sys/time.h>
|
||||
#endif
|
||||
|
||||
#ifndef __GNUC__
|
||||
#define __attribute__(attrib)
|
||||
#endif
|
||||
|
||||
/* pub_client.c modes */
|
||||
#define MSGMODE_NONE 0
|
||||
#define MSGMODE_CMD 1
|
||||
@ -136,6 +140,5 @@ int client_connect(struct mosquitto *mosq, struct mosq_config *cfg);
|
||||
|
||||
int cfg_parse_property(struct mosq_config *cfg, int argc, char *argv[], int *idx);
|
||||
|
||||
void err_printf(const struct mosq_config *cfg, const char *fmt, ...);
|
||||
|
||||
void err_printf(const struct mosq_config *cfg, const char *fmt, ...) __attribute__((format(printf, 2, 3)));
|
||||
#endif
|
||||
|
@ -232,7 +232,7 @@ int pub_shared_init(void)
|
||||
}
|
||||
|
||||
|
||||
int pub_stdin_line_loop(struct mosquitto *mosq)
|
||||
static int pub_stdin_line_loop(struct mosquitto *mosq)
|
||||
{
|
||||
char *buf2;
|
||||
int buf_len_actual = 0;
|
||||
@ -334,7 +334,7 @@ int pub_stdin_line_loop(struct mosquitto *mosq)
|
||||
}
|
||||
|
||||
|
||||
int pub_other_loop(struct mosquitto *mosq)
|
||||
static int pub_other_loop(struct mosquitto *mosq)
|
||||
{
|
||||
int rc;
|
||||
int loop_delay = 1000;
|
||||
@ -387,7 +387,7 @@ void pub_shared_cleanup(void)
|
||||
}
|
||||
|
||||
|
||||
void print_version(void)
|
||||
static void print_version(void)
|
||||
{
|
||||
int major, minor, revision;
|
||||
|
||||
@ -395,7 +395,7 @@ void print_version(void)
|
||||
printf("mosquitto_pub version %s running on libmosquitto %d.%d.%d.\n", VERSION, major, minor, revision);
|
||||
}
|
||||
|
||||
void print_usage(void)
|
||||
static void print_usage(void)
|
||||
{
|
||||
int major, minor, revision;
|
||||
|
||||
|
@ -50,8 +50,6 @@ enum rr__state {
|
||||
|
||||
static enum rr__state client_state = rr_s_new;
|
||||
|
||||
extern struct mosq_config cfg;
|
||||
|
||||
bool process_messages = true;
|
||||
int msg_count = 0;
|
||||
struct mosquitto *g_mosq = NULL;
|
||||
@ -59,7 +57,7 @@ static bool timed_out = false;
|
||||
static int connack_result = 0;
|
||||
|
||||
#ifndef WIN32
|
||||
void my_signal_handler(int signum)
|
||||
static void my_signal_handler(int signum)
|
||||
{
|
||||
if(signum == SIGALRM){
|
||||
process_messages = false;
|
||||
@ -80,7 +78,7 @@ int my_publish(struct mosquitto *mosq, int *mid, const char *topic, int payloadl
|
||||
}
|
||||
|
||||
|
||||
void my_message_callback(struct mosquitto *mosq, void *obj, const struct mosquitto_message *message, const mosquitto_property *properties)
|
||||
static void my_message_callback(struct mosquitto *mosq, void *obj, const struct mosquitto_message *message, const mosquitto_property *properties)
|
||||
{
|
||||
UNUSED(mosq);
|
||||
UNUSED(obj);
|
||||
@ -151,7 +149,7 @@ void my_connect_callback(struct mosquitto *mosq, void *obj, int result, int flag
|
||||
}
|
||||
|
||||
|
||||
void my_subscribe_callback(struct mosquitto *mosq, void *obj, int mid, int qos_count, const int *granted_qos)
|
||||
static void my_subscribe_callback(struct mosquitto *mosq, void *obj, int mid, int qos_count, const int *granted_qos)
|
||||
{
|
||||
UNUSED(obj);
|
||||
UNUSED(mid);
|
||||
@ -179,7 +177,7 @@ void my_publish_callback(struct mosquitto *mosq, void *obj, int mid, int reason_
|
||||
}
|
||||
|
||||
|
||||
void print_version(void)
|
||||
static void print_version(void)
|
||||
{
|
||||
int major, minor, revision;
|
||||
|
||||
@ -187,7 +185,7 @@ void print_version(void)
|
||||
printf("mosquitto_rr version %s running on libmosquitto %d.%d.%d.\n", VERSION, major, minor, revision);
|
||||
}
|
||||
|
||||
void print_usage(void)
|
||||
static void print_usage(void)
|
||||
{
|
||||
int major, minor, revision;
|
||||
|
||||
|
@ -48,7 +48,7 @@ static int connack_result = 0;
|
||||
bool connack_received = false;
|
||||
|
||||
#ifndef WIN32
|
||||
void my_signal_handler(int signum)
|
||||
static void my_signal_handler(int signum)
|
||||
{
|
||||
if(signum == SIGALRM || signum == SIGTERM || signum == SIGINT){
|
||||
if(connack_received){
|
||||
@ -65,19 +65,7 @@ void my_signal_handler(int signum)
|
||||
#endif
|
||||
|
||||
|
||||
void my_publish_callback(struct mosquitto *mosq, void *obj, int mid, int reason_code, const mosquitto_property *properties)
|
||||
{
|
||||
UNUSED(obj);
|
||||
UNUSED(reason_code);
|
||||
UNUSED(properties);
|
||||
|
||||
if(process_messages == false && (mid == last_mid || last_mid == 0)){
|
||||
mosquitto_disconnect_v5(mosq, 0, cfg.disconnect_props);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
void my_message_callback(struct mosquitto *mosq, void *obj, const struct mosquitto_message *message, const mosquitto_property *properties)
|
||||
static void my_message_callback(struct mosquitto *mosq, void *obj, const struct mosquitto_message *message, const mosquitto_property *properties)
|
||||
{
|
||||
int i;
|
||||
bool res;
|
||||
@ -120,7 +108,7 @@ void my_message_callback(struct mosquitto *mosq, void *obj, const struct mosquit
|
||||
}
|
||||
}
|
||||
|
||||
void my_connect_callback(struct mosquitto *mosq, void *obj, int result, int flags, const mosquitto_property *properties)
|
||||
static void my_connect_callback(struct mosquitto *mosq, void *obj, int result, int flags, const mosquitto_property *properties)
|
||||
{
|
||||
int i;
|
||||
|
||||
@ -153,7 +141,7 @@ void my_connect_callback(struct mosquitto *mosq, void *obj, int result, int flag
|
||||
}
|
||||
}
|
||||
|
||||
void my_subscribe_callback(struct mosquitto *mosq, void *obj, int mid, int qos_count, const int *granted_qos)
|
||||
static void my_subscribe_callback(struct mosquitto *mosq, void *obj, int mid, int qos_count, const int *granted_qos)
|
||||
{
|
||||
int i;
|
||||
bool some_sub_allowed = (granted_qos[0] < 128);
|
||||
@ -177,7 +165,7 @@ void my_subscribe_callback(struct mosquitto *mosq, void *obj, int mid, int qos_c
|
||||
}
|
||||
}
|
||||
|
||||
void my_log_callback(struct mosquitto *mosq, void *obj, int level, const char *str)
|
||||
static void my_log_callback(struct mosquitto *mosq, void *obj, int level, const char *str)
|
||||
{
|
||||
UNUSED(mosq);
|
||||
UNUSED(obj);
|
||||
@ -186,7 +174,7 @@ void my_log_callback(struct mosquitto *mosq, void *obj, int level, const char *s
|
||||
printf("%s\n", str);
|
||||
}
|
||||
|
||||
void print_version(void)
|
||||
static void print_version(void)
|
||||
{
|
||||
int major, minor, revision;
|
||||
|
||||
@ -194,7 +182,7 @@ void print_version(void)
|
||||
printf("mosquitto_sub version %s running on libmosquitto %d.%d.%d.\n", VERSION, major, minor, revision);
|
||||
}
|
||||
|
||||
void print_usage(void)
|
||||
static void print_usage(void)
|
||||
{
|
||||
int major, minor, revision;
|
||||
|
||||
|
17
config.mk
17
config.mk
@ -127,7 +127,7 @@ WITH_XTREPORT=no
|
||||
|
||||
# Also bump lib/mosquitto.h, CMakeLists.txt,
|
||||
# installer/mosquitto.nsi, installer/mosquitto64.nsi
|
||||
VERSION=2.0.9
|
||||
VERSION=2.0.10
|
||||
|
||||
# Client library SO version. Bump if incompatible API/ABI changes are made.
|
||||
SOVERSION=1
|
||||
@ -140,6 +140,7 @@ DB_HTML_XSL=man/html.xsl
|
||||
#MANCOUNTRIES=en_GB
|
||||
|
||||
UNAME:=$(shell uname -s)
|
||||
ARCH:=$(shell uname -p)
|
||||
|
||||
ifeq ($(UNAME),SunOS)
|
||||
ifeq ($(CC),cc)
|
||||
@ -148,7 +149,7 @@ ifeq ($(UNAME),SunOS)
|
||||
CFLAGS?=-Wall -ggdb -O2
|
||||
endif
|
||||
else
|
||||
CFLAGS?=-Wall -ggdb -O2 -Wconversion
|
||||
CFLAGS?=-Wall -ggdb -O2 -Wconversion -Wextra
|
||||
endif
|
||||
|
||||
STATIC_LIB_DEPS:=
|
||||
@ -199,9 +200,15 @@ ifeq ($(WITH_SHARED_LIBRARIES),yes)
|
||||
endif
|
||||
|
||||
ifeq ($(UNAME),SunOS)
|
||||
ifeq ($(CC),cc)
|
||||
LIB_CFLAGS:=$(LIB_CFLAGS) -xc99 -KPIC
|
||||
else
|
||||
SEDINPLACE:=
|
||||
ifeq ($(ARCH),sparc)
|
||||
ifeq ($(CC),cc)
|
||||
LIB_CFLAGS:=$(LIB_CFLAGS) -xc99 -KPIC
|
||||
else
|
||||
LIB_CFLAGS:=$(LIB_CFLAGS) -fPIC
|
||||
endif
|
||||
endif
|
||||
ifeq ($(ARCH),i386)
|
||||
LIB_CFLAGS:=$(LIB_CFLAGS) -fPIC
|
||||
endif
|
||||
|
||||
|
@ -1,74 +1,114 @@
|
||||
FROM alpine:edge AS build
|
||||
FROM alpine:3.12
|
||||
|
||||
LABEL maintainer="Roger Light <roger@atchoo.org>" \
|
||||
description="Eclipse Mosquitto MQTT Broker"
|
||||
|
||||
# A released dist version, like "1.2.3"
|
||||
ARG VERSION
|
||||
RUN test -n "${VERSION}"
|
||||
|
||||
RUN apk --no-cache add \
|
||||
build-base \
|
||||
c-ares-dev \
|
||||
ca-certificates \
|
||||
cjson-dev \
|
||||
curl \
|
||||
libwebsockets-dev \
|
||||
libxslt \
|
||||
openssl-dev \
|
||||
python2 \
|
||||
util-linux-dev
|
||||
ENV \
|
||||
GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \
|
||||
LWS_VERSION=2.4.2 \
|
||||
LWS_SHA256=73012d7fcf428dedccc816e83a63a01462e27819d5537b8e0d0c7264bfacfad6 \
|
||||
CJSON_VERSION=1.7.14 \
|
||||
CJSON_SHA256=fb50a663eefdc76bafa80c82bc045af13b1363e8f45cec8b442007aef6a41343
|
||||
|
||||
# This build procedure is based on:
|
||||
# https://github.com/alpinelinux/aports/blob/master/main/mosquitto/APKBUILD
|
||||
#
|
||||
# If this step fails, double check the version build-arg and make sure its
|
||||
# a valid published tarball at https://mosquitto.org/files/source/
|
||||
RUN mkdir -p /build /install && \
|
||||
curl -SL https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz \
|
||||
| tar --strip=1 -xzC /build && \
|
||||
make -C /build \
|
||||
WITH_MEMORY_TRACKING=no \
|
||||
WITH_WEBSOCKETS=yes \
|
||||
WITH_SRV=yes \
|
||||
WITH_TLS_PSK=no \
|
||||
WITH_ADNS=no \
|
||||
prefix=/usr \
|
||||
binary && \
|
||||
make -C /build \
|
||||
prefix=/usr \
|
||||
DESTDIR="/install" \
|
||||
install && \
|
||||
mv /install/etc/mosquitto/mosquitto.conf.example /install/etc/mosquitto/mosquitto.conf && \
|
||||
sed -i -e 's/#log_dest stderr/log_dest syslog/' /install/etc/mosquitto/mosquitto.conf
|
||||
|
||||
|
||||
# Single-layer image for the mosquitto distribution
|
||||
FROM alpine:latest
|
||||
LABEL maintainer="Jonathan Hanson <jonathan@jonathan-hanson.org>" \
|
||||
description="Eclipse Mosquitto MQTT Broker"
|
||||
|
||||
# Install the run-time dependencies
|
||||
RUN apk --no-cache add \
|
||||
busybox \
|
||||
ca-certificates \
|
||||
cjson \
|
||||
openssl \
|
||||
libuuid \
|
||||
libwebsockets \
|
||||
musl
|
||||
|
||||
# Copy over the built install from the earlier image layer
|
||||
COPY --from=build /install /
|
||||
|
||||
# Set up the mosquitto directories and the mosquitto user
|
||||
RUN addgroup -S mosquitto 2>/dev/null && \
|
||||
adduser -S -D -H -h /var/empty -s /sbin/nologin -G mosquitto -g mosquitto mosquitto 2>/dev/null && \
|
||||
RUN set -x && \
|
||||
apk --no-cache add --virtual build-deps \
|
||||
build-base \
|
||||
cmake \
|
||||
gnupg \
|
||||
openssl-dev \
|
||||
util-linux-dev && \
|
||||
wget https://github.com/warmcat/libwebsockets/archive/v${LWS_VERSION}.tar.gz -O /tmp/lws.tar.gz && \
|
||||
echo "$LWS_SHA256 /tmp/lws.tar.gz" | sha256sum -c - && \
|
||||
mkdir -p /build/lws && \
|
||||
tar --strip=1 -xf /tmp/lws.tar.gz -C /build/lws && \
|
||||
rm /tmp/lws.tar.gz && \
|
||||
cd /build/lws && \
|
||||
cmake . \
|
||||
-DCMAKE_BUILD_TYPE=MinSizeRel \
|
||||
-DCMAKE_INSTALL_PREFIX=/usr \
|
||||
-DLWS_IPV6=ON \
|
||||
-DLWS_WITHOUT_BUILTIN_GETIFADDRS=ON \
|
||||
-DLWS_WITHOUT_CLIENT=ON \
|
||||
-DLWS_WITHOUT_EXTENSIONS=ON \
|
||||
-DLWS_WITHOUT_TESTAPPS=ON \
|
||||
-DLWS_WITH_SHARED=OFF \
|
||||
-DLWS_WITH_ZIP_FOPS=OFF \
|
||||
-DLWS_WITH_ZLIB=OFF && \
|
||||
make -j "$(nproc)" && \
|
||||
rm -rf /root/.cmake && \
|
||||
wget https://github.com/DaveGamble/cJSON/archive/v${CJSON_VERSION}.tar.gz -O /tmp/cjson.tar.gz && \
|
||||
echo "$CJSON_SHA256 /tmp/cjson.tar.gz" | sha256sum -c - && \
|
||||
mkdir -p /build/cjson && \
|
||||
tar --strip=1 -xf /tmp/cjson.tar.gz -C /build/cjson && \
|
||||
rm /tmp/cjson.tar.gz && \
|
||||
cd /build/cjson && \
|
||||
cmake . \
|
||||
-DCMAKE_BUILD_TYPE=MinSizeRel \
|
||||
-DBUILD_SHARED_AND_STATIC_LIBS=OFF \
|
||||
-DBUILD_SHARED_LIBS=OFF \
|
||||
-DCJSON_BUILD_SHARED_LIBS=OFF \
|
||||
-DCJSON_OVERRIDE_BUILD_SHARED_LIBS=OFF \
|
||||
-DCMAKE_INSTALL_PREFIX=/usr && \
|
||||
make -j "$(nproc)" && \
|
||||
rm -rf /root/.cmake && \
|
||||
wget https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz -O /tmp/mosq.tar.gz && \
|
||||
wget https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz.asc -O /tmp/mosq.tar.gz.asc && \
|
||||
export GNUPGHOME="$(mktemp -d)" && \
|
||||
found=''; \
|
||||
for server in \
|
||||
ha.pool.sks-keyservers.net \
|
||||
hkp://keyserver.ubuntu.com:80 \
|
||||
hkp://p80.pool.sks-keyservers.net:80 \
|
||||
pgp.mit.edu \
|
||||
; do \
|
||||
echo "Fetching GPG key $GPG_KEYS from $server"; \
|
||||
gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \
|
||||
done; \
|
||||
test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \
|
||||
gpg --batch --verify /tmp/mosq.tar.gz.asc /tmp/mosq.tar.gz && \
|
||||
gpgconf --kill all && \
|
||||
rm -rf "$GNUPGHOME" /tmp/mosq.tar.gz.asc && \
|
||||
mkdir -p /build/mosq && \
|
||||
tar --strip=1 -xf /tmp/mosq.tar.gz -C /build/mosq && \
|
||||
rm /tmp/mosq.tar.gz && \
|
||||
make -C /build/mosq -j "$(nproc)" \
|
||||
CFLAGS="-Wall -O2 -I/build/lws/include -I/build" \
|
||||
LDFLAGS="-L/build/lws/lib -L/build/cjson" \
|
||||
WITH_ADNS=no \
|
||||
WITH_DOCS=no \
|
||||
WITH_SHARED_LIBRARIES=yes \
|
||||
WITH_SRV=no \
|
||||
WITH_STRIP=yes \
|
||||
WITH_TLS_PSK=no \
|
||||
WITH_WEBSOCKETS=yes \
|
||||
prefix=/usr \
|
||||
binary && \
|
||||
addgroup -S -g 1883 mosquitto 2>/dev/null && \
|
||||
adduser -S -u 1883 -D -H -h /var/empty -s /sbin/nologin -G mosquitto -g mosquitto mosquitto 2>/dev/null && \
|
||||
mkdir -p /mosquitto/config /mosquitto/data /mosquitto/log && \
|
||||
cp /etc/mosquitto/mosquitto.conf /mosquitto/config && \
|
||||
chown -R mosquitto:mosquitto /mosquitto
|
||||
install -d /usr/sbin/ && \
|
||||
install -s -m755 /build/mosq/client/mosquitto_pub /usr/bin/mosquitto_pub && \
|
||||
install -s -m755 /build/mosq/client/mosquitto_rr /usr/bin/mosquitto_rr && \
|
||||
install -s -m755 /build/mosq/client/mosquitto_sub /usr/bin/mosquitto_sub && \
|
||||
install -s -m644 /build/mosq/lib/libmosquitto.so.1 /usr/lib/libmosquitto.so.1 && \
|
||||
install -s -m755 /build/mosq/src/mosquitto /usr/sbin/mosquitto && \
|
||||
install -s -m755 /build/mosq/apps/mosquitto_ctrl/mosquitto_ctrl /usr/bin/mosquitto_ctrl && \
|
||||
install -s -m755 /build/mosq/apps/mosquitto_passwd/mosquitto_passwd /usr/bin/mosquitto_passwd && \
|
||||
install -s -m755 /build/mosq/plugins/dynamic-security/mosquitto_dynamic_security.so /usr/lib/mosquitto_dynamic_security.so && \
|
||||
install -m644 /build/mosq/mosquitto.conf /mosquitto/config/mosquitto.conf && \
|
||||
chown -R mosquitto:mosquitto /mosquitto && \
|
||||
apk --no-cache add \
|
||||
ca-certificates && \
|
||||
apk del build-deps && \
|
||||
rm -rf /build
|
||||
|
||||
VOLUME ["/mosquitto/config", "/mosquitto/data", "/mosquitto/log"]
|
||||
VOLUME ["/mosquitto/data", "/mosquitto/log"]
|
||||
|
||||
# Set up the entry point script and default command
|
||||
COPY docker-entrypoint.sh /
|
||||
COPY docker-entrypoint.sh mosquitto-no-auth.conf /
|
||||
EXPOSE 1883
|
||||
ENTRYPOINT ["/docker-entrypoint.sh"]
|
||||
CMD ["/usr/sbin/mosquitto", "-c", "/mosquitto/config/mosquitto.conf"]
|
||||
|
@ -9,6 +9,19 @@ Three docker volumes have been created in the image to be used for configuration
|
||||
/mosquitto/log
|
||||
```
|
||||
|
||||
## Running without a configuration file
|
||||
Mosquitto 2.0 requires you to configure listeners and authentication before it
|
||||
will allow connections from anything other than the loopback interface. In the
|
||||
context of a container, this means you would normally need to provide a
|
||||
configuration file with your settings.
|
||||
|
||||
If you wish to run mosquitto without any authentication, and without setting
|
||||
any other configuration options, you can do so by using a configuration
|
||||
provided in the container for this purpose:
|
||||
```
|
||||
docker run -it -p 1883:1883 eclipse-mosquitto:<version> mosquitto -c /mosquitto-no-auth.conf
|
||||
```
|
||||
|
||||
## Configuration
|
||||
When creating a container from the image, the default configuration values are used.
|
||||
To use a custom configuration file, mount a **local** configuration file to `/mosquitto/config/mosquitto.conf`
|
||||
|
5
docker/generic/mosquitto-no-auth.conf
Normal file
5
docker/generic/mosquitto-no-auth.conf
Normal file
@ -0,0 +1,5 @@
|
||||
# This is a Mosquitto configuration file that creates a listener on port 1883
|
||||
# that allows unauthenticated access.
|
||||
|
||||
listener 1883
|
||||
allow_anonymous true
|
@ -66,7 +66,7 @@ extern "C" {
|
||||
|
||||
#define LIBMOSQUITTO_MAJOR 2
|
||||
#define LIBMOSQUITTO_MINOR 0
|
||||
#define LIBMOSQUITTO_REVISION 9
|
||||
#define LIBMOSQUITTO_REVISION 10
|
||||
/* LIBMOSQUITTO_VERSION_NUMBER looks like 1002001 for e.g. version 1.2.1. */
|
||||
#define LIBMOSQUITTO_VERSION_NUMBER (LIBMOSQUITTO_MAJOR*1000000+LIBMOSQUITTO_MINOR*1000+LIBMOSQUITTO_REVISION)
|
||||
|
||||
|
@ -9,7 +9,7 @@
|
||||
!define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"'
|
||||
|
||||
Name "Eclipse Mosquitto"
|
||||
!define VERSION 2.0.9
|
||||
!define VERSION 2.0.10
|
||||
OutFile "mosquitto-${VERSION}-install-windows-x86.exe"
|
||||
|
||||
InstallDir "$PROGRAMFILES\mosquitto"
|
||||
|
@ -9,7 +9,7 @@
|
||||
!define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"'
|
||||
|
||||
Name "Eclipse Mosquitto"
|
||||
!define VERSION 2.0.9
|
||||
!define VERSION 2.0.10
|
||||
OutFile "mosquitto-${VERSION}-install-windows-x64.exe"
|
||||
|
||||
!include "x64.nsh"
|
||||
|
@ -189,7 +189,7 @@ static int mosquitto__reconnect(struct mosquitto *mosq, bool blocking)
|
||||
|
||||
packet__cleanup_all(mosq);
|
||||
|
||||
message__reconnect_reset(mosq);
|
||||
message__reconnect_reset(mosq, false);
|
||||
|
||||
if(mosq->sock != INVALID_SOCKET){
|
||||
net__socket_close(mosq); //close socket
|
||||
|
@ -26,6 +26,7 @@ Contributors:
|
||||
#include "mqtt_protocol.h"
|
||||
#include "packet_mosq.h"
|
||||
#include "property_mosq.h"
|
||||
#include "read_handle.h"
|
||||
|
||||
|
||||
int handle__auth(struct mosquitto *mosq)
|
||||
|
@ -106,7 +106,7 @@ int handle__connack(struct mosquitto *mosq)
|
||||
mosquitto_property_read_int32(properties, MQTT_PROP_MAXIMUM_PACKET_SIZE, &mosq->maximum_packet_size, false);
|
||||
|
||||
mosq->msgs_out.inflight_quota = mosq->msgs_out.inflight_maximum;
|
||||
message__reconnect_reset(mosq);
|
||||
message__reconnect_reset(mosq, true);
|
||||
|
||||
connack_callback(mosq, reason_code, connect_flags, properties);
|
||||
mosquitto_property_free_all(&properties);
|
||||
|
@ -27,6 +27,7 @@ Contributors:
|
||||
#include "net_mosq.h"
|
||||
#include "packet_mosq.h"
|
||||
#include "property_mosq.h"
|
||||
#include "read_handle.h"
|
||||
#include "send_mosq.h"
|
||||
#include "util_mosq.h"
|
||||
|
||||
|
@ -29,6 +29,7 @@ Contributors:
|
||||
#include "messages_mosq.h"
|
||||
#include "packet_mosq.h"
|
||||
#include "property_mosq.h"
|
||||
#include "read_handle.h"
|
||||
#include "send_mosq.h"
|
||||
#include "time_mosq.h"
|
||||
#include "util_mosq.h"
|
||||
|
@ -31,6 +31,7 @@ Contributors:
|
||||
#include "mqtt_protocol.h"
|
||||
#include "packet_mosq.h"
|
||||
#include "property_mosq.h"
|
||||
#include "read_handle.h"
|
||||
#include "util_mosq.h"
|
||||
|
||||
|
||||
|
@ -23,11 +23,12 @@ Contributors:
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "logging_mosq.h"
|
||||
#include "mosquitto_internal.h"
|
||||
#include "mosquitto.h"
|
||||
#include "memory_mosq.h"
|
||||
|
||||
int log__printf(struct mosquitto *mosq, int priority, const char *fmt, ...)
|
||||
int log__printf(struct mosquitto *mosq, unsigned int priority, const char *fmt, ...)
|
||||
{
|
||||
va_list va;
|
||||
char *s;
|
||||
@ -50,7 +51,7 @@ int log__printf(struct mosquitto *mosq, int priority, const char *fmt, ...)
|
||||
va_end(va);
|
||||
s[len-1] = '\0'; /* Ensure string is null terminated. */
|
||||
|
||||
mosq->on_log(mosq, mosq->userdata, priority, s);
|
||||
mosq->on_log(mosq, mosq->userdata, (int)priority, s);
|
||||
|
||||
mosquitto__free(s);
|
||||
}
|
||||
|
@ -20,6 +20,10 @@ Contributors:
|
||||
|
||||
#include "mosquitto.h"
|
||||
|
||||
int log__printf(struct mosquitto *mosq, unsigned int priority, const char *fmt, ...);
|
||||
#ifndef __GNUC__
|
||||
#define __attribute__(attrib)
|
||||
#endif
|
||||
|
||||
int log__printf(struct mosquitto *mosq, unsigned int level, const char *fmt, ...) __attribute__((format(printf, 3, 4)));
|
||||
|
||||
#endif
|
||||
|
@ -204,10 +204,9 @@ static int interruptible_sleep(struct mosquitto *mosq, time_t reconnect_delay)
|
||||
int maxfd = 0;
|
||||
|
||||
#ifndef WIN32
|
||||
if(read(mosq->sockpairR, &pairbuf, 1) == 0){
|
||||
}
|
||||
while(read(mosq->sockpairR, &pairbuf, 1) > 0);
|
||||
#else
|
||||
recv(mosq->sockpairR, &pairbuf, 1, 0);
|
||||
while(recv(mosq->sockpairR, &pairbuf, 1, 0) > 0);
|
||||
#endif
|
||||
|
||||
local_timeout.tv_sec = reconnect_delay;
|
||||
|
@ -137,7 +137,7 @@ int message__queue(struct mosquitto *mosq, struct mosquitto_message_all *message
|
||||
return message__release_to_inflight(mosq, dir);
|
||||
}
|
||||
|
||||
void message__reconnect_reset(struct mosquitto *mosq)
|
||||
void message__reconnect_reset(struct mosquitto *mosq, bool update_quota_only)
|
||||
{
|
||||
struct mosquitto_message_all *message, *tmp;
|
||||
assert(mosq);
|
||||
@ -169,15 +169,17 @@ void message__reconnect_reset(struct mosquitto *mosq)
|
||||
message->timestamp = 0;
|
||||
if(mosq->msgs_out.inflight_quota != 0){
|
||||
util__decrement_send_quota(mosq);
|
||||
if(message->msg.qos == 1){
|
||||
message->state = mosq_ms_publish_qos1;
|
||||
}else if(message->msg.qos == 2){
|
||||
if(message->state == mosq_ms_wait_for_pubrec){
|
||||
message->state = mosq_ms_publish_qos2;
|
||||
}else if(message->state == mosq_ms_wait_for_pubcomp){
|
||||
message->state = mosq_ms_resend_pubrel;
|
||||
if (update_quota_only == false){
|
||||
if(message->msg.qos == 1){
|
||||
message->state = mosq_ms_publish_qos1;
|
||||
}else if(message->msg.qos == 2){
|
||||
if(message->state == mosq_ms_wait_for_pubrec){
|
||||
message->state = mosq_ms_publish_qos2;
|
||||
}else if(message->state == mosq_ms_wait_for_pubcomp){
|
||||
message->state = mosq_ms_resend_pubrel;
|
||||
}
|
||||
/* Should be able to preserve state. */
|
||||
}
|
||||
/* Should be able to preserve state. */
|
||||
}
|
||||
}else{
|
||||
message->state = mosq_ms_invalid;
|
||||
|
@ -25,7 +25,7 @@ void message__cleanup_all(struct mosquitto *mosq);
|
||||
void message__cleanup(struct mosquitto_message_all **message);
|
||||
int message__delete(struct mosquitto *mosq, uint16_t mid, enum mosquitto_msg_direction dir, int qos);
|
||||
int message__queue(struct mosquitto *mosq, struct mosquitto_message_all *message, enum mosquitto_msg_direction dir);
|
||||
void message__reconnect_reset(struct mosquitto *mosq);
|
||||
void message__reconnect_reset(struct mosquitto *mosq, bool update_quota_only);
|
||||
int message__release_to_inflight(struct mosquitto *mosq, enum mosquitto_msg_direction dir);
|
||||
int message__remove(struct mosquitto *mosq, uint16_t mid, enum mosquitto_msg_direction dir, struct mosquitto_message_all **message, int qos);
|
||||
void message__retry_check(struct mosquitto *mosq);
|
||||
|
@ -36,6 +36,8 @@ Contributors:
|
||||
# include <sys/stat.h>
|
||||
#endif
|
||||
|
||||
#include "misc_mosq.h"
|
||||
|
||||
|
||||
FILE *mosquitto__fopen(const char *path, const char *mode, bool restrict_read)
|
||||
{
|
||||
|
@ -19,6 +19,7 @@ Contributors:
|
||||
#define MISC_MOSQ_H
|
||||
|
||||
#include <stdbool.h>
|
||||
#include <stdio.h>
|
||||
|
||||
FILE *mosquitto__fopen(const char *path, const char *mode, bool restrict_read);
|
||||
char *misc__trimblanks(char *str);
|
||||
|
@ -917,16 +917,13 @@ int net__socket_connect_step3(struct mosquitto *mosq, const char *host)
|
||||
/* Create a socket and connect it to 'ip' on port 'port'. */
|
||||
int net__socket_connect(struct mosquitto *mosq, const char *host, uint16_t port, const char *bind_address, bool blocking)
|
||||
{
|
||||
mosq_sock_t sock = INVALID_SOCKET;
|
||||
int rc, rc2;
|
||||
|
||||
if(!mosq || !host) return MOSQ_ERR_INVAL;
|
||||
|
||||
rc = net__try_connect(host, port, &sock, bind_address, blocking);
|
||||
rc = net__try_connect(host, port, &mosq->sock, bind_address, blocking);
|
||||
if(rc > 0) return rc;
|
||||
|
||||
mosq->sock = sock;
|
||||
|
||||
if(mosq->tcp_nodelay){
|
||||
int flag = 1;
|
||||
if(setsockopt(mosq->sock, IPPROTO_TCP, TCP_NODELAY, (const void*)&flag, sizeof(int)) != 0){
|
||||
|
@ -64,10 +64,11 @@ int mosquitto__verify_ocsp_status_cb(SSL * ssl, void *arg)
|
||||
OCSP_BASICRESP *br = NULL;
|
||||
X509_STORE *st = NULL;
|
||||
STACK_OF(X509) *ch = NULL;
|
||||
long len;
|
||||
|
||||
UNUSED(ssl);
|
||||
|
||||
long len = SSL_get_tlsext_status_ocsp_resp(mosq->ssl, &p);
|
||||
len = SSL_get_tlsext_status_ocsp_resp(mosq->ssl, &p);
|
||||
log__printf(mosq, MOSQ_LOG_DEBUG, "OCSP: SSL_get_tlsext_status_ocsp_resp returned %ld bytes", len);
|
||||
|
||||
/* the following functions expect a const pointer */
|
||||
|
@ -33,7 +33,7 @@ Contributors:
|
||||
#include "property_mosq.h"
|
||||
|
||||
|
||||
int property__read(struct mosquitto__packet *packet, uint32_t *len, mosquitto_property *property)
|
||||
static int property__read(struct mosquitto__packet *packet, uint32_t *len, mosquitto_property *property)
|
||||
{
|
||||
int rc;
|
||||
uint32_t property_identifier;
|
||||
@ -355,7 +355,7 @@ unsigned int property__get_remaining_length(const mosquitto_property *props)
|
||||
}
|
||||
|
||||
|
||||
int property__write(struct mosquitto__packet *packet, const mosquitto_property *property)
|
||||
static int property__write(struct mosquitto__packet *packet, const mosquitto_property *property)
|
||||
{
|
||||
int rc;
|
||||
|
||||
@ -975,7 +975,7 @@ int mosquitto_property_check_all(int command, const mosquitto_property *properti
|
||||
return MOSQ_ERR_SUCCESS;
|
||||
}
|
||||
|
||||
const mosquitto_property *property__get_property(const mosquitto_property *proplist, int identifier, bool skip_first)
|
||||
static const mosquitto_property *property__get_property(const mosquitto_property *proplist, int identifier, bool skip_first)
|
||||
{
|
||||
const mosquitto_property *p;
|
||||
bool is_first = true;
|
||||
|
@ -32,6 +32,7 @@ Contributors:
|
||||
#include "mqtt_protocol.h"
|
||||
#include "packet_mosq.h"
|
||||
#include "property_mosq.h"
|
||||
#include "send_mosq.h"
|
||||
|
||||
int send__connect(struct mosquitto *mosq, uint16_t keepalive, bool clean_session, const mosquitto_property *properties)
|
||||
{
|
||||
|
@ -32,10 +32,11 @@ Contributors:
|
||||
#include "mqtt_protocol.h"
|
||||
#include "packet_mosq.h"
|
||||
#include "property_mosq.h"
|
||||
#include "send_mosq.h"
|
||||
#include "util_mosq.h"
|
||||
|
||||
|
||||
int send__subscribe(struct mosquitto *mosq, int *mid, int topic_count, const char **topic, int topic_qos, const mosquitto_property *properties)
|
||||
int send__subscribe(struct mosquitto *mosq, int *mid, int topic_count, char *const *const topic, int topic_qos, const mosquitto_property *properties)
|
||||
{
|
||||
struct mosquitto__packet *packet = NULL;
|
||||
uint32_t packetlen;
|
||||
|
@ -23,7 +23,7 @@ Contributors:
|
||||
#include <limits.h>
|
||||
#ifdef WIN32
|
||||
# include <ws2tcpip.h>
|
||||
#elif __QNX__
|
||||
#elif defined(__QNX__)
|
||||
# include <sys/socket.h>
|
||||
# include <arpa/inet.h>
|
||||
# include <netinet/in.h>
|
||||
@ -40,6 +40,7 @@ Contributors:
|
||||
#include "net_mosq.h"
|
||||
#include "packet_mosq.h"
|
||||
#include "send_mosq.h"
|
||||
#include "socks_mosq.h"
|
||||
#include "util_mosq.h"
|
||||
|
||||
#define SOCKS_AUTH_NONE 0x00U
|
||||
|
@ -84,7 +84,7 @@ int mosquitto__server_certificate_verify(int preverify_ok, X509_STORE_CTX *ctx)
|
||||
}
|
||||
}
|
||||
|
||||
int mosquitto__cmp_hostname_wildcard(char *certname, const char *hostname)
|
||||
static int mosquitto__cmp_hostname_wildcard(char *certname, const char *hostname)
|
||||
{
|
||||
size_t i;
|
||||
size_t len;
|
||||
|
@ -42,7 +42,8 @@
|
||||
<title>Authentication</title>
|
||||
<para>The authentication options described below allow a wide range of
|
||||
possibilities in conjunction with the listener options. This
|
||||
section aims to clarify the possibilities.</para>
|
||||
section aims to clarify the possibilities. An overview is also available at
|
||||
<ulink url="https://mosquitto.org/documentation/authentication-methods/"/></para>
|
||||
<para>The simplest option is to have no authentication at all. This is
|
||||
the default if no other options are given. Unauthenticated
|
||||
encrypted support is provided by using the certificate based
|
||||
@ -54,6 +55,11 @@
|
||||
vulnerable to interception. Use the
|
||||
<option>per_listener_settings</option> to control whether passwords
|
||||
are required globally or on a per-listener basis.</para>
|
||||
<para>Mosquitto provides the Dynamic Security plugin which handles
|
||||
username/password authentication and access control in a much
|
||||
more flexible way than a password file. See
|
||||
<ulink url="https://mosquitto.org/documentation/dynamic-security/"/>
|
||||
</para>
|
||||
<para>When using certificate based encryption there are three options
|
||||
that affect authentication. The first is require_certificate, which
|
||||
may be set to true or false. If false, the SSL/TLS component of the
|
||||
@ -164,6 +170,9 @@
|
||||
<para>Reloaded on reload signal. The currently loaded ACLs
|
||||
will be freed and reloaded. Existing subscriptions will
|
||||
be affected after the reload.</para>
|
||||
<para>See also
|
||||
<ulink url="https://mosquitto.org/documentation/dynamic-security/"/>
|
||||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
@ -267,6 +276,9 @@
|
||||
alongsize <option>auth_plugin</option>, the plugin
|
||||
checks will run after the built in checks.</para>
|
||||
<para>Not currently reloaded on reload signal.</para>
|
||||
<para>See also
|
||||
<ulink url="https://mosquitto.org/documentation/dynamic-security/"/>
|
||||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
@ -753,7 +765,9 @@ log_timestamp_format %Y-%m-%dT%H:%M:%S
|
||||
Clients that are already connected will not be
|
||||
affected.</para>
|
||||
<para>See also
|
||||
<citerefentry><refentrytitle>mosquitto_passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para>
|
||||
<citerefentry><refentrytitle>mosquitto_passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry> and
|
||||
<ulink url="https://mosquitto.org/documentation/dynamic-security/"/>
|
||||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
|
@ -17,7 +17,7 @@
|
||||
<refsynopsisdiv>
|
||||
<cmdsynopsis>
|
||||
<command>mosquitto_ctrl</command>
|
||||
<arg choice='opt'>connection-options</arg>
|
||||
<arg choice='opt'>connection-options | -o config-file</arg>
|
||||
<arg choice='plain'>module-name</arg>
|
||||
<arg choice='plain'>module-command</arg>
|
||||
<arg choice='opt'>command-options</arg>
|
||||
@ -132,7 +132,11 @@
|
||||
<para>The options below may be given on the command line, but may also
|
||||
be placed in a config file located at
|
||||
<option>$XDG_CONFIG_HOME/mosquitto_ctrl</option> or
|
||||
<option>$HOME/.config/mosquitto_ctrl</option> with one pair of
|
||||
<option>$HOME/.config/mosquitto_ctrl</option>.</para>
|
||||
<para>The config file may be specified manually with the
|
||||
<option>-o <replaceable>config-file</replaceable></option>
|
||||
option.</para>
|
||||
<para>The config file should have one pair of
|
||||
<option>-option <replaceable>value</replaceable></option>
|
||||
per line. The values in the config file will be used as defaults
|
||||
and can be overridden by using the command line. The exceptions to
|
||||
@ -320,6 +324,20 @@
|
||||
being sent than would normally be necessary.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><option>-o</option> <replaceable>config-file</replaceable></term>
|
||||
<listitem>
|
||||
<para>Provide a path to a config file to load options from. The config file should have one pair of
|
||||
<option>-option <replaceable>value</replaceable></option>
|
||||
per line. The values in the config file will be used as defaults
|
||||
and can be overridden by using the command line. The exceptions to
|
||||
this are the message type options, of which only one can be
|
||||
specified. Note also that currently some options cannot be negated,
|
||||
e.g. <option>-S</option>. Config file lines that have a
|
||||
<option>#</option> as the first character are treated as comments
|
||||
and not processed any further.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><option>-p</option></term>
|
||||
<term><option>--port</option></term>
|
||||
|
@ -1,5 +1,5 @@
|
||||
include_directories(${mosquitto_SOURCE_DIR} ${mosquitto_SOURCE_DIR}/include
|
||||
${STDBOOL_H_PATH} ${STDINT_H_PATH})
|
||||
${OPENSSL_INCLUDE_DIR} ${STDBOOL_H_PATH} ${STDINT_H_PATH})
|
||||
|
||||
add_library(mosquitto_auth_by_ip SHARED mosquitto_auth_by_ip.c)
|
||||
set_target_properties(mosquitto_auth_by_ip PROPERTIES
|
||||
|
@ -32,7 +32,7 @@ Contributors:
|
||||
*
|
||||
* Note that this only works on Mosquitto 2.0 or later.
|
||||
*/
|
||||
|
||||
#include "config.h"
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
@ -49,6 +49,9 @@ static int basic_auth_callback(int event, void *event_data, void *userdata)
|
||||
struct mosquitto_evt_basic_auth *ed = event_data;
|
||||
const char *ip_address;
|
||||
|
||||
UNUSED(event);
|
||||
UNUSED(userdata);
|
||||
|
||||
ip_address = mosquitto_client_address(ed->client);
|
||||
if(!strcmp(ip_address, "127.0.0.1")){
|
||||
/* Only allow connections from localhost */
|
||||
@ -72,11 +75,19 @@ int mosquitto_plugin_version(int supported_version_count, const int *supported_v
|
||||
|
||||
int mosquitto_plugin_init(mosquitto_plugin_id_t *identifier, void **user_data, struct mosquitto_opt *opts, int opt_count)
|
||||
{
|
||||
UNUSED(user_data);
|
||||
UNUSED(opts);
|
||||
UNUSED(opt_count);
|
||||
|
||||
mosq_pid = identifier;
|
||||
return mosquitto_callback_register(mosq_pid, MOSQ_EVT_BASIC_AUTH, basic_auth_callback, NULL, NULL);
|
||||
}
|
||||
|
||||
int mosquitto_plugin_cleanup(void *user_data, struct mosquitto_opt *opts, int opt_count)
|
||||
{
|
||||
UNUSED(user_data);
|
||||
UNUSED(opts);
|
||||
UNUSED(opt_count);
|
||||
|
||||
return mosquitto_callback_unregister(mosq_pid, MOSQ_EVT_BASIC_AUTH, basic_auth_callback, NULL);
|
||||
}
|
||||
|
@ -3,7 +3,7 @@ include ../../config.mk
|
||||
.PHONY : all binary check clean reallyclean test install uninstall
|
||||
|
||||
PLUGIN_NAME=mosquitto_dynamic_security
|
||||
LOCAL_CPPFLAGS=-I../../src/
|
||||
LOCAL_CPPFLAGS=-I../../src/ -DWITH_CJSON
|
||||
|
||||
OBJS= \
|
||||
acl.o \
|
||||
|
@ -23,6 +23,7 @@ Contributors:
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
|
||||
#include "json_help.h"
|
||||
#include "mosquitto.h"
|
||||
|
||||
|
||||
|
@ -131,7 +131,7 @@ static int dynsec_control_callback(int event, void *event_data, void *userdata)
|
||||
return MOSQ_ERR_SUCCESS;
|
||||
}
|
||||
|
||||
int dynsec__process_set_default_acl_access(cJSON *j_responses, struct mosquitto *context, cJSON *command, char *correlation_data)
|
||||
static int dynsec__process_set_default_acl_access(cJSON *j_responses, struct mosquitto *context, cJSON *command, char *correlation_data)
|
||||
{
|
||||
cJSON *j_actions, *j_action, *j_acltype, *j_allow;
|
||||
bool allow;
|
||||
@ -174,7 +174,7 @@ int dynsec__process_set_default_acl_access(cJSON *j_responses, struct mosquitto
|
||||
}
|
||||
|
||||
|
||||
int dynsec__process_get_default_acl_access(cJSON *j_responses, struct mosquitto *context, cJSON *command, char *correlation_data)
|
||||
static int dynsec__process_get_default_acl_access(cJSON *j_responses, struct mosquitto *context, cJSON *command, char *correlation_data)
|
||||
{
|
||||
cJSON *tree, *jtmp, *j_data, *j_acls, *j_acl;
|
||||
const char *admin_clientid, *admin_username;
|
||||
|
@ -51,7 +51,7 @@ static int rolelist_cmp(void *a, void *b)
|
||||
}
|
||||
|
||||
|
||||
void dynsec_rolelist__free_item(struct dynsec__rolelist **base_rolelist, struct dynsec__rolelist *rolelist)
|
||||
static void dynsec_rolelist__free_item(struct dynsec__rolelist **base_rolelist, struct dynsec__rolelist *rolelist)
|
||||
{
|
||||
HASH_DELETE(hh, *base_rolelist, rolelist);
|
||||
mosquitto_free(rolelist->rolename);
|
||||
@ -67,7 +67,7 @@ void dynsec_rolelist__cleanup(struct dynsec__rolelist **base_rolelist)
|
||||
}
|
||||
}
|
||||
|
||||
int dynsec_rolelist__remove_role(struct dynsec__rolelist **base_rolelist, const struct dynsec__role *role)
|
||||
static int dynsec_rolelist__remove_role(struct dynsec__rolelist **base_rolelist, const struct dynsec__role *role)
|
||||
{
|
||||
struct dynsec__rolelist *found_rolelist;
|
||||
|
||||
|
@ -209,7 +209,7 @@ static int insert_acl_cmp(struct dynsec__acl *a, struct dynsec__acl *b)
|
||||
}
|
||||
|
||||
|
||||
int dynsec_roles__acl_load(cJSON *j_acls, const char *key, struct dynsec__acl **acllist)
|
||||
static int dynsec_roles__acl_load(cJSON *j_acls, const char *key, struct dynsec__acl **acllist)
|
||||
{
|
||||
cJSON *j_acl, *j_type, *jtmp;
|
||||
struct dynsec__acl *acl;
|
||||
|
@ -21,6 +21,8 @@ Contributors:
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "dynamic_security.h"
|
||||
|
||||
static char *strtok_hier(char *str, char **saveptr)
|
||||
{
|
||||
char *c;
|
||||
|
@ -1,5 +1,5 @@
|
||||
include_directories(${mosquitto_SOURCE_DIR} ${mosquitto_SOURCE_DIR}/include
|
||||
${STDBOOL_H_PATH} ${STDINT_H_PATH})
|
||||
${OPENSSL_INCLUDE_DIR} ${STDBOOL_H_PATH} ${STDINT_H_PATH})
|
||||
|
||||
add_library(mosquitto_message_timestamp SHARED mosquitto_message_timestamp.c)
|
||||
set_target_properties(mosquitto_message_timestamp PROPERTIES
|
||||
|
@ -1,5 +1,5 @@
|
||||
include_directories(${mosquitto_SOURCE_DIR} ${mosquitto_SOURCE_DIR}/include
|
||||
${STDBOOL_H_PATH} ${STDINT_H_PATH})
|
||||
${OPENSSL_INCLUDE_DIR} ${STDBOOL_H_PATH} ${STDINT_H_PATH})
|
||||
link_directories(${mosquitto_SOURCE_DIR})
|
||||
|
||||
add_library(mosquitto_payload_modification SHARED mosquitto_payload_modification.c)
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
MAJOR=2
|
||||
MINOR=0
|
||||
REVISION=9
|
||||
REVISION=10
|
||||
|
||||
sed -i "s/^VERSION=.*/VERSION=${MAJOR}.${MINOR}.${REVISION}/" config.mk
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
name: mosquitto
|
||||
version: 2.0.9
|
||||
version: 2.0.10
|
||||
summary: Eclipse Mosquitto MQTT broker
|
||||
description: This is a message broker that supports version 5.0, 3.1.1, and 3.1 of the MQTT
|
||||
protocol.
|
||||
|
@ -527,7 +527,7 @@ int config__parse_args(struct mosquitto__config *config, int argc, char *argv[])
|
||||
return config__check(config);
|
||||
}
|
||||
|
||||
void config__copy(struct mosquitto__config *src, struct mosquitto__config *dest)
|
||||
static void config__copy(struct mosquitto__config *src, struct mosquitto__config *dest)
|
||||
{
|
||||
mosquitto__free(dest->security_options.acl_file);
|
||||
dest->security_options.acl_file = src->security_options.acl_file;
|
||||
@ -721,7 +721,7 @@ int config__read(struct mosquitto__config *config, bool reload)
|
||||
}
|
||||
|
||||
|
||||
int config__read_file_core(struct mosquitto__config *config, bool reload, struct config_recurse *cr, int level, int *lineno, FILE *fptr, char **buf, int *buflen)
|
||||
static int config__read_file_core(struct mosquitto__config *config, bool reload, struct config_recurse *cr, int level, int *lineno, FILE *fptr, char **buf, int *buflen)
|
||||
{
|
||||
int rc;
|
||||
char *token;
|
||||
|
@ -50,7 +50,7 @@ Contributors:
|
||||
#include "mqtt_protocol.h"
|
||||
|
||||
|
||||
int scmp_p(const void *p1, const void *p2)
|
||||
static int scmp_p(const void *p1, const void *p2)
|
||||
{
|
||||
const char *s1 = *(const char **)p1;
|
||||
const char *s2 = *(const char **)p2;
|
||||
|
@ -580,7 +580,7 @@ int db__message_update_outgoing(struct mosquitto *context, uint16_t mid, enum mo
|
||||
}
|
||||
|
||||
|
||||
void db__messages_delete_list(struct mosquitto_client_msg **head)
|
||||
static void db__messages_delete_list(struct mosquitto_client_msg **head)
|
||||
{
|
||||
struct mosquitto_client_msg *tail, *tmp;
|
||||
|
||||
@ -624,7 +624,7 @@ int db__messages_delete(struct mosquitto *context, bool force_free)
|
||||
int db__messages_easy_queue(struct mosquitto *context, const char *topic, uint8_t qos, uint32_t payloadlen, const void *payload, int retain, uint32_t message_expiry_interval, mosquitto_property **properties)
|
||||
{
|
||||
struct mosquitto_msg_store *stored;
|
||||
char *source_id;
|
||||
const char *source_id;
|
||||
enum mosquitto_msg_origin origin;
|
||||
|
||||
if(!topic) return MOSQ_ERR_INVAL;
|
||||
@ -752,7 +752,7 @@ int db__message_store_find(struct mosquitto *context, uint16_t mid, struct mosqu
|
||||
|
||||
/* Called on reconnect to set outgoing messages to a sensible state and force a
|
||||
* retry, and to set incoming messages to expect an appropriate retry. */
|
||||
int db__message_reconnect_reset_outgoing(struct mosquitto *context)
|
||||
static int db__message_reconnect_reset_outgoing(struct mosquitto *context)
|
||||
{
|
||||
struct mosquitto_client_msg *msg, *tmp;
|
||||
|
||||
@ -821,7 +821,7 @@ int db__message_reconnect_reset_outgoing(struct mosquitto *context)
|
||||
|
||||
|
||||
/* Called on reconnect to set incoming messages to expect an appropriate retry. */
|
||||
int db__message_reconnect_reset_incoming(struct mosquitto *context)
|
||||
static int db__message_reconnect_reset_incoming(struct mosquitto *context)
|
||||
{
|
||||
struct mosquitto_client_msg *msg, *tmp;
|
||||
|
||||
@ -975,63 +975,6 @@ int db__message_release_incoming(struct mosquitto *context, uint16_t mid)
|
||||
}
|
||||
}
|
||||
|
||||
int db__message_write_inflight_in(struct mosquitto *context)
|
||||
{
|
||||
struct mosquitto_client_msg *tail, *tmp;
|
||||
int rc;
|
||||
|
||||
if(context->state != mosq_cs_active){
|
||||
return MOSQ_ERR_SUCCESS;
|
||||
}
|
||||
|
||||
DL_FOREACH_SAFE(context->msgs_in.inflight, tail, tmp){
|
||||
if(tail->store->message_expiry_time){
|
||||
if(db.now_real_s > tail->store->message_expiry_time){
|
||||
/* Message is expired, must not send. */
|
||||
db__message_remove(&context->msgs_in, tail);
|
||||
if(tail->qos > 0){
|
||||
util__increment_receive_quota(context);
|
||||
}
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
switch(tail->state){
|
||||
case mosq_ms_send_pubrec:
|
||||
rc = send__pubrec(context, tail->mid, 0, NULL);
|
||||
if(!rc){
|
||||
tail->state = mosq_ms_wait_for_pubrel;
|
||||
}else{
|
||||
return rc;
|
||||
}
|
||||
break;
|
||||
|
||||
case mosq_ms_resend_pubcomp:
|
||||
rc = send__pubcomp(context, tail->mid, NULL);
|
||||
if(!rc){
|
||||
tail->state = mosq_ms_wait_for_pubrel;
|
||||
}else{
|
||||
return rc;
|
||||
}
|
||||
break;
|
||||
|
||||
case mosq_ms_invalid:
|
||||
case mosq_ms_publish_qos0:
|
||||
case mosq_ms_publish_qos1:
|
||||
case mosq_ms_publish_qos2:
|
||||
case mosq_ms_resend_pubrel:
|
||||
case mosq_ms_wait_for_puback:
|
||||
case mosq_ms_wait_for_pubrec:
|
||||
case mosq_ms_wait_for_pubrel:
|
||||
case mosq_ms_wait_for_pubcomp:
|
||||
case mosq_ms_queued:
|
||||
break;
|
||||
}
|
||||
}
|
||||
return MOSQ_ERR_SUCCESS;
|
||||
}
|
||||
|
||||
|
||||
static int db__message_write_inflight_out_single(struct mosquitto *context, struct mosquitto_client_msg *msg)
|
||||
{
|
||||
mosquitto_property *cmsg_props = NULL, *store_props = NULL;
|
||||
|
@ -39,7 +39,7 @@ int handle__connack(struct mosquitto *context)
|
||||
uint16_t server_keepalive;
|
||||
uint8_t max_qos = 255;
|
||||
|
||||
if(!context){
|
||||
if(context == NULL || context->bridge == NULL){
|
||||
return MOSQ_ERR_INVAL;
|
||||
}
|
||||
log__printf(NULL, MOSQ_LOG_DEBUG, "Received CONNACK on connection %s.", context->id);
|
||||
|
@ -83,7 +83,7 @@ static char *client_id_gen(uint16_t *idlen, const char *auto_id_prefix, uint16_t
|
||||
|
||||
/* Remove any queued messages that are no longer allowed through ACL,
|
||||
* assuming a possible change of username. */
|
||||
void connection_check_acl(struct mosquitto *context, struct mosquitto_client_msg **head)
|
||||
static void connection_check_acl(struct mosquitto *context, struct mosquitto_client_msg **head)
|
||||
{
|
||||
struct mosquitto_client_msg *msg_tail, *tmp;
|
||||
|
||||
@ -111,6 +111,8 @@ int connect__on_authorised(struct mosquitto *context, void *auth_data_out, uint1
|
||||
uint8_t connect_ack = 0;
|
||||
int i;
|
||||
int rc;
|
||||
int in_quota, out_quota;
|
||||
uint16_t in_maximum, out_maximum;
|
||||
|
||||
/* Find if this client already has an entry. This must be done *after* any security checks. */
|
||||
HASH_FIND(hh_id, db.contexts_by_id, context->id, strlen(context->id), found_context);
|
||||
@ -135,12 +137,22 @@ int connect__on_authorised(struct mosquitto *context, void *auth_data_out, uint1
|
||||
if(found_context->msgs_in.inflight || found_context->msgs_in.queued
|
||||
|| found_context->msgs_out.inflight || found_context->msgs_out.queued){
|
||||
|
||||
in_quota = context->msgs_in.inflight_quota;
|
||||
out_quota = context->msgs_out.inflight_quota;
|
||||
in_maximum = context->msgs_in.inflight_maximum;
|
||||
out_maximum = context->msgs_out.inflight_maximum;
|
||||
|
||||
memcpy(&context->msgs_in, &found_context->msgs_in, sizeof(struct mosquitto_msg_data));
|
||||
memcpy(&context->msgs_out, &found_context->msgs_out, sizeof(struct mosquitto_msg_data));
|
||||
|
||||
memset(&found_context->msgs_in, 0, sizeof(struct mosquitto_msg_data));
|
||||
memset(&found_context->msgs_out, 0, sizeof(struct mosquitto_msg_data));
|
||||
|
||||
context->msgs_in.inflight_quota = in_quota;
|
||||
context->msgs_out.inflight_quota = out_quota;
|
||||
context->msgs_in.inflight_maximum = in_maximum;
|
||||
context->msgs_out.inflight_maximum = out_maximum;
|
||||
|
||||
db__message_reconnect_reset(context);
|
||||
}
|
||||
context->subs = found_context->subs;
|
||||
|
@ -34,6 +34,7 @@ Contributors:
|
||||
#include <dlt/dlt.h>
|
||||
#endif
|
||||
|
||||
#include "logging_mosq.h"
|
||||
#include "mosquitto_broker_internal.h"
|
||||
#include "memory_mosq.h"
|
||||
#include "misc_mosq.h"
|
||||
@ -186,7 +187,7 @@ DltLogLevelType get_dlt_level(unsigned int priority)
|
||||
}
|
||||
#endif
|
||||
|
||||
int log__vprintf(unsigned int priority, const char *fmt, va_list va)
|
||||
static int log__vprintf(unsigned int priority, const char *fmt, va_list va)
|
||||
{
|
||||
const char *topic;
|
||||
int syslog_priority;
|
||||
|
@ -133,7 +133,7 @@ static void read_message_expiry_interval(mosquitto_property **proplist, uint32_t
|
||||
}
|
||||
}
|
||||
|
||||
void queue_plugin_msgs(void)
|
||||
static void queue_plugin_msgs(void)
|
||||
{
|
||||
struct mosquitto_message_v5 *msg, *tmp;
|
||||
struct mosquitto *context;
|
||||
@ -279,7 +279,7 @@ int mosquitto_main_loop(struct mosquitto__listener_sock *listensock, int listens
|
||||
|
||||
void do_disconnect(struct mosquitto *context, int reason)
|
||||
{
|
||||
char *id;
|
||||
const char *id;
|
||||
#ifdef WITH_WEBSOCKETS
|
||||
bool is_duplicate = false;
|
||||
#endif
|
||||
|
@ -74,13 +74,6 @@ int allow_severity = LOG_INFO;
|
||||
int deny_severity = LOG_INFO;
|
||||
#endif
|
||||
|
||||
void handle_sigint(int signal);
|
||||
void handle_sigusr1(int signal);
|
||||
void handle_sigusr2(int signal);
|
||||
#ifdef SIGHUP
|
||||
void handle_sighup(int signal);
|
||||
#endif
|
||||
|
||||
/* mosquitto shouldn't run as root.
|
||||
* This function will attempt to change to an unprivileged user and group if
|
||||
* running as root. The user is given in config->user.
|
||||
@ -146,7 +139,7 @@ int drop_privileges(struct mosquitto__config *config)
|
||||
return MOSQ_ERR_SUCCESS;
|
||||
}
|
||||
|
||||
void mosquitto__daemonise(void)
|
||||
static void mosquitto__daemonise(void)
|
||||
{
|
||||
#ifndef WIN32
|
||||
char *err;
|
||||
@ -208,7 +201,7 @@ void listeners__reload_all_certificates(void)
|
||||
}
|
||||
|
||||
|
||||
int listeners__start_single_mqtt(struct mosquitto__listener *listener)
|
||||
static int listeners__start_single_mqtt(struct mosquitto__listener *listener)
|
||||
{
|
||||
int i;
|
||||
struct mosquitto__listener_sock *listensock_new;
|
||||
@ -275,7 +268,7 @@ void listeners__add_websockets(struct lws_context *ws_context, mosq_sock_t fd)
|
||||
}
|
||||
#endif
|
||||
|
||||
int listeners__add_local(const char *host, uint16_t port)
|
||||
static int listeners__add_local(const char *host, uint16_t port)
|
||||
{
|
||||
struct mosquitto__listener *listeners;
|
||||
listeners = db.config->listeners;
|
||||
@ -296,7 +289,7 @@ int listeners__add_local(const char *host, uint16_t port)
|
||||
return MOSQ_ERR_SUCCESS;
|
||||
}
|
||||
|
||||
int listeners__start_local_only(void)
|
||||
static int listeners__start_local_only(void)
|
||||
{
|
||||
/* Attempt to open listeners bound to 127.0.0.1 and ::1 only */
|
||||
int i;
|
||||
@ -313,6 +306,7 @@ int listeners__start_local_only(void)
|
||||
|
||||
log__printf(NULL, MOSQ_LOG_WARNING, "Starting in local only mode. Connections will only be possible from clients running on this machine.");
|
||||
log__printf(NULL, MOSQ_LOG_WARNING, "Create a configuration file which defines a listener to allow remote access.");
|
||||
log__printf(NULL, MOSQ_LOG_WARNING, "For more details see https://mosquitto.org/documentation/authentication-methods/");
|
||||
if(db.config->cmd_port_count == 0){
|
||||
rc = listeners__add_local("127.0.0.1", 1883);
|
||||
if(rc == MOSQ_ERR_NOMEM) return MOSQ_ERR_NOMEM;
|
||||
@ -335,7 +329,7 @@ int listeners__start_local_only(void)
|
||||
}
|
||||
|
||||
|
||||
int listeners__start(void)
|
||||
static int listeners__start(void)
|
||||
{
|
||||
int i;
|
||||
|
||||
@ -379,7 +373,7 @@ int listeners__start(void)
|
||||
}
|
||||
|
||||
|
||||
void listeners__stop(void)
|
||||
static void listeners__stop(void)
|
||||
{
|
||||
int i;
|
||||
|
||||
@ -406,7 +400,7 @@ void listeners__stop(void)
|
||||
}
|
||||
|
||||
|
||||
void signal__setup(void)
|
||||
static void signal__setup(void)
|
||||
{
|
||||
signal(SIGINT, handle_sigint);
|
||||
signal(SIGTERM, handle_sigint);
|
||||
@ -424,7 +418,7 @@ void signal__setup(void)
|
||||
}
|
||||
|
||||
|
||||
int pid__write(void)
|
||||
static int pid__write(void)
|
||||
{
|
||||
FILE *pid;
|
||||
|
||||
|
@ -34,6 +34,7 @@ Contributors:
|
||||
#include "mosquitto_broker.h"
|
||||
#include "mosquitto_plugin.h"
|
||||
#include "mosquitto.h"
|
||||
#include "logging_mosq.h"
|
||||
#include "password_mosq.h"
|
||||
#include "tls_mosq.h"
|
||||
#include "uthash.h"
|
||||
@ -709,7 +710,6 @@ int control__unregister_callback(struct mosquitto__security_options *opts, MOSQ_
|
||||
* ============================================================ */
|
||||
int log__init(struct mosquitto__config *config);
|
||||
int log__close(struct mosquitto__config *config);
|
||||
int log__printf(struct mosquitto *mosq, unsigned int level, const char *fmt, ...) __attribute__((format(printf, 3, 4)));
|
||||
void log__internal(const char *fmt, ...) __attribute__((format(printf, 1, 2)));
|
||||
|
||||
/* ============================================================
|
||||
@ -819,6 +819,16 @@ void session_expiry__remove_all(void);
|
||||
void session_expiry__check(void);
|
||||
void session_expiry__send_all(void);
|
||||
|
||||
/* ============================================================
|
||||
* Signals
|
||||
* ============================================================ */
|
||||
void handle_sigint(int signal);
|
||||
void handle_sigusr1(int signal);
|
||||
void handle_sigusr2(int signal);
|
||||
#ifdef SIGHUP
|
||||
void handle_sighup(int signal);
|
||||
#endif
|
||||
|
||||
/* ============================================================
|
||||
* Window service and signal related functions
|
||||
* ============================================================ */
|
||||
@ -855,4 +865,3 @@ void xtreport(void);
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
||||
|
@ -106,12 +106,6 @@ int mux_epoll__init(struct mosquitto__listener_sock *listensock, int listensock_
|
||||
return MOSQ_ERR_SUCCESS;
|
||||
}
|
||||
|
||||
int mux_epoll__loop_setup(void)
|
||||
{
|
||||
return MOSQ_ERR_SUCCESS;
|
||||
}
|
||||
|
||||
|
||||
int mux_epoll__add_out(struct mosquitto *context)
|
||||
{
|
||||
struct epoll_event ev;
|
||||
|
@ -427,7 +427,7 @@ int net__tls_server_ctx(struct mosquitto__listener *listener)
|
||||
#endif
|
||||
|
||||
|
||||
int net__load_crl_file(struct mosquitto__listener *listener)
|
||||
static int net__load_crl_file(struct mosquitto__listener *listener)
|
||||
{
|
||||
#ifdef WITH_TLS
|
||||
X509_STORE *store;
|
||||
@ -754,6 +754,12 @@ static int net__socket_listen_tcp(struct mosquitto__listener *listener)
|
||||
#endif
|
||||
|
||||
if(bind(sock, rp->ai_addr, rp->ai_addrlen) == -1){
|
||||
#if defined(__linux__)
|
||||
if(errno == EACCES){
|
||||
log__printf(NULL, MOSQ_LOG_ERR, "If you are trying to bind to a privileged port (<1024), try using setcap and do not start the broker as root:");
|
||||
log__printf(NULL, MOSQ_LOG_ERR, " sudo setcap 'CAP_NET_BIND_SERVICE=+ep /usr/sbin/mosquitto'");
|
||||
}
|
||||
#endif
|
||||
net__print_error(MOSQ_LOG_ERR, "Error: %s");
|
||||
COMPAT_CLOSE(sock);
|
||||
freeaddrinfo(ainfo);
|
||||
|
@ -19,6 +19,8 @@ Contributors:
|
||||
#ifndef PERSIST_H
|
||||
#define PERSIST_H
|
||||
|
||||
#include "mosquitto_broker_internal.h"
|
||||
|
||||
#define MOSQ_DB_VERSION 6
|
||||
|
||||
/* DB read/write */
|
||||
|
@ -47,7 +47,7 @@ void LIB_ERROR(void)
|
||||
}
|
||||
|
||||
|
||||
int security__load_v2(struct mosquitto__auth_plugin *plugin, struct mosquitto_auth_opt *auth_options, int auth_option_count, void *lib)
|
||||
static int security__load_v2(struct mosquitto__auth_plugin *plugin, struct mosquitto_auth_opt *auth_options, int auth_option_count, void *lib)
|
||||
{
|
||||
int rc;
|
||||
|
||||
@ -121,7 +121,7 @@ int security__load_v2(struct mosquitto__auth_plugin *plugin, struct mosquitto_au
|
||||
}
|
||||
|
||||
|
||||
int security__load_v3(struct mosquitto__auth_plugin *plugin, struct mosquitto_opt *auth_options, int auth_option_count, void *lib)
|
||||
static int security__load_v3(struct mosquitto__auth_plugin *plugin, struct mosquitto_opt *auth_options, int auth_option_count, void *lib)
|
||||
{
|
||||
int rc;
|
||||
|
||||
@ -194,7 +194,7 @@ int security__load_v3(struct mosquitto__auth_plugin *plugin, struct mosquitto_op
|
||||
}
|
||||
|
||||
|
||||
int security__load_v4(struct mosquitto__auth_plugin *plugin, struct mosquitto_opt *auth_options, int auth_option_count, void *lib)
|
||||
static int security__load_v4(struct mosquitto__auth_plugin *plugin, struct mosquitto_opt *auth_options, int auth_option_count, void *lib)
|
||||
{
|
||||
int rc;
|
||||
|
||||
|
@ -202,7 +202,7 @@ int mosquitto_security_cleanup_default(bool reload)
|
||||
}
|
||||
|
||||
|
||||
int add__acl(struct mosquitto__security_options *security_opts, const char *user, const char *topic, int access)
|
||||
static int add__acl(struct mosquitto__security_options *security_opts, const char *user, const char *topic, int access)
|
||||
{
|
||||
struct mosquitto__acl_user *acl_user=NULL, *user_tail;
|
||||
struct mosquitto__acl *acl, *acl_tail;
|
||||
@ -298,7 +298,7 @@ int add__acl(struct mosquitto__security_options *security_opts, const char *user
|
||||
return MOSQ_ERR_SUCCESS;
|
||||
}
|
||||
|
||||
int add__acl_pattern(struct mosquitto__security_options *security_opts, const char *topic, int access)
|
||||
static int add__acl_pattern(struct mosquitto__security_options *security_opts, const char *topic, int access)
|
||||
{
|
||||
struct mosquitto__acl *acl, *acl_tail;
|
||||
char *local_topic;
|
||||
|
@ -29,6 +29,8 @@ Contributors:
|
||||
#include <stdbool.h>
|
||||
#include <signal.h>
|
||||
|
||||
#include "mosquitto_broker_internal.h"
|
||||
|
||||
#ifdef WITH_PERSISTENCE
|
||||
extern bool flag_db_backup;
|
||||
#endif
|
||||
|
50
test/broker/01-connect-connack-2163.py
Executable file
50
test/broker/01-connect-connack-2163.py
Executable file
@ -0,0 +1,50 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
# Test https://github.com/eclipse/mosquitto/issues/2163
|
||||
# Does the broker cope with a malformed CONNACK sent to it after a valid CONNECT?
|
||||
|
||||
from mosq_test_helper import *
|
||||
|
||||
def do_test(proto_ver):
|
||||
rc = 1
|
||||
keepalive = 10
|
||||
connect_packet = mosq_test.gen_connect("connect-connack-2163", keepalive=keepalive, proto_ver=proto_ver)
|
||||
connack_packet = mosq_test.gen_connack(rc=0, proto_ver=proto_ver)
|
||||
connack_malformed = struct.pack("BBBBB", 0x02, 0x00, 0x01, 0xE0, 0x00)
|
||||
connack_malformed = struct.pack("BBBB", 0x29, 0x02, 0x00, 0x01)
|
||||
pingreq_packet = mosq_test.gen_pingreq()
|
||||
|
||||
port = mosq_test.get_port()
|
||||
broker = mosq_test.start_broker(filename=os.path.basename(__file__), port=port)
|
||||
|
||||
try:
|
||||
sock = mosq_test.do_client_connect(connect_packet, connack_packet, port=port)
|
||||
sock.send(connack_malformed)
|
||||
try:
|
||||
mosq_test.do_send_receive(sock, pingreq_packet, b"", "pingreq")
|
||||
except ConnectionResetError:
|
||||
pass
|
||||
sock.close()
|
||||
|
||||
# Does the broker still exist?
|
||||
sock = mosq_test.do_client_connect(connect_packet, connack_packet, port=port)
|
||||
mosq_test.do_ping(sock)
|
||||
sock.close()
|
||||
|
||||
rc = 0
|
||||
except mosq_test.TestError:
|
||||
pass
|
||||
finally:
|
||||
broker.terminate()
|
||||
broker.wait()
|
||||
(stdo, stde) = broker.communicate()
|
||||
if rc:
|
||||
print(stde.decode('utf-8'))
|
||||
print("proto_ver=%d" % (proto_ver))
|
||||
exit(rc)
|
||||
|
||||
|
||||
do_test(proto_ver=3)
|
||||
do_test(proto_ver=4)
|
||||
do_test(proto_ver=5)
|
||||
exit(0)
|
@ -22,6 +22,7 @@ test : test-compile 01 02 03 04 05 06 07 08 09 10 11 12 13 14
|
||||
01 :
|
||||
./01-connect-allow-anonymous.py
|
||||
./01-connect-bad-packet.py
|
||||
./01-connect-connack-2163.py
|
||||
./01-connect-disconnect-v5.py
|
||||
./01-connect-duplicate.py
|
||||
./01-connect-invalid-id-0.py
|
||||
|
@ -7,6 +7,7 @@ tests = [
|
||||
#(ports required, 'path'),
|
||||
(1, './01-connect-allow-anonymous.py'),
|
||||
(1, './01-connect-bad-packet.py'),
|
||||
(1, './01-connect-connack-2163.py'),
|
||||
(1, './01-connect-disconnect-v5.py'),
|
||||
(1, './01-connect-duplicate.py'),
|
||||
(1, './01-connect-invalid-id-0.py'),
|
||||
|
@ -343,7 +343,9 @@ application.
|
||||
The initial configuration is the only time that `mosquitto_ctrl` does not
|
||||
connect to a broker to carry out the configuration. All other commands require
|
||||
a connection to a broker, and hence a username, password, and whatever else is
|
||||
required for that particular connection.
|
||||
required for that particular connection. It is strongly recommended that your
|
||||
broker connection uses encryption so that your configuration, including new
|
||||
passwords, is not transmitted in plain text.
|
||||
|
||||
The connection options must be given before the `dynsec` part of the command
|
||||
line:
|
||||
@ -357,10 +359,118 @@ For example:
|
||||
mosquitto_ctrl -u admin -h localhost dynsec <command> ...
|
||||
```
|
||||
|
||||
It is possible to provide the admin password on the command line, but this is
|
||||
not recommended.
|
||||
It is possible to provide the admin password on the command line using `-P
|
||||
password`, but this is not recommended. If you do not provide a password,
|
||||
mosquitto_ctrl will ask you to enter the password when it is needed.
|
||||
|
||||
### Using an options file
|
||||
|
||||
For convenience, mosquitto_ctrl can load an options file which contains a list
|
||||
of options it should use. This means you can set the encryption options, host,
|
||||
admin username and any other options once and not have to add them to the
|
||||
command line every time.
|
||||
|
||||
mosquitto_ctrl will try to load a configuration file from a default location.
|
||||
For Windows this is at `%USER_PROFILE%\mosquitto_ctrl.conf`. For other systems,
|
||||
it will try `$XDG_CONFIG_HOME/mosquitto_ctrl.conf` or
|
||||
`$HOME/.config/mosquitto_ctrl.conf`.
|
||||
|
||||
You may override this behaviour by manually specifying an options file with
|
||||
`-o <path to options file>`.
|
||||
|
||||
The options file should contain a list of options, one per line, exactly as
|
||||
they would be provided on the command line. For example:
|
||||
|
||||
```
|
||||
--cafile /path/to/my/CA.crt
|
||||
--certfile /path/to/my/client.crt
|
||||
--keyfile /path/to/my/client.key
|
||||
-u admin
|
||||
-h mosquitto.example.com
|
||||
|
||||
```
|
||||
|
||||
### mosquitto_ctrl options
|
||||
|
||||
* `-A address` : Bind the outgoing connection to a local ip address/hostname.
|
||||
Use this argument if you need to restrict network communication to a
|
||||
particular interface.
|
||||
* `--cafile path-to-ca.crt` : Define the path to a file containing PEM encoded
|
||||
CA certificates that are trusted. Used to enable SSL communication. See also
|
||||
`--capath`
|
||||
* `--capath` : Define the path to a directory containing PEM encoded CA
|
||||
certificates that are trusted. Used to enable SSL communication. For
|
||||
`--capath` to work correctly, the certificate files must have ".crt" as the
|
||||
file ending and you must run `openssl rehash <path to capath>` each time you
|
||||
add/remove a certificate. See also `--cafile`.
|
||||
* `--cert path-to-client.crt` : Define the path to a file containing a PEM
|
||||
encoded certificate for this client, if required by the server. See also
|
||||
`--key`.
|
||||
* `--ciphers` : An openssl compatible list of TLS ciphers to support in the
|
||||
client. See ciphers(1) for more information.
|
||||
* `-d` : Enable debug messages.
|
||||
* `--help` : Display usage information.
|
||||
* `-h hostname` : Specify the host to connect to. Defaults to localhost.
|
||||
* `-i client-id` : The id to use for this client. If not given, a client id
|
||||
will be generated depending on the MQTT version being used. For v3.1.1/v3.1,
|
||||
the client generates a client id in the format mosq-XXXXXXXXXXXXXXXXXX, where
|
||||
the X are replaced with random alphanumeric characters. For v5.0, the client
|
||||
sends a zero length client id, and the server will generate a client id for
|
||||
the client.
|
||||
* `--insecure` : When using certificate based encryption, this option disables
|
||||
verification of the server hostname in the server certificate. This can be
|
||||
useful when testing initial server configurations but makes it possible for a
|
||||
malicious third party to impersonate your server through DNS spoofing, for
|
||||
example. Use this option in testing only. If you need to resort to using this
|
||||
option in a production environment, your setup is at fault and there is no
|
||||
point using encryption.
|
||||
* `--key path-to-client.key` : Define the path to a file containing a PEM
|
||||
encoded private key for this client, if required by the server. See also
|
||||
`--cert`.
|
||||
* `-L url` : Specify specify user, password, hostname, port and topic at once
|
||||
as a URL. The URL must be in the form:
|
||||
`mqtt(s)://[username[:password]@]host[:port]`. If the scheme is mqtt:// then
|
||||
the port defaults to 1883. If the scheme is mqtts:// then the port defaults
|
||||
to 8883.
|
||||
* `--nodelay` : Disable Nagle's algorithm for the socket. This means that
|
||||
latency of sent messages is reduced, which is particularly noticable for
|
||||
small, reasonably infrequent messages. Using this option may result in more
|
||||
packets being sent than would normally be necessary.
|
||||
* `-p port` : Connect to the port specified. If not given, the default of 1883
|
||||
for plain MQTT or 8883 for MQTT over TLS will be used.
|
||||
* `-P password` : Provide a password to be used for authenticating with the
|
||||
broker. Using this argument without also specifying a username is invalid
|
||||
when using MQTT v3.1 or v3.1.1. See also the `-u` option.
|
||||
* `--proxy proxy-url` : Specify a SOCKS5 proxy to connect through. "None" and
|
||||
"username" authentication types are supported. The socks-url must be of the
|
||||
form `socks5h://[username[:password]@]host[:port]`. The protocol prefix
|
||||
socks5h means that hostnames are resolved by the proxy. The symbols %25, %3A
|
||||
and %40 are URL decoded into %, : and @ respectively, if present in the
|
||||
username or password. If username is not given, then no authentication is
|
||||
attempted. If the port is not given, then the default of 1080 is used.
|
||||
* `--psk key` : Provide the hexadecimal (no leading 0x) pre-shared-key matching
|
||||
the one used on the broker to use TLS-PSK encryption support.
|
||||
`--psk-identity` must also be provided to enable TLS-PSK.
|
||||
* `--psk-identity identify` : The client identity to use with TLS-PSK support.
|
||||
This may be used instead of a username if the broker is configured to do so.
|
||||
* `-q qos` : Specify the quality of service to use for messages, from 0, 1 and
|
||||
2. Defaults to 1.
|
||||
* `--quiet` : If this argument is given, no runtime errors will be printed.
|
||||
This excludes any error messages given in case of invalid user input (e.g.
|
||||
using `-p` without a port).
|
||||
* `--tls-version version` : Choose which TLS protocol version to use when
|
||||
communicating with the broker. Valid options are tlsv1.3, tlsv1.2 and
|
||||
tlsv1.1. The default value is tlsv1.2. Must match the protocol version used
|
||||
by the broker.
|
||||
* `-u username` : Provide a username to be used for authenticating with the
|
||||
broker. See also the `-P` argument.
|
||||
* `--unix path` : Connect to a broker through a local unix domain socket
|
||||
instead of a TCP socket. This is a replacement for `-h` and `-L`. For
|
||||
example: `mosquitto_ctrl --unix /tmp/mosquitto.sock ...`.
|
||||
* `-V protocol-version` : Specify which version of the MQTT protocol should be
|
||||
used when connecting to the remote broker. Can be `5`, `311`, `31`, or the
|
||||
more verbose `mqttv5`, `mqttv311`, or `mqttv31`. Defaults to `311`.
|
||||
|
||||
See **FIXME** for the full list of options available for `mosquitto_ctrl`.
|
||||
|
||||
## Configuring default access
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
<!--
|
||||
.. title: Download
|
||||
.. slug: download
|
||||
.. date: 2022-03-11 22:16:38 UTC
|
||||
.. date: 2021-04-03 11:52:38 UTC+1
|
||||
.. tags: tag
|
||||
.. category: category
|
||||
.. link: link
|
||||
@ -11,7 +11,7 @@
|
||||
|
||||
# Source
|
||||
|
||||
* [mosquitto-2.0.9.tar.gz](https://mosquitto.org/files/source/mosquitto-2.0.9.tar.gz) (319kB) ([GPG signature](https://mosquitto.org/files/source/mosquitto-2.0.9.tar.gz.asc))
|
||||
* [mosquitto-2.0.10.tar.gz](https://mosquitto.org/files/source/mosquitto-2.0.10.tar.gz) ([GPG signature](https://mosquitto.org/files/source/mosquitto-2.0.10.tar.gz.asc))
|
||||
* [Git source code repository](https://github.com/eclipse/mosquitto) (github.com)
|
||||
|
||||
Older downloads are available at [https://mosquitto.org/files/](../files/)
|
||||
@ -24,8 +24,8 @@ distributions.
|
||||
|
||||
## Windows
|
||||
|
||||
* [mosquitto-2.0.9-install-windows-x64.exe](https://mosquitto.org/files/binary/win64/mosquitto-2.0.9-install-windows-x64.exe) (64-bit build, Windows Vista and up, built with Visual Studio Community 2019)
|
||||
* [mosquitto-2.0.9-install-windows-x32.exe](https://mosquitto.org/files/binary/win32/mosquitto-2.0.9-install-windows-x86.exe) (32-bit build, Windows Vista and up, built with Visual Studio Community 2019)
|
||||
* [mosquitto-2.0.10-install-windows-x64.exe](https://mosquitto.org/files/binary/win64/mosquitto-2.0.10-install-windows-x64.exe) (64-bit build, Windows Vista and up, built with Visual Studio Community 2019)
|
||||
* [mosquitto-2.0.10-install-windows-x32.exe](https://mosquitto.org/files/binary/win32/mosquitto-2.0.10-install-windows-x86.exe) (32-bit build, Windows Vista and up, built with Visual Studio Community 2019)
|
||||
|
||||
Older installers can be found at [https://mosquitto.org/files/binary/](https://mosquitto.org/files/binary/).
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
<!--
|
||||
.. title: Security
|
||||
.. slug: security
|
||||
.. date: 2018-02-07 10:52:50 UTC
|
||||
.. date: 2021-04-03 11:55:50 UTC+1
|
||||
.. tags:
|
||||
.. category:
|
||||
.. link:
|
||||
@ -19,6 +19,8 @@ follow the steps on [Eclipse Security] page to report it.
|
||||
Listed with most recent first. Further information on security related issues
|
||||
can be found in the [security category].
|
||||
|
||||
* April 2021: CVE-xxxx-xxxx Affecting versions **2.0.0** to **2.0.9**
|
||||
inclusive, fixed in **2.0.10**.
|
||||
* December 2020: Running mosquitto_passwd with the following arguments only
|
||||
`mosquitto_passwd -b password_file username password` would cause the
|
||||
username to be used as the password. Affecting versions **2.0.0** to
|
||||
|
48
www/posts/2021/04/version-2-0-10-released.md
Normal file
48
www/posts/2021/04/version-2-0-10-released.md
Normal file
@ -0,0 +1,48 @@
|
||||
<!--
|
||||
.. title: Version 2.0.10 released.
|
||||
.. slug: version-2-0-10-released
|
||||
.. date: 2021-04-03 11:54:38 UTC+1
|
||||
.. tags: Releases
|
||||
.. category:
|
||||
.. link:
|
||||
.. description:
|
||||
.. type: text
|
||||
-->
|
||||
|
||||
Versions 2.0.10 of Mosquitto has been released. This is a security and bugfix
|
||||
release.
|
||||
|
||||
# Security
|
||||
- CVE-xxxx-xxxx: If an authenticated client connected with MQTT v5 sent a
|
||||
malformed CONNACK message to the broker a NULL pointer dereference occurred,
|
||||
most likely resulting in a segfault. This will be updated with the CVE
|
||||
number when it is assigned.
|
||||
Affects versions 2.0.0 to 2.0.9 inclusive.
|
||||
|
||||
# Broker
|
||||
- Don't overwrite new receive-maximum if a v5 client connects and takes over
|
||||
an old session. Closes [#2134].
|
||||
- Fix CVE-xxxx-xxxx. Closes [#2163].
|
||||
|
||||
# Clients
|
||||
- Set `receive-maximum` to not exceed the `-C` message count in mosquitto_sub
|
||||
and mosquitto_rr, to avoid potentially lost messages. Closes [#2134].
|
||||
- Fix TLS-PSK mode not working with port 8883. Closes [#2152].
|
||||
|
||||
# Client library
|
||||
- Fix possible socket leak. This would occur if a client was using
|
||||
`mosquitto_loop_start()`, then if the connection failed due to the remote
|
||||
server being inaccessible they called `mosquitto_loop_stop(, true)` and
|
||||
recreated the mosquitto object.
|
||||
|
||||
# Build
|
||||
- A variety of minor build related fixes, like functions not having previous
|
||||
declarations.
|
||||
- Fix CMake cross compile builds not finding opensslconf.h. Closes [#2160].
|
||||
- Fix build on Solaris non-sparc. Closes [#2136].
|
||||
|
||||
[#2134]: https://github.com/eclipse/mosquitto/issues/2134
|
||||
[#2136]: https://github.com/eclipse/mosquitto/issues/2136
|
||||
[#2152]: https://github.com/eclipse/mosquitto/issues/2152
|
||||
[#2160]: https://github.com/eclipse/mosquitto/issues/2160
|
||||
[#2163]: https://github.com/eclipse/mosquitto/issues/2163
|
Loading…
Reference in New Issue
Block a user