[431780] ACL files can contain a space in username/topic.
Bug: https://bugs.eclipse.org/bugs/show_bug.cgi?id=431780
This commit is contained in:
parent
153e6e6211
commit
1b4903b41e
@ -62,6 +62,8 @@ Broker:
|
||||
- Root privileges are now dropped after starting listeners and loading
|
||||
certificates/private keys, to allow private keys to have their permissions
|
||||
restricted to the root user only. Closes bug #452914.
|
||||
- Usernames and topics given in ACL files can now include a space. Closes bug
|
||||
#431780.
|
||||
|
||||
Clients:
|
||||
- Both clients can now load default configuration options from a file.
|
||||
|
@ -99,12 +99,14 @@
|
||||
listed will have access. Topic access is added with
|
||||
lines of the format:</para>
|
||||
|
||||
<para><code>topic [read|write] <topic></code></para>
|
||||
<para><code>topic [read|write|readwrite] <topic></code></para>
|
||||
|
||||
<para>The access type is controlled using "read" or
|
||||
"write". This parameter is optional - if not given then
|
||||
the access is read/write. <topic> can contain
|
||||
the + or # wildcards as in subscriptions.</para>
|
||||
<para>The access type is controlled using "read", "write" or
|
||||
"readwrite". This parameter is optional (unless
|
||||
<topic> includes a space character) - if not
|
||||
given then the access is read/write. <topic> can
|
||||
contain the + or # wildcards as in
|
||||
subscriptions.</para>
|
||||
|
||||
<para>The first set of topics are applied to anonymous
|
||||
clients, assuming <option>allow_anonymous</option> is
|
||||
@ -121,7 +123,7 @@
|
||||
substitution within the topic. The form is the same as
|
||||
for the topic keyword, but using pattern as the
|
||||
keyword.</para>
|
||||
<para><code>pattern [read|write] <topic></code></para>
|
||||
<para><code>pattern [read|write|readwrite] <topic></code></para>
|
||||
|
||||
<para>The patterns available for substition are:</para>
|
||||
<itemizedlist mark="circle">
|
||||
|
@ -543,11 +543,12 @@
|
||||
# comment.
|
||||
# Topic access is added with lines of the format:
|
||||
#
|
||||
# topic [read|write] <topic>
|
||||
# topic [read|write|readwrite] <topic>
|
||||
#
|
||||
# The access type is controlled using "read" or "write". This parameter
|
||||
# is optional - if not given then the access is read/write.
|
||||
# <topic> can contain the + or # wildcards as in subscriptions.
|
||||
# The access type is controlled using "read", "write" or "readwrite". This
|
||||
# parameter is optional (unless <topic> contains a space character) - if not
|
||||
# given then the access is read/write. <topic> can contain the + or #
|
||||
# wildcards as in subscriptions.
|
||||
#
|
||||
# The first set of topics are applied to anonymous clients, assuming
|
||||
# allow_anonymous is true. User specific topic ACLs are added after a
|
||||
@ -576,7 +577,7 @@
|
||||
# with the following pattern:
|
||||
# pattern write $SYS/broker/connection/%c/state
|
||||
#
|
||||
# pattern [read|write] <topic>
|
||||
# pattern [read|write|readwrite] <topic>
|
||||
#
|
||||
# Example:
|
||||
#
|
||||
|
@ -364,7 +364,7 @@ static int _aclfile_parse(struct mosquitto_db *db)
|
||||
fclose(aclfile);
|
||||
return MOSQ_ERR_INVAL;
|
||||
}
|
||||
token = strtok_r(NULL, " ", &saveptr);
|
||||
token = strtok_r(NULL, "", &saveptr);
|
||||
if(token){
|
||||
topic = token;
|
||||
}else{
|
||||
@ -376,8 +376,10 @@ static int _aclfile_parse(struct mosquitto_db *db)
|
||||
access = MOSQ_ACL_READ;
|
||||
}else if(!strcmp(access_s, "write")){
|
||||
access = MOSQ_ACL_WRITE;
|
||||
}else if(!strcmp(access_s, "readwrite")){
|
||||
access = MOSQ_ACL_READ | MOSQ_ACL_WRITE;
|
||||
}else{
|
||||
_mosquitto_log_printf(NULL, MOSQ_LOG_ERR, "Error: Empty invalid topic access type in acl_file.");
|
||||
_mosquitto_log_printf(NULL, MOSQ_LOG_ERR, "Error: Invalid topic access type \"%s\" in acl_file.", access_s);
|
||||
if(user) _mosquitto_free(user);
|
||||
fclose(aclfile);
|
||||
return MOSQ_ERR_INVAL;
|
||||
@ -395,7 +397,7 @@ static int _aclfile_parse(struct mosquitto_db *db)
|
||||
return rc;
|
||||
}
|
||||
}else if(!strcmp(token, "user")){
|
||||
token = strtok_r(NULL, " ", &saveptr);
|
||||
token = strtok_r(NULL, "", &saveptr);
|
||||
if(token){
|
||||
if(user) _mosquitto_free(user);
|
||||
user = _mosquitto_strdup(token);
|
||||
|
Loading…
Reference in New Issue
Block a user