[431780] ACL files can contain a space in username/topic.

Bug: https://bugs.eclipse.org/bugs/show_bug.cgi?id=431780

ChangeLog.txt

@@ -62,6 +62,8 @@ Broker:
 - Root privileges are now dropped after starting listeners and loading
   certificates/private keys, to allow private keys to have their permissions
   restricted to the root user only. Closes bug #452914.
+- Usernames and topics given in ACL files can now include a space. Closes bug
+  #431780.
 
 Clients:
 - Both clients can now load default configuration options from a file.

man/mosquitto.conf.5.xml

@@ -99,12 +99,14 @@
 						listed will have access. Topic access is added with
 						lines of the format:</para>
 
-					<para><code>topic [read|write] &lt;topic&gt;</code></para>
+					<para><code>topic [read|write|readwrite] &lt;topic&gt;</code></para>
 
-					<para>The access type is controlled using "read" or
-						"write". This parameter is optional - if not given then
-						the access is read/write.  &lt;topic&gt; can contain
-						the + or # wildcards as in subscriptions.</para>
+					<para>The access type is controlled using "read", "write" or
+						"readwrite". This parameter is optional (unless
+						&lt;topic&gt; includes a space character) - if not
+						given then the access is read/write.  &lt;topic&gt; can
+						contain the + or # wildcards as in
+						subscriptions.</para>
 
 					<para>The first set of topics are applied to anonymous
 						clients, assuming <option>allow_anonymous</option> is
@@ -121,7 +123,7 @@
 						substitution within the topic. The form is the same as
 						for the topic keyword, but using pattern as the
 						keyword.</para>
-					<para><code>pattern [read|write] &lt;topic&gt;</code></para>
+					<para><code>pattern [read|write|readwrite] &lt;topic&gt;</code></para>
 					
 					<para>The patterns available for substition are:</para>
 					<itemizedlist mark="circle">

mosquitto.conf

@@ -543,11 +543,12 @@
 # comment.
 # Topic access is added with lines of the format:
 #
-# topic [read|write] <topic>
+# topic [read|write|readwrite] <topic>
 # 
-# The access type is controlled using "read" or "write". This parameter
-# is optional - if not given then the access is read/write.
-# <topic> can contain the + or # wildcards as in subscriptions.
+# The access type is controlled using "read", "write" or "readwrite". This
+# parameter is optional (unless <topic> contains a space character) - if not
+# given then the access is read/write.  <topic> can contain the + or #
+# wildcards as in subscriptions.
 # 
 # The first set of topics are applied to anonymous clients, assuming
 # allow_anonymous is true. User specific topic ACLs are added after a 
@@ -576,7 +577,7 @@
 # with the following pattern:
 # pattern write $SYS/broker/connection/%c/state
 #
-# pattern [read|write] <topic>
+# pattern [read|write|readwrite] <topic>
 #
 # Example:
 #

src/security_default.c

@@ -364,7 +364,7 @@ static int _aclfile_parse(struct mosquitto_db *db)
 					fclose(aclfile);
 					return MOSQ_ERR_INVAL;
 				}
-				token = strtok_r(NULL, " ", &saveptr);
+				token = strtok_r(NULL, "", &saveptr);
 				if(token){
 					topic = token;
 				}else{
@@ -376,8 +376,10 @@ static int _aclfile_parse(struct mosquitto_db *db)
 						access = MOSQ_ACL_READ;
 					}else if(!strcmp(access_s, "write")){
 						access = MOSQ_ACL_WRITE;
+					}else if(!strcmp(access_s, "readwrite")){
+						access = MOSQ_ACL_READ | MOSQ_ACL_WRITE;
 					}else{
-						_mosquitto_log_printf(NULL, MOSQ_LOG_ERR, "Error: Empty invalid topic access type in acl_file.");
+						_mosquitto_log_printf(NULL, MOSQ_LOG_ERR, "Error: Invalid topic access type \"%s\" in acl_file.", access_s);
 						if(user) _mosquitto_free(user);
 						fclose(aclfile);
 						return MOSQ_ERR_INVAL;
@@ -395,7 +397,7 @@ static int _aclfile_parse(struct mosquitto_db *db)
 					return rc;
 				}
 			}else if(!strcmp(token, "user")){
-				token = strtok_r(NULL, " ", &saveptr);
+				token = strtok_r(NULL, "", &saveptr);
 				if(token){
 					if(user) _mosquitto_free(user);
 					user = _mosquitto_strdup(token);