Check for authentication method on CONNECT, and reject.
This commit is contained in:
parent
ac91144495
commit
2ea97a6cd9
@ -358,6 +358,14 @@ int handle__connect(struct mosquitto_db *db, struct mosquitto *context)
|
||||
}
|
||||
property__process_connect(context, properties);
|
||||
|
||||
if(mosquitto_property_read_string(properties, MQTT_PROP_AUTHENTICATION_METHOD, NULL, false)){
|
||||
mosquitto_property_free_all(&properties);
|
||||
/* Client has requested extended authentication, but we don't support it yet. */
|
||||
send__connack(db, context, 0, MQTT_RC_BAD_AUTHENTICATION_METHOD, NULL);
|
||||
rc = MOSQ_ERR_PROTOCOL;
|
||||
goto handle_connect_error;
|
||||
}
|
||||
|
||||
mosquitto_property_free_all(&properties); /* FIXME - TEMPORARY UNTIL PROPERTIES PROCESSED */
|
||||
|
||||
if(packet__read_string(&context->in_packet, &client_id, &slen)){
|
||||
|
29
test/broker/09-auth-bad-method.py
Executable file
29
test/broker/09-auth-bad-method.py
Executable file
@ -0,0 +1,29 @@
|
||||
#!/usr/bin/env python
|
||||
|
||||
# Test whether sending an Authentication Method produces the correct response
|
||||
# when no auth methods are defined.
|
||||
|
||||
from mosq_test_helper import *
|
||||
|
||||
rc = 1
|
||||
keepalive = 10
|
||||
props = mqtt5_props.gen_string_prop(mqtt5_props.PROP_AUTHENTICATION_METHOD, "basic")
|
||||
connect_packet = mosq_test.gen_connect("connect-test", proto_ver=5, keepalive=keepalive, properties=props)
|
||||
connack_packet = mosq_test.gen_connack(rc=mqtt5_rc.MQTT_RC_BAD_AUTHENTICATION_METHOD, proto_ver=5)
|
||||
|
||||
port = mosq_test.get_port()
|
||||
broker = mosq_test.start_broker(filename=os.path.basename(__file__), port=port)
|
||||
|
||||
try:
|
||||
sock = mosq_test.do_client_connect(connect_packet, connack_packet, port=port)
|
||||
sock.close()
|
||||
rc = 0
|
||||
finally:
|
||||
broker.terminate()
|
||||
broker.wait()
|
||||
(stdo, stde) = broker.communicate()
|
||||
if rc:
|
||||
print(stde)
|
||||
|
||||
exit(rc)
|
||||
|
@ -157,6 +157,7 @@ endif
|
||||
|
||||
09 :
|
||||
./09-acl-empty-file.py
|
||||
./09-auth-bad-method.py
|
||||
./09-plugin-auth-acl-sub-denied.py
|
||||
./09-plugin-auth-acl-sub.py
|
||||
./09-plugin-auth-context-params.py
|
||||
|
@ -9,11 +9,11 @@ Numbering is as follows:
|
||||
02: Subscribe/unsubscribe tests
|
||||
03: Publish tests
|
||||
04: Retained message tests
|
||||
05: Clean session tests
|
||||
05: Session management tests
|
||||
06: Bridge tests
|
||||
07: Will tests
|
||||
08: TLS tests
|
||||
09: Auth plugin tests
|
||||
09: Auth tests
|
||||
10: Listener tests
|
||||
11: Persistence tests
|
||||
12: Property tests
|
||||
|
@ -25,9 +25,6 @@ tests = [
|
||||
(1, './01-connect-uname-password-success.py'),
|
||||
(1, './01-connect-uname-pwd-no-flag.py'),
|
||||
|
||||
(1, './02-subpub-qos1-bad-pubcomp.py'),
|
||||
(1, './02-subpub-qos1-bad-pubrec.py'),
|
||||
(1, './02-subpub-qos2-bad-pubcomp.py'),
|
||||
(1, './02-subhier-crash.py'),
|
||||
(1, './02-subpub-qos0-retain-as-publish.py'),
|
||||
(1, './02-subpub-qos0-send-retain.py'),
|
||||
@ -36,6 +33,8 @@ tests = [
|
||||
(1, './02-subpub-qos0-topic-alias.py'),
|
||||
(1, './02-subpub-qos0-v5.py'),
|
||||
(1, './02-subpub-qos0.py'),
|
||||
(1, './02-subpub-qos1-bad-pubcomp.py'),
|
||||
(1, './02-subpub-qos1-bad-pubrec.py'),
|
||||
(1, './02-subpub-qos1-message-expiry-retain.py'),
|
||||
(1, './02-subpub-qos1-message-expiry-will.py'),
|
||||
(1, './02-subpub-qos1-message-expiry.py'),
|
||||
@ -44,6 +43,7 @@ tests = [
|
||||
(1, './02-subpub-qos1.py'),
|
||||
(1, './02-subpub-qos2-bad-puback-1.py'),
|
||||
(1, './02-subpub-qos2-bad-puback-2.py'),
|
||||
(1, './02-subpub-qos2-bad-pubcomp.py'),
|
||||
(1, './02-subpub-qos2-pubrec-error.py'),
|
||||
(1, './02-subpub-qos2-receive-maximum-1.py'),
|
||||
(1, './02-subpub-qos2-receive-maximum-2.py'),
|
||||
@ -126,8 +126,8 @@ tests = [
|
||||
(2, './08-tls-psk-pub.py'),
|
||||
(3, './08-tls-psk-bridge.py'),
|
||||
|
||||
(1, './09-pwfile-parse-invalid.py'),
|
||||
(1, './09-acl-empty-file.py'),
|
||||
(1, './09-auth-bad-method.py'),
|
||||
(1, './09-plugin-auth-acl-sub-denied.py'),
|
||||
(1, './09-plugin-auth-acl-sub.py'),
|
||||
(1, './09-plugin-auth-context-params.py'),
|
||||
@ -138,16 +138,13 @@ tests = [
|
||||
(1, './09-plugin-auth-unpwd-success.py'),
|
||||
(1, './09-plugin-auth-v2-unpwd-fail.py'),
|
||||
(1, './09-plugin-auth-v2-unpwd-success.py'),
|
||||
(1, './09-pwfile-parse-invalid.py'),
|
||||
|
||||
(2, './10-listener-mount-point.py'),
|
||||
|
||||
(1, './11-persistent-subscription.py'),
|
||||
|
||||
(1, './12-prop-assigned-client-identifier.py'),
|
||||
(1, './12-prop-server-keepalive.py'),
|
||||
(1, './12-prop-session-expiry-invalid.py'),
|
||||
(1, './12-prop-subpub-content-type.py'),
|
||||
(1, './12-prop-subpub-payload-format.py'),
|
||||
(1, './12-prop-assigned-client-identifier.py'),
|
||||
(1, './12-prop-maximum-packet-size-broker.py'),
|
||||
(1, './12-prop-maximum-packet-size-connect.py'),
|
||||
(1, './12-prop-maximum-packet-size-publish-qos1.py'),
|
||||
@ -155,6 +152,10 @@ tests = [
|
||||
(1, './12-prop-maximum-packet-size-publish.py'),
|
||||
(1, './12-prop-response-topic-correlation-data.py'),
|
||||
(1, './12-prop-response-topic.py'),
|
||||
(1, './12-prop-server-keepalive.py'),
|
||||
(1, './12-prop-session-expiry-invalid.py'),
|
||||
(1, './12-prop-subpub-content-type.py'),
|
||||
(1, './12-prop-subpub-payload-format.py'),
|
||||
]
|
||||
|
||||
ptest.run_tests(tests)
|
||||
|
Loading…
Reference in New Issue
Block a user