Fix invalid behaviour in dynsec plugin.
This occurred if a group or client was deleted before a role that was attached to the group or client is deleted. Closes #1998. Thanks to Willem Eradus.
This commit is contained in:
parent
5b3acfe3cc
commit
7e1a818c54
@ -9,6 +9,9 @@ Broker:
|
||||
/var/lib/mosquitto/mosquitto.db.new. Closes #1978.
|
||||
- Fix potential intermittent initial bridge connections when using poll().
|
||||
- Fix `bind_interface` option. Closes #1999.
|
||||
- Fix invalid behaviour in dynsec plugin if a group or client is deleted
|
||||
before a role that was attached to the group or client is deleted.
|
||||
Closes #1998.
|
||||
|
||||
Apps:
|
||||
- Disallow control characters in mosquitto_passwd usernames.
|
||||
|
@ -35,6 +35,7 @@ Contributors:
|
||||
* ################################################################ */
|
||||
|
||||
static int dynsec__remove_client_from_all_groups(const char *username);
|
||||
static void client__remove_all_roles(struct dynsec__client *client);
|
||||
|
||||
/* ################################################################
|
||||
* #
|
||||
@ -482,6 +483,7 @@ int dynsec_clients__process_delete(cJSON *j_responses, struct mosquitto *context
|
||||
client = dynsec_clients__find(username);
|
||||
if(client){
|
||||
dynsec__remove_client_from_all_groups(username);
|
||||
client__remove_all_roles(client);
|
||||
client__free_item(client);
|
||||
dynsec__config_save();
|
||||
dynsec__command_reply(j_responses, context, "deleteClient", NULL, correlation_data);
|
||||
|
@ -44,6 +44,7 @@ struct dynsec__group *dynsec_anonymous_group = NULL;
|
||||
* ################################################################ */
|
||||
|
||||
static int dynsec__remove_all_clients_from_group(struct dynsec__group *group);
|
||||
static int dynsec__remove_all_roles_from_group(struct dynsec__group *group);
|
||||
static cJSON *add_group_to_json(struct dynsec__group *group);
|
||||
|
||||
|
||||
@ -460,6 +461,7 @@ int dynsec_groups__process_delete(cJSON *j_responses, struct mosquitto *context,
|
||||
/* Enforce any changes */
|
||||
group__kick_all(group);
|
||||
|
||||
dynsec__remove_all_roles_from_group(group);
|
||||
group__free_item(group);
|
||||
dynsec__config_save();
|
||||
dynsec__command_reply(j_responses, context, "deleteGroup", NULL, correlation_data);
|
||||
@ -583,6 +585,17 @@ static int dynsec__remove_all_clients_from_group(struct dynsec__group *group)
|
||||
return MOSQ_ERR_SUCCESS;
|
||||
}
|
||||
|
||||
static int dynsec__remove_all_roles_from_group(struct dynsec__group *group)
|
||||
{
|
||||
struct dynsec__rolelist *rolelist, *rolelist_tmp;
|
||||
|
||||
HASH_ITER(hh, group->rolelist, rolelist, rolelist_tmp){
|
||||
dynsec_rolelist__group_remove(group, rolelist->role);
|
||||
}
|
||||
|
||||
return MOSQ_ERR_SUCCESS;
|
||||
}
|
||||
|
||||
int dynsec_groups__remove_client(const char *username, const char *groupname, bool update_config)
|
||||
{
|
||||
struct dynsec__client *client;
|
||||
|
Loading…
Reference in New Issue
Block a user