From c3daa247c2895632ea130f6e878b5aab19b7e7aa Mon Sep 17 00:00:00 2001 From: "Roger A. Light" Date: Thu, 26 Nov 2020 00:13:40 +0000 Subject: [PATCH] dynsec: Cover setClientId in 14-dynsec-auth test. --- plugins/dynamic-security/clients.c | 3 ++ test/broker/14-dynsec-auth.py | 64 +++++++++++++++++++++--------- 2 files changed, 48 insertions(+), 19 deletions(-) diff --git a/plugins/dynamic-security/clients.c b/plugins/dynamic-security/clients.c index a5704de5..dc54ae92 100644 --- a/plugins/dynamic-security/clients.c +++ b/plugins/dynamic-security/clients.c @@ -584,6 +584,9 @@ int dynsec_clients__process_set_id(cJSON *j_responses, struct mosquitto *context mosquitto_free(client->clientid); client->clientid = clientid_heap; + dynsec__config_save(); + dynsec__command_reply(j_responses, context, "setClientId", NULL, correlation_data); + /* Enforce any changes */ mosquitto_kick_client_by_username(username, false); diff --git a/test/broker/14-dynsec-auth.py b/test/broker/14-dynsec-auth.py index 478ac54e..1df1a536 100755 --- a/test/broker/14-dynsec-auth.py +++ b/test/broker/14-dynsec-auth.py @@ -40,6 +40,12 @@ add_client_command_without_id = { "commands": [{ } add_client_response_without_id = {'responses': [{'command': 'createClient', 'correlationData': '3'}]} +set_client_id_command = { "commands": [{ + "command": "setClientId", "username": "user_two", "clientid": "new-cid", + "correlationData": "5" }] +} +set_client_id_response = {'responses': [{'command': 'setClientId', 'correlationData': '5'}]} + # No password defined, this client should never be able to connect. add_client_command_without_pw = { "commands": [{ "command": "createClient", "username": "user_three", @@ -84,13 +90,21 @@ connack_packet_without_id2 = mosq_test.gen_connack(rc=mqtt5_rc.MQTT_RC_NOT_AUTHO connect_packet_without_id3 = mosq_test.gen_connect("no-cid", keepalive=keepalive, username="user_two", proto_ver=5) connack_packet_without_id3 = mosq_test.gen_connack(rc=mqtt5_rc.MQTT_RC_NOT_AUTHORIZED, proto_ver=5, property_helper=False) +# Success +connect_packet_set_id1 = mosq_test.gen_connect("new-cid", keepalive=keepalive, username="user_two", password="asdfgh", proto_ver=5) +connack_packet_set_id1 = mosq_test.gen_connack(rc=0, proto_ver=5) + +# Fail - bad client id +connect_packet_set_id2 = mosq_test.gen_connect("bad-cid", keepalive=keepalive, username="user_two", password="asdfgh", proto_ver=5) +connack_packet_set_id2 = mosq_test.gen_connack(rc=mqtt5_rc.MQTT_RC_NOT_AUTHORIZED, proto_ver=5, property_helper=False) + # Fail - bad password connect_packet_without_pw1 = mosq_test.gen_connect("cid2", keepalive=keepalive, username="user_three", password="pass", proto_ver=5) connack_packet_without_pw1 = mosq_test.gen_connack(rc=mqtt5_rc.MQTT_RC_NOT_AUTHORIZED, proto_ver=5, property_helper=False) # Fail - no password -connect_packet_without_pw2 = mosq_test.gen_connect("cid2", keepalive=keepalive, username="user_two", proto_ver=5) +connect_packet_without_pw2 = mosq_test.gen_connect("cid2", keepalive=keepalive, username="user_three", proto_ver=5) connack_packet_without_pw2 = mosq_test.gen_connack(rc=mqtt5_rc.MQTT_RC_NOT_AUTHORIZED, proto_ver=5, property_helper=False) try: @@ -110,32 +124,44 @@ try: command_check(sock, add_client_command_without_id, add_client_response_without_id) command_check(sock, add_client_command_without_pw, add_client_response_without_pw) - sock = mosq_test.do_client_connect(connect_packet_with_id1, connack_packet_with_id1, timeout=5, port=port, connack_error="with id 1") - sock.close() + # Client with username, password, and client id + csock = mosq_test.do_client_connect(connect_packet_with_id1, connack_packet_with_id1, timeout=5, port=port, connack_error="with id 1") + csock.close() - sock = mosq_test.do_client_connect(connect_packet_with_id2, connack_packet_with_id2, timeout=5, port=port, connack_error="with id 2") - sock.close() + csock = mosq_test.do_client_connect(connect_packet_with_id2, connack_packet_with_id2, timeout=5, port=port, connack_error="with id 2") + csock.close() - sock = mosq_test.do_client_connect(connect_packet_with_id3, connack_packet_with_id3, timeout=5, port=port, connack_error="with id 3") - sock.close() + csock = mosq_test.do_client_connect(connect_packet_with_id3, connack_packet_with_id3, timeout=5, port=port, connack_error="with id 3") + csock.close() - sock = mosq_test.do_client_connect(connect_packet_with_id4, connack_packet_with_id4, timeout=5, port=port, connack_error="with id 4") - sock.close() + csock = mosq_test.do_client_connect(connect_packet_with_id4, connack_packet_with_id4, timeout=5, port=port, connack_error="with id 4") + csock.close() - sock = mosq_test.do_client_connect(connect_packet_without_id1, connack_packet_without_id1, timeout=5, port=port, connack_error="without id 1") - sock.close() + # Client with just username and password + csock = mosq_test.do_client_connect(connect_packet_without_id1, connack_packet_without_id1, timeout=5, port=port, connack_error="without id 1") + csock.close() - sock = mosq_test.do_client_connect(connect_packet_without_id2, connack_packet_without_id2, timeout=5, port=port, connack_error="without id 2") - sock.close() + csock = mosq_test.do_client_connect(connect_packet_without_id2, connack_packet_without_id2, timeout=5, port=port, connack_error="without id 2") + csock.close() - sock = mosq_test.do_client_connect(connect_packet_without_id3, connack_packet_without_id3, timeout=5, port=port, connack_error="without id 3") - sock.close() + csock = mosq_test.do_client_connect(connect_packet_without_id3, connack_packet_without_id3, timeout=5, port=port, connack_error="without id 3") + csock.close() - sock = mosq_test.do_client_connect(connect_packet_without_pw1, connack_packet_without_pw1, timeout=5, port=port, connack_error="without pw 1") - sock.close() + # Client with no password set + csock = mosq_test.do_client_connect(connect_packet_without_pw1, connack_packet_without_pw1, timeout=5, port=port, connack_error="without pw 1") + csock.close() - sock = mosq_test.do_client_connect(connect_packet_without_pw2, connack_packet_without_pw2, timeout=5, port=port, connack_error="without pw 2") - sock.close() + csock = mosq_test.do_client_connect(connect_packet_without_pw2, connack_packet_without_pw2, timeout=5, port=port, connack_error="without pw 2") + csock.close() + + # Add client id to "user_two" + command_check(sock, set_client_id_command, set_client_id_response) + + csock = mosq_test.do_client_connect(connect_packet_set_id1, connack_packet_set_id1, timeout=5, port=port, connack_error="set id 1") + csock.close() + + csock = mosq_test.do_client_connect(connect_packet_set_id2, connack_packet_set_id2, timeout=5, port=port, connack_error="set id 2") + csock.close() rc = 0