d0kuhn/mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Dynamic security: Fix the plugin being able to be loaded twice.

Browse Source 
Currently only a single plugin can interact with a unique $CONTROL
topic. Using multiple instances of the plugin would produce duplicate
entries in the config file.

Closes #2601.
Closes #2470.
This commit is contained in:
Roger A. Light 2022-08-16 01:27:55 +01:00
parent 436f0b9348
commit df317ff71f
2 changed files with 43 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog.txt
View File

@ -27,6 +27,10 @@ Broker:
- Dynamic security: Fix modifyClient and modifyGroup commands to not modify
the client/group if a new group/client being added is not valid.
Closes #2598.
- Dynamic security: Fix the plugin being able to be loaded twice. Currently
only a single plugin can interact with a unique $CONTROL topic. Using
multiple instances of the plugin would produce duplicate entries in the
config file. Closes #2601. Closes #2470.
Client library:
- Fix threads library detection on Windows under cmake. Bumps the minimum

42
plugins/dynamic-security/plugin.c
View File

@ -482,6 +482,7 @@ void dynsec__config_save(void)
int mosquitto_plugin_init(mosquitto_plugin_id_t *identifier, void **user_data, struct mosquitto_opt *options, int option_count)
{
int i;
int rc;
UNUSED(user_data);
@ -502,11 +503,46 @@ int mosquitto_plugin_init(mosquitto_plugin_id_t *identifier, void **user_data, s
plg_id = identifier;
dynsec__config_load();
mosquitto_callback_register(plg_id, MOSQ_EVT_CONTROL, dynsec_control_callback, "$CONTROL/dynamic-security/v1", NULL);
mosquitto_callback_register(plg_id, MOSQ_EVT_BASIC_AUTH, dynsec_auth__basic_auth_callback, NULL, NULL);
mosquitto_callback_register(plg_id, MOSQ_EVT_ACL_CHECK, dynsec__acl_check_callback, NULL, NULL);
rc = mosquitto_callback_register(plg_id, MOSQ_EVT_CONTROL, dynsec_control_callback, "$CONTROL/dynamic-security/v1", NULL);
if(rc == MOSQ_ERR_ALREADY_EXISTS){
mosquitto_log_printf(MOSQ_LOG_ERR, "Error: Dynamic security plugin can currently only be loaded once.");
mosquitto_log_printf(MOSQ_LOG_ERR, "Note that this was previously incorrectly allowed but could cause problems with duplicate entries in the config.");
goto error;
}else if(rc == MOSQ_ERR_NOMEM){
mosquitto_log_printf(MOSQ_LOG_ERR, "Error: Out of memory.");
goto error;
}else if(rc != MOSQ_ERR_SUCCESS){
goto error;
}
rc = mosquitto_callback_register(plg_id, MOSQ_EVT_BASIC_AUTH, dynsec_auth__basic_auth_callback, NULL, NULL);
if(rc == MOSQ_ERR_ALREADY_EXISTS){
mosquitto_log_printf(MOSQ_LOG_ERR, "Error: Dynamic security plugin can only be loaded once.");
goto error;
}else if(rc == MOSQ_ERR_NOMEM){
mosquitto_log_printf(MOSQ_LOG_ERR, "Error: Out of memory.");
goto error;
}else if(rc != MOSQ_ERR_SUCCESS){
goto error;
}
rc = mosquitto_callback_register(plg_id, MOSQ_EVT_ACL_CHECK, dynsec__acl_check_callback, NULL, NULL);
if(rc == MOSQ_ERR_ALREADY_EXISTS){
mosquitto_log_printf(MOSQ_LOG_ERR, "Error: Dynamic security plugin can only be loaded once.");
goto error;
}else if(rc == MOSQ_ERR_NOMEM){
mosquitto_log_printf(MOSQ_LOG_ERR, "Error: Out of memory.");
goto error;
}else if(rc != MOSQ_ERR_SUCCESS){
goto error;
}
return MOSQ_ERR_SUCCESS;
error:
mosquitto_free(config_file);
config_file = NULL;
return rc;
}
int mosquitto_plugin_cleanup(void *user_data, struct mosquitto_opt *options, int option_count)