Roger A. Light
0ba0bc434e
Use constant time memcmp for password checks.
2017-07-16 23:20:58 +01:00
Fredrik Fornwall
366194cde4
Replace getdtablesize() with sysconf(_SC_OPEN_MAX)
...
From http://man7.org/linux/man-pages/man3/getdtablesize.3.html :
"It is not specified in POSIX.1; portable applications should employ
sysconf(_SC_OPEN_MAX) instead of this call."
Specifically this fixes a build failure on Android which does not
have getdtablesize().
Signed-off-by: Fredrik Fornwall <fredrik@fornwall.net>
2017-07-16 23:16:30 +01:00
Roger A. Light
e74203de2c
Merge branch 'master' into develop
2017-07-16 22:52:01 +01:00
Roger A. Light
d72ec39d79
Don't clean man pages with 'clean' target.
2017-07-10 23:45:13 +01:00
Roger A. Light
1fa4d74278
Bump version number.
2017-07-10 23:44:16 +01:00
Roger A. Light
2a50b2e9bd
Fix regression from 1.4.13 where persistence data was not being saved.
2017-07-10 23:43:42 +01:00
Dr. Lars Voelker
74adb43cc1
Adding OCSP Stapling support to mosquitto
...
Adding OCSP Stapling support to mosquitto, so that the TLS client side
requests the certificate status and checks it.
This code uses the OpenSSL-based OCSP implementation and is somewhat
based on the libcurl code for OCSP stapling.
Signed-off-by: Dr. Lars Voelker <lars.voelker@bmw.de>
2017-07-07 13:05:17 +02:00
Roger A. Light
8de5ed4464
Remove "error in poll" messages.
2017-06-27 22:32:10 +01:00
Roger A. Light
6b351ce0f1
Bump version number.
2017-06-27 22:14:08 +01:00
Roger A. Light
cd17ca45cd
[462] Relax CVE-2017-7650 checks.
...
Checks for '/' are no longer made, this character is a much lower risk
and is widely used in usernames.
Bug: https://github.com/eclipse/mosquitto/issues/462
2017-06-27 15:10:43 +01:00
Roger A. Light
c3823c0a81
[462] Add auth_plugin_deny_special_chars option.
...
Auth plugins can be configured to disable the check for +# in
usernames/client ids with the auth_plugin_deny_special_chars option.
Thanks to wiebeytec.
Bug: https://github.com/eclipse/mosquitto/issues/462
2017-06-27 14:59:37 +01:00
Roger A. Light
5246a76f87
[477] Send will messages for connected clients when broker stops.
...
Thanks to mikeS7.
Bug: https://github.com/eclipse/mosquitto/issues/477
2017-06-27 14:33:02 +01:00
Roger A. Light
2d90a1f45b
Fix umask value.
2017-06-27 11:21:34 +01:00
Roger A. Light
96db6d6644
Fix CONNECT check for reserved=0, as per MQTT v3.1.1 check MQTT-3.1.2-3.
2017-06-27 11:11:43 +01:00
Roger A. Light
94978ac89b
Restore old umask after creating file.
2017-06-27 10:53:06 +01:00
Roger A. Light
6e7d02ba16
Fix for CVE-2017-9868 for Windows.
2017-06-26 14:53:33 +01:00
Pierre Fersing
408972ddc1
Fix two issues with Websocket ( #472 )
...
* Websocket were always marked as "want_write" (even if they only
want to read, or worse want nothing).
* Websocket FD was read twice in some case (when socket recv queue was
larger that size read by libwebsocket)
Signed-off-by: Pierre Fersing <pierre.fersing@bleemeo.com>
2017-06-23 22:30:57 +01:00
Roger A. Light
09cb1b61c8
[468] Set persistence file to only be readable by owner.
...
Not implemented on Windows.
Thanks to Moshe Zioni.
Bug: https://github.com/eclipse/mosquitto/issues/468
2017-06-23 14:50:39 +01:00
Roger A. Light
ab45f86d74
Prevent out of bounds array access.
2017-06-22 09:47:03 +01:00
Roger A. Light
c78678607d
[427] Fix large retained messages over websockets.
...
Thanks to Brian Block.
Bug: https://github.com/eclipse/mosquitto/issues/427
2017-06-19 21:40:19 +01:00
Roger A. Light
bb61cd2dee
Fix merge error.
2017-06-19 18:31:58 +01:00
Roger A. Light
326983d35e
[417] Fix lazy bridges not timing out for idle_timeout.
...
Thanks to spinachmedia.
Bug: https://github.com/eclipse/mosquitto/issues/417
2017-06-19 17:15:00 +01:00
Roger A. Light
8f59d5ad28
Remove unused vars and reset pollfd_index on disconnect.
2017-06-19 16:14:59 +01:00
Roger A. Light
c07ba2a3da
Experimental fix for poor websockets performance.
2017-06-18 12:52:59 +01:00
Jan Lukavsky
621f18d696
#419 Broker sometimes kills connection to client
...
Signed-off-by: Jan Lukavsky <je.ik@seznam.cz>
2017-06-11 22:00:45 +01:00
Andrea Pinazzi
0bb602ed7a
Use correct docker image name in README.md
...
Signed-off-by: Andrea Pinazzi <follettoonip@gmail.com>
2017-06-11 21:54:36 +01:00
Andrea Pinazzi
470665c4cb
Updated references in README to version 1.4.12
...
Signed-off-by: Andrea Pinazzi <follettoonip@gmail.com>
2017-06-11 21:54:36 +01:00
Andrea Pinazzi
4738be1afe
Added Dockerfile for version 1.4.12
...
Signed-off-by: Andrea Pinazzi <follettoonip@gmail.com>
2017-06-11 21:54:36 +01:00
Roger A. Light
fe8fef27ee
Make bug urls clickable.
2017-05-31 23:31:55 +01:00
Roger A. Light
6f9842ae02
Fix man page links.
2017-05-31 23:24:12 +01:00
Roger A. Light
974c0aface
Fix broken link in man page.
2017-05-31 23:08:42 +01:00
Roger A. Light
6d63468a28
Don't use / in auto-generated client ids.
2017-05-31 21:45:53 +01:00
Roger A. Light
b61fefcf08
Merge branch 'master' into develop
2017-05-31 21:05:26 +01:00
Roger A. Light
de5ff28265
Merge branch 'fixes'
2017-05-28 21:54:59 +01:00
Roger A. Light
2897f71aba
Bump version number.
2017-05-28 21:53:19 +01:00
Roger A. Light
9af3c6958f
Fix for CVE-2017-7650.
2017-05-28 21:51:50 +01:00
Roger A. Light
15b8140f90
Update openssl for appveyor.
2017-05-23 16:46:41 +01:00
Roger A. Light
c79d48c0c3
JOSS paper.
2017-05-17 14:56:28 +01:00
Roger A. Light
ca8a507607
[446] Don't segfault on duplicate bridge names.
...
Thanks to Tifaifai Maupiti.
Bug: https://github.com/eclipse/mosquitto/issues/446
2017-05-12 22:29:54 +01:00
Roger A. Light
a421d40d42
Update changelog.
2017-05-05 22:50:21 +01:00
Jelle van der Waa
ab266e7f5f
lib: fix OpenSSL 1.1 deprecation warning for ERR_remove_state
...
ERR_remove_state has been marked deprecated in OpenSSL 1.1.0 and do
nothing, as the OpenSSL libraries now normally do all thread
initialization and deinitialisation automatically.
Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl>
2017-05-05 22:49:05 +01:00
Roger A. Light
b92ffec74e
Fix documentation type WITH_DNS_SRV.
2017-05-05 22:45:13 +01:00
Roger A. Light
7c0e8fde81
Update changelog.
2017-05-05 22:30:08 +01:00
Fabrice Fontaine
439f39b5da
Remove -lanl when WITH_ADNS is unset
...
Do not add -lanl to BROKER_LIBS for all Linux builds.
Indeed, -lanl is only needed for getaddrinfo_a which is only used in
_mosquitto_try_connect_step1 when WITH_ADNS is set
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2017-05-05 22:28:56 +01:00
Roger A. Light
623f082615
Fix typo in readme.
...
Thanks to Ali Utku Selen.
2017-05-05 22:14:46 +01:00
Roger A. Light
5115c84501
Update changelog.
2017-05-05 22:12:00 +01:00
Riccardo Magliocchetti
059ba5f00b
Fix use of unitialized memory in gets_quiet
...
Spotted by cppcheck
Signed-off-by: Riccardo Magliocchetti <riccardo.magliocchetti@gmail.com>
2017-05-05 22:10:25 +01:00
Roger A. Light
3c8581a3ea
Update changelog.
2017-05-05 22:09:29 +01:00
YuLun Shih
97572610c0
Fix bridge->restart_t won't be reset
...
Signed-off-by: YuLun Shih <shih@yulun.me>
2017-05-05 22:02:05 +01:00
Roger A. Light
a88acdd122
Fix issues url.
2017-04-21 22:26:58 +01:00