CVE-xxxx-xxxx: If an authenticated client connected with MQTT v5 sent a
malformed CONNACK message to the broker a NULL pointer dereference occurred,
most likely resulting in a segfault. This will be updated with the CVE
number when it is assigned.
Affects versions 2.0.0 to 2.0.9 inclusive.
Closes#2163. Thanks to Bryan Pearson.
The error topic-alias-invalid was being sent if an MQTT v5 client published
a message with empty topic and topic alias set, but the topic alias hadn't
already been configured on the broker. This has been fixed to send a
protocol error, as per section 3.3.4 of the specification.
This is not specific to authentication, and allows plugins greater flexibility in what events they are interested in. It also adds message handling, and $CONTROL handling.
Signed-off-by: Brandt Hill <brandtlarsonhill@gmail.com>
Change variable name for clarity. Remember to initialize bool (I'm bad at C).
Signed-off-by: Brandt Hill <brandtlarsonhill@gmail.com>
Add documentation to config man page
Signed-off-by: Brandt Hill <brandtlarsonhill@gmail.com>
Add test case for deny option
Signed-off-by: Brandt Hill <brandtlarsonhill@gmail.com>
Add deny acls to top of the list to preserve early exit
Signed-off-by: Brandt Hill <brandtlarsonhill@gmail.com>
change comments
Signed-off-by: Brandt Hill <brandtlarsonhill@gmail.com>
New messages are now queued for clients when old ones are sent, rather than on every iteration of the main loop. This produces good performance improvements.
This adds the ability to separating bridge clean session settings between
the local and remote endpoints. Some broker implmentations refuse to allow
non-clean sessions, as they don't support storing messages to be sent to
the connecting broker. However, this doesn't mean that the local
broker can't be queueing messages to send _out_ to the remote broker.
This PR adds a new bridge connection setting, local_cleansession, that
allows controlling this split. Naming is chosen to be local_ in keeping
with the other local_ settings for bridges.
A test for the six cases of queued/not queued messages in both
directions is added, but v5 testing is currently disabled. The changes
to support the split are ~independent of protocol version.
Signed-off-by: Karl Palsson <karlp@etactica.com>