d0kuhn/mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,963 Commits 1 Branch 0 Tags 11 MiB
9109e9e0e2
Commit Graph

863 Commits

Author SHA1 Message Date
Roger A. Light
3ab0a9a3fd mosquitto_ctrl dynsec init uses open( , O_EXCL | O_CREAT) 
This allows us to refuse to open an existing file, without a race
condition.
 2023-08-16 14:01:21 +01:00
Roger A. Light
00b24e0eb0 Fix memory leak when clients send v5 CONNECT packets. 
This occurs when they have a will message that contains invalid property
types.
 2023-08-16 14:01:21 +01:00
Roger A. Light
70d713ca07 Fix heap overflow when reading corrupt config with "log_dest file". 2023-08-16 14:01:21 +01:00
Roger A. Light
284db04bc3 Library will no longer allow single level wildcard certificates, e.g. *.com 2023-08-16 14:01:21 +01:00
Roger A. Light
b76c3c7820 Dynsec: Don't allow duplicate c/g/r when loading config 2023-08-16 14:01:21 +01:00
Roger A. Light
8bc047511a Fix any possible case where a json string might be incorrectly loaded. 2023-08-16 14:01:21 +01:00
Roger A. Light
6113eac95a Fix for CVE-2023-28366 2023-08-16 14:01:21 +01:00
Roger A. Light
b1c29e881e Fix potential file persistence crash. 
Identified by OS-TIF audit.

TOB-MOSQ-CR-5
 2023-08-16 14:01:21 +01:00
Roger A. Light
3fc7dce74c Only register with DLT if DLT logging is enabled. 2023-08-16 14:01:21 +01:00
Roger A. Light
67ac8cbe17 mosquitto_memcmp_const is now more constant time. 2023-08-16 14:01:21 +01:00
Roger A. Light
02d36f9946 Broker now validates usernames provided over TLS are valid UTF-8. 2023-08-16 14:01:21 +01:00
Roger A. Light
44b94875b5 mosquitto_passwd uses mkstemp() for backup files. 2023-08-16 14:01:21 +01:00
Roger A. Light
9bb8058578 Reject Will messages that attempt to publish to $CONTROL/. 2023-08-16 14:01:21 +01:00
Roger A. Light
4ca294fd9c Warn on lax permissions on sensitive files. 
- Broker will log warnings if sensitive files are world readable/writable, or
  if the owner/group is not the same as the user/group the broker is running
  as. In future versions the broker will refuse to open these files.
 2023-08-16 14:01:21 +01:00
Roger A. Light
269756a171 Fix high CPU use on slow TLS connect. 
Closes #2794. Thanks to Evgeny S.
 2023-04-27 23:25:52 +01:00
Roger A. Light
6d240a9d18 Fix bridges being expired after being restored. 
This occurred with non-matching cleansession/local_cleansession being
expired on start after restoring from persistence.

Closes #2634. Thanks to everyone on the issue.
 2023-04-08 09:15:46 +01:00
Roger A. Light
3b2f3c6d8a Windows: Increase connection limit to 8192 where supported. 
Closes #2732. Thanks to zhousongsong.
 2023-04-07 19:29:32 +01:00
Roger A. Light
cc97f433c1 Use line buffered mode for stdout. 
Closes #2354.
Closes #2749.
 2023-04-01 21:16:07 +01:00
Roger A. Light
1bf753e773 Fix confusing message on TLS certificate verification. 
Closes #2746. Thanks to Akos Vandra-Meyer.
 2023-04-01 17:52:12 +01:00
Roger A. Light
63da7472b5 Fix default settings incorrectly allowing TLS v1.1. 
Closes #2722. Thanks to KramNamez.
 2023-03-28 01:39:28 +01:00
Roger A. Light
7e35ac92ec Update changelog 2023-03-27 23:42:19 +01:00
Roger A. Light
0fb4e2bf6a Fix incorrect topic-alias property value in mosquitto_sub json output. 2022-12-22 13:21:42 +00:00
Roger A. Light
62b68364c7 Fix std* files not being redirected when daemonising 
This could occur when built with assertions removed.

Closes #2708. Thanks to ckoehne.
 2022-12-16 16:19:51 +00:00
Roger A. Light
8285a57bb9 Fix some error handling related to the bind_interface option. 2022-12-02 14:31:40 +00:00
Roger A. Light
c06599fab2 Fix some retained topic memory not being cleared immediately after used. 2022-11-29 11:55:55 +00:00
Roger A. Light
86fffa34a9 Fix $SYS messages being expired after 60 seconds 
and hence unchanged values disappearing. Thanks to Wim Nelis and
Christoph Krey.
 2022-08-22 15:57:14 +01:00
Roger A. Light
b0277869d9 Update changelog for last minute fix 2022-08-16 14:32:59 +01:00
Roger A. Light
4d1b587e29 dynsec: Forbid deleting the anon group. 2022-08-16 12:55:48 +01:00
Roger A. Light
7917553eb2 Fix expired messages causing queued messages not to be delivered. 
Closes #2609. Thanks to JSchy65.
 2022-08-16 12:29:18 +01:00
Roger A. Light
df317ff71f Dynamic security: Fix the plugin being able to be loaded twice. 
Currently only a single plugin can interact with a unique $CONTROL
topic. Using multiple instances of the plugin would produce duplicate
entries in the config file.

Closes #2601.
Closes #2470.
 2022-08-16 01:27:55 +01:00
Roger A. Light
436f0b9348 dynsec: Fix modifyClient and modifyGroup commands 
They will now not modify the client/group if a new group/client being
added is not valid, or on other failures.

Closes #2598. Thanks to Sebastian Szczepański.
 2022-08-16 00:48:02 +01:00
Roger A. Light
49ebb58569 Fix failure to close thread in some situations. 
Closes #2545. Thanks to p-luke.
 2022-08-15 22:17:00 +01:00
Roger A. Light
fa31b6f41d Fix bridge queued messages not being persisted. 
This happens when local_cleansession is set to false and cleansession is
set to true.

Closes #2604. Thank to Frank Dekervel.
 2022-08-13 22:46:19 +01:00
Roger A. Light
80c7726d5c Fix confusing error message when dynamic security config file was a directory. 
Closes #2520. Thanks to sezanzeb
 2022-08-12 08:34:56 +01:00
Roger A. Light
775bd2effd Fix confusing "out of memory" error. 
This happens when a client is kicked in the dynamic security plugin.

Closes #2525. Thanks to sezanzeb.
 2022-08-12 08:17:17 +01:00
Roger A. Light
02b92b97ef Fix use of MOSQ_OPT_SSL_CTX when used with MOSQ_OPT_SSL_CTX_DEFAULTS 
Closes #2463. Thanks to Tim Nordell.
 2022-08-10 17:18:33 +01:00
Roger A. Light
f9fa19ce6a - Fix -o not working in mosquitto_ctrl, and typo in related documentation. 
Closes #2471. Thanks to Vitaljok and rillbert
 2022-08-10 15:14:32 +01:00
Roger A. Light
6468bb4f9b Fix documentation omission around mosquitto_reinitialise. 
Closes #2489. Thanks to rroguski
 2022-08-10 14:31:34 +01:00
Roger A. Light
351911bd8f Fix incorrect return code being sent in DISCONNECT. 
This is for when a client session is taken over.

Closes #2607. Thanks to der-b
 2022-08-10 14:17:22 +01:00
Roger A. Light
e979a46c04 Backport SSL connect fixes. 
Closes #2594.
Closes #2595.
 2022-08-09 21:25:54 +01:00
Roger A. Light
a913de2d28 Fix some PUBLISH messages not being counted in $SYS stats. 
Closes #2448. Thanks to Antoine.
 2022-08-08 00:29:37 +01:00
Roger A. Light
ba6bbd5959 Add documentation of struct mosquitto_message to header. 
Closes #2561.
 2022-08-08 00:01:56 +01:00
Roger A. Light
0c9d9f2163 Don't set SIGPIPE to ignore, use MSG_NOSIGNAL instead. 
Closes #2564. Thanks to nmeum.
 2022-08-07 23:04:46 +01:00
Roger A. Light
8c0600c40c Fixed build for openssl compiled with OPENSSL_NO_ENGINE. 
Closes #2589. Thanks to Dirk Feytons.
 2022-08-06 23:16:55 +01:00
Roger A. Light
a146c218ad Fix unlimited message quota not being properly checked. 
This is for incoming messages.

Closes #2593. Thanks to dongguoqing2015.
 2022-08-06 22:49:08 +01:00
Roger A. Light
ebfebf8708 Fix bridges not sending failure notification messages. 
This is for messages to the local broker if the remote bridge connection
fails.

Closes #1488.
Closes #2467.
 2022-05-25 16:23:35 +01:00
Roger A. Light
c99502a256 Add clients to session expiry check list when restarting and reloading from persistence. 
Closes #2546. Thanks to Joachim Schachermayer.
 2022-05-23 23:05:49 +01:00
Roger A. Light
29c6480c47 Improve documentation of persistent_client_expiration option. 
Closes #2404. Thanks to Rainer Plischke.
 2022-05-19 17:04:20 +01:00
Roger A. Light
09ac578459 Fix unused flags in CONNECT command being forced to be 0 in MQTT v3.1 
This check is not required until v3.1.1.

Closes #2522. Thanks to garinocyr
 2022-05-17 17:41:57 +01:00
Roger A. Light
b6b8039914 Fix use of MOSQ_OPT_TLS_ENGINE being unable to be used. 
This was due to the openssl ctx not being initialised until starting to connect.

Closes #2537. Thanks to chessing-c4.
 2022-05-17 17:19:17 +01:00