Roger A. Light
3ab0a9a3fd
mosquitto_ctrl dynsec init uses open( , O_EXCL | O_CREAT)
...
This allows us to refuse to open an existing file, without a race
condition.
2023-08-16 14:01:21 +01:00
Roger A. Light
00b24e0eb0
Fix memory leak when clients send v5 CONNECT packets.
...
This occurs when they have a will message that contains invalid property
types.
2023-08-16 14:01:21 +01:00
Roger A. Light
70d713ca07
Fix heap overflow when reading corrupt config with "log_dest file".
2023-08-16 14:01:21 +01:00
Roger A. Light
284db04bc3
Library will no longer allow single level wildcard certificates, e.g. *.com
2023-08-16 14:01:21 +01:00
Roger A. Light
b76c3c7820
Dynsec: Don't allow duplicate c/g/r when loading config
2023-08-16 14:01:21 +01:00
Roger A. Light
8bc047511a
Fix any possible case where a json string might be incorrectly loaded.
2023-08-16 14:01:21 +01:00
Roger A. Light
6113eac95a
Fix for CVE-2023-28366
2023-08-16 14:01:21 +01:00
Roger A. Light
b1c29e881e
Fix potential file persistence crash.
...
Identified by OS-TIF audit.
TOB-MOSQ-CR-5
2023-08-16 14:01:21 +01:00
Roger A. Light
3fc7dce74c
Only register with DLT if DLT logging is enabled.
2023-08-16 14:01:21 +01:00
Roger A. Light
67ac8cbe17
mosquitto_memcmp_const is now more constant time.
2023-08-16 14:01:21 +01:00
Roger A. Light
02d36f9946
Broker now validates usernames provided over TLS are valid UTF-8.
2023-08-16 14:01:21 +01:00
Roger A. Light
44b94875b5
mosquitto_passwd uses mkstemp() for backup files.
2023-08-16 14:01:21 +01:00
Roger A. Light
9bb8058578
Reject Will messages that attempt to publish to $CONTROL/.
2023-08-16 14:01:21 +01:00
Roger A. Light
4ca294fd9c
Warn on lax permissions on sensitive files.
...
- Broker will log warnings if sensitive files are world readable/writable, or
if the owner/group is not the same as the user/group the broker is running
as. In future versions the broker will refuse to open these files.
2023-08-16 14:01:21 +01:00
Roger A. Light
269756a171
Fix high CPU use on slow TLS connect.
...
Closes #2794 . Thanks to Evgeny S.
2023-04-27 23:25:52 +01:00
Roger A. Light
6d240a9d18
Fix bridges being expired after being restored.
...
This occurred with non-matching cleansession/local_cleansession being
expired on start after restoring from persistence.
Closes #2634 . Thanks to everyone on the issue.
2023-04-08 09:15:46 +01:00
Roger A. Light
3b2f3c6d8a
Windows: Increase connection limit to 8192 where supported.
...
Closes #2732 . Thanks to zhousongsong.
2023-04-07 19:29:32 +01:00
Roger A. Light
cc97f433c1
Use line buffered mode for stdout.
...
Closes #2354 .
Closes #2749 .
2023-04-01 21:16:07 +01:00
Roger A. Light
1bf753e773
Fix confusing message on TLS certificate verification.
...
Closes #2746 . Thanks to Akos Vandra-Meyer.
2023-04-01 17:52:12 +01:00
Roger A. Light
63da7472b5
Fix default settings incorrectly allowing TLS v1.1.
...
Closes #2722 . Thanks to KramNamez.
2023-03-28 01:39:28 +01:00
Roger A. Light
7e35ac92ec
Update changelog
2023-03-27 23:42:19 +01:00
Roger A. Light
0fb4e2bf6a
Fix incorrect topic-alias property value in mosquitto_sub json output.
2022-12-22 13:21:42 +00:00
Roger A. Light
62b68364c7
Fix std* files not being redirected when daemonising
...
This could occur when built with assertions removed.
Closes #2708 . Thanks to ckoehne.
2022-12-16 16:19:51 +00:00
Roger A. Light
8285a57bb9
Fix some error handling related to the bind_interface
option.
2022-12-02 14:31:40 +00:00
Roger A. Light
c06599fab2
Fix some retained topic memory not being cleared immediately after used.
2022-11-29 11:55:55 +00:00
Roger A. Light
86fffa34a9
Fix $SYS messages being expired after 60 seconds
...
and hence unchanged values disappearing. Thanks to Wim Nelis and
Christoph Krey.
2022-08-22 15:57:14 +01:00
Roger A. Light
b0277869d9
Update changelog for last minute fix
2022-08-16 14:32:59 +01:00
Roger A. Light
4d1b587e29
dynsec: Forbid deleting the anon group.
2022-08-16 12:55:48 +01:00
Roger A. Light
7917553eb2
Fix expired messages causing queued messages not to be delivered.
...
Closes #2609 . Thanks to JSchy65.
2022-08-16 12:29:18 +01:00
Roger A. Light
df317ff71f
Dynamic security: Fix the plugin being able to be loaded twice.
...
Currently only a single plugin can interact with a unique $CONTROL
topic. Using multiple instances of the plugin would produce duplicate
entries in the config file.
Closes #2601 .
Closes #2470 .
2022-08-16 01:27:55 +01:00
Roger A. Light
436f0b9348
dynsec: Fix modifyClient and modifyGroup commands
...
They will now not modify the client/group if a new group/client being
added is not valid, or on other failures.
Closes #2598 . Thanks to Sebastian Szczepański.
2022-08-16 00:48:02 +01:00
Roger A. Light
49ebb58569
Fix failure to close thread in some situations.
...
Closes #2545 . Thanks to p-luke.
2022-08-15 22:17:00 +01:00
Roger A. Light
fa31b6f41d
Fix bridge queued messages not being persisted.
...
This happens when local_cleansession is set to false and cleansession is
set to true.
Closes #2604 . Thank to Frank Dekervel.
2022-08-13 22:46:19 +01:00
Roger A. Light
80c7726d5c
Fix confusing error message when dynamic security config file was a directory.
...
Closes #2520 . Thanks to sezanzeb
2022-08-12 08:34:56 +01:00
Roger A. Light
775bd2effd
Fix confusing "out of memory" error.
...
This happens when a client is kicked in the dynamic security plugin.
Closes #2525 . Thanks to sezanzeb.
2022-08-12 08:17:17 +01:00
Roger A. Light
02b92b97ef
Fix use of MOSQ_OPT_SSL_CTX when used with MOSQ_OPT_SSL_CTX_DEFAULTS
...
Closes #2463 . Thanks to Tim Nordell.
2022-08-10 17:18:33 +01:00
Roger A. Light
f9fa19ce6a
- Fix -o
not working in mosquitto_ctrl
, and typo in related documentation.
...
Closes #2471 . Thanks to Vitaljok and rillbert
2022-08-10 15:14:32 +01:00
Roger A. Light
6468bb4f9b
Fix documentation omission around mosquitto_reinitialise.
...
Closes #2489 . Thanks to rroguski
2022-08-10 14:31:34 +01:00
Roger A. Light
351911bd8f
Fix incorrect return code being sent in DISCONNECT.
...
This is for when a client session is taken over.
Closes #2607 . Thanks to der-b
2022-08-10 14:17:22 +01:00
Roger A. Light
e979a46c04
Backport SSL connect fixes.
...
Closes #2594 .
Closes #2595 .
2022-08-09 21:25:54 +01:00
Roger A. Light
a913de2d28
Fix some PUBLISH messages not being counted in $SYS stats.
...
Closes #2448 . Thanks to Antoine.
2022-08-08 00:29:37 +01:00
Roger A. Light
ba6bbd5959
Add documentation of struct mosquitto_message to header.
...
Closes #2561 .
2022-08-08 00:01:56 +01:00
Roger A. Light
0c9d9f2163
Don't set SIGPIPE to ignore, use MSG_NOSIGNAL instead.
...
Closes #2564 . Thanks to nmeum.
2022-08-07 23:04:46 +01:00
Roger A. Light
8c0600c40c
Fixed build for openssl compiled with OPENSSL_NO_ENGINE.
...
Closes #2589 . Thanks to Dirk Feytons.
2022-08-06 23:16:55 +01:00
Roger A. Light
a146c218ad
Fix unlimited message quota not being properly checked.
...
This is for incoming messages.
Closes #2593 . Thanks to dongguoqing2015.
2022-08-06 22:49:08 +01:00
Roger A. Light
ebfebf8708
Fix bridges not sending failure notification messages.
...
This is for messages to the local broker if the remote bridge connection
fails.
Closes #1488 .
Closes #2467 .
2022-05-25 16:23:35 +01:00
Roger A. Light
c99502a256
Add clients to session expiry check list when restarting and reloading from persistence.
...
Closes #2546 . Thanks to Joachim Schachermayer.
2022-05-23 23:05:49 +01:00
Roger A. Light
29c6480c47
Improve documentation of persistent_client_expiration
option.
...
Closes #2404 . Thanks to Rainer Plischke.
2022-05-19 17:04:20 +01:00
Roger A. Light
09ac578459
Fix unused flags in CONNECT command being forced to be 0 in MQTT v3.1
...
This check is not required until v3.1.1.
Closes #2522 . Thanks to garinocyr
2022-05-17 17:41:57 +01:00
Roger A. Light
b6b8039914
Fix use of MOSQ_OPT_TLS_ENGINE
being unable to be used.
...
This was due to the openssl ctx not being initialised until starting to connect.
Closes #2537 . Thanks to chessing-c4.
2022-05-17 17:19:17 +01:00