d0kuhn/mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,921 Commits 1 Branch 0 Tags 11 MiB
9313f09c9d
Commit Graph

1921 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nicolás Pernas Maradei
20894fcbce Add engine private key password support 
Some OpenSSL engines (selectable via tls_engine option) may require a
password to make use of private keys created with them in the first place.

The TPM engine for example, will require a password to access the underlying
TPM's Storage Root Key (SRK), which is the root key of a hierarchy of keys
associated with a TPM; it is generated within a TPM and is a non-migratable
key. Each owned TPM contains a SRK, generated by the TPM at the request
of the Owner. [1]

By default, the engine will prompt the user to introduce the SRK password
before any private keys created with the engine can be used. This could
be inconvenient when running on an unattended system.

Here's where the new tls_engine_kpass_sha option comes in handy. The user
can specify a SHA1 hash of its engine private key password via command
line or config file and it will be passed on to the engine directly.

This commit adds support for both clients (libmosquitto) and broker.

[1] https://goo.gl/qQoXBY

Signed-off-by: Nicolás Pernas Maradei <nicopernas@gmail.com>
 2019-02-26 15:50:37 +00:00
Nicolás Pernas Maradei
d5f039ec7c Add TLS engine and keyform support to mosquitto 
Add same OpenSSL engine support to mosquitto (server side) previously added to
client side only.

Signed-off-by: Nicolás Pernas Maradei <nicopernas@gmail.com>
 2019-02-26 15:50:37 +00:00
Nicolás Pernas Maradei
f88cc06435 Add TLS engine and keyform support to libmosquitto 
- Clients can now offload crypto tasks to an external crypto device through
  the OpenSSL ENGINE API.
- The keyfiles can now be treated as PEM or ENGINE keys.
- Two new functions were added to libmosquitto to set up the previously
  mentioned features.
- Both mosquitto_sub and mosquitto_pub include support to turn on the mentioned
  features through command line options.

Signed-off-by: Nicolás Pernas Maradei <nicopernas@gmail.com>
 2019-02-26 15:48:00 +00:00
Roger A. Light
f4e24f9524 Use higher resolution timer for random client id generation. 2019-02-26 14:26:05 +00:00
Roger A. Light
c3c8c99f5d Fix dropping oversize messages for QoS>0. 2019-02-21 08:31:54 +00:00
Roger A. Light
1d17ced449 Broker configurable max_packet_size 
Plus tests.
 2019-02-19 15:57:20 +00:00
Roger A. Light
8fb4ad48b5 Strings for new error codes. 2019-02-19 15:53:15 +00:00
Roger A. Light
b9b8e0ff2a Add client support for outgoing maximum packet size. 2019-02-19 15:14:34 +00:00
Roger A. Light
1877f8a326 Tests and implementation for maximum packet size. 
This is for broker outgoing connack and publish packets only.
 2019-02-18 19:50:51 +00:00
Roger A. Light
8db16591fa Test and fix for subscription identifiers not being updated. 
Closes #1169. Thanks to Christoph Krey.
 2019-02-18 12:24:19 +00:00
Roger A. Light
66c1e2ccf0 Add mosquitto_unsubscribe_multiple(), plus tests. 2019-02-17 20:59:16 +00:00
Roger A. Light
c823073be6 v5 unsubscribe test, single topic. 2019-02-17 19:47:53 +00:00
Roger A. Light
1479c57e34 v5 report reason code=no sub when unsubscribing. 2019-02-17 10:14:02 +00:00
Roger A. Light
1ec0cea34a Fix missing reason_code on v5 UNSUBACK. 
Closes #1167. Thanks to Christoph Krey.
 2019-02-17 09:30:06 +00:00
Roger A. Light
5e8199323b Fix clients being disconnected when ACLs are in use. 
This only affects the case where a client connects using a username, and
the anonymous ACL list is defined but specific user ACLs are not
defined.

Closes #1162. Thanks to quonb.
 2019-02-14 17:46:01 +00:00
Roger A. Light
458a9840ad Bump version for test release. 2019-02-14 10:52:49 +00:00
Roger A. Light
6b43ba8201 Info on mqtt5 release. 2019-02-14 10:51:54 +00:00
Roger A. Light
a2d4535db8 Merge branch 'fixes' 2019-02-13 23:51:46 +00:00
Roger A. Light
bb72cf9088 Bump version number, update webpage. 2019-02-13 23:49:17 +00:00
Roger A. Light
8350956a08 Make include_dir sort usefully case sensitive. 2019-02-13 22:55:15 +00:00
Roger A. Light
321e566af6 Fix unref'd messages being saved to the persistence file. 
This was leaving dangling messages that were never freed.

Closes #389. Thanks to pjchx.
 2019-02-13 12:08:05 +00:00
Roger A. Light
f9f3fdbfe3 Fix pattern matching test. 2019-02-13 12:05:43 +00:00
Roger A. Light
d5dfd575b3 Fix broker TLS tests. 2019-02-13 11:51:52 +00:00
Roger A. Light
1a6c3f0c86 Improve documentation around the include_dir option. 
Closes #1154. Thanks to Guzoft.
 2019-02-13 10:08:44 +00:00
Roger A. Light
baa4642bd3 Generic ptest implementation. 2019-02-12 19:06:14 +00:00
Roger A. Light
b4a94f5900 Fix some ssl tests. 2019-02-12 18:51:19 +00:00
Roger A. Light
950ad8d16f Speed up pattern matching test. 2019-02-12 18:29:05 +00:00
Roger A. Light
016ce7dca5 Simplify ptest implementation. 2019-02-12 18:28:54 +00:00
Roger A. Light
e2f269bda8 Test duration printing on ptest. 2019-02-12 17:12:38 +00:00
Roger A. Light
084062c85e Merge branch 'fixes' into mqtt5 2019-02-12 17:05:42 +00:00
Roger A. Light
9999faf9da Add rewritten build test script and remove some build warnings. 2019-02-12 13:24:54 +00:00
Roger A. Light
b6dc4e5780 Fix datatype_read test. 2019-02-12 11:34:45 +00:00
Roger A. Light
bb914b985c Fix mosquitto_topic_matches_sub() rc with sub=="topic/#abc". 
This now returns MOSQ_ERR_INVAL as expected.
 2019-02-12 11:34:45 +00:00
Roger A. Light
b6fb2c5824 Fix property write test after function changes. 2019-02-12 11:34:45 +00:00
Roger A. Light
e72d1d6ff5 Fix mosquitto_topic_matches_sub() rc with sub=="topic/#abc". 
This now returns MOSQ_ERR_INVAL as expected.
 2019-02-12 11:26:23 +00:00
Roger A. Light
04e89450c0 Don't require C99 compiler. 2019-02-09 13:52:09 +00:00
Roger A. Light
715da28602 Fix include_dir not sorting config files before loading. 
Thanks to momoskitto.
 2019-02-08 23:52:11 +00:00
Roger A. Light
2e1c2c430f per_listener_settings true must come before other security settings. 
Produce error if this is not the case. Closes #1164, thanks to
momoskitto.
 2019-02-08 23:14:43 +00:00
Roger A. Light
9378016b19 Fix build failure when using WITH_ADNS=yes 2019-02-08 21:34:08 +00:00
Roger A. Light
ff36baa49e Bump Docker version. 2019-02-08 13:01:07 +00:00
Roger A. Light
1b5c900e77 Update CVE details and bump version number. 2019-02-08 13:01:07 +00:00
Roger A. Light
05458eb35d Fix some unused variable warnings. 2019-02-08 13:01:07 +00:00
Roger A. Light
a4f68869bf Fix cmake client build with TLS. 2019-02-08 13:01:07 +00:00
Roger A. Light
7ff9c3763b Fix socks build when using cmake. 2019-02-08 13:01:07 +00:00
Roger A. Light
1c075988ca Log message for disconnecting a client with invalid UTF-8 topic. 
Closes #1144. Thanks to Kris Mattheus.
 2019-02-08 13:01:07 +00:00
Roger A. Light
f952ae3a67 Fixed durable clients being unable to receive messages when offline. 
This occurred when per_listener_settings was set to true.

Closes #1081. Thanks to dwin-wangjt.
 2019-02-08 13:01:07 +00:00
Roger A. Light
17b52bd5d1 Windows: Fix possible crash when client disconnects. 
Closes #1137. Thanks to Kris Mattheus.
 2019-02-08 13:01:07 +00:00
Roger A. Light
d6a690aa8d Fix Will not being sent for Websockets clients. 
Closes #1143. Thanks to salcedo.
 2019-02-08 13:01:07 +00:00
Roger A. Light
ab8b57ff54 Allow broker to always restart on Windows when using log_dest file. 
Closes #1080. Thanks to lcouz.
 2019-02-08 13:01:07 +00:00
Roger A. Light
29a1936c77 Fix spaces not being allowed in the bridge remote_username option. 
Closes #1131. Thanks to beville.
 2019-02-08 13:01:07 +00:00