Roger A. Light
ce31269e05
Update changelog, bump version, bump copyright year.
2019-02-28 16:56:15 +00:00
Roger A. Light
3b6b6d5fa8
Test improvements
...
And some related fixes.
2019-02-27 09:27:34 +00:00
Roger A. Light
5e8199323b
Fix clients being disconnected when ACLs are in use.
...
This only affects the case where a client connects using a username, and
the anonymous ACL list is defined but specific user ACLs are not
defined.
Closes #1162 . Thanks to quonb.
2019-02-14 17:46:01 +00:00
Roger A. Light
084062c85e
Merge branch 'fixes' into mqtt5
2019-02-12 17:05:42 +00:00
Roger Light
c40957a7d8
Fix and tests for CVE-2018-12546.
2019-02-08 13:01:07 +00:00
Roger A. Light
d8505624d0
Fix and tests for security bug #541870 .
2019-02-08 13:01:07 +00:00
Roger A. Light
36b5421c59
Fix and tests for security bug #543401 .
2019-02-08 13:01:07 +00:00
Roger A. Light
55ca61f14e
Fix segfault on HUP when bridges and security options are configured.
...
Closes #849 . Closes #965 . Thanks to Wolfgand Hottgenroth and Dustin Sallings.
2018-09-19 17:52:23 +01:00
Roger A. Light
ecb4006f38
Don't reject ACL patterns without %u or %c, just warn.
...
Using `pattern blah/#` is a legitimate method of getting a global ACL.
We shouldn't be changing behaviour in a fixes release.
2018-08-09 14:32:02 +01:00
Wolfgang Hottgenroth
88456c655f
Move check whether context is a bridge in front of check whether a listener
...
exists for context. New test now passes.
Signed-off-by: Wolfgang Hottgenroth <wolfgang.hottgenroth@icloud.com>
2018-08-08 13:42:50 +01:00
Roger A. Light
39170d1181
ACL patterns that do not contain either %c or %u are now rejected.
...
Closes #209 .
Bug: https://github.com/eclipse/mosquitto/issues/209
Signed-off-by: Roger A. Light <roger@atchoo.org>
2018-08-08 13:15:54 +01:00
Roger A. Light
6c7ecd7e97
Fix compiling without TLS.
2018-05-02 21:04:42 +01:00
Roger A. Light
2d1667b120
Remove c99-isms due to problems with dependencies.
2018-05-02 09:32:37 +01:00
Roger A. Light
23230b7b18
Add per-listener acl handling.
2018-05-01 22:54:25 +01:00
Roger A. Light
f4d238be18
Bump copyright years.
2018-04-11 15:24:29 +01:00
Roger A. Light
8a22b918c0
Fix Coverity Scan defects.
2018-03-26 22:47:46 +01:00
Roger A. Light
fd7b08c0eb
Per listener psk_file.
2018-03-15 21:39:42 +00:00
Roger A. Light
7046691b7d
Reload password files properly.
2018-03-15 14:29:02 +00:00
Roger A. Light
aa87f3c170
Per listener allow_anonymous.
2018-03-15 12:18:19 +00:00
Roger A. Light
a571104809
Check correct password list.
2018-03-15 11:08:19 +00:00
Roger A. Light
57e852db05
Per listener password file.
2018-03-13 17:52:04 +00:00
Roger A. Light
b4c72e8fc0
Fix HUP disconnecting clients incorrectly.
...
Bug: https://github.com/eclipse/mosquitto/issues/657
2018-01-10 22:34:03 +00:00
Roger A. Light
8795f063d4
Add ability to deny access to SUBSCRIBE messages.
...
This is as well as the current read/write accesses. Currently for auth
plugins only.
2017-08-11 22:15:37 +01:00
Roger A. Light
5a267368d7
Merge branch 'master' into develop
2017-07-19 00:15:42 +01:00
Roger A. Light
0ba0bc434e
Use constant time memcmp for password checks.
2017-07-16 23:20:58 +01:00
Roger A. Light
e74203de2c
Merge branch 'master' into develop
2017-07-16 22:52:01 +01:00
Roger A. Light
cd17ca45cd
[462] Relax CVE-2017-7650 checks.
...
Checks for '/' are no longer made, this character is a much lower risk
and is widely used in usernames.
Bug: https://github.com/eclipse/mosquitto/issues/462
2017-06-27 15:10:43 +01:00
Roger A. Light
6e7d02ba16
Fix for CVE-2017-9868 for Windows.
2017-06-26 14:53:33 +01:00
Roger A. Light
bb61cd2dee
Fix merge error.
2017-06-19 18:31:58 +01:00
Roger A. Light
b61fefcf08
Merge branch 'master' into develop
2017-05-31 21:05:26 +01:00
Roger A. Light
9af3c6958f
Fix for CVE-2017-7650.
2017-05-28 21:51:50 +01:00
Roger A. Light
91b308a11d
Merge branch 'master' into develop
2017-03-06 21:19:53 +00:00
Roger A. Light
017db6706f
Rename mosquitto_broker.h -> mosquitto_broker_internal.h
2016-07-08 10:10:04 +01:00
Roger A. Light
8378fe44cf
Update copyrights.
2016-07-08 09:42:24 +01:00
Roger A. Light
56d0f74725
Defer support for TLS-PSK.
2016-07-08 09:36:25 +01:00
Roger A. Light
fff741613e
Support for openssl 1.1.0.
2016-06-26 22:00:43 +01:00
Roger A. Light
37dceb38f9
Fix some defects discovered by coverity.
2016-03-18 11:54:36 +00:00
Roger A. Light
1b190b14f1
Fix auth deferring with no pwfile defined.
2016-03-13 07:21:31 +00:00
Roger A. Light
6087d4bcb6
Fix incorrect calloc/mosquitto__free pair.
2016-03-12 13:27:25 +00:00
Roger A. Light
fda0cb3d45
Fix incorrect $SYS heap memory reporting when using ACLs.
2016-03-12 13:25:20 +00:00
Roger A. Light
4afe1a1502
Swap plugin+built in order.
2015-10-02 21:44:39 +01:00
Roger A. Light
b4fbe904d4
Remove more unnecessary "if(x) mosquitto__free(x)" checks.
2015-09-22 14:42:56 +01:00
Roger A. Light
436d3fac19
Merge branch 'fixes' into develop
...
Conflicts:
CMakeLists.txt
ChangeLog.txt
config.mk
installer/mosquitto.nsi
installer/mosquitto64.nsi
lib/mosquitto.c
lib/mosquitto.h
src/loop.c
2015-09-22 14:18:12 +01:00
Roger A. Light
9fb288d283
Fix malloc/_mosquitto_free mismatch.
2015-09-22 14:04:47 +01:00
Roger Light
e2324ff9bb
Merge remote-tracking branch 'remotes/origin/master' into develop
...
Conflicts:
CMakeLists.txt
ChangeLog.txt
THANKS.txt
appveyor.yml
config.mk
installer/mosquitto-cygwin.nsi
installer/mosquitto.nsi
lib/messages_mosq.c
lib/messages_mosq.h
lib/mosquitto.c
lib/mosquitto.h
lib/net_mosq.c
lib/net_mosq.h
lib/send_client_mosq.c
lib/send_mosq.c
lib/socks_mosq.c
lib/will_mosq.c
src/bridge.c
src/conf.c
src/context.c
src/database.c
src/loop.c
src/mosquitto.c
src/mosquitto_broker.h
src/net.c
src/read_handle.c
src/read_handle_server.c
src/subs.c
2015-09-09 22:02:46 +01:00
Roger A. Light
3f86d316d8
Allow mosquitto__free(NULL).
...
Remove all unnecessary "if(X)" before a call to mosquitto__free.
2015-08-18 14:53:22 +01:00
Roger A. Light
e773ea1bee
[464543] Run default checks after plugins.
2015-06-29 23:31:39 +01:00
Roger A. Light
21946ace6c
mosquitto__log_printf -> log__printf
2015-05-18 08:53:21 +01:00
Roger A. Light
b598aec385
Sys -> user includes.
2015-04-29 21:37:47 +01:00
Roger A. Light
11756d24c8
Change internal funcs _foo_bar() to foo__bar().
2015-04-19 22:10:59 +01:00
Roger A. Light
960b3ef32d
Fix possible minor memory leak on acl parsing.
2015-03-30 22:26:44 +01:00
Roger A. Light
ccc8a81187
Ignore multiple spaces when parsing acl files.
2015-03-26 22:37:01 +00:00
Roger A. Light
28404350c4
Fix possible crash when using pattern ACLs.
2015-03-08 21:00:15 +00:00
Roger A. Light
22e09ae613
[455402] Fix potential hang with pattern acls.
...
Fix hang if pattern acl contains a %u but an anonymous client connect.
Thanks to Christoph Krey.
Bug: https://bugs.eclipse.org/bugs/show_bug.cgi?id=455402
2015-01-27 23:33:36 +00:00
Roger A. Light
1b4903b41e
[431780] ACL files can contain a space in username/topic.
...
Bug: https://bugs.eclipse.org/bugs/show_bug.cgi?id=431780
2015-01-27 23:33:36 +00:00
Roger A. Light
070d783c9f
Merge 1.3.2-1.3.5 into 1.4.
2014-10-12 11:17:13 +01:00
Roger A. Light
45fa820989
Anonymous clients are no longer accidently disconnected from the broker after a SIGHUP.
2014-07-13 14:11:43 +01:00
Roger A. Light
bb1a69b7d7
Disconnect clients consistently.
2014-07-08 23:07:19 +01:00
Roger A. Light
ff5fd26e13
Free base64 memory properly.
2014-06-27 22:59:50 +01:00
Roger A. Light
764b7e0a91
Use hash functions to store client data.
2014-06-23 17:57:35 +01:00
Roger A. Light
29e65e4965
Anonymous clients are no longer accidently disconnected from the broker after a SIGHUP.
2014-06-18 23:17:40 +01:00
Roger A. Light
6cc3e7999e
Tidy up.
2014-05-27 22:02:52 +01:00
Roger A. Light
be0cfff969
Fix possible leaks.
2014-05-26 21:23:19 +01:00
Roger Light
ab15557931
Fix possible crash when using pattern ACLs.
...
Crash may occur for ACLs that do not include a %u and clients that
connect without a username.
Thanks to Karl Palsson.
2014-05-08 23:03:15 +01:00
Roger Light
0364bd1be7
Initial contribution.
2014-05-07 23:27:00 +01:00