Roger A. Light
a7f044bcea
Respect receive-maximum on bridges.
2020-12-01 21:38:56 +00:00
Roger A. Light
3731535298
Add SPDX license identifiers.
2020-12-01 20:46:56 +00:00
Roger A. Light
04c110183c
Bridge support for MQTT v5 maximum-qos.
2020-12-01 18:15:29 +00:00
Roger A. Light
ca4b23486b
Bridges now obey MQTT v5 server-keepalive.
2020-12-01 16:08:05 +00:00
Roger A. Light
e030ca45cd
Fix connack error printing.
2020-12-01 15:57:37 +00:00
Roger A. Light
0c22f475ff
Fix bridges incorrectly setting Wills to manage remote notifications.
...
This is for when `notifications_local_only` was set true.
Closes #1902 . Thanks to marcinkowskip.
2020-12-01 14:33:13 +00:00
Roger A. Light
7d05f70fe1
Fix mosq_test.py to_string() on Python 3
2020-12-01 14:27:39 +00:00
Roger A. Light
b34dcd2a67
Final remove support for legacy libwebsockets
...
This means libwebsockets < 2.4.0.
2020-12-01 13:41:14 +00:00
Roger A. Light
730fc34539
Build fix for WITH_TLS=no.
2020-12-01 13:40:03 +00:00
Roger A. Light
c39a42adcc
Report an error if the config file is set to a directory.
...
Closes #1814 . Thanks to Odysseus1710.
2020-12-01 12:17:31 +00:00
Roger A. Light
29c771cdd4
Add lib and client support for OS CA certs
...
- Add `MOSQ_OPT_TLS_USE_OS_CERTS` option, to instruct the client to load and trust OS provided CA certificates for use with TLS connections.
- All clients now load OS provided CA certificates if used with `-L
mqtts://...`, or if port is set to 8883 and no other CA certificates are
used. Closes #1824 .
- Add the `--tls-use-os-certs` option to all clients.
Closes #1824 . Thanks to Jens Reimann.
2020-12-01 11:51:13 +00:00
Roger A. Light
c2f62f03aa
Set SSL_OP_SINGLE_DH_USE to protect against weak dhparam primes.
2020-12-01 10:55:00 +00:00
Roger A. Light
b7e6638fd8
Add ciphers_tls1.3
option, to allow setting TLS v1.3 ciphersuites.
...
Closes #1825 . Thanks to Valentin Dimov.
2020-12-01 10:45:10 +00:00
Roger A. Light
ed28c416e9
Null checks in client tests.
2020-12-01 09:48:11 +00:00
Roger A. Light
6bd45f0092
dynsec: Better test coverage
2020-11-30 17:15:43 +00:00
Roger A. Light
aaf30dc622
dynsec: Fix incorrect test command.
2020-11-30 13:14:14 +00:00
Roger A. Light
0a7afd22c4
dynsec: Fix logging args.
2020-11-30 13:13:48 +00:00
Roger A. Light
757888b7f5
ctrl: Add warning if connecting without encryption.
2020-11-30 10:47:22 +00:00
Roger A. Light
692fa5537d
dynsec: Reply with error on add role fail.
2020-11-30 10:32:09 +00:00
Roger A. Light
13bdd255a1
Fix incorrect array address on error.
2020-11-30 10:31:14 +00:00
Roger A. Light
0605fd402a
dynsec: Command logging.
2020-11-30 10:10:12 +00:00
Roger A. Light
e5af6def25
dynsec: Simplify
2020-11-29 23:26:57 +00:00
Roger A. Light
d0d36b7c33
dynsec: Remove unused code
2020-11-29 23:17:39 +00:00
Roger A. Light
31e3fa4d07
dynsec: Invalid UTF-8 tests, plus some fixes.
2020-11-29 23:16:52 +00:00
Roger A. Light
c303c67461
dynsec: Return group not found on getGroup.
2020-11-28 00:34:53 +00:00
Roger A. Light
ad8cf9fc03
dynsec: Start of invalid role commands tests.
2020-11-28 00:34:33 +00:00
Roger A. Light
423e1a00d2
dynsec: Tests for group commands with invalid params, plus fixes.
2020-11-28 00:01:58 +00:00
Roger A. Light
a3258f7d82
Packet cleanup without locks
...
Prevents use of invalid mutexes during mosquitto_destroy.
Closes #1914 . Thanks to Nikolay Raspopov.
2020-11-27 15:36:34 +00:00
Roger A. Light
7ccf4c44fd
dynsec: Tests for invalid client command input.
2020-11-27 14:35:07 +00:00
Roger A. Light
6739152fda
dynsec: Various minor fixes.
2020-11-27 14:34:46 +00:00
Roger A. Light
f6e17b81b9
dynsec: More modifyRole test coverage.
2020-11-26 17:24:39 +00:00
Roger A. Light
6cffd4264e
dynsec: ACL tests.
2020-11-26 17:24:20 +00:00
Roger A. Light
598b1d7b00
dynsec: Fix free on modifyClient.
2020-11-26 15:11:20 +00:00
Roger A. Light
ba8e888e41
dynsec: Refactor some cJSON adding code to reduce redundancy
2020-11-26 14:49:28 +00:00
Roger A. Light
d8775b7d9c
dynsec: Consistent behaviour when setting clientid.
2020-11-26 12:18:57 +00:00
Roger A. Light
047c09bd32
dynsec: Anon group tests
2020-11-26 12:18:20 +00:00
Roger A. Light
c1489fc704
dynsec: Refactor duplicate group kick code.
2020-11-26 11:54:30 +00:00
Roger A. Light
2d7f146dfc
These tests shouldn't allow anon access.
2020-11-26 10:27:54 +00:00
Roger A. Light
15c6e58fa0
Only run dynsec tests if CJSON and TLS are available.
2020-11-26 10:08:29 +00:00
Roger A. Light
7dc739a11e
Disable dynsec build if cJSON or TLS not available.
2020-11-26 09:42:33 +00:00
Roger A. Light
b169dc0b1e
mosquitto_sub will quit with an error on Windows if %U is used.
...
Seconds since the Unix epoch is not a parameter that can be obtained
with strftime on Windows.
Closes #1908 . Thanks to Danil intl.
2020-11-26 09:10:04 +00:00
Roger A. Light
782696c8e4
Simplify, remove duplication.
2020-11-26 00:23:03 +00:00
Roger A. Light
c3daa247c2
dynsec: Cover setClientId in 14-dynsec-auth test.
2020-11-26 00:13:40 +00:00
Roger A. Light
c1f0cb69d1
dynsec: ACL default access test.
2020-11-25 23:54:43 +00:00
Roger A. Light
56b2e35346
Don't kick clients on refused unsubscribe.
2020-11-25 23:25:09 +00:00
Roger A. Light
81c4e2b6ac
dynsec: Commit client auth tests.
2020-11-25 22:01:26 +00:00
Roger A. Light
584cf51ba7
Update to EPL-2.0
2020-11-25 17:34:21 +00:00
Roger A. Light
69f7fcae82
Support cJSON < 1.7.13.
2020-11-25 16:57:33 +00:00
Roger A. Light
0713ad38b1
Silence Coverity Scan's concern over password_cmd derefencing.
...
This is a false positive, the conditions to trigger a NULL derefence
rely on argc changing value. However, this makes it impossible to go
wrong anyway.
Coverity Scan 1436868.
2020-11-25 11:04:58 +00:00
Roger A. Light
dac841a342
Better outgoing QoS 0 limiting.
2020-11-25 10:00:45 +00:00