Roger A. Light
36f10c7623
Update tests to not use TLS 1.0.
2019-02-28 12:08:26 +00:00
Roger A. Light
4490d06a63
Coverity fixes.
...
1398654, 1398656 - lib missing unlock on fatal protocol error
1398655 - broker potential double free on startup after fatal persist
error.
2019-02-28 11:45:13 +00:00
Roger A. Light
d3d6f3a980
Fix compiling with openssl < 1.1.1.
2019-02-28 11:23:26 +00:00
Roger A. Light
463de0a2c1
Make error messages for missing config file clearer.
2019-02-28 11:13:47 +00:00
Roger A. Light
0632549ce9
Doc improvements for websockets_header_size.
2019-02-28 00:34:23 +00:00
Pierre Fersing
1aaf5f2348
Add websockets_headers_size option
...
Signed-off-by: Pierre Fersing <pierre.fersing@bleemeo.com>
2019-02-28 00:25:19 +00:00
krismattheus
479d8e5f1a
fix incorrect return code when connecting in non-blocking mode
...
Signed-off-by: krismattheus <kris.mattheus@visionbms.com>
2019-02-28 00:16:04 +00:00
Roger A. Light
571c643b3d
More C90 fixes for travis.
2019-02-27 23:17:05 +00:00
Roger A. Light
1924afe49e
Add explicit support for TLS v1.3 and drop TLS v1.0.
2019-02-27 22:50:01 +00:00
Roger A. Light
130ddf47f7
Add dhparamfile
option, to allow DH parameters to be loaded.
...
This is for Ephemeral DH support on listeners.
2019-02-27 22:26:40 +00:00
Timo Gurr
70a22f290f
Fix comparison of boolean values in CMake build.
...
Follow-up of 70c4097b6f
.
Signed-off-by: Timo Gurr <timo.gurr@gmail.com>
2019-02-27 21:02:35 +00:00
Roger A. Light
1a3eaeabce
Only use getrandom on recent glibc, when TLS not in use.
2019-02-27 20:58:29 +00:00
Roger A. Light
4564ff1232
Set umask for temp file.
2019-02-27 17:49:19 +00:00
Roger A. Light
38711fc3f3
Fix merge error for C90 compile fail.
2019-02-27 17:34:32 +00:00
Roger A. Light
87b3ca35f1
Use mkstemp with mosquitto_passwd on non-Windows.
2019-02-27 16:38:54 +00:00
Roger A. Light
deb2fdfc98
Use lib provided random id. Change lib generated id to alphanumeric only.
2019-02-27 14:53:07 +00:00
Roger A. Light
48d731ecb5
Use better random numbers for everything, where possible.
2019-02-27 14:15:31 +00:00
Roger A. Light
dfbd33e0f4
Update documentation for bridge backup, plus tweaks
...
Sets default to use the backoff mechanism.
2019-02-27 13:52:19 +00:00
Abilio Marques
1773938d98
bridge: modify documentation for restart_timeout
...
Signed-off-by: Abilio Marques <abiliojr@gmail.com>
2019-02-27 13:25:28 +00:00
Abilio Marques
40ec968529
bridge: modify configuration file description for restart_timeout
...
Signed-off-by: Abilio Marques <abiliojr@gmail.com>
2019-02-27 13:25:25 +00:00
Abilio Marques
87eb535307
bridge: add decorrelated jitter backoff mechanism
...
Signed-off-by: Abilio Marques <abiliojr@gmail.com>
2019-02-27 13:25:20 +00:00
Roger A. Light
72941db546
Coverity fixes
...
1399064
1399065
1398655
1398656
1398654
1399067
1399066
1399063
1399060
1399059
1399068
1399062
1398657
1398653
1302848
1302847
1399070
2019-02-27 12:38:20 +00:00
Roger A. Light
e334aad853
Rewrite bind_interface docs, update changelog.
2019-02-27 10:07:14 +00:00
Steven Lawrance
208c3d3e85
Allow binding a listener to a specific network interface
...
Signed-off-by: Steven Lawrance <stl@koffein.net>
2019-02-27 09:38:39 +00:00
Roger A. Light
91a2932e25
Add missing test.
2019-02-27 09:37:02 +00:00
Roger A. Light
b2c0c3d573
Handle DISCONNECT with will.
2019-02-27 09:27:34 +00:00
Roger A. Light
3b6b6d5fa8
Test improvements
...
And some related fixes.
2019-02-27 09:27:34 +00:00
Roger A. Light
c506c8335b
Will delay tests and implementation.
2019-02-27 09:27:34 +00:00
Roger A. Light
b0c60fb6e1
Separate will reading code.
2019-02-27 09:27:34 +00:00
Roger A. Light
5aabc171b0
Merge branch 'mqtt5' into develop
2019-02-26 18:51:31 +00:00
Roger A. Light
e862a047a8
Rework TLS engine support.
2019-02-26 17:11:29 +00:00
Nicolás Pernas Maradei
20894fcbce
Add engine private key password support
...
Some OpenSSL engines (selectable via tls_engine option) may require a
password to make use of private keys created with them in the first place.
The TPM engine for example, will require a password to access the underlying
TPM's Storage Root Key (SRK), which is the root key of a hierarchy of keys
associated with a TPM; it is generated within a TPM and is a non-migratable
key. Each owned TPM contains a SRK, generated by the TPM at the request
of the Owner. [1]
By default, the engine will prompt the user to introduce the SRK password
before any private keys created with the engine can be used. This could
be inconvenient when running on an unattended system.
Here's where the new tls_engine_kpass_sha option comes in handy. The user
can specify a SHA1 hash of its engine private key password via command
line or config file and it will be passed on to the engine directly.
This commit adds support for both clients (libmosquitto) and broker.
[1] https://goo.gl/qQoXBY
Signed-off-by: Nicolás Pernas Maradei <nicopernas@gmail.com>
2019-02-26 15:50:37 +00:00
Nicolás Pernas Maradei
d5f039ec7c
Add TLS engine and keyform support to mosquitto
...
Add same OpenSSL engine support to mosquitto (server side) previously added to
client side only.
Signed-off-by: Nicolás Pernas Maradei <nicopernas@gmail.com>
2019-02-26 15:50:37 +00:00
Nicolás Pernas Maradei
f88cc06435
Add TLS engine and keyform support to libmosquitto
...
- Clients can now offload crypto tasks to an external crypto device through
the OpenSSL ENGINE API.
- The keyfiles can now be treated as PEM or ENGINE keys.
- Two new functions were added to libmosquitto to set up the previously
mentioned features.
- Both mosquitto_sub and mosquitto_pub include support to turn on the mentioned
features through command line options.
Signed-off-by: Nicolás Pernas Maradei <nicopernas@gmail.com>
2019-02-26 15:48:00 +00:00
Roger A. Light
f4e24f9524
Use higher resolution timer for random client id generation.
2019-02-26 14:26:05 +00:00
Roger A. Light
c3c8c99f5d
Fix dropping oversize messages for QoS>0.
2019-02-21 08:31:54 +00:00
Roger A. Light
1d17ced449
Broker configurable max_packet_size
...
Plus tests.
2019-02-19 15:57:20 +00:00
Roger A. Light
8fb4ad48b5
Strings for new error codes.
2019-02-19 15:53:15 +00:00
Roger A. Light
b9b8e0ff2a
Add client support for outgoing maximum packet size.
2019-02-19 15:14:34 +00:00
Roger A. Light
1877f8a326
Tests and implementation for maximum packet size.
...
This is for broker outgoing connack and publish packets only.
2019-02-18 19:50:51 +00:00
Roger A. Light
8db16591fa
Test and fix for subscription identifiers not being updated.
...
Closes #1169 . Thanks to Christoph Krey.
2019-02-18 12:24:19 +00:00
Roger A. Light
66c1e2ccf0
Add mosquitto_unsubscribe_multiple(), plus tests.
2019-02-17 20:59:16 +00:00
Roger A. Light
c823073be6
v5 unsubscribe test, single topic.
2019-02-17 19:47:53 +00:00
Roger A. Light
1479c57e34
v5 report reason code=no sub when unsubscribing.
2019-02-17 10:14:02 +00:00
Roger A. Light
1ec0cea34a
Fix missing reason_code on v5 UNSUBACK.
...
Closes #1167 . Thanks to Christoph Krey.
2019-02-17 09:30:06 +00:00
Roger A. Light
5e8199323b
Fix clients being disconnected when ACLs are in use.
...
This only affects the case where a client connects using a username, and
the anonymous ACL list is defined but specific user ACLs are not
defined.
Closes #1162 . Thanks to quonb.
2019-02-14 17:46:01 +00:00
Roger A. Light
458a9840ad
Bump version for test release.
2019-02-14 10:52:49 +00:00
Roger A. Light
6b43ba8201
Info on mqtt5 release.
2019-02-14 10:51:54 +00:00
Roger A. Light
a2d4535db8
Merge branch 'fixes'
2019-02-13 23:51:46 +00:00
Roger A. Light
bb72cf9088
Bump version number, update webpage.
2019-02-13 23:49:17 +00:00