diff --git a/ChangeLog.txt b/ChangeLog.txt
index ed32fb18..e2446349 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -62,6 +62,8 @@ Broker:
- Root privileges are now dropped after starting listeners and loading
certificates/private keys, to allow private keys to have their permissions
restricted to the root user only. Closes bug #452914.
+- Usernames and topics given in ACL files can now include a space. Closes bug
+ #431780.
Clients:
- Both clients can now load default configuration options from a file.
diff --git a/man/mosquitto.conf.5.xml b/man/mosquitto.conf.5.xml
index 9119867f..c220017a 100644
--- a/man/mosquitto.conf.5.xml
+++ b/man/mosquitto.conf.5.xml
@@ -99,12 +99,14 @@
listed will have access. Topic access is added with
lines of the format:
- topic [read|write] <topic>
+ topic [read|write|readwrite] <topic>
- The access type is controlled using "read" or
- "write". This parameter is optional - if not given then
- the access is read/write. <topic> can contain
- the + or # wildcards as in subscriptions.
+ The access type is controlled using "read", "write" or
+ "readwrite". This parameter is optional (unless
+ <topic> includes a space character) - if not
+ given then the access is read/write. <topic> can
+ contain the + or # wildcards as in
+ subscriptions.The first set of topics are applied to anonymous
clients, assuming is
@@ -121,7 +123,7 @@
substitution within the topic. The form is the same as
for the topic keyword, but using pattern as the
keyword.
- pattern [read|write] <topic>
+ pattern [read|write|readwrite] <topic>The patterns available for substition are:
diff --git a/mosquitto.conf b/mosquitto.conf
index 8480b3c6..475db528 100644
--- a/mosquitto.conf
+++ b/mosquitto.conf
@@ -543,11 +543,12 @@
# comment.
# Topic access is added with lines of the format:
#
-# topic [read|write]
+# topic [read|write|readwrite]
#
-# The access type is controlled using "read" or "write". This parameter
-# is optional - if not given then the access is read/write.
-# can contain the + or # wildcards as in subscriptions.
+# The access type is controlled using "read", "write" or "readwrite". This
+# parameter is optional (unless contains a space character) - if not
+# given then the access is read/write. can contain the + or #
+# wildcards as in subscriptions.
#
# The first set of topics are applied to anonymous clients, assuming
# allow_anonymous is true. User specific topic ACLs are added after a
@@ -576,7 +577,7 @@
# with the following pattern:
# pattern write $SYS/broker/connection/%c/state
#
-# pattern [read|write]
+# pattern [read|write|readwrite]
#
# Example:
#
diff --git a/src/security_default.c b/src/security_default.c
index a99df8ac..45bb64b9 100644
--- a/src/security_default.c
+++ b/src/security_default.c
@@ -364,7 +364,7 @@ static int _aclfile_parse(struct mosquitto_db *db)
fclose(aclfile);
return MOSQ_ERR_INVAL;
}
- token = strtok_r(NULL, " ", &saveptr);
+ token = strtok_r(NULL, "", &saveptr);
if(token){
topic = token;
}else{
@@ -376,8 +376,10 @@ static int _aclfile_parse(struct mosquitto_db *db)
access = MOSQ_ACL_READ;
}else if(!strcmp(access_s, "write")){
access = MOSQ_ACL_WRITE;
+ }else if(!strcmp(access_s, "readwrite")){
+ access = MOSQ_ACL_READ | MOSQ_ACL_WRITE;
}else{
- _mosquitto_log_printf(NULL, MOSQ_LOG_ERR, "Error: Empty invalid topic access type in acl_file.");
+ _mosquitto_log_printf(NULL, MOSQ_LOG_ERR, "Error: Invalid topic access type \"%s\" in acl_file.", access_s);
if(user) _mosquitto_free(user);
fclose(aclfile);
return MOSQ_ERR_INVAL;
@@ -395,7 +397,7 @@ static int _aclfile_parse(struct mosquitto_db *db)
return rc;
}
}else if(!strcmp(token, "user")){
- token = strtok_r(NULL, " ", &saveptr);
+ token = strtok_r(NULL, "", &saveptr);
if(token){
if(user) _mosquitto_free(user);
user = _mosquitto_strdup(token);