github
/
mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master'

Browse Source
pull/982/head
Roger A. Light 7 years ago
parent e5eb03b2e6 07d59d20e2
commit 35dea07dcd
29 changed files with 442 additions and 103 deletions
Show Stats Download Patch File Download Diff File

2
CMakeLists.txt
Unescape Escape View File

@ -11,7 +11,7 @@ project(mosquitto)
cmake_minimum_required(VERSION 2.8) cmake_minimum_required(VERSION 2.8)
# Only for version 3 and up. cmake_policy(SET CMP0042 NEW) # Only for version 3 and up. cmake_policy(SET CMP0042 NEW)
set (VERSION 1.5.2) set (VERSION 1.5.3)
add_definitions (-DCMAKE -DVERSION=\"${VERSION}\") add_definitions (-DCMAKE -DVERSION=\"${VERSION}\")

6
CONTRIBUTING.md
Unescape Escape View File

@ -32,9 +32,9 @@ Foundation IP policy.
Please read the [Eclipse Foundation policy on accepting contributions via Git](http://wiki.eclipse.org/Development_Resources/Contributing_via_Git). Please read the [Eclipse Foundation policy on accepting contributions via Git](http://wiki.eclipse.org/Development_Resources/Contributing_via_Git).
1. Sign the [Eclipse ECA](http://www.eclipse.org/legal/ECA.php) 1. Sign the [Eclipse ECA](http://www.eclipse.org/legal/ECA.php)
1. Register for an Eclipse Foundation User ID. You can register [here](https://dev.eclipse.org/site_login/createaccount.php). 1. Register for an Eclipse Foundation User ID. You can register [here](https://accounts.eclipse.org/user/register).
2. Log into the [Projects Portal](https://projects.eclipse.org/), and click on the '[Eclipse ECA](https://projects.eclipse.org/user/sign/eca)' link. 2. Log into the [Accounts Portal](https://accounts.eclipse.org/), and click on the '[Eclipse Contributor Agreement](https://accounts.eclipse.org/user/eca)' link.
2. Go to your [account settings](https://dev.eclipse.org/site_login/myaccount.php#open_tab_accountsettings) and add your GitHub username to your account. 2. Go to your [account settings](https://accounts.eclipse.org/user/edit) and add your GitHub username to your account.
3. Make sure that you _sign-off_ your Git commits in the following format: 3. Make sure that you _sign-off_ your Git commits in the following format:
``` Signed-off-by: John Smith <johnsmith@nowhere.com> ``` This is usually at the bottom of the commit message. You can automate this by adding the '-s' flag when you make the commits. e.g. ```git commit -s -m "Adding a cool feature"``` ``` Signed-off-by: John Smith <johnsmith@nowhere.com> ``` This is usually at the bottom of the commit message. You can automate this by adding the '-s' flag when you make the commits. e.g. ```git commit -s -m "Adding a cool feature"```
4. Ensure that the email address that you make your commits with is the same one you used to sign up to the Eclipse Foundation website with. 4. Ensure that the email address that you make your commits with is the same one you used to sign up to the Eclipse Foundation website with.

17
ChangeLog.txt
Unescape Escape View File

@ -1,9 +1,24 @@
1.5.3 - 201810xx 1.5.3 - 20180925
================ ================
Security:
- Fix CVE-2018-12543. If a message is sent to Mosquitto with a topic that
begins with $, but is not $SYS, then an assert that should be unreachable is
triggered and Mosquitto will exit.
Broker: Broker:
- Elevate log level to warning for situation when socket limit is hit. - Elevate log level to warning for situation when socket limit is hit.
- Remove requirement to use `user root` in snap package config files. - Remove requirement to use `user root` in snap package config files.
- Fix retained messages not sent by bridges on outgoing topics at the first
connection. Closes #701.
- Documentation fixes. Closes #520, #600.
- Fix duplicate clients being added to by_id hash before the old client was
removed. Closes #645.
- Fix Windows version not starting if include_dir did not contain any files.
Closes #566.
Build:
- Various fixes to ease building.
1.5.2 - 20180919 1.5.2 - 20180919

4
client/Makefile
Unescape Escape View File

@ -7,10 +7,10 @@ SHARED_DEP:=../lib/libmosquitto.so.${SOVERSION}
endif endif
ifeq ($(WITH_SHARED_LIBRARIES),yes) ifeq ($(WITH_SHARED_LIBRARIES),yes)
ALL_DEPS:= mosquitto_pub mosquitto_sub ALL_DEPS:= mosquitto_pub mosquitto_sub
else else
ifeq ($(WITH_STATIC_LIBRARIES),yes) ifeq ($(WITH_STATIC_LIBRARIES),yes)
ALL_DEPS:= static_pub static_sub ALL_DEPS:= static_pub static_sub
endif endif
endif endif

31
config.h
Unescape Escape View File

@ -1,10 +1,19 @@
#ifndef CONFIG_H #ifndef CONFIG_H
/* ============================================================ /* ============================================================
* Control compile time options. * Platform options
* ============================================================ * ============================================================ */
*
* Compile time options have moved to config.mk. #ifdef __APPLE__
*/ # define __DARWIN_C_SOURCE
#elif defined(__FreeBSD__) || defined(__NetBSD__) || defined(__SYMBIAN32__) || defined(__QNX__)
# define _XOPEN_SOURCE 700
# define __BSD_VISIBLE 1
# define HAVE_NETINET_IN_H
#else
# define _XOPEN_SOURCE 700
# define _DEFAULT_SOURCE 1
# define _POSIX_C_SOURCE 200809L
#endif
/* ============================================================ /* ============================================================
@ -27,16 +36,4 @@
#define uthash_malloc(sz) mosquitto__malloc(sz) #define uthash_malloc(sz) mosquitto__malloc(sz)
#define uthash_free(ptr,sz) mosquitto__free(ptr) #define uthash_free(ptr,sz) mosquitto__free(ptr)
#ifdef __APPLE__
# define __DARWIN_C_SOURCE
#elif defined(__FreeBSD__) || defined(__NetBSD__) || defined(__SYMBIAN32__) || defined(__QNX__)
# define _XOPEN_SOURCE 700
# define __BSD_VISIBLE 1
# define HAVE_NETINET_IN_H
#else
# define _XOPEN_SOURCE 700
# define _DEFAULT_SOURCE 1
# define _POSIX_C_SOURCE 200809L
#endif
#endif #endif

10
config.mk
Unescape Escape View File

@ -105,7 +105,7 @@ WITH_BUNDLED_DEPS:=yes
# Also bump lib/mosquitto.h, CMakeLists.txt, # Also bump lib/mosquitto.h, CMakeLists.txt,
# installer/mosquitto.nsi, installer/mosquitto64.nsi # installer/mosquitto.nsi, installer/mosquitto64.nsi
VERSION=1.5.2 VERSION=1.5.3
# Client library SO version. Bump if incompatible API/ABI changes are made. # Client library SO version. Bump if incompatible API/ABI changes are made.
SOVERSION=1 SOVERSION=1
@ -281,9 +281,11 @@ ifeq ($(WITH_WEBSOCKETS),static)
endif endif
INSTALL?=install INSTALL?=install
prefix=/usr/local prefix?=/usr/local
mandir=${prefix}/share/man incdir?=${prefix}/include
localedir=${prefix}/share/locale libdir?=${prefix}/lib${LIB_SUFFIX}
localedir?=${prefix}/share/locale
mandir?=${prefix}/share/man
STRIP?=strip STRIP?=strip
ifeq ($(WITH_STRIP),yes) ifeq ($(WITH_STRIP),yes)

2
installer/mosquitto.nsi
Unescape Escape View File

@ -9,7 +9,7 @@
!define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"' !define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"'
Name "Eclipse Mosquitto" Name "Eclipse Mosquitto"
!define VERSION 1.5.2 !define VERSION 1.5.3
OutFile "mosquitto-${VERSION}-install-windows-x86.exe" OutFile "mosquitto-${VERSION}-install-windows-x86.exe"
InstallDir "$PROGRAMFILES\mosquitto" InstallDir "$PROGRAMFILES\mosquitto"

2
installer/mosquitto64.nsi
Unescape Escape View File

@ -9,7 +9,7 @@
!define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"' !define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"'
Name "Eclipse Mosquitto" Name "Eclipse Mosquitto"
!define VERSION 1.5.2 !define VERSION 1.5.3
OutFile "mosquitto-${VERSION}-install-windows-x64.exe" OutFile "mosquitto-${VERSION}-install-windows-x64.exe"
!include "x64.nsh" !include "x64.nsh"

28
lib/Makefile
Unescape Escape View File

@ -54,30 +54,28 @@ ifeq ($(WITH_SHARED_LIBRARIES),yes)
endif endif
install : all install : all
$(INSTALL) -d "${DESTDIR}$(prefix)/lib${LIB_SUFFIX}/" $(INSTALL) -d "${DESTDIR}${libdir}/"
ifeq ($(WITH_SHARED_LIBRARIES),yes) ifeq ($(WITH_SHARED_LIBRARIES),yes)
$(INSTALL) ${STRIP_OPTS} libmosquitto.so.${SOVERSION} "${DESTDIR}${prefix}/lib${LIB_SUFFIX}/libmosquitto.so.${SOVERSION}" $(INSTALL) ${STRIP_OPTS} libmosquitto.so.${SOVERSION} "${DESTDIR}${libdir}/libmosquitto.so.${SOVERSION}"
ln -sf libmosquitto.so.${SOVERSION} "${DESTDIR}${prefix}/lib${LIB_SUFFIX}/libmosquitto.so" ln -sf libmosquitto.so.${SOVERSION} "${DESTDIR}${libdir}/libmosquitto.so"
endif endif
ifeq ($(WITH_STATIC_LIBRARIES),yes) ifeq ($(WITH_STATIC_LIBRARIES),yes)
$(INSTALL) libmosquitto.a "${DESTDIR}${prefix}/lib${LIB_SUFFIX}/libmosquitto.a" $(INSTALL) ${STRIP_OPTS} libmosquitto.a "${DESTDIR}${libdir}/libmosquitto.a"
${CROSS_COMPILE}${STRIP} -g --strip-unneeded "${DESTDIR}${prefix}/lib${LIB_SUFFIX}/libmosquitto.a"
endif endif
$(INSTALL) -d "${DESTDIR}${prefix}/include/" $(INSTALL) -d "${DESTDIR}${incdir}/"
$(INSTALL) mosquitto.h "${DESTDIR}${prefix}/include/mosquitto.h" $(INSTALL) mosquitto.h "${DESTDIR}${incdir}/mosquitto.h"
$(INSTALL) -d "${DESTDIR}$(prefix)/lib${LIB_SUFFIX}/pkgconfig" $(INSTALL) -d "${DESTDIR}${libdir}/pkgconfig"
$(INSTALL) -m644 ../libmosquitto.pc.in "${DESTDIR}$(prefix)/lib${LIB_SUFFIX}/pkgconfig/libmosquitto.pc" $(INSTALL) -m644 ../libmosquitto.pc.in "${DESTDIR}${libdir}/pkgconfig/libmosquitto.pc"
sed -i -e "s#@CMAKE_INSTALL_PREFIX@#$(prefix)#" -e "s#@VERSION@#$(VERSION)#" "${DESTDIR}$(prefix)/lib${LIB_SUFFIX}/pkgconfig/libmosquitto.pc" sed -i -e "s#@CMAKE_INSTALL_PREFIX@#${prefix}#" -e "s#@VERSION@#${VERSION}#" "${DESTDIR}${libdir}/pkgconfig/libmosquitto.pc"
ifeq ($(WITH_SHARED_LIBRARIES),yes) ifeq ($(WITH_SHARED_LIBRARIES),yes)
$(MAKE) -C cpp install $(MAKE) -C cpp install
endif endif
uninstall : uninstall :
-rm -f "${DESTDIR}${prefix}/lib${LIB_SUFFIX}/libmosquitto.so.${SOVERSION}" -rm -f "${DESTDIR}${libdir}/libmosquitto.so.${SOVERSION}"
-rm -f "${DESTDIR}${prefix}/lib${LIB_SUFFIX}/libmosquitto.so" -rm -f "${DESTDIR}${libdir}/libmosquitto.so"
-rm -f "${DESTDIR}${prefix}/lib${LIB_SUFFIX}/libmosquitto.a" -rm -f "${DESTDIR}${libdir}/libmosquitto.a"
-rm -f "${DESTDIR}${prefix}/include/mosquitto.h" -rm -f "${DESTDIR}${incdir}/mosquitto.h"
reallyclean : clean reallyclean : clean

28
lib/cpp/Makefile
Unescape Escape View File

@ -15,24 +15,24 @@ endif
all : ${ALL_DEPS} all : ${ALL_DEPS}
install : all install : all
$(INSTALL) -d "${DESTDIR}$(prefix)/lib${LIB_SUFFIX}/" $(INSTALL) -d "${DESTDIR}${libdir}/"
$(INSTALL) ${STRIP_OPTS} libmosquittopp.so.${SOVERSION} "${DESTDIR}${prefix}/lib${LIB_SUFFIX}/libmosquittopp.so.${SOVERSION}" $(INSTALL) ${STRIP_OPTS} libmosquittopp.so.${SOVERSION} "${DESTDIR}${libdir}/libmosquittopp.so.${SOVERSION}"
ln -sf libmosquittopp.so.${SOVERSION} "${DESTDIR}${prefix}/lib${LIB_SUFFIX}/libmosquittopp.so" ln -sf libmosquittopp.so.${SOVERSION} "${DESTDIR}${libdir}/libmosquittopp.so"
ifeq ($(WITH_STATIC_LIBRARIES),yes) ifeq ($(WITH_STATIC_LIBRARIES),yes)
$(INSTALL) libmosquittopp.a "${DESTDIR}${prefix}/lib${LIB_SUFFIX}/libmosquittopp.a" $(INSTALL) libmosquittopp.a "${DESTDIR}${libdir}/libmosquittopp.a"
${CROSS_COMPILE}${STRIP} -g --strip-unneeded "${DESTDIR}${prefix}/lib${LIB_SUFFIX}/libmosquittopp.a" ${CROSS_COMPILE}${STRIP} -g --strip-unneeded "${DESTDIR}${libdir}/libmosquittopp.a"
endif endif
$(INSTALL) -d "${DESTDIR}${prefix}/include/" $(INSTALL) -d "${DESTDIR}${incdir}/"
$(INSTALL) mosquittopp.h "${DESTDIR}${prefix}/include/mosquittopp.h" $(INSTALL) mosquittopp.h "${DESTDIR}${incdir}/mosquittopp.h"
$(INSTALL) -d "${DESTDIR}$(prefix)/lib${LIB_SUFFIX}/pkgconfig" $(INSTALL) -d "${DESTDIR}${libdir}/pkgconfig/"
$(INSTALL) -m644 ../../libmosquittopp.pc.in "${DESTDIR}$(prefix)/lib${LIB_SUFFIX}/pkgconfig/libmosquittopp.pc" $(INSTALL) -m644 ../../libmosquittopp.pc.in "${DESTDIR}${libdir}/pkgconfig/libmosquittopp.pc"
sed -i -e "s#@CMAKE_INSTALL_PREFIX@#$(prefix)#" -e "s#@VERSION@#$(VERSION)#" "${DESTDIR}$(prefix)/lib${LIB_SUFFIX}/pkgconfig/libmosquittopp.pc" sed -i -e "s#@CMAKE_INSTALL_PREFIX@#${prefix}#" -e "s#@VERSION@#${VERSION}#" "${DESTDIR}${libdir}/pkgconfig/libmosquittopp.pc"
uninstall : uninstall :
-rm -f "${DESTDIR}${prefix}/lib${LIB_SUFFIX}/libmosquittopp.so.${SOVERSION}" -rm -f "${DESTDIR}${libdir}/libmosquittopp.so.${SOVERSION}"
-rm -f "${DESTDIR}${prefix}/lib${LIB_SUFFIX}/libmosquittopp.so" -rm -f "${DESTDIR}${libdir}/libmosquittopp.so"
-rm -f "${DESTDIR}${prefix}/lib${LIB_SUFFIX}/libmosquittopp.a" -rm -f "${DESTDIR}${libdir}/libmosquittopp.a"
-rm -f "${DESTDIR}${prefix}/include/mosquittopp.h" -rm -f "${DESTDIR}${incdir}/mosquittopp.h"
clean : clean :
-rm -f *.o libmosquittopp.so.${SOVERSION} libmosquittopp.a -rm -f *.o libmosquittopp.so.${SOVERSION} libmosquittopp.a

2
lib/mosquitto.h
Unescape Escape View File

@ -47,7 +47,7 @@ extern "C" {
#define LIBMOSQUITTO_MAJOR 1 #define LIBMOSQUITTO_MAJOR 1
#define LIBMOSQUITTO_MINOR 5 #define LIBMOSQUITTO_MINOR 5
#define LIBMOSQUITTO_REVISION 2 #define LIBMOSQUITTO_REVISION 3
/* LIBMOSQUITTO_VERSION_NUMBER looks like 1002001 for e.g. version 1.2.1. */ /* LIBMOSQUITTO_VERSION_NUMBER looks like 1002001 for e.g. version 1.2.1. */
#define LIBMOSQUITTO_VERSION_NUMBER (LIBMOSQUITTO_MAJOR*1000000+LIBMOSQUITTO_MINOR*1000+LIBMOSQUITTO_REVISION) #define LIBMOSQUITTO_VERSION_NUMBER (LIBMOSQUITTO_MAJOR*1000000+LIBMOSQUITTO_MINOR*1000+LIBMOSQUITTO_REVISION)

2
lib/mosquitto_internal.h
Unescape Escape View File

@ -208,6 +208,8 @@ struct mosquitto {
#endif #endif
bool clean_session; bool clean_session;
#ifdef WITH_BROKER #ifdef WITH_BROKER
char *old_id; /* for when a duplicate client connects, but we still want to
know what the id was */
bool is_dropping; bool is_dropping;
bool is_bridge; bool is_bridge;
struct mosquitto__bridge *bridge; struct mosquitto__bridge *bridge;

24
man/mosquitto.conf.5.xml
Unescape Escape View File

@ -195,6 +195,17 @@
<para>Reloaded on reload signal.</para> <para>Reloaded on reload signal.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term><option>allow_zero_length_clientid</option> [ true | false ]</term>
<listitem>
<para>MQTT 3.1.1 allows clients to connect with a zero
length client id and have the broker generate a client
id for them. Use this option to allow/disallow this
behaviour. Defaults to true.</para>
<para>See also the <option>auto_id_prefix</option> option.</para>
<para>Reloaded on reload signal.</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term><option>auth_opt_*</option> <replaceable>value</replaceable></term> <term><option>auth_opt_*</option> <replaceable>value</replaceable></term>
<listitem> <listitem>
@ -244,6 +255,17 @@
<para>Not currently reloaded on reload signal.</para> <para>Not currently reloaded on reload signal.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term><option>auto_id_prefix</option> <replaceable>prefix</replaceable></term>
<listitem>
<para>If <option>allow_zero_length_clientid</option> is
<replaceable>true</replaceable>, this option allows you
to set a string that will be prefixed to the
automatically generated client ids to aid visibility in
logs. Defaults to no prefix.</para>
<para>Reloaded on reload signal.</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term><option>autosave_interval</option> <replaceable>seconds</replaceable></term> <term><option>autosave_interval</option> <replaceable>seconds</replaceable></term>
<listitem> <listitem>
@ -763,7 +785,7 @@
client connected to a listener with mount point client connected to a listener with mount point
<replaceable>example</replaceable> can only see <replaceable>example</replaceable> can only see
messages that are published in the topic hierarchy messages that are published in the topic hierarchy
<replaceable>example</replaceable> and above.</para> <replaceable>example</replaceable> and below.</para>
<para>Not reloaded on reload signal.</para> <para>Not reloaded on reload signal.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>

2
set-version.sh
Unescape Escape View File

@ -2,7 +2,7 @@
MAJOR=1 MAJOR=1
MINOR=5 MINOR=5
REVISION=2 REVISION=3
sed -i "s/^VERSION=.*/VERSION=${MAJOR}.${MINOR}.${REVISION}/" config.mk sed -i "s/^VERSION=.*/VERSION=${MAJOR}.${MINOR}.${REVISION}/" config.mk

9
snap/snapcraft.yaml
Unescape Escape View File

@ -1,5 +1,5 @@
name: mosquitto name: mosquitto
version: 1.5.2 version: 1.5.3-1
summary: Eclipse Mosquitto MQTT broker summary: Eclipse Mosquitto MQTT broker
description: This is a message broker that supports version 3.1 and 3.1.1 of the MQTT description: This is a message broker that supports version 3.1 and 3.1.1 of the MQTT
protocol. protocol.
@ -26,6 +26,9 @@ apps:
command: usr/bin/mosquitto_sub command: usr/bin/mosquitto_sub
plugs: [network] plugs: [network]
passwd:
command: usr/bin/mosquitto_passwd
parts: parts:
script: script:
@ -63,10 +66,14 @@ parts:
- usr/sbin/mosquitto - usr/sbin/mosquitto
- usr/bin/mosquitto_pub - usr/bin/mosquitto_pub
- usr/bin/mosquitto_sub - usr/bin/mosquitto_sub
- usr/bin/mosquitto_passwd
- usr/lib/libmosquitto.so* - usr/lib/libmosquitto.so*
- lib/*-linux-gnu/libcrypto.so* - lib/*-linux-gnu/libcrypto.so*
- lib/*-linux-gnu/libssl.so* - lib/*-linux-gnu/libssl.so*
- lib/*-linux-gnu/libuuid.so* - lib/*-linux-gnu/libuuid.so*
- usr/include/mosquitto.h
- usr/include/mosquitto_broker.h
- usr/include/mosquitto_plugin.h
lws: lws:
plugin: cmake plugin: cmake

6
src/bridge.c
Unescape Escape View File

@ -145,6 +145,9 @@ int bridge__connect_step1(struct mosquitto_db *db, struct mosquitto *context)
if(context->bridge->topics[i].direction == bd_out || context->bridge->topics[i].direction == bd_both){ if(context->bridge->topics[i].direction == bd_out || context->bridge->topics[i].direction == bd_both){
log__printf(NULL, MOSQ_LOG_DEBUG, "Bridge %s doing local SUBSCRIBE on topic %s", context->id, context->bridge->topics[i].local_topic); log__printf(NULL, MOSQ_LOG_DEBUG, "Bridge %s doing local SUBSCRIBE on topic %s", context->id, context->bridge->topics[i].local_topic);
if(sub__add(db, context, context->bridge->topics[i].local_topic, context->bridge->topics[i].qos, &db->subs)) return 1; if(sub__add(db, context, context->bridge->topics[i].local_topic, context->bridge->topics[i].qos, &db->subs)) return 1;
sub__retain_queue(db, context,
context->bridge->topics[i].local_topic,
context->bridge->topics[i].qos);
} }
} }
@ -308,6 +311,9 @@ int bridge__connect(struct mosquitto_db *db, struct mosquitto *context)
if(context->bridge->topics[i].direction == bd_out || context->bridge->topics[i].direction == bd_both){ if(context->bridge->topics[i].direction == bd_out || context->bridge->topics[i].direction == bd_both){
log__printf(NULL, MOSQ_LOG_DEBUG, "Bridge %s doing local SUBSCRIBE on topic %s", context->id, context->bridge->topics[i].local_topic); log__printf(NULL, MOSQ_LOG_DEBUG, "Bridge %s doing local SUBSCRIBE on topic %s", context->id, context->bridge->topics[i].local_topic);
if(sub__add(db, context, context->bridge->topics[i].local_topic, context->bridge->topics[i].qos, &db->subs)) return 1; if(sub__add(db, context, context->bridge->topics[i].local_topic, context->bridge->topics[i].qos, &db->subs)) return 1;
sub__retain_queue(db, context,
context->bridge->topics[i].local_topic,
context->bridge->topics[i].qos);
} }
} }

4
src/conf.c
Unescape Escape View File

@ -1208,8 +1208,8 @@ int config__read_file_core(struct mosquitto__config *config, bool reload, struct
snprintf(dirpath, MAX_PATH, "%s\\*.conf", token); snprintf(dirpath, MAX_PATH, "%s\\*.conf", token);
fh = FindFirstFile(dirpath, &find_data); fh = FindFirstFile(dirpath, &find_data);
if(fh == INVALID_HANDLE_VALUE){ if(fh == INVALID_HANDLE_VALUE){
log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to open include_dir '%s'.", token); /* No files found */
return 1; continue;
} }
do{ do{

4
src/context.c
Unescape Escape View File

@ -161,6 +161,10 @@ void context__cleanup(struct mosquitto_db *db, struct mosquitto *context, bool d
mosquitto__free(context->id); mosquitto__free(context->id);
context->id = NULL; context->id = NULL;
} }
if(context->old_id){
mosquitto__free(context->old_id);
context->old_id = NULL;
}
packet__cleanup(&(context->in_packet)); packet__cleanup(&(context->in_packet));
if(context->current_out_packet){ if(context->current_out_packet){
packet__cleanup(context->current_out_packet); packet__cleanup(context->current_out_packet);

5
src/loop.c
Unescape Escape View File

@ -638,12 +638,17 @@ void do_disconnect(struct mosquitto_db *db, struct mosquitto *context)
context->sock = INVALID_SOCKET; context->sock = INVALID_SOCKET;
context->pollfd_index = -1; context->pollfd_index = -1;
} }
HASH_DELETE(hh_id, db->contexts_by_id, context);
context->old_id = context->id;
context->id = NULL;
}else }else
#endif #endif
{ {
if(db->config->connection_messages == true){ if(db->config->connection_messages == true){
if(context->id){ if(context->id){
id = context->id; id = context->id;
}else if(context->old_id){
id = context->old_id;
}else{ }else{
id = "<unknown>"; id = "<unknown>";
} }

67
src/subs.c
Unescape Escape View File

@ -459,7 +459,15 @@ int sub__add(struct mosquitto_db *db, struct mosquitto *context, const char *sub
if(sub__topic_tokenise(sub, &tokens)) return 1; if(sub__topic_tokenise(sub, &tokens)) return 1;
HASH_FIND(hh, *root, UHPA_ACCESS_TOPIC(tokens), tokens->topic_len, subhier); HASH_FIND(hh, *root, UHPA_ACCESS_TOPIC(tokens), tokens->topic_len, subhier);
assert(subhier); if(!subhier){
subhier = sub__add_hier_entry(NULL, root, UHPA_ACCESS_TOPIC(tokens), tokens->topic_len);
if(!subhier){
sub__topic_tokens_free(tokens);
log__printf(NULL, MOSQ_LOG_ERR, "Error: Out of memory.");
return MOSQ_ERR_NOMEM;
}
}
rc = sub__add_recurse(db, context, qos, subhier, tokens); rc = sub__add_recurse(db, context, qos, subhier, tokens);
sub__topic_tokens_free(tokens); sub__topic_tokens_free(tokens);
@ -481,8 +489,9 @@ int sub__remove(struct mosquitto_db *db, struct mosquitto *context, const char *
if(sub__topic_tokenise(sub, &tokens)) return 1; if(sub__topic_tokenise(sub, &tokens)) return 1;
HASH_FIND(hh, root, UHPA_ACCESS_TOPIC(tokens), tokens->topic_len, subhier); HASH_FIND(hh, root, UHPA_ACCESS_TOPIC(tokens), tokens->topic_len, subhier);
assert(subhier); if(subhier){
rc = sub__remove_recurse(db, context, subhier, tokens); rc = sub__remove_recurse(db, context, subhier, tokens);
}
sub__topic_tokens_free(tokens); sub__topic_tokens_free(tokens);
@ -507,14 +516,15 @@ int sub__messages_queue(struct mosquitto_db *db, const char *source_id, const ch
(*stored)->ref_count++; (*stored)->ref_count++;
HASH_FIND(hh, db->subs, UHPA_ACCESS_TOPIC(tokens), tokens->topic_len, subhier); HASH_FIND(hh, db->subs, UHPA_ACCESS_TOPIC(tokens), tokens->topic_len, subhier);
assert(subhier); if(subhier){
if(retain){ if(retain){
/* We have a message that needs to be retained, so ensure that the subscription /* We have a message that needs to be retained, so ensure that the subscription
* tree for its topic exists. * tree for its topic exists.
*/ */
sub__add_recurse(db, NULL, 0, subhier, tokens); sub__add_recurse(db, NULL, 0, subhier, tokens);
}
sub__search(db, subhier, tokens, source_id, topic, qos, retain, *stored, true);
} }
sub__search(db, subhier, tokens, source_id, topic, qos, retain, *stored, true);
sub__topic_tokens_free(tokens); sub__topic_tokens_free(tokens);
/* Remove our reference and free if needed. */ /* Remove our reference and free if needed. */
@ -611,23 +621,25 @@ void sub__tree_print(struct mosquitto__subhier *root, int level)
struct mosquitto__subleaf *leaf; struct mosquitto__subleaf *leaf;
HASH_ITER(hh, root, branch, branch_tmp){ HASH_ITER(hh, root, branch, branch_tmp){
for(i=0; i<(level+2)*2; i++){ if(level > -1){
printf(" "); for(i=0; i<(level+2)*2; i++){
} printf(" ");
printf("%s", UHPA_ACCESS_TOPIC(branch));
leaf = branch->subs;
while(leaf){
if(leaf->context){
printf(" (%s, %d)", leaf->context->id, leaf->qos);
}else{
printf(" (%s, %d)", "", leaf->qos);
} }
leaf = leaf->next; printf("%s", UHPA_ACCESS_TOPIC(branch));
} leaf = branch->subs;
if(branch->retained){ while(leaf){
printf(" (r)"); if(leaf->context){
printf(" (%s, %d)", leaf->context->id, leaf->qos);
}else{
printf(" (%s, %d)", "", leaf->qos);
}
leaf = leaf->next;
}
if(branch->retained){
printf(" (r)");
}
printf("\n");
} }
printf("\n");
sub__tree_print(branch->children, level+1); sub__tree_print(branch->children, level+1);
} }
@ -715,9 +727,10 @@ int sub__retain_queue(struct mosquitto_db *db, struct mosquitto *context, const
if(sub__topic_tokenise(sub, &tokens)) return 1; if(sub__topic_tokenise(sub, &tokens)) return 1;
HASH_FIND(hh, db->subs, UHPA_ACCESS_TOPIC(tokens), tokens->topic_len, subhier); HASH_FIND(hh, db->subs, UHPA_ACCESS_TOPIC(tokens), tokens->topic_len, subhier);
assert(subhier);
retain__search(db, subhier, tokens, context, sub, sub_qos, 0); if(subhier){
retain__search(db, subhier, tokens, context, sub, sub_qos, 0);
}
while(tokens){ while(tokens){
tail = tokens->next; tail = tokens->next;
UHPA_FREE_TOPIC(tokens); UHPA_FREE_TOPIC(tokens);

40
test/broker/03-publish-dollar.py
Unescape Escape View File

@ -0,0 +1,40 @@
#!/usr/bin/env python
# Test whether a PUBLISH to a topic starting with $ succeeds
import inspect, os, sys
# From http://stackoverflow.com/questions/279237/python-import-a-module-from-a-folder
cmd_subfolder = os.path.realpath(os.path.abspath(os.path.join(os.path.split(inspect.getfile( inspect.currentframe() ))[0],"..")))
if cmd_subfolder not in sys.path:
sys.path.insert(0, cmd_subfolder)
import mosq_test
rc = 1
mid = 19
keepalive = 60
connect_packet = mosq_test.gen_connect("pub-dollar-test", keepalive=keepalive)
connack_packet = mosq_test.gen_connack(rc=0)
publish_packet = mosq_test.gen_publish("$test/test", qos=1, mid=mid, payload="message")
puback_packet = mosq_test.gen_puback(mid)
port = mosq_test.get_port()
broker = mosq_test.start_broker(filename=os.path.basename(__file__), port=port)
try:
sock = mosq_test.do_client_connect(connect_packet, connack_packet, port=port)
mosq_test.do_send_receive(sock, publish_packet, puback_packet, "puback")
rc = 0
sock.close()
finally:
broker.terminate()
broker.wait()
(stdo, stde) = broker.communicate()
if rc:
print(stde)
exit(rc)

1
test/broker/Makefile
Unescape Escape View File

@ -62,6 +62,7 @@ endif
./03-pattern-matching.py ./03-pattern-matching.py
#./03-publish-qos1-queued-bytes.py #./03-publish-qos1-queued-bytes.py
./03-publish-invalid-utf8.py ./03-publish-invalid-utf8.py
./03-publish-dollar.py
04 : 04 :
./04-retain-qos0.py ./04-retain-qos0.py

1
test/broker/ptest.py
Unescape Escape View File

@ -44,6 +44,7 @@ tests = [
(1, './03-pattern-matching.py'), (1, './03-pattern-matching.py'),
#(1, './03-publish-qos1-queued-bytes.py'), #(1, './03-publish-qos1-queued-bytes.py'),
(1, './03-publish-invalid-utf8.py'), (1, './03-publish-invalid-utf8.py'),
(1, './03-publish-dollar.py'),
(1, './04-retain-qos0.py'), (1, './04-retain-qos0.py'),
(1, './04-retain-qos0-fresh.py'), (1, './04-retain-qos0-fresh.py'),

10
www/pages/download.md
Unescape Escape View File

@ -11,8 +11,8 @@
# Source # Source
* [mosquitto-1.5.2.tar.gz](http://mosquitto.org/files/source/mosquitto-1.5.2.tar.gz) (319kB) ([GPG signature](http://mosquitto.org/files/source/mosquitto-1.5.1.tar.gz.asc)) * [mosquitto-1.5.3.tar.gz](http://mosquitto.org/files/source/mosquitto-1.5.3.tar.gz) (319kB) ([GPG signature](http://mosquitto.org/files/source/mosquitto-1.5.3.tar.gz.asc))
* [mosquitto-1.5.2.tar.gz](http://www.eclipse.org/downloads/download.php?file=/mosquitto/source/mosquitto-1.5.2.tar.gz) (via Eclipse) * [mosquitto-1.5.3.tar.gz](http://www.eclipse.org/downloads/download.php?file=/mosquitto/source/mosquitto-1.5.3.tar.gz) (via Eclipse)
* [Git source code repository](https://github.com/eclipse/mosquitto) (github.com) * [Git source code repository](https://github.com/eclipse/mosquitto) (github.com)
Older downloads are available at [http://mosquitto.org/files/](../files/) Older downloads are available at [http://mosquitto.org/files/](../files/)
@ -25,10 +25,8 @@ distributions.
## Windows ## Windows
* [mosquitto-1.5.2-install-windows-x64.exe](http://www.eclipse.org/downloads/download.php?file=/mosquitto/binary/win64/mosquitto-1.5.2-install-windows-x64.exe) (~360 kB) (64-bit build, Windows Vista and up, built with Visual Studio Community 2017) * [mosquitto-1.5.3-install-windows-x64.exe](http://www.eclipse.org/downloads/download.php?file=/mosquitto/binary/win64/mosquitto-1.5.3-install-windows-x64.exe) (~360 kB) (64-bit build, Windows Vista and up, built with Visual Studio Community 2017)
* [mosquitto-1.5.2-install-windows-x32.exe](http://www.eclipse.org/downloads/download.php?file=/mosquitto/binary/win32/mosquitto-1.5.2-install-windows-x86.exe) (~360 kB) (32-bit build, Windows Vista and up, built with Visual Studio Community 2017) * [mosquitto-1.5.3-install-windows-x32.exe](http://www.eclipse.org/downloads/download.php?file=/mosquitto/binary/win32/mosquitto-1.5.3-install-windows-x86.exe) (~360 kB) (32-bit build, Windows Vista and up, built with Visual Studio Community 2017)
You will also need to install Win64 OpenSSL v1.1.0 Light or Win32OpenSSL v1.1.0 Light from [slproweb.com](http://slproweb.com/products/Win32OpenSSL.html)
See also readme-windows.txt after installing. See also readme-windows.txt after installing.

26
www/pages/security.md
Unescape Escape View File

@ -19,6 +19,15 @@ follow the steps on [Eclipse Security] page to report it.
Listed with most recent first. Further information on security related issues Listed with most recent first. Further information on security related issues
can be found in the [security category]. can be found in the [security category].
* September 2018: [CVE-2018-12543] affecting versions **1.5** to **1.5.2**
inclusive, fixed in **1.5.3**.
* April 2018: [CVE-2017-7655] affecting versions **1.0** to **1.4.15**
inclusive, fixed in **1.5**.
* April 2018: [CVE-2017-7654] affecting versions **1.0** to **1.4.15**
inclusive, fixed in **1.5**.
[security-advisory-cve-2017-7653-cve-2017-7654].
* April 2018: [CVE-2017-7653] affecting versions **1.0** to **1.4.15**
inclusive, fixed in **1.5**.
* February 2018: [CVE-2017-7651] affecting versions **0.15** to **1.4.14** * February 2018: [CVE-2017-7651] affecting versions **0.15** to **1.4.14**
inclusive, fixed in **1.4.15**. More details at inclusive, fixed in **1.4.15**. More details at
[security-advisory-cve-2017-7651-cve-2017-7652]. [security-advisory-cve-2017-7651-cve-2017-7652].
@ -33,12 +42,19 @@ can be found in the [security category].
[security-advisory-cve-2017-7650]. [security-advisory-cve-2017-7650].
[security-advisory-cve-2018-12543]: /2018/09/security-advisory-cve-2018-12543/
[security-advisory-cve-2017-7651-cve-2017-7652]: /2018/02/security-advisory-cve-2017-7651-cve-2017-7652/ [security-advisory-cve-2017-7651-cve-2017-7652]: /2018/02/security-advisory-cve-2017-7651-cve-2017-7652/
[CVE-2017-7651]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7651
[CVE-2017-7652]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7652
[Eclipse Security]: https://www.eclipse.org/security/
[CVE-2017-7650]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7650
[security-advisory-cve-2017-7650]: /2017/05/security-advisory-cve-2017-7650/ [security-advisory-cve-2017-7650]: /2017/05/security-advisory-cve-2017-7650/
[CVE-2017-9868]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9868
[security-advisory-cve-2017-9868]: /2017/06/security-advisory-cve-2017-9868/ [security-advisory-cve-2017-9868]: /2017/06/security-advisory-cve-2017-9868/
[Eclipse Security]: https://www.eclipse.org/security/
[security category]: /blog/categories/security/ [security category]: /blog/categories/security/
[CVE-2018-12543]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12543
[CVE-2017-9868]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9868
[CVE-2017-7655]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7652
[CVE-2017-7654]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7652
[CVE-2017-7653]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7652
[CVE-2017-7652]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7652
[CVE-2017-7651]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7651
[CVE-2017-7650]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7650

26
www/posts/2018/08/updated-debian-repository-backend.md
Unescape Escape View File

@ -0,0 +1,26 @@
<!--
.. title: Updated Debian Repository Backend
.. slug: updated-debian-repository-backend
.. date: 2018-08-08 23:00:43 UTC+01:00
.. tags: Packaging
.. category:
.. link:
.. description:
.. type: text
-->
The backend software for administering the Debian repository at
https://repo.mosquitto.org/ has been migrated from `reprepro` to `aptly`. This
has the benefit of allowing multiple versions of a package to remain in the
repository.
For mosquitto, this now means that old versions of the Debian packages will
remain available even after newer versions are published, and so you can depend
on a particular version. The recommendation is always to use the latest version
of course.
This change should be transparent to all current users, but there is the
possibility that something is different between the two repository tools. If
you do find a problem, please let us know.
The repository now has builds for versions 1.4.15 and 1.5.

87
www/posts/2018/08/version-151-released.md
Unescape Escape View File

@ -0,0 +1,87 @@
<!--
.. title: Version 1.5.1 released
.. slug: version-151-released
.. date: 2018-08-16 17:01:08 UTC+01:00
.. tags: Releases
.. category:
.. link:
.. description:
.. type: text
-->
This is a bugfix release.
# Packaging changes
* The snap package now has support for websockets included.
* The Windows packages have changed.
- Support for Windows XP was dropped in Mosquitto 1.5, so the need for the
Cygwin build has gone, and this has been dropped.
- There are now 64-bit and 32-bit native packages.
- Websockets support is included.
- Threading support is not included in libmosquitto to simplify installation,
alternative solutions are being looked into for the future.
- The only external dependency is now OpenSSL.
# Version 1.5.1 changes
## Broker
- Fix plugin cleanup function not being called on exit of the broker. Closes
[#900].
- Print more OpenSSL errors when loading certificates/keys fail.
- Use `AF_UNSPEC` etc. instead of `PF_UNSPEC` to comply with POSIX. Closes
[#863].
- Remove use of `AI_ADDRCONFIG`, which means the broker can be used on systems
where only the loopback interface is defined. Closes [#869], Closes [#901].
- Fix IPv6 addresses not being able to be used as bridge addresses.
Closes [#886].
- All clients now time out if they exceed their keepalive\*1.5, rather than
just reach it. This was inconsistent in two places.
- Fix segfault on startup if bridge CA certificates could not be read.
Closes [#851].
- Fix problem opening listeners on Pi caused by unsigned char being default.
Found via [#849].
- ACL patterns that do not contain either `%c` or `%u` now produce a warning in
the log. Closes [#209].
- Fix bridge publishing failing when `per_listener_settings` was true. Closes
[#860].
- Fix `use_identity_as_username true` not working. Closes [#833].
- Fix UNSUBACK messages not being logged. Closes [#903].
- Fix possible endian issue when reading the `memory_limit` option.
- Fix building for libwebsockets < 1.6.
- Fix accessor functions for username and client id when used in plugin auth
check.
## Library
- Fix some places where return codes were incorrect, including to the
`on_disconnect()` callback. This has resulted in two new error codes,
`MOSQ_ERR_KEEPALIVE` and `MOSQ_ERR_LOOKUP`.
- Fix connection problems when `mosquitto_loop_start()` was called before
`mosquitto_connect_async()`. Closes [#848].
## Clients
- When compiled using `WITH_TLS=no`, the default port was incorrectly being set
to -1. This has been fixed.
- Fix compiling on Mac OS X <10.12. Closes `#813` and `#240`.
## Build
- Fixes for building on NetBSD. Closes `#258`.
- Fixes for building on FreeBSD.
- Add support for compiling with static libwebsockets library.
[#209]: https://github.com/eclipse/mosquitto/issues/209
[#240]: https://github.com/eclipse/mosquitto/issues/240
[#258]: https://github.com/eclipse/mosquitto/issues/258
[#813]: https://github.com/eclipse/mosquitto/issues/813
[#833]: https://github.com/eclipse/mosquitto/issues/833
[#848]: https://github.com/eclipse/mosquitto/issues/848
[#849]: https://github.com/eclipse/mosquitto/issues/849
[#851]: https://github.com/eclipse/mosquitto/issues/851
[#860]: https://github.com/eclipse/mosquitto/issues/860
[#863]: https://github.com/eclipse/mosquitto/issues/863
[#869]: https://github.com/eclipse/mosquitto/issues/869
[#886]: https://github.com/eclipse/mosquitto/issues/886
[#900]: https://github.com/eclipse/mosquitto/issues/900
[#901]: https://github.com/eclipse/mosquitto/issues/901
[#903]: https://github.com/eclipse/mosquitto/issues/903

59
www/posts/2018/09/security-advisory-cve-2018-12543.md
Unescape Escape View File

@ -0,0 +1,59 @@
<!--
.. title: Security advisory: CVE-2018-12543
.. slug: security-advisory-cve-2018-12543
.. date: 2018-09-27 10:36:19 UTC+01:00
.. tags: Security,Releases
.. category:
.. link:
.. description:
.. type: text
-->
Mosquitto 1.5.3 has been released to address a security vulnerability. It also
includes other bug fixes.
# CVE-2018-12543
A vulnerability exists in Mosquitto versions 1.5 to 1.5.2 inclusive, known as
[CVE-2018-12543].
If a message received by the broker has a topic that begins with `$`, but that
does not begin `$SYS`, an assert is triggered that should otherwise not be
accessible, causing Mosquitto to exit.
The issue is fixed in Mosquitto 1.5.3. Patches for older versions are
available at <https://mosquitto.org/files/cve/2018-12543>
The fix addresses the problem by reverting a commit that intended to remove
some unused checks, but also stopped part of the topic hierarchy being created.
# Version 1.5.3 Changes
The complete list of fixes addressed in version 1.5.3 is:
## Security
* Fix [CVE-2018-12543]. If a message is sent to Mosquitto with a topic that
begins with `$`, but is not `$SYS`, then an assert that should be unreachable
is triggered and Mosquitto will exit.
## Broker
* Elevate log level to warning for situation when socket limit is hit.
* Remove requirement to use `user root` in snap package config files.
* Fix retained messages not sent by bridges on outgoing topics at the first
connection. Closes [#701].
* Documentation fixes. Closes [#520], [#600].
* Fix duplicate clients being added to by_id hash before the old client was
removed. Closes [#645].
* Fix Windows version not starting if `include_dir` did not contain any files.
Closes [#566].
## Build
* Various fixes to ease building.
[CVE-2018-12543]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12543
[#520]: https://github.com/eclipse/mosquitto/issues/520
[#566]: https://github.com/eclipse/mosquitto/issues/566
[#600]: https://github.com/eclipse/mosquitto/issues/600
[#645]: https://github.com/eclipse/mosquitto/issues/645
[#701]: https://github.com/eclipse/mosquitto/issues/701

40
www/posts/2018/09/version-152-released.md
Unescape Escape View File

@ -0,0 +1,40 @@
<!--
.. title: Version 1.5.2 released
.. slug: version-152-released
.. date: 2018-09-19 18:18:36 UTC+01:00
.. tags: Releases
.. category:
.. link:
.. description:
.. type: text
-->
This is a bugfix release.
# Version 1.5.2 changes
## Broker
- Fix build when using `WITH_ADNS=yes`.
- Fix incorrect call to setsockopt() for `TCP_NODELAY`. Closes [#941].
- Fix excessive CPU usage when the number of sockets exceeds the system limit.
Closes [#948].
- Fix for bridge connections when using `WITH_ADNS=yes`.
- Fix `round_robin false` behaviour. Closes [#481].
- Fix segfault on HUP when bridges and security options are configured.
Closes [#965].
## Library
- Fix situation where username and password is used with SOCKS5 proxy. Closes
[#927].
- Fix SOCKS5 behaviour when passing IP addresses. Closes [#927].
## Build
- Make it easier to build without bundled uthash.h using `WITH_BUNDLED_DEPS=no`.
- Fix build with OPENSSL_NO_ENGINE. Closes [#932].
[#481]: https://github.com/eclipse/mosquitto/issues/481
[#927]: https://github.com/eclipse/mosquitto/issues/927
[#932]: https://github.com/eclipse/mosquitto/issues/932
[#941]: https://github.com/eclipse/mosquitto/issues/941
[#948]: https://github.com/eclipse/mosquitto/issues/948
[#965]: https://github.com/eclipse/mosquitto/issues/965
Write Preview
Loading…
Cancel
Save