dynsec: Ignore empty passwords on setClientPassword/modifyClient.

plugins/dynamic-security/clients.c

@@ -619,6 +619,10 @@ int dynsec_clients__process_set_password(cJSON *j_responses, struct mosquitto *c
 		dynsec__command_reply(j_responses, context, "setClientPassword", "Invalid/missing password", correlation_data);
 		return MOSQ_ERR_INVAL;
 	}
+	if(strlen(password) == 0){
+		dynsec__command_reply(j_responses, context, "setClientPassword", "Empty password is not allowed", correlation_data);
+		return MOSQ_ERR_INVAL;
+	}
 
 	client = dynsec_clients__find(username);
 	if(client == NULL){
@@ -696,6 +700,8 @@ int dynsec_clients__process_modify(cJSON *j_responses, struct mosquitto *context
 	}
 
 	if(json_get_string(command, "password", &password, false) == MOSQ_ERR_SUCCESS){
+		if(strlen(password) > 0){
+			/* If password == "", we just ignore it */
 			rc = client__set_password(client, password);
 			if(rc != MOSQ_ERR_SUCCESS){
 				dynsec__command_reply(j_responses, context, "modifyClient", "Internal error", correlation_data);
@@ -703,6 +709,7 @@ int dynsec_clients__process_modify(cJSON *j_responses, struct mosquitto *context
 				return MOSQ_ERR_NOMEM;
 			}
 		}
+	}
 
 	if(json_get_string(command, "textname", &text_name, false) == MOSQ_ERR_SUCCESS){
 		str = mosquitto_strdup(text_name);