From 443275a2d00e0b10992fd15fbfb777148685e829 Mon Sep 17 00:00:00 2001 From: "Roger A. Light" Date: Tue, 27 Oct 2020 13:52:54 +0000 Subject: [PATCH] Fix more "incorrect" disconnect messages. --- src/handle_auth.c | 2 +- src/handle_connack.c | 18 ++++++++--------- src/net.c | 34 +++++++++++++++---------------- src/plugin.c | 4 ++-- src/retain.c | 2 +- src/security.c | 46 +++++++++++++++++++++--------------------- src/security_default.c | 14 ++++++------- 7 files changed, 60 insertions(+), 60 deletions(-) diff --git a/src/handle_auth.c b/src/handle_auth.c index b528e9bb..83508381 100644 --- a/src/handle_auth.c +++ b/src/handle_auth.c @@ -47,7 +47,7 @@ int handle__auth(struct mosquitto_db *db, struct mosquitto *context) } if(context->in_packet.remaining_length > 0){ - if(packet__read_byte(&context->in_packet, &reason_code)) return 1; + if(packet__read_byte(&context->in_packet, &reason_code)) return MOSQ_ERR_MALFORMED_PACKET; if(reason_code != MQTT_RC_CONTINUE_AUTHENTICATION && reason_code != MQTT_RC_REAUTHENTICATE){ diff --git a/src/handle_connack.c b/src/handle_connack.c index c4701e18..10cbe511 100644 --- a/src/handle_connack.c +++ b/src/handle_connack.c @@ -39,8 +39,8 @@ int handle__connack(struct mosquitto_db *db, struct mosquitto *context) return MOSQ_ERR_INVAL; } log__printf(NULL, MOSQ_LOG_DEBUG, "Received CONNACK on connection %s.", context->id); - if(packet__read_byte(&context->in_packet, &connect_acknowledge)) return 1; - if(packet__read_byte(&context->in_packet, &reason_code)) return 1; + if(packet__read_byte(&context->in_packet, &connect_acknowledge)) return MOSQ_ERR_MALFORMED_PACKET; + if(packet__read_byte(&context->in_packet, &reason_code)) return MOSQ_ERR_MALFORMED_PACKET; if(context->protocol == mosq_p_mqtt5){ if(context->in_packet.remaining_length == 2 && reason_code == CONNACK_REFUSED_PROTOCOL_VERSION){ @@ -111,25 +111,25 @@ int handle__connack(struct mosquitto_db *db, struct mosquitto *context) context->bridge->try_private_accepted = false; } log__printf(NULL, MOSQ_LOG_ERR, "Connection Refused: unacceptable protocol version"); - return 1; + return MOSQ_ERR_CONN_LOST; case CONNACK_REFUSED_IDENTIFIER_REJECTED: log__printf(NULL, MOSQ_LOG_ERR, "Connection Refused: identifier rejected"); - return 1; + return MOSQ_ERR_CONN_LOST; case CONNACK_REFUSED_SERVER_UNAVAILABLE: log__printf(NULL, MOSQ_LOG_ERR, "Connection Refused: broker unavailable"); - return 1; + return MOSQ_ERR_CONN_LOST; case CONNACK_REFUSED_BAD_USERNAME_PASSWORD: log__printf(NULL, MOSQ_LOG_ERR, "Connection Refused: broker unavailable"); - return 1; + return MOSQ_ERR_CONN_LOST; case CONNACK_REFUSED_NOT_AUTHORIZED: log__printf(NULL, MOSQ_LOG_ERR, "Connection Refused: not authorised"); - return 1; + return MOSQ_ERR_CONN_LOST; default: log__printf(NULL, MOSQ_LOG_ERR, "Connection Refused: unknown reason"); - return 1; + return MOSQ_ERR_CONN_LOST; } } } - return 1; + return MOSQ_ERR_CONN_LOST; } diff --git a/src/net.c b/src/net.c index ee07fa59..8be674ce 100644 --- a/src/net.c +++ b/src/net.c @@ -335,7 +335,7 @@ int net__tls_server_ctx(struct mosquitto__listener *listener) if(!listener->ssl_ctx){ log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to create TLS context."); - return 1; + return MOSQ_ERR_TLS; } if(listener->tls_version == NULL){ @@ -355,7 +355,7 @@ int net__tls_server_ctx(struct mosquitto__listener *listener) #endif }else{ log__printf(NULL, MOSQ_LOG_ERR, "Error: Unsupported tls_version \"%s\".", listener->tls_version); - return 1; + return MOSQ_ERR_TLS; } #ifdef SSL_OP_NO_COMPRESSION @@ -389,20 +389,20 @@ int net__tls_server_ctx(struct mosquitto__listener *listener) rc = SSL_CTX_set_cipher_list(listener->ssl_ctx, listener->ciphers); if(rc == 0){ log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to set TLS ciphers. Check cipher list \"%s\".", listener->ciphers); - return 1; + return MOSQ_ERR_TLS; } }else{ rc = SSL_CTX_set_cipher_list(listener->ssl_ctx, "DEFAULT:!aNULL:!eNULL:!LOW:!EXPORT:!SSLv2:@STRENGTH"); if(rc == 0){ log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to set TLS ciphers. Check cipher list \"%s\".", listener->ciphers); - return 1; + return MOSQ_ERR_TLS; } } if(listener->dhparamfile){ dhparamfile = fopen(listener->dhparamfile, "r"); if(!dhparamfile){ log__printf(NULL, MOSQ_LOG_ERR, "Error loading dhparamfile \"%s\".", listener->dhparamfile); - return 1; + return MOSQ_ERR_TLS; } dhparam = PEM_read_DHparams(dhparamfile, NULL, NULL, NULL); fclose(dhparamfile); @@ -410,7 +410,7 @@ int net__tls_server_ctx(struct mosquitto__listener *listener) if(dhparam == NULL || SSL_CTX_set_tmp_dh(listener->ssl_ctx, dhparam) != 1){ log__printf(NULL, MOSQ_LOG_ERR, "Error loading dhparamfile \"%s\".", listener->dhparamfile); net__print_ssl_error(NULL); - return 1; + return MOSQ_ERR_TLS; } } return MOSQ_ERR_SUCCESS; @@ -429,7 +429,7 @@ int net__load_crl_file(struct mosquitto__listener *listener) if(!store){ log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to obtain TLS store."); net__print_error(MOSQ_LOG_ERR, "Error: %s"); - return 1; + return MOSQ_ERR_TLS; } lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()); rc = X509_load_crl_file(lookup, listener->crlfile, X509_FILETYPE_PEM); @@ -437,7 +437,7 @@ int net__load_crl_file(struct mosquitto__listener *listener) log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to load certificate revocation file \"%s\". Check crlfile.", listener->crlfile); net__print_error(MOSQ_LOG_ERR, "Error: %s"); net__print_ssl_error(NULL); - return 1; + return MOSQ_ERR_TLS; } X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK); #endif @@ -494,13 +494,13 @@ int net__tls_load_verify(struct mosquitto__listener *listener) if(!engine){ log__printf(NULL, MOSQ_LOG_ERR, "Error loading %s engine\n", listener->tls_engine); net__print_ssl_error(NULL); - return 1; + return MOSQ_ERR_TLS; } if(!ENGINE_init(engine)){ log__printf(NULL, MOSQ_LOG_ERR, "Failed engine initialisation\n"); net__print_ssl_error(NULL); ENGINE_free(engine); - return 1; + return MOSQ_ERR_TLS; } ENGINE_set_default(engine, ENGINE_METHOD_ALL); ENGINE_free(engine); /* release the structural reference from ENGINE_by_id() */ @@ -519,7 +519,7 @@ int net__tls_load_verify(struct mosquitto__listener *listener) #if !defined(OPENSSL_NO_ENGINE) ENGINE_FINISH(engine); #endif - return 1; + return MOSQ_ERR_TLS; } if(listener->tls_engine && listener->tls_keyform == mosq_k_engine){ #if !defined(OPENSSL_NO_ENGINE) @@ -529,13 +529,13 @@ int net__tls_load_verify(struct mosquitto__listener *listener) log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to set engine secret mode sha"); net__print_ssl_error(NULL); ENGINE_FINISH(engine); - return 1; + return MOSQ_ERR_TLS; } if(!ENGINE_ctrl_cmd(engine, ENGINE_PIN, 0, listener->tls_engine_kpass_sha1, NULL, 0)){ log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to set engine pin"); net__print_ssl_error(NULL); ENGINE_FINISH(engine); - return 1; + return MOSQ_ERR_TLS; } ui_method = NULL; } @@ -544,13 +544,13 @@ int net__tls_load_verify(struct mosquitto__listener *listener) log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to load engine private key file \"%s\".", listener->keyfile); net__print_ssl_error(NULL); ENGINE_FINISH(engine); - return 1; + return MOSQ_ERR_TLS; } if(SSL_CTX_use_PrivateKey(listener->ssl_ctx, pkey) <= 0){ log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to use engine private key file \"%s\".", listener->keyfile); net__print_ssl_error(NULL); ENGINE_FINISH(engine); - return 1; + return MOSQ_ERR_TLS; } #endif }else{ @@ -561,7 +561,7 @@ int net__tls_load_verify(struct mosquitto__listener *listener) #if !defined(OPENSSL_NO_ENGINE) ENGINE_FINISH(engine); #endif - return 1; + return MOSQ_ERR_TLS; } } rc = SSL_CTX_check_private_key(listener->ssl_ctx); @@ -571,7 +571,7 @@ int net__tls_load_verify(struct mosquitto__listener *listener) #if !defined(OPENSSL_NO_ENGINE) ENGINE_FINISH(engine); #endif - return 1; + return MOSQ_ERR_TLS; } /* Load CRLs if they exist. */ if(listener->crlfile){ diff --git a/src/plugin.c b/src/plugin.c index c2045ef4..4ab346a7 100644 --- a/src/plugin.c +++ b/src/plugin.c @@ -65,14 +65,14 @@ int plugin__load_v5(struct mosquitto__listener *listener, struct mosquitto__auth "Error: Unable to load plugin function mosquitto_plugin_init()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->plugin_cleanup_v5 = (FUNC_plugin_cleanup_v5)LIB_SYM(lib, "mosquitto_plugin_cleanup"))){ log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to load plugin function mosquitto_plugin_cleanup()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } pid = mosquitto__calloc(1, sizeof(mosquitto_plugin_id_t)); diff --git a/src/retain.c b/src/retain.c index 9af8f010..bbe4460c 100644 --- a/src/retain.c +++ b/src/retain.c @@ -81,7 +81,7 @@ int retain__store(struct mosquitto_db *db, const char *topic, struct mosquitto_m assert(split_topics); HASH_FIND(hh, db->retains, split_topics[0], strlen(split_topics[0]), retainhier); - if(retainhier == NULL) return 1; + if(retainhier == NULL) return MOSQ_ERR_NOT_FOUND; for(i=0; split_topics[i] != NULL; i++){ slen = strlen(split_topics[i]); diff --git a/src/security.c b/src/security.c index d39353ad..ea70cfc2 100644 --- a/src/security.c +++ b/src/security.c @@ -54,14 +54,14 @@ int security__load_v2(struct mosquitto__auth_plugin *plugin, struct mosquitto_au "Error: Unable to load auth plugin function mosquitto_auth_plugin_init()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->plugin_cleanup_v2 = (FUNC_auth_plugin_cleanup_v2)LIB_SYM(lib, "mosquitto_auth_plugin_cleanup"))){ log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to load auth plugin function mosquitto_auth_plugin_cleanup()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->security_init_v2 = (FUNC_auth_plugin_security_init_v2)LIB_SYM(lib, "mosquitto_auth_security_init"))){ @@ -69,7 +69,7 @@ int security__load_v2(struct mosquitto__auth_plugin *plugin, struct mosquitto_au "Error: Unable to load auth plugin function mosquitto_auth_security_init()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->security_cleanup_v2 = (FUNC_auth_plugin_security_cleanup_v2)LIB_SYM(lib, "mosquitto_auth_security_cleanup"))){ @@ -77,7 +77,7 @@ int security__load_v2(struct mosquitto__auth_plugin *plugin, struct mosquitto_au "Error: Unable to load auth plugin function mosquitto_auth_security_cleanup()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->acl_check_v2 = (FUNC_auth_plugin_acl_check_v2)LIB_SYM(lib, "mosquitto_auth_acl_check"))){ @@ -85,7 +85,7 @@ int security__load_v2(struct mosquitto__auth_plugin *plugin, struct mosquitto_au "Error: Unable to load auth plugin function mosquitto_auth_acl_check()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->unpwd_check_v2 = (FUNC_auth_plugin_unpwd_check_v2)LIB_SYM(lib, "mosquitto_auth_unpwd_check"))){ @@ -93,7 +93,7 @@ int security__load_v2(struct mosquitto__auth_plugin *plugin, struct mosquitto_au "Error: Unable to load auth plugin function mosquitto_auth_unpwd_check()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->psk_key_get_v2 = (FUNC_auth_plugin_psk_key_get_v2)LIB_SYM(lib, "mosquitto_auth_psk_key_get"))){ @@ -101,7 +101,7 @@ int security__load_v2(struct mosquitto__auth_plugin *plugin, struct mosquitto_au "Error: Unable to load auth plugin function mosquitto_auth_psk_key_get()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } plugin->lib = lib; @@ -128,14 +128,14 @@ int security__load_v3(struct mosquitto__auth_plugin *plugin, struct mosquitto_op "Error: Unable to load auth plugin function mosquitto_auth_plugin_init()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->plugin_cleanup_v3 = (FUNC_auth_plugin_cleanup_v3)LIB_SYM(lib, "mosquitto_auth_plugin_cleanup"))){ log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to load auth plugin function mosquitto_auth_plugin_cleanup()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->security_init_v3 = (FUNC_auth_plugin_security_init_v3)LIB_SYM(lib, "mosquitto_auth_security_init"))){ @@ -143,7 +143,7 @@ int security__load_v3(struct mosquitto__auth_plugin *plugin, struct mosquitto_op "Error: Unable to load auth plugin function mosquitto_auth_security_init()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->security_cleanup_v3 = (FUNC_auth_plugin_security_cleanup_v3)LIB_SYM(lib, "mosquitto_auth_security_cleanup"))){ @@ -151,7 +151,7 @@ int security__load_v3(struct mosquitto__auth_plugin *plugin, struct mosquitto_op "Error: Unable to load auth plugin function mosquitto_auth_security_cleanup()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->acl_check_v3 = (FUNC_auth_plugin_acl_check_v3)LIB_SYM(lib, "mosquitto_auth_acl_check"))){ @@ -159,7 +159,7 @@ int security__load_v3(struct mosquitto__auth_plugin *plugin, struct mosquitto_op "Error: Unable to load auth plugin function mosquitto_auth_acl_check()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->unpwd_check_v3 = (FUNC_auth_plugin_unpwd_check_v3)LIB_SYM(lib, "mosquitto_auth_unpwd_check"))){ @@ -167,7 +167,7 @@ int security__load_v3(struct mosquitto__auth_plugin *plugin, struct mosquitto_op "Error: Unable to load auth plugin function mosquitto_auth_unpwd_check()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->psk_key_get_v3 = (FUNC_auth_plugin_psk_key_get_v3)LIB_SYM(lib, "mosquitto_auth_psk_key_get"))){ @@ -175,7 +175,7 @@ int security__load_v3(struct mosquitto__auth_plugin *plugin, struct mosquitto_op "Error: Unable to load auth plugin function mosquitto_auth_psk_key_get()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } plugin->lib = lib; @@ -201,14 +201,14 @@ int security__load_v4(struct mosquitto__auth_plugin *plugin, struct mosquitto_op "Error: Unable to load auth plugin function mosquitto_auth_plugin_init()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->plugin_cleanup_v4 = (FUNC_auth_plugin_cleanup_v4)LIB_SYM(lib, "mosquitto_auth_plugin_cleanup"))){ log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to load auth plugin function mosquitto_auth_plugin_cleanup()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->security_init_v4 = (FUNC_auth_plugin_security_init_v4)LIB_SYM(lib, "mosquitto_auth_security_init"))){ @@ -216,7 +216,7 @@ int security__load_v4(struct mosquitto__auth_plugin *plugin, struct mosquitto_op "Error: Unable to load auth plugin function mosquitto_auth_security_init()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->security_cleanup_v4 = (FUNC_auth_plugin_security_cleanup_v4)LIB_SYM(lib, "mosquitto_auth_security_cleanup"))){ @@ -224,7 +224,7 @@ int security__load_v4(struct mosquitto__auth_plugin *plugin, struct mosquitto_op "Error: Unable to load auth plugin function mosquitto_auth_security_cleanup()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } if(!(plugin->acl_check_v4 = (FUNC_auth_plugin_acl_check_v4)LIB_SYM(lib, "mosquitto_auth_acl_check"))){ @@ -232,7 +232,7 @@ int security__load_v4(struct mosquitto__auth_plugin *plugin, struct mosquitto_op "Error: Unable to load auth plugin function mosquitto_auth_acl_check()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } plugin->unpwd_check_v4 = (FUNC_auth_plugin_unpwd_check_v4)LIB_SYM(lib, "mosquitto_auth_unpwd_check"); @@ -264,7 +264,7 @@ int security__load_v4(struct mosquitto__auth_plugin *plugin, struct mosquitto_op log__printf(NULL, MOSQ_LOG_ERR, "Error: Plugin has missing mosquitto_auth_continue() function."); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } }else{ log__printf(NULL, MOSQ_LOG_INFO, @@ -311,7 +311,7 @@ static int security__module_init_single(struct mosquitto__listener *listener, st log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to load auth plugin \"%s\".", opts->auth_plugin_configs[i].path); LIB_ERROR(); - return 1; + return MOSQ_ERR_UNKNOWN; } opts->auth_plugin_configs[i].plugin.lib = NULL; @@ -324,7 +324,7 @@ static int security__module_init_single(struct mosquitto__listener *listener, st "Error: Unable to load auth plugin function mosquitto_auth_plugin_version() or mosquitto_plugin_version()."); LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } opts->auth_plugin_configs[i].plugin.version = version; if(version == 5){ @@ -375,7 +375,7 @@ static int security__module_init_single(struct mosquitto__listener *listener, st LIB_ERROR(); LIB_CLOSE(lib); - return 1; + return MOSQ_ERR_UNKNOWN; } } } diff --git a/src/security_default.c b/src/security_default.c index 821b5dd9..5a71a1b8 100644 --- a/src/security_default.c +++ b/src/security_default.c @@ -453,7 +453,7 @@ static int mosquitto_acl_check_default(int event, void *event_data, void *userda len = tlen + (size_t)acl_root->ccount*(clen-2); } local_acl = mosquitto__malloc(len+1); - if(!local_acl) return 1; /* FIXME */ + if(!local_acl) return MOSQ_ERR_NOMEM; s = local_acl; for(i=0; itopic[i] == '%'){ @@ -516,14 +516,14 @@ static int aclfile__parse(struct mosquitto_db *db, struct mosquitto__security_op buf = mosquitto__malloc((size_t)buflen); if(buf == NULL){ log__printf(NULL, MOSQ_LOG_ERR, "Error: Out of memory."); - return 1; + return MOSQ_ERR_NOMEM; } aclfptr = mosquitto__fopen(security_opts->acl_file, "rt", false); if(!aclfptr){ mosquitto__free(buf); log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to open acl_file \"%s\".", security_opts->acl_file); - return 1; + return MOSQ_ERR_UNKNOWN; } /* topic [read|write] @@ -743,14 +743,14 @@ static int pwfile__parse(const char *file, struct mosquitto__unpwd **root) buf = mosquitto__malloc((size_t)buflen); if(buf == NULL){ log__printf(NULL, MOSQ_LOG_ERR, "Error: Out of memory."); - return 1; + return MOSQ_ERR_NOMEM; } pwfile = mosquitto__fopen(file, "rt", false); if(!pwfile){ log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to open pwfile \"%s\".", file); mosquitto__free(buf); - return 1; + return MOSQ_ERR_UNKNOWN; } while(!feof(pwfile)){ @@ -1102,11 +1102,11 @@ int mosquitto_security_apply_default(struct mosquitto_db *db) listener = &db->config->listeners[i]; if(listener && listener->ssl_ctx && listener->certfile && listener->keyfile && listener->crlfile && listener->require_certificate){ if(net__tls_server_ctx(listener)){ - return 1; + return MOSQ_ERR_TLS; } if(net__tls_load_verify(listener)){ - return 1; + return MOSQ_ERR_TLS; } } }