github
/
mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix more "incorrect" disconnect messages.

Browse Source
pull/1868/head
Roger A. Light 5 years ago
parent dcf6372a2a
commit 443275a2d0
7 changed files with 60 additions and 60 deletions
Show Stats Download Patch File Download Diff File

2
src/handle_auth.c
Unescape Escape View File

@ -47,7 +47,7 @@ int handle__auth(struct mosquitto_db *db, struct mosquitto *context)
}
if(context->in_packet.remaining_length > 0){
if(packet__read_byte(&context->in_packet, &reason_code)) return 1;
if(packet__read_byte(&context->in_packet, &reason_code)) return MOSQ_ERR_MALFORMED_PACKET;
if(reason_code != MQTT_RC_CONTINUE_AUTHENTICATION
&& reason_code != MQTT_RC_REAUTHENTICATE){

18
src/handle_connack.c
Unescape Escape View File

@ -39,8 +39,8 @@ int handle__connack(struct mosquitto_db *db, struct mosquitto *context)
return MOSQ_ERR_INVAL;
}
log__printf(NULL, MOSQ_LOG_DEBUG, "Received CONNACK on connection %s.", context->id);
if(packet__read_byte(&context->in_packet, &connect_acknowledge)) return 1;
if(packet__read_byte(&context->in_packet, &reason_code)) return 1;
if(packet__read_byte(&context->in_packet, &connect_acknowledge)) return MOSQ_ERR_MALFORMED_PACKET;
if(packet__read_byte(&context->in_packet, &reason_code)) return MOSQ_ERR_MALFORMED_PACKET;
if(context->protocol == mosq_p_mqtt5){
if(context->in_packet.remaining_length == 2 && reason_code == CONNACK_REFUSED_PROTOCOL_VERSION){
@ -111,25 +111,25 @@ int handle__connack(struct mosquitto_db *db, struct mosquitto *context)
context->bridge->try_private_accepted = false;
}
log__printf(NULL, MOSQ_LOG_ERR, "Connection Refused: unacceptable protocol version");
return 1;
return MOSQ_ERR_CONN_LOST;
case CONNACK_REFUSED_IDENTIFIER_REJECTED:
log__printf(NULL, MOSQ_LOG_ERR, "Connection Refused: identifier rejected");
return 1;
return MOSQ_ERR_CONN_LOST;
case CONNACK_REFUSED_SERVER_UNAVAILABLE:
log__printf(NULL, MOSQ_LOG_ERR, "Connection Refused: broker unavailable");
return 1;
return MOSQ_ERR_CONN_LOST;
case CONNACK_REFUSED_BAD_USERNAME_PASSWORD:
log__printf(NULL, MOSQ_LOG_ERR, "Connection Refused: broker unavailable");
return 1;
return MOSQ_ERR_CONN_LOST;
case CONNACK_REFUSED_NOT_AUTHORIZED:
log__printf(NULL, MOSQ_LOG_ERR, "Connection Refused: not authorised");
return 1;
return MOSQ_ERR_CONN_LOST;
default:
log__printf(NULL, MOSQ_LOG_ERR, "Connection Refused: unknown reason");
return 1;
return MOSQ_ERR_CONN_LOST;
}
}
}
return 1;
return MOSQ_ERR_CONN_LOST;
}

34
src/net.c
Unescape Escape View File

@ -335,7 +335,7 @@ int net__tls_server_ctx(struct mosquitto__listener *listener)
if(!listener->ssl_ctx){
log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to create TLS context.");
return 1;
return MOSQ_ERR_TLS;
}
if(listener->tls_version == NULL){
@ -355,7 +355,7 @@ int net__tls_server_ctx(struct mosquitto__listener *listener)
#endif
}else{
log__printf(NULL, MOSQ_LOG_ERR, "Error: Unsupported tls_version \"%s\".", listener->tls_version);
return 1;
return MOSQ_ERR_TLS;
}
#ifdef SSL_OP_NO_COMPRESSION
@ -389,20 +389,20 @@ int net__tls_server_ctx(struct mosquitto__listener *listener)
rc = SSL_CTX_set_cipher_list(listener->ssl_ctx, listener->ciphers);
if(rc == 0){
log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to set TLS ciphers. Check cipher list \"%s\".", listener->ciphers);
return 1;
return MOSQ_ERR_TLS;
}
}else{
rc = SSL_CTX_set_cipher_list(listener->ssl_ctx, "DEFAULT:!aNULL:!eNULL:!LOW:!EXPORT:!SSLv2:@STRENGTH");
if(rc == 0){
log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to set TLS ciphers. Check cipher list \"%s\".", listener->ciphers);
return 1;
return MOSQ_ERR_TLS;
}
}
if(listener->dhparamfile){
dhparamfile = fopen(listener->dhparamfile, "r");
if(!dhparamfile){
log__printf(NULL, MOSQ_LOG_ERR, "Error loading dhparamfile \"%s\".", listener->dhparamfile);
return 1;
return MOSQ_ERR_TLS;
}
dhparam = PEM_read_DHparams(dhparamfile, NULL, NULL, NULL);
fclose(dhparamfile);
@ -410,7 +410,7 @@ int net__tls_server_ctx(struct mosquitto__listener *listener)
if(dhparam == NULL || SSL_CTX_set_tmp_dh(listener->ssl_ctx, dhparam) != 1){
log__printf(NULL, MOSQ_LOG_ERR, "Error loading dhparamfile \"%s\".", listener->dhparamfile);
net__print_ssl_error(NULL);
return 1;
return MOSQ_ERR_TLS;
}
}
return MOSQ_ERR_SUCCESS;
@ -429,7 +429,7 @@ int net__load_crl_file(struct mosquitto__listener *listener)
if(!store){
log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to obtain TLS store.");
net__print_error(MOSQ_LOG_ERR, "Error: %s");
return 1;
return MOSQ_ERR_TLS;
}
lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file());
rc = X509_load_crl_file(lookup, listener->crlfile, X509_FILETYPE_PEM);
@ -437,7 +437,7 @@ int net__load_crl_file(struct mosquitto__listener *listener)
log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to load certificate revocation file \"%s\". Check crlfile.", listener->crlfile);
net__print_error(MOSQ_LOG_ERR, "Error: %s");
net__print_ssl_error(NULL);
return 1;
return MOSQ_ERR_TLS;
}
X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK);
#endif
@ -494,13 +494,13 @@ int net__tls_load_verify(struct mosquitto__listener *listener)
if(!engine){
log__printf(NULL, MOSQ_LOG_ERR, "Error loading %s engine\n", listener->tls_engine);
net__print_ssl_error(NULL);
return 1;
return MOSQ_ERR_TLS;
}
if(!ENGINE_init(engine)){
log__printf(NULL, MOSQ_LOG_ERR, "Failed engine initialisation\n");
net__print_ssl_error(NULL);
ENGINE_free(engine);
return 1;
return MOSQ_ERR_TLS;
}
ENGINE_set_default(engine, ENGINE_METHOD_ALL);
ENGINE_free(engine); /* release the structural reference from ENGINE_by_id() */
@ -519,7 +519,7 @@ int net__tls_load_verify(struct mosquitto__listener *listener)
#if !defined(OPENSSL_NO_ENGINE)
ENGINE_FINISH(engine);
#endif
return 1;
return MOSQ_ERR_TLS;
}
if(listener->tls_engine && listener->tls_keyform == mosq_k_engine){
#if !defined(OPENSSL_NO_ENGINE)
@ -529,13 +529,13 @@ int net__tls_load_verify(struct mosquitto__listener *listener)
log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to set engine secret mode sha");
net__print_ssl_error(NULL);
ENGINE_FINISH(engine);
return 1;
return MOSQ_ERR_TLS;
}
if(!ENGINE_ctrl_cmd(engine, ENGINE_PIN, 0, listener->tls_engine_kpass_sha1, NULL, 0)){
log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to set engine pin");
net__print_ssl_error(NULL);
ENGINE_FINISH(engine);
return 1;
return MOSQ_ERR_TLS;
}
ui_method = NULL;
}
@ -544,13 +544,13 @@ int net__tls_load_verify(struct mosquitto__listener *listener)
log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to load engine private key file \"%s\".", listener->keyfile);
net__print_ssl_error(NULL);
ENGINE_FINISH(engine);
return 1;
return MOSQ_ERR_TLS;
}
if(SSL_CTX_use_PrivateKey(listener->ssl_ctx, pkey) <= 0){
log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to use engine private key file \"%s\".", listener->keyfile);
net__print_ssl_error(NULL);
ENGINE_FINISH(engine);
return 1;
return MOSQ_ERR_TLS;
}
#endif
}else{
@ -561,7 +561,7 @@ int net__tls_load_verify(struct mosquitto__listener *listener)
#if !defined(OPENSSL_NO_ENGINE)
ENGINE_FINISH(engine);
#endif
return 1;
return MOSQ_ERR_TLS;
}
}
rc = SSL_CTX_check_private_key(listener->ssl_ctx);
@ -571,7 +571,7 @@ int net__tls_load_verify(struct mosquitto__listener *listener)
#if !defined(OPENSSL_NO_ENGINE)
ENGINE_FINISH(engine);
#endif
return 1;
return MOSQ_ERR_TLS;
}
/* Load CRLs if they exist. */
if(listener->crlfile){

4
src/plugin.c
Unescape Escape View File

@ -65,14 +65,14 @@ int plugin__load_v5(struct mosquitto__listener *listener, struct mosquitto__auth
"Error: Unable to load plugin function mosquitto_plugin_init().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->plugin_cleanup_v5 = (FUNC_plugin_cleanup_v5)LIB_SYM(lib, "mosquitto_plugin_cleanup"))){
log__printf(NULL, MOSQ_LOG_ERR,
"Error: Unable to load plugin function mosquitto_plugin_cleanup().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
pid = mosquitto__calloc(1, sizeof(mosquitto_plugin_id_t));

2
src/retain.c
Unescape Escape View File

@ -81,7 +81,7 @@ int retain__store(struct mosquitto_db *db, const char *topic, struct mosquitto_m
assert(split_topics);
HASH_FIND(hh, db->retains, split_topics[0], strlen(split_topics[0]), retainhier);
if(retainhier == NULL) return 1;
if(retainhier == NULL) return MOSQ_ERR_NOT_FOUND;
for(i=0; split_topics[i] != NULL; i++){
slen = strlen(split_topics[i]);

46
src/security.c
Unescape Escape View File

@ -54,14 +54,14 @@ int security__load_v2(struct mosquitto__auth_plugin *plugin, struct mosquitto_au
"Error: Unable to load auth plugin function mosquitto_auth_plugin_init().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->plugin_cleanup_v2 = (FUNC_auth_plugin_cleanup_v2)LIB_SYM(lib, "mosquitto_auth_plugin_cleanup"))){
log__printf(NULL, MOSQ_LOG_ERR,
"Error: Unable to load auth plugin function mosquitto_auth_plugin_cleanup().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->security_init_v2 = (FUNC_auth_plugin_security_init_v2)LIB_SYM(lib, "mosquitto_auth_security_init"))){
@ -69,7 +69,7 @@ int security__load_v2(struct mosquitto__auth_plugin *plugin, struct mosquitto_au
"Error: Unable to load auth plugin function mosquitto_auth_security_init().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->security_cleanup_v2 = (FUNC_auth_plugin_security_cleanup_v2)LIB_SYM(lib, "mosquitto_auth_security_cleanup"))){
@ -77,7 +77,7 @@ int security__load_v2(struct mosquitto__auth_plugin *plugin, struct mosquitto_au
"Error: Unable to load auth plugin function mosquitto_auth_security_cleanup().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->acl_check_v2 = (FUNC_auth_plugin_acl_check_v2)LIB_SYM(lib, "mosquitto_auth_acl_check"))){
@ -85,7 +85,7 @@ int security__load_v2(struct mosquitto__auth_plugin *plugin, struct mosquitto_au
"Error: Unable to load auth plugin function mosquitto_auth_acl_check().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->unpwd_check_v2 = (FUNC_auth_plugin_unpwd_check_v2)LIB_SYM(lib, "mosquitto_auth_unpwd_check"))){
@ -93,7 +93,7 @@ int security__load_v2(struct mosquitto__auth_plugin *plugin, struct mosquitto_au
"Error: Unable to load auth plugin function mosquitto_auth_unpwd_check().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->psk_key_get_v2 = (FUNC_auth_plugin_psk_key_get_v2)LIB_SYM(lib, "mosquitto_auth_psk_key_get"))){
@ -101,7 +101,7 @@ int security__load_v2(struct mosquitto__auth_plugin *plugin, struct mosquitto_au
"Error: Unable to load auth plugin function mosquitto_auth_psk_key_get().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
plugin->lib = lib;
@ -128,14 +128,14 @@ int security__load_v3(struct mosquitto__auth_plugin *plugin, struct mosquitto_op
"Error: Unable to load auth plugin function mosquitto_auth_plugin_init().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->plugin_cleanup_v3 = (FUNC_auth_plugin_cleanup_v3)LIB_SYM(lib, "mosquitto_auth_plugin_cleanup"))){
log__printf(NULL, MOSQ_LOG_ERR,
"Error: Unable to load auth plugin function mosquitto_auth_plugin_cleanup().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->security_init_v3 = (FUNC_auth_plugin_security_init_v3)LIB_SYM(lib, "mosquitto_auth_security_init"))){
@ -143,7 +143,7 @@ int security__load_v3(struct mosquitto__auth_plugin *plugin, struct mosquitto_op
"Error: Unable to load auth plugin function mosquitto_auth_security_init().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->security_cleanup_v3 = (FUNC_auth_plugin_security_cleanup_v3)LIB_SYM(lib, "mosquitto_auth_security_cleanup"))){
@ -151,7 +151,7 @@ int security__load_v3(struct mosquitto__auth_plugin *plugin, struct mosquitto_op
"Error: Unable to load auth plugin function mosquitto_auth_security_cleanup().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->acl_check_v3 = (FUNC_auth_plugin_acl_check_v3)LIB_SYM(lib, "mosquitto_auth_acl_check"))){
@ -159,7 +159,7 @@ int security__load_v3(struct mosquitto__auth_plugin *plugin, struct mosquitto_op
"Error: Unable to load auth plugin function mosquitto_auth_acl_check().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->unpwd_check_v3 = (FUNC_auth_plugin_unpwd_check_v3)LIB_SYM(lib, "mosquitto_auth_unpwd_check"))){
@ -167,7 +167,7 @@ int security__load_v3(struct mosquitto__auth_plugin *plugin, struct mosquitto_op
"Error: Unable to load auth plugin function mosquitto_auth_unpwd_check().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->psk_key_get_v3 = (FUNC_auth_plugin_psk_key_get_v3)LIB_SYM(lib, "mosquitto_auth_psk_key_get"))){
@ -175,7 +175,7 @@ int security__load_v3(struct mosquitto__auth_plugin *plugin, struct mosquitto_op
"Error: Unable to load auth plugin function mosquitto_auth_psk_key_get().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
plugin->lib = lib;
@ -201,14 +201,14 @@ int security__load_v4(struct mosquitto__auth_plugin *plugin, struct mosquitto_op
"Error: Unable to load auth plugin function mosquitto_auth_plugin_init().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->plugin_cleanup_v4 = (FUNC_auth_plugin_cleanup_v4)LIB_SYM(lib, "mosquitto_auth_plugin_cleanup"))){
log__printf(NULL, MOSQ_LOG_ERR,
"Error: Unable to load auth plugin function mosquitto_auth_plugin_cleanup().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->security_init_v4 = (FUNC_auth_plugin_security_init_v4)LIB_SYM(lib, "mosquitto_auth_security_init"))){
@ -216,7 +216,7 @@ int security__load_v4(struct mosquitto__auth_plugin *plugin, struct mosquitto_op
"Error: Unable to load auth plugin function mosquitto_auth_security_init().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->security_cleanup_v4 = (FUNC_auth_plugin_security_cleanup_v4)LIB_SYM(lib, "mosquitto_auth_security_cleanup"))){
@ -224,7 +224,7 @@ int security__load_v4(struct mosquitto__auth_plugin *plugin, struct mosquitto_op
"Error: Unable to load auth plugin function mosquitto_auth_security_cleanup().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
if(!(plugin->acl_check_v4 = (FUNC_auth_plugin_acl_check_v4)LIB_SYM(lib, "mosquitto_auth_acl_check"))){
@ -232,7 +232,7 @@ int security__load_v4(struct mosquitto__auth_plugin *plugin, struct mosquitto_op
"Error: Unable to load auth plugin function mosquitto_auth_acl_check().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
plugin->unpwd_check_v4 = (FUNC_auth_plugin_unpwd_check_v4)LIB_SYM(lib, "mosquitto_auth_unpwd_check");
@ -264,7 +264,7 @@ int security__load_v4(struct mosquitto__auth_plugin *plugin, struct mosquitto_op
log__printf(NULL, MOSQ_LOG_ERR,
"Error: Plugin has missing mosquitto_auth_continue() function.");
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
}else{
log__printf(NULL, MOSQ_LOG_INFO,
@ -311,7 +311,7 @@ static int security__module_init_single(struct mosquitto__listener *listener, st
log__printf(NULL, MOSQ_LOG_ERR,
"Error: Unable to load auth plugin \"%s\".", opts->auth_plugin_configs[i].path);
LIB_ERROR();
return 1;
return MOSQ_ERR_UNKNOWN;
}
opts->auth_plugin_configs[i].plugin.lib = NULL;
@ -324,7 +324,7 @@ static int security__module_init_single(struct mosquitto__listener *listener, st
"Error: Unable to load auth plugin function mosquitto_auth_plugin_version() or mosquitto_plugin_version().");
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
opts->auth_plugin_configs[i].plugin.version = version;
if(version == 5){
@ -375,7 +375,7 @@ static int security__module_init_single(struct mosquitto__listener *listener, st
LIB_ERROR();
LIB_CLOSE(lib);
return 1;
return MOSQ_ERR_UNKNOWN;
}
}
}

14
src/security_default.c
Unescape Escape View File

@ -453,7 +453,7 @@ static int mosquitto_acl_check_default(int event, void *event_data, void *userda
len = tlen + (size_t)acl_root->ccount*(clen-2);
}
local_acl = mosquitto__malloc(len+1);
if(!local_acl) return 1; /* FIXME */
if(!local_acl) return MOSQ_ERR_NOMEM;
s = local_acl;
for(i=0; i<tlen; i++){
if(i<tlen-1 && acl_root->topic[i] == '%'){
@ -516,14 +516,14 @@ static int aclfile__parse(struct mosquitto_db *db, struct mosquitto__security_op
buf = mosquitto__malloc((size_t)buflen);
if(buf == NULL){
log__printf(NULL, MOSQ_LOG_ERR, "Error: Out of memory.");
return 1;
return MOSQ_ERR_NOMEM;
}
aclfptr = mosquitto__fopen(security_opts->acl_file, "rt", false);
if(!aclfptr){
mosquitto__free(buf);
log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to open acl_file \"%s\".", security_opts->acl_file);
return 1;
return MOSQ_ERR_UNKNOWN;
}
/* topic [read|write] <topic>
@ -743,14 +743,14 @@ static int pwfile__parse(const char *file, struct mosquitto__unpwd **root)
buf = mosquitto__malloc((size_t)buflen);
if(buf == NULL){
log__printf(NULL, MOSQ_LOG_ERR, "Error: Out of memory.");
return 1;
return MOSQ_ERR_NOMEM;
}
pwfile = mosquitto__fopen(file, "rt", false);
if(!pwfile){
log__printf(NULL, MOSQ_LOG_ERR, "Error: Unable to open pwfile \"%s\".", file);
mosquitto__free(buf);
return 1;
return MOSQ_ERR_UNKNOWN;
}
while(!feof(pwfile)){
@ -1102,11 +1102,11 @@ int mosquitto_security_apply_default(struct mosquitto_db *db)
listener = &db->config->listeners[i];
if(listener && listener->ssl_ctx && listener->certfile && listener->keyfile && listener->crlfile && listener->require_certificate){
if(net__tls_server_ctx(listener)){
return 1;
return MOSQ_ERR_TLS;
}
if(net__tls_load_verify(listener)){
return 1;
return MOSQ_ERR_TLS;
}
}
}

Write Preview
Loading…
Cancel
Save