diff --git a/CMakeLists.txt b/CMakeLists.txt index 01ee0bbd..b16d7a9e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -6,7 +6,7 @@ cmake_minimum_required(VERSION 3.10) -set (VERSION 2.0.10) +set (VERSION 2.0.11) project(mosquitto VERSION ${VERSION} DESCRIPTION "Eclipse Mosquitto" diff --git a/ChangeLog.txt b/ChangeLog.txt index f2b96a08..db157161 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -68,6 +68,35 @@ Clients: received. Requires ANSI escape code support in the terminal. - mosquitto_sub now only needs `-t` or `-U` to run - this means that `-t` is not required in all situations. +- mosquitto_sub and mosquitto_rr now open stdout in binary mode on Windows + so binary payloads are not modified when printing. + + +2.0.11 - 2021-06-08 +=================== + +Security: +- If a MQTT v5 client connects with a crafted CONNECT packet a memory leak + will occur. This has been fixed. + +Broker: +- Fix possible crash having just upgraded from 1.6 if `per_listener_settings + true` is set, and a SIGHUP is sent to the broker before a client has + reconnected to the broker. Closes #2167. +- Fix bridge not reconnectng if the first reconnection attempt fails. + Closes #2207. +- Improve QoS 0 outgoing packet queueing. +- Fix non-reachable bridge blocking the broker on Windows. Closes #2172. +- Fix possible corruption of pollfd array on Windows when bridges were + reconnecting. Closes #2173. +- Fix QoS 0 messages not being queued when `queue_qos0_messages` was enabled. + Closes #2224. + +Clients: +- If sending mosquitto_sub output to a pipe, mosquitto_sub will now detect + that the pipe has closed and disconnect. Closes #2164. +- Fix `mosquitto_pub -l` quitting if a message publication is attempted when + the broker is temporarily unavailable. Closes #2187. 2.0.10 - 2021-04-03 diff --git a/Makefile b/Makefile index ebc2ee0e..3b206b36 100644 --- a/Makefile +++ b/Makefile @@ -36,7 +36,7 @@ DISTFILES= \ libmosquitto.pc.in \ libmosquittopp.pc.in \ mosquitto.conf \ - notice.html \ + NOTICE.md \ pskfile.example \ pwfile.example \ README-compiling.md \ diff --git a/NOTICE.md b/NOTICE.md new file mode 100644 index 00000000..1579f2ec --- /dev/null +++ b/NOTICE.md @@ -0,0 +1,64 @@ +# Notices for Mosquitto + +This content is produced and maintained by the Eclipse Mosquitto project. + + * Project home: https://projects.eclipse.org/projects/iot.mosquitto + +## Trademarks + +Eclipse Mosquitto trademarks of the Eclipse Foundation. Eclipse, and the +Eclipse Logo are registered trademarks of the Eclipse Foundation. + +## Copyright + +All content is the property of the respective authors or their employers. +For more information regarding authorship of content, please consult the +listed source code repository logs. + +## Declared Project Licenses + +This program and the accompanying materials are made available under the terms +of the Eclipse Public License v2.0 which is available at +http://www.eclipse.org/legal/epl-v10.html, or the BSD 3 Clause license. + +SPDX-License-Identifier: EPL-2.0 or BSD-3-Clause + +## Source Code + +The project maintains the following source code repositories: + + * https://github.com/eclipse/mosquitto + +## Third-party Content + +This project makes use of the follow third party projects. + +cJSON (1.7.x) + +* License: MIT +* Project: https://github.com/DaveGamble/cJSON + +libwebsockets (4.x) + +* License: MIT +* Project: https://github.com/warmcat/libwebsockets + +openssl (1.1.1) + +* License: OpenSSL License and SSLeay License +* Project: https://openssl.org +* Source: https://github.com/openssl/openssl + +uthash (2.1.0) + +* License: BSD revised (https://troydhanson.github.io/uthash/license.html) +* Project: https://github.com/troydhanson/uthash + +## Cryptography + +Content may contain encryption software. The country in which you are currently +may have restrictions on the import, possession, and use, and/or re-export to +another country, of encryption software. BEFORE using any encryption software, +please check the country's laws, regulations and policies concerning the import, +possession, or use, and re-export of encryption software, to see if this is +permitted. diff --git a/README-compiling.md b/README-compiling.md index eb1b11da..827aba59 100644 --- a/README-compiling.md +++ b/README-compiling.md @@ -10,6 +10,8 @@ are optional. * libsystemd-dev (optional, if building with systemd support on Linux) * On Windows, a pthreads library is required if threading support is to be included. +* xsltproc (only if building from git) +* docbook-xsl (only if building from git) To compile, run "make", but also see the file config.mk for more details on the various options that can be compiled in. diff --git a/client/rr_client.c b/client/rr_client.c index 080f08de..a01cf8d6 100644 --- a/client/rr_client.c +++ b/client/rr_client.c @@ -343,6 +343,7 @@ int main(int argc, char *argv[]) err_printf(&cfg, "Error in PUBLISH properties: Duplicate response topic.\n"); goto cleanup; } + output_init(&cfg); if(client_id_generate(&cfg)){ goto cleanup; diff --git a/client/sub_client_output.c b/client/sub_client_output.c index 0df75d87..bbf2ae88 100644 --- a/client/sub_client_output.c +++ b/client/sub_client_output.c @@ -21,6 +21,8 @@ Contributors: #ifdef WIN32 /* For rand_s on Windows */ # define _CRT_RAND_S +# include +# include #endif #include @@ -868,4 +870,8 @@ void output_init(struct mosq_config *lcfg) printf("\e[2J\e[1;1H"); printf("Broker: %s\n", lcfg->host); } +#ifdef WIN32 + /* Disable text translation so binary payloads aren't modified */ + _setmode(_fileno(stdout), _O_BINARY); +#endif } diff --git a/config.mk b/config.mk index fe6a822a..619c1e13 100644 --- a/config.mk +++ b/config.mk @@ -127,7 +127,7 @@ WITH_XTREPORT=no # Also bump lib/mosquitto.h, CMakeLists.txt, # installer/mosquitto.nsi, installer/mosquitto64.nsi -VERSION=2.0.10 +VERSION=2.0.11 # Client library SO version. Bump if incompatible API/ABI changes are made. SOVERSION=1 diff --git a/docker/1.6-openssl/Dockerfile b/docker/1.6-openssl/Dockerfile index 3c09a74d..ff6b729e 100644 --- a/docker/1.6-openssl/Dockerfile +++ b/docker/1.6-openssl/Dockerfile @@ -3,17 +3,18 @@ FROM alpine:3.12 LABEL maintainer="Roger Light " \ description="Eclipse Mosquitto MQTT Broker" -ENV VERSION=1.6.14 \ - DOWNLOAD_SHA256=5ea7e342bfbd212a0addb915036be168040dea945e5de5fe739c43c5ff3823e4 \ +ENV VERSION=1.6.15 \ + DOWNLOAD_SHA256=5ff2271512f745bf1a451072cd3768a5daed71e90c5179fae12b049d6c02aa0f \ GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \ - LWS_VERSION=2.4.2 \ - LWS_SHA256=73012d7fcf428dedccc816e83a63a01462e27819d5537b8e0d0c7264bfacfad6 + LWS_VERSION=4.2.0 \ + LWS_SHA256=a57e9a4765dbcd4d880feba8089b43ed69995eaf10d5d61a07981d9ddd975f40 RUN set -x && \ apk --no-cache add --virtual build-deps \ build-base \ cmake \ gnupg \ + linux-headers \ openssl-dev \ util-linux-dev && \ wget https://github.com/warmcat/libwebsockets/archive/v${LWS_VERSION}.tar.gz -O /tmp/lws.tar.gz && \ @@ -25,11 +26,13 @@ RUN set -x && \ cmake . \ -DCMAKE_BUILD_TYPE=MinSizeRel \ -DCMAKE_INSTALL_PREFIX=/usr \ + -DDISABLE_WERROR=ON \ -DLWS_IPV6=ON \ -DLWS_WITHOUT_BUILTIN_GETIFADDRS=ON \ -DLWS_WITHOUT_CLIENT=ON \ -DLWS_WITHOUT_EXTENSIONS=ON \ -DLWS_WITHOUT_TESTAPPS=ON \ + -DLWS_WITH_EXTERNAL_POLL=ON \ -DLWS_WITH_SHARED=OFF \ -DLWS_WITH_ZIP_FOPS=OFF \ -DLWS_WITH_ZLIB=OFF && \ @@ -78,6 +81,9 @@ RUN set -x && \ install -s -m755 /build/mosq/src/mosquitto /usr/sbin/mosquitto && \ install -s -m755 /build/mosq/src/mosquitto_passwd /usr/bin/mosquitto_passwd && \ install -m644 /build/mosq/mosquitto.conf /mosquitto/config/mosquitto.conf && \ + install -Dm644 /build/lws/LICENSE /usr/share/licenses/libwebsockets/LICENSE && \ + install -Dm644 /build/mosq/epl-v10 /usr/share/licenses/mosquitto/epl-v10 && \ + install -Dm644 /build/mosq/edl-v10 /usr/share/licenses/mosquitto/edl-v10 && \ chown -R mosquitto:mosquitto /mosquitto && \ apk --no-cache add \ ca-certificates && \ diff --git a/docker/1.6/Dockerfile b/docker/1.6/Dockerfile index 86304cb8..46231c8e 100644 --- a/docker/1.6/Dockerfile +++ b/docker/1.6/Dockerfile @@ -3,11 +3,11 @@ FROM alpine:3.12 LABEL maintainer="Roger Light " \ description="Eclipse Mosquitto MQTT Broker" -ENV VERSION=1.6.14 \ - DOWNLOAD_SHA256=5ea7e342bfbd212a0addb915036be168040dea945e5de5fe739c43c5ff3823e4 \ +ENV VERSION=1.6.15 \ + DOWNLOAD_SHA256=5ff2271512f745bf1a451072cd3768a5daed71e90c5179fae12b049d6c02aa0f \ GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \ - LWS_VERSION=2.4.2 \ - LWS_SHA256=73012d7fcf428dedccc816e83a63a01462e27819d5537b8e0d0c7264bfacfad6 + LWS_VERSION=4.2.0 \ + LWS_SHA256=a57e9a4765dbcd4d880feba8089b43ed69995eaf10d5d61a07981d9ddd975f40 RUN set -x && \ apk --no-cache add --virtual build-deps \ @@ -15,6 +15,7 @@ RUN set -x && \ cmake \ gnupg \ libressl-dev \ + linux-headers \ util-linux-dev && \ wget https://github.com/warmcat/libwebsockets/archive/v${LWS_VERSION}.tar.gz -O /tmp/lws.tar.gz && \ echo "$LWS_SHA256 /tmp/lws.tar.gz" | sha256sum -c - && \ @@ -25,11 +26,13 @@ RUN set -x && \ cmake . \ -DCMAKE_BUILD_TYPE=MinSizeRel \ -DCMAKE_INSTALL_PREFIX=/usr \ + -DDISABLE_WERROR=ON \ -DLWS_IPV6=ON \ -DLWS_WITHOUT_BUILTIN_GETIFADDRS=ON \ -DLWS_WITHOUT_CLIENT=ON \ -DLWS_WITHOUT_EXTENSIONS=ON \ -DLWS_WITHOUT_TESTAPPS=ON \ + -DLWS_WITH_EXTERNAL_POLL=ON \ -DLWS_WITH_SHARED=OFF \ -DLWS_WITH_ZIP_FOPS=OFF \ -DLWS_WITH_ZLIB=OFF && \ @@ -79,6 +82,9 @@ RUN set -x && \ install -s -m755 /build/mosq/src/mosquitto /usr/sbin/mosquitto && \ install -s -m755 /build/mosq/src/mosquitto_passwd /usr/bin/mosquitto_passwd && \ install -m644 /build/mosq/mosquitto.conf /mosquitto/config/mosquitto.conf && \ + install -Dm644 /build/lws/LICENSE /usr/share/licenses/libwebsockets/LICENSE && \ + install -Dm644 /build/mosq/epl-v10 /usr/share/licenses/mosquitto/epl-v10 && \ + install -Dm644 /build/mosq/edl-v10 /usr/share/licenses/mosquitto/edl-v10 && \ chown -R mosquitto:mosquitto /mosquitto && \ apk --no-cache add \ ca-certificates \ diff --git a/docker/2.0-openssl/Dockerfile b/docker/2.0-openssl/Dockerfile index 96875b04..841878bd 100644 --- a/docker/2.0-openssl/Dockerfile +++ b/docker/2.0-openssl/Dockerfile @@ -3,11 +3,11 @@ FROM alpine:3.12 LABEL maintainer="Roger Light " \ description="Eclipse Mosquitto MQTT Broker" -ENV VERSION=2.0.10 \ - DOWNLOAD_SHA256=0188f7b21b91d6d80e992b8d6116ba851468b3bd154030e8a003ed28fb6f4a44 \ +ENV VERSION=2.0.11 \ + DOWNLOAD_SHA256=7b36a7198bce85cf31b132f5c6ee36dcf5dadf86fb768501eb1e11ce95d4f78a \ GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \ - LWS_VERSION=2.4.2 \ - LWS_SHA256=73012d7fcf428dedccc816e83a63a01462e27819d5537b8e0d0c7264bfacfad6 \ + LWS_VERSION=4.2.0 \ + LWS_SHA256=a57e9a4765dbcd4d880feba8089b43ed69995eaf10d5d61a07981d9ddd975f40 \ CJSON_VERSION=1.7.14 \ CJSON_SHA256=fb50a663eefdc76bafa80c82bc045af13b1363e8f45cec8b442007aef6a41343 @@ -16,6 +16,7 @@ RUN set -x && \ build-base \ cmake \ gnupg \ + linux-headers \ openssl-dev \ util-linux-dev && \ wget https://github.com/warmcat/libwebsockets/archive/v${LWS_VERSION}.tar.gz -O /tmp/lws.tar.gz && \ @@ -27,11 +28,13 @@ RUN set -x && \ cmake . \ -DCMAKE_BUILD_TYPE=MinSizeRel \ -DCMAKE_INSTALL_PREFIX=/usr \ + -DDISABLE_WERROR=ON \ -DLWS_IPV6=ON \ -DLWS_WITHOUT_BUILTIN_GETIFADDRS=ON \ -DLWS_WITHOUT_CLIENT=ON \ -DLWS_WITHOUT_EXTENSIONS=ON \ -DLWS_WITHOUT_TESTAPPS=ON \ + -DLWS_WITH_EXTERNAL_POLL=ON \ -DLWS_WITH_SHARED=OFF \ -DLWS_WITH_ZIP_FOPS=OFF \ -DLWS_WITH_ZLIB=OFF && \ @@ -97,6 +100,10 @@ RUN set -x && \ install -s -m755 /build/mosq/apps/mosquitto_passwd/mosquitto_passwd /usr/bin/mosquitto_passwd && \ install -s -m755 /build/mosq/plugins/dynamic-security/mosquitto_dynamic_security.so /usr/lib/mosquitto_dynamic_security.so && \ install -m644 /build/mosq/mosquitto.conf /mosquitto/config/mosquitto.conf && \ + install -Dm644 /build/cjson/LICENSE /usr/share/licenses/cJSON/LICENSE && \ + install -Dm644 /build/lws/LICENSE /usr/share/licenses/libwebsockets/LICENSE && \ + install -Dm644 /build/mosq/epl-v20 /usr/share/licenses/mosquitto/epl-v20 && \ + install -Dm644 /build/mosq/edl-v10 /usr/share/licenses/mosquitto/edl-v10 && \ chown -R mosquitto:mosquitto /mosquitto && \ apk --no-cache add \ ca-certificates && \ diff --git a/docker/2.0/Dockerfile b/docker/2.0/Dockerfile index 7a322dde..f08e6dfe 100644 --- a/docker/2.0/Dockerfile +++ b/docker/2.0/Dockerfile @@ -3,11 +3,11 @@ FROM alpine:3.12 LABEL maintainer="Roger Light " \ description="Eclipse Mosquitto MQTT Broker" -ENV VERSION=2.0.10 \ - DOWNLOAD_SHA256=0188f7b21b91d6d80e992b8d6116ba851468b3bd154030e8a003ed28fb6f4a44 \ +ENV VERSION=2.0.11 \ + DOWNLOAD_SHA256=7b36a7198bce85cf31b132f5c6ee36dcf5dadf86fb768501eb1e11ce95d4f78a \ GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \ - LWS_VERSION=2.4.2 \ - LWS_SHA256=73012d7fcf428dedccc816e83a63a01462e27819d5537b8e0d0c7264bfacfad6 \ + LWS_VERSION=4.2.0 \ + LWS_SHA256=a57e9a4765dbcd4d880feba8089b43ed69995eaf10d5d61a07981d9ddd975f40 \ CJSON_VERSION=1.7.14 \ CJSON_SHA256=fb50a663eefdc76bafa80c82bc045af13b1363e8f45cec8b442007aef6a41343 @@ -17,6 +17,7 @@ RUN set -x && \ cmake \ gnupg \ libressl-dev \ + linux-headers \ util-linux-dev && \ wget https://github.com/warmcat/libwebsockets/archive/v${LWS_VERSION}.tar.gz -O /tmp/lws.tar.gz && \ echo "$LWS_SHA256 /tmp/lws.tar.gz" | sha256sum -c - && \ @@ -27,11 +28,13 @@ RUN set -x && \ cmake . \ -DCMAKE_BUILD_TYPE=MinSizeRel \ -DCMAKE_INSTALL_PREFIX=/usr \ + -DDISABLE_WERROR=ON \ -DLWS_IPV6=ON \ -DLWS_WITHOUT_BUILTIN_GETIFADDRS=ON \ -DLWS_WITHOUT_CLIENT=ON \ -DLWS_WITHOUT_EXTENSIONS=ON \ -DLWS_WITHOUT_TESTAPPS=ON \ + -DLWS_WITH_EXTERNAL_POLL=ON \ -DLWS_WITH_SHARED=OFF \ -DLWS_WITH_ZIP_FOPS=OFF \ -DLWS_WITH_ZLIB=OFF && \ @@ -98,6 +101,10 @@ RUN set -x && \ install -s -m755 /build/mosq/apps/mosquitto_passwd/mosquitto_passwd /usr/bin/mosquitto_passwd && \ install -s -m755 /build/mosq/plugins/dynamic-security/mosquitto_dynamic_security.so /usr/lib/mosquitto_dynamic_security.so && \ install -m644 /build/mosq/mosquitto.conf /mosquitto/config/mosquitto.conf && \ + install -Dm644 /build/cjson/LICENSE /usr/share/licenses/cJSON/LICENSE && \ + install -Dm644 /build/lws/LICENSE /usr/share/licenses/libwebsockets/LICENSE && \ + install -Dm644 /build/mosq/epl-v20 /usr/share/licenses/mosquitto/epl-v20 && \ + install -Dm644 /build/mosq/edl-v10 /usr/share/licenses/mosquitto/edl-v10 && \ chown -R mosquitto:mosquitto /mosquitto && \ apk --no-cache add \ ca-certificates \ diff --git a/docker/generic/Dockerfile b/docker/generic/Dockerfile index 5a7e8e42..81c1a37e 100644 --- a/docker/generic/Dockerfile +++ b/docker/generic/Dockerfile @@ -8,8 +8,8 @@ RUN test -n "${VERSION}" ENV \ GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \ - LWS_VERSION=2.4.2 \ - LWS_SHA256=73012d7fcf428dedccc816e83a63a01462e27819d5537b8e0d0c7264bfacfad6 \ + LWS_VERSION=4.2.0 \ + LWS_SHA256=a57e9a4765dbcd4d880feba8089b43ed69995eaf10d5d61a07981d9ddd975f40 \ CJSON_VERSION=1.7.14 \ CJSON_SHA256=fb50a663eefdc76bafa80c82bc045af13b1363e8f45cec8b442007aef6a41343 @@ -18,6 +18,7 @@ RUN set -x && \ build-base \ cmake \ gnupg \ + linux-headers \ openssl-dev \ util-linux-dev && \ wget https://github.com/warmcat/libwebsockets/archive/v${LWS_VERSION}.tar.gz -O /tmp/lws.tar.gz && \ @@ -29,11 +30,13 @@ RUN set -x && \ cmake . \ -DCMAKE_BUILD_TYPE=MinSizeRel \ -DCMAKE_INSTALL_PREFIX=/usr \ + -DDISABLE_WERROR=ON \ -DLWS_IPV6=ON \ -DLWS_WITHOUT_BUILTIN_GETIFADDRS=ON \ -DLWS_WITHOUT_CLIENT=ON \ -DLWS_WITHOUT_EXTENSIONS=ON \ -DLWS_WITHOUT_TESTAPPS=ON \ + -DLWS_WITH_EXTERNAL_POLL=ON \ -DLWS_WITH_SHARED=OFF \ -DLWS_WITH_ZIP_FOPS=OFF \ -DLWS_WITH_ZLIB=OFF && \ @@ -99,6 +102,10 @@ RUN set -x && \ install -s -m755 /build/mosq/apps/mosquitto_passwd/mosquitto_passwd /usr/bin/mosquitto_passwd && \ install -s -m755 /build/mosq/plugins/dynamic-security/mosquitto_dynamic_security.so /usr/lib/mosquitto_dynamic_security.so && \ install -m644 /build/mosq/mosquitto.conf /mosquitto/config/mosquitto.conf && \ + install -Dm644 /build/cjson/LICENSE /usr/share/licenses/cJSON/LICENSE && \ + install -Dm644 /build/lws/LICENSE /usr/share/licenses/libwebsockets/LICENSE && \ + install -Dm644 /build/mosq/epl-v20 /usr/share/licenses/mosquitto/epl-v20 && \ + install -Dm644 /build/mosq/edl-v10 /usr/share/licenses/mosquitto/edl-v10 && \ chown -R mosquitto:mosquitto /mosquitto && \ apk --no-cache add \ ca-certificates && \ diff --git a/docker/local/Dockerfile b/docker/local/Dockerfile index 90b705e7..bed389d0 100644 --- a/docker/local/Dockerfile +++ b/docker/local/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.12 LABEL maintainer="Roger Light " \ description="Eclipse Mosquitto MQTT Broker" -ENV LWS_VERSION=2.4.2 \ +ENV LWS_VERSION=4.2.0 \ CJSON_VERSION=1.7.14 COPY mosq.tar.gz /tmp @@ -13,6 +13,7 @@ RUN set -x && \ build-base \ cmake \ gnupg \ + linux-headers \ openssl-dev \ util-linux-dev && \ wget https://github.com/warmcat/libwebsockets/archive/v${LWS_VERSION}.tar.gz -O /tmp/lws.tar.gz && \ @@ -23,11 +24,13 @@ RUN set -x && \ cmake . \ -DCMAKE_BUILD_TYPE=MinSizeRel \ -DCMAKE_INSTALL_PREFIX=/usr \ + -DDISABLE_WERROR=ON \ -DLWS_IPV6=ON \ -DLWS_WITHOUT_BUILTIN_GETIFADDRS=ON \ -DLWS_WITHOUT_CLIENT=ON \ -DLWS_WITHOUT_EXTENSIONS=ON \ -DLWS_WITHOUT_TESTAPPS=ON \ + -DLWS_WITH_EXTERNAL_POLL=ON \ -DLWS_WITH_SHARED=OFF \ -DLWS_WITH_ZIP_FOPS=OFF \ -DLWS_WITH_ZLIB=OFF && \ @@ -43,7 +46,7 @@ RUN set -x && \ tar --strip=1 -xf /tmp/mosq.tar.gz -C /build/mosq && \ rm /tmp/mosq.tar.gz && \ make -C /build/mosq -j "$(nproc)" \ - CFLAGS="-Wall -O2 -I/build/lws/include -I/build/cjson" \ + CFLAGS="-Wall -O2 -I/build/lws/include -I/build" \ LDFLAGS="-L/build/lws/lib -L/build/cjson" \ WITH_ADNS=no \ WITH_CJSON=yes \ @@ -67,6 +70,10 @@ RUN set -x && \ install -s -m755 /build/mosq/apps/mosquitto_ctrl/mosquitto_ctrl /usr/bin/mosquitto_ctrl && \ install -s -m755 /build/mosq/plugins/dynamic-security/mosquitto_dynamic_security.so /usr/lib/mosquitto_dynamic_security.so && \ install -m644 /build/mosq/mosquitto.conf /mosquitto/config/mosquitto.conf && \ + install -Dm644 /build/cjson/LICENSE /usr/share/licenses/cJSON/LICENSE && \ + install -Dm644 /build/lws/LICENSE /usr/share/licenses/libwebsockets/LICENSE && \ + install -Dm644 /build/mosq/epl-v20 /usr/share/licenses/mosquitto/epl-v20 && \ + install -Dm644 /build/mosq/edl-v10 /usr/share/licenses/mosquitto/edl-v10 && \ chown -R mosquitto:mosquitto /mosquitto && \ apk --no-cache add \ ca-certificates && \ diff --git a/include/mosquitto.h b/include/mosquitto.h index 3c8fe6e2..a4f6a0f4 100644 --- a/include/mosquitto.h +++ b/include/mosquitto.h @@ -66,7 +66,7 @@ extern "C" { #define LIBMOSQUITTO_MAJOR 2 #define LIBMOSQUITTO_MINOR 0 -#define LIBMOSQUITTO_REVISION 10 +#define LIBMOSQUITTO_REVISION 11 /* LIBMOSQUITTO_VERSION_NUMBER looks like 1002001 for e.g. version 1.2.1. */ #define LIBMOSQUITTO_VERSION_NUMBER (LIBMOSQUITTO_MAJOR*1000000+LIBMOSQUITTO_MINOR*1000+LIBMOSQUITTO_REVISION) diff --git a/installer/mosquitto.nsi b/installer/mosquitto.nsi index 437bf95f..0e45a147 100644 --- a/installer/mosquitto.nsi +++ b/installer/mosquitto.nsi @@ -9,7 +9,7 @@ !define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"' Name "Eclipse Mosquitto" -!define VERSION 2.0.10 +!define VERSION 2.0.11 OutFile "mosquitto-${VERSION}-install-windows-x86.exe" InstallDir "$PROGRAMFILES\mosquitto" @@ -53,6 +53,7 @@ Section "Files" SecInstall File "..\aclfile.example" File "..\ChangeLog.txt" File "..\mosquitto.conf" + File "..\NOTICE.md" File "..\pwfile.example" File "..\README.md" File "..\README-windows.txt" diff --git a/installer/mosquitto64.nsi b/installer/mosquitto64.nsi index aeb8548b..09480b1f 100644 --- a/installer/mosquitto64.nsi +++ b/installer/mosquitto64.nsi @@ -9,7 +9,7 @@ !define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"' Name "Eclipse Mosquitto" -!define VERSION 2.0.10 +!define VERSION 2.0.11 OutFile "mosquitto-${VERSION}-install-windows-x64.exe" !include "x64.nsh" @@ -54,6 +54,7 @@ Section "Files" SecInstall File "..\aclfile.example" File "..\ChangeLog.txt" File "..\mosquitto.conf" + File "..\NOTICE.md" File "..\pwfile.example" File "..\README.md" File "..\README-windows.txt" diff --git a/lib/net_mosq.c b/lib/net_mosq.c index e84ef068..17c03ac0 100644 --- a/lib/net_mosq.c +++ b/lib/net_mosq.c @@ -939,11 +939,42 @@ int net__socket_connect(struct mosquitto *mosq, const char *host, uint16_t port, } +#ifdef WITH_TLS +static int net__handle_ssl(struct mosquitto* mosq, int ret) +{ + int err; + + err = SSL_get_error(mosq->ssl, ret); + if (err == SSL_ERROR_WANT_READ) { + ret = -1; + errno = EAGAIN; + } + else if (err == SSL_ERROR_WANT_WRITE) { + ret = -1; +#ifdef WITH_BROKER + mux__add_out(mosq); +#else + mosq->want_write = true; +#endif + errno = EAGAIN; + } + else { + net__print_ssl_error(mosq); + errno = EPROTO; + } + ERR_clear_error(); +#ifdef WIN32 + WSASetLastError(errno); +#endif + + return ret; +} +#endif + ssize_t net__read(struct mosquitto *mosq, void *buf, size_t count) { #ifdef WITH_TLS int ret; - int err; #endif assert(mosq); errno = 0; @@ -951,22 +982,7 @@ ssize_t net__read(struct mosquitto *mosq, void *buf, size_t count) if(mosq->ssl){ ret = SSL_read(mosq->ssl, buf, (int)count); if(ret <= 0){ - err = SSL_get_error(mosq->ssl, ret); - if(err == SSL_ERROR_WANT_READ){ - ret = -1; - errno = EAGAIN; - }else if(err == SSL_ERROR_WANT_WRITE){ - ret = -1; - mosq->want_write = true; - errno = EAGAIN; - }else{ - net__print_ssl_error(mosq); - errno = EPROTO; - } - ERR_clear_error(); -#ifdef WIN32 - WSASetLastError(errno); -#endif + ret = net__handle_ssl(mosq, ret); } return (ssize_t )ret; }else{ @@ -989,7 +1005,6 @@ ssize_t net__write(struct mosquitto *mosq, const void *buf, size_t count) { #ifdef WITH_TLS int ret; - int err; #endif assert(mosq); @@ -999,22 +1014,7 @@ ssize_t net__write(struct mosquitto *mosq, const void *buf, size_t count) mosq->want_write = false; ret = SSL_write(mosq->ssl, buf, (int)count); if(ret < 0){ - err = SSL_get_error(mosq->ssl, ret); - if(err == SSL_ERROR_WANT_READ){ - ret = -1; - errno = EAGAIN; - }else if(err == SSL_ERROR_WANT_WRITE){ - ret = -1; - mosq->want_write = true; - errno = EAGAIN; - }else{ - net__print_ssl_error(mosq); - errno = EPROTO; - } - ERR_clear_error(); -#ifdef WIN32 - WSASetLastError(errno); -#endif + ret = net__handle_ssl(mosq, ret); } return (ssize_t )ret; }else{ diff --git a/lib/packet_mosq.c b/lib/packet_mosq.c index 3df5e640..4fcfc68b 100644 --- a/lib/packet_mosq.c +++ b/lib/packet_mosq.c @@ -301,15 +301,17 @@ int packet__write(struct mosquitto *mosq) #ifdef WITH_BROKER mosq->next_msg_out = db.now_s + mosq->keepalive; - if(packet == NULL){ - mux__remove_out(mosq); - } #else pthread_mutex_lock(&mosq->msgtime_mutex); mosq->next_msg_out = mosquitto_time() + mosq->keepalive; pthread_mutex_unlock(&mosq->msgtime_mutex); #endif } +#ifdef WITH_BROKER + if (mosq->out_packet == NULL) { + mux__remove_out(mosq); + } +#endif return MOSQ_ERR_SUCCESS; } diff --git a/man/mosquitto.8.xml b/man/mosquitto.8.xml index 179c949e..b32c8f9b 100644 --- a/man/mosquitto.8.xml +++ b/man/mosquitto.8.xml @@ -109,6 +109,17 @@ + + Platform limitations + + Some versions of Windows have limitations on the number of + concurrent connections due to the Windows API being used. In + modern versions of Windows, e.g. Windows 10 or Windows Server + 2019, this is approximately 8192 connections. In earlier + versions of Windows, this limit is 2048 connections. + + + MQTT Support Mosquitto supports MQTT v5.0, v3.1.1, and v3.1. diff --git a/notice.html b/notice.html deleted file mode 100644 index 757b27eb..00000000 --- a/notice.html +++ /dev/null @@ -1,108 +0,0 @@ - - - - - -Eclipse Foundation Software User Agreement - - - -

Eclipse Foundation Software User Agreement

-

February 1, 2011

- -

Usage Of Content

- -

THE ECLIPSE FOUNDATION MAKES AVAILABLE SOFTWARE, DOCUMENTATION, INFORMATION AND/OR OTHER MATERIALS FOR OPEN SOURCE PROJECTS - (COLLECTIVELY "CONTENT"). USE OF THE CONTENT IS GOVERNED BY THE TERMS AND CONDITIONS OF THIS AGREEMENT AND/OR THE TERMS AND - CONDITIONS OF LICENSE AGREEMENTS OR NOTICES INDICATED OR REFERENCED BELOW. BY USING THE CONTENT, YOU AGREE THAT YOUR USE - OF THE CONTENT IS GOVERNED BY THIS AGREEMENT AND/OR THE TERMS AND CONDITIONS OF ANY APPLICABLE LICENSE AGREEMENTS OR - NOTICES INDICATED OR REFERENCED BELOW. IF YOU DO NOT AGREE TO THE TERMS AND CONDITIONS OF THIS AGREEMENT AND THE TERMS AND - CONDITIONS OF ANY APPLICABLE LICENSE AGREEMENTS OR NOTICES INDICATED OR REFERENCED BELOW, THEN YOU MAY NOT USE THE CONTENT.

- -

Applicable Licenses

- -

Unless otherwise indicated, all Content made available by the Eclipse Foundation is provided to you under the terms and conditions of the Eclipse Public License Version 2.0 -https://www.eclipse.org/legal/epl-2.0/. - For purposes of the EPL, "Program" will mean the Content.

- -

Content includes, but is not limited to, source code, object code, documentation and other files maintained in the Eclipse Foundation source code - repository ("Repository") in software modules ("Modules") and made available as downloadable archives ("Downloads").

- -
    -
  • Content may be structured and packaged into modules to facilitate delivering, extending, and upgrading the Content. Typical modules may include plug-ins ("Plug-ins"), plug-in fragments ("Fragments"), and features ("Features").
    • -
  • Each Plug-in or Fragment may be packaged as a sub-directory or JAR (Java™ ARchive) in a directory named "plugins".
    • -
  • A Feature is a bundle of one or more Plug-ins and/or Fragments and associated material. Each Feature may be packaged as a sub-directory in a directory named "features". Within a Feature, files named "feature.xml" may contain a list of the names and version numbers of the Plug-ins - and/or Fragments associated with that Feature.
    • -
  • Features may also include other Features ("Included Features"). Within a Feature, files named "feature.xml" may contain a list of the names and version numbers of Included Features.
    • -
- -

The terms and conditions governing Plug-ins and Fragments should be contained in files named "about.html" ("Abouts"). The terms and conditions governing Features and -Included Features should be contained in files named "license.html" ("Feature Licenses"). Abouts and Feature Licenses may be located in any directory of a Download or Module -including, but not limited to the following locations:

- -
    -
  • The top-level (root) directory
    • -
  • Plug-in and Fragment directories
    • -
  • Inside Plug-ins and Fragments packaged as JARs
    • -
  • Sub-directories of the directory named "src" of certain Plug-ins
    • -
  • Feature directories
    • -
- -

Note: if a Feature made available by the Eclipse Foundation is installed using the Provisioning Technology (as defined below), you must agree to a license ("Feature Update License") during the -installation process. If the Feature contains Included Features, the Feature Update License should either provide you with the terms and conditions governing the Included Features or -inform you where you can locate them. Feature Update Licenses may be found in the "license" property of files named "feature.properties" found within a Feature. -Such Abouts, Feature Licenses, and Feature Update Licenses contain the terms and conditions (or references to such terms and conditions) that govern your use of the associated Content in -that directory.

- -

THE ABOUTS, FEATURE LICENSES, AND FEATURE UPDATE LICENSES MAY REFER TO THE EPL OR OTHER LICENSE AGREEMENTS, NOTICES OR TERMS AND CONDITIONS. SOME OF THESE -OTHER LICENSE AGREEMENTS MAY INCLUDE (BUT ARE NOT LIMITED TO):

- - - -

IT IS YOUR OBLIGATION TO READ AND ACCEPT ALL SUCH TERMS AND CONDITIONS PRIOR TO USE OF THE CONTENT. If no About, Feature License, or Feature Update License is provided, please -contact the Eclipse Foundation to determine what terms and conditions govern that particular Content.

- - -

Use of Provisioning Technology

- -

The Eclipse Foundation makes available provisioning software, examples of which include, but are not limited to, p2 and the Eclipse - Update Manager ("Provisioning Technology") for the purpose of allowing users to install software, documentation, information and/or - other materials (collectively "Installable Software"). This capability is provided with the intent of allowing such users to - install, extend and update Eclipse-based products. Information about packaging Installable Software is available at http://eclipse.org/equinox/p2/repository_packaging.html - ("Specification").

- -

You may use Provisioning Technology to allow other parties to install Installable Software. You shall be responsible for enabling the - applicable license agreements relating to the Installable Software to be presented to, and accepted by, the users of the Provisioning Technology - in accordance with the Specification. By using Provisioning Technology in such a manner and making it available in accordance with the - Specification, you further acknowledge your agreement to, and the acquisition of all necessary rights to permit the following:

- -
    -
  1. A series of actions may occur ("Provisioning Process") in which a user may execute the Provisioning Technology - on a machine ("Target Machine") with the intent of installing, extending or updating the functionality of an Eclipse-based - product.
    2. -
  2. During the Provisioning Process, the Provisioning Technology may cause third party Installable Software or a portion thereof to be - accessed and copied to the Target Machine.
    3. -
  3. Pursuant to the Specification, you will provide to the user the terms and conditions that govern the use of the Installable - Software ("Installable Software Agreement") and such Installable Software Agreement shall be accessed from the Target - Machine in accordance with the Specification. Such Installable Software Agreement must inform the user of the terms and conditions that govern - the Installable Software and must solicit acceptance by the end user in the manner prescribed in such Installable Software Agreement. Upon such - indication of agreement by the user, the provisioning Technology will complete installation of the Installable Software.
    4. -
- -

Cryptography

- -

Content may contain encryption software. The country in which you are currently may have restrictions on the import, possession, and use, and/or re-export to - another country, of encryption software. BEFORE using any encryption software, please check the country's laws, regulations and policies concerning the import, - possession, or use, and re-export of encryption software, to see if this is permitted.

- -

Java and all Java-based trademarks are trademarks of Oracle Corporation in the United States, other countries, or both.

- - diff --git a/set-version.sh b/set-version.sh index af1fc52d..3ab0982f 100755 --- a/set-version.sh +++ b/set-version.sh @@ -2,7 +2,7 @@ MAJOR=2 MINOR=0 -REVISION=10 +REVISION=11 sed -i "s/^VERSION=.*/VERSION=${MAJOR}.${MINOR}.${REVISION}/" config.mk diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 1ca29c0f..5e0cf01b 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -1,5 +1,5 @@ name: mosquitto -version: 2.0.10 +version: 2.0.11 summary: Eclipse Mosquitto MQTT broker description: This is a message broker that supports version 5.0, 3.1.1, and 3.1 of the MQTT protocol. diff --git a/src/bridge.c b/src/bridge.c index 8e089263..07d1512b 100644 --- a/src/bridge.c +++ b/src/bridge.c @@ -298,6 +298,7 @@ static int bridge__connect_step1(struct mosquitto *context) rc = net__try_connect_step1(context, context->bridge->addresses[context->bridge->cur_address].address); if(rc > 0 ){ if(rc == MOSQ_ERR_TLS){ + mux__delete(context); net__socket_close(context); return rc; /* Error already printed */ }else if(rc == MOSQ_ERR_ERRNO){ @@ -323,6 +324,7 @@ static int bridge__connect_step2(struct mosquitto *context) rc = net__try_connect_step2(context, context->bridge->addresses[context->bridge->cur_address].port, &context->sock); if(rc > 0){ if(rc == MOSQ_ERR_TLS){ + mux__delete(context); net__socket_close(context); return rc; /* Error already printed */ }else if(rc == MOSQ_ERR_ERRNO){ @@ -338,6 +340,7 @@ static int bridge__connect_step2(struct mosquitto *context) if(rc == MOSQ_ERR_CONN_PENDING){ mosquitto__set_state(context, mosq_cs_connect_pending); + mux__add_out(context); } return rc; } @@ -351,6 +354,7 @@ int bridge__connect_step3(struct mosquitto *context) rc = net__socket_connect_step3(context, context->bridge->addresses[context->bridge->cur_address].address); if(rc > 0){ if(rc == MOSQ_ERR_TLS){ + mux__delete(context); net__socket_close(context); return rc; /* Error already printed */ }else if(rc == MOSQ_ERR_ERRNO){ @@ -389,6 +393,7 @@ int bridge__connect_step3(struct mosquitto *context) }else if(rc == MOSQ_ERR_EAI){ log__printf(NULL, MOSQ_LOG_ERR, "Error creating bridge: %s.", gai_strerror(errno)); } + mux__delete(context); net__socket_close(context); return rc; } @@ -501,6 +506,7 @@ int bridge__connect(struct mosquitto *context) if(rc > 0){ if(rc == MOSQ_ERR_TLS){ + mux__delete(context); net__socket_close(context); return rc; /* Error already printed */ }else if(rc == MOSQ_ERR_ERRNO){ @@ -512,6 +518,7 @@ int bridge__connect(struct mosquitto *context) return rc; }else if(rc == MOSQ_ERR_CONN_PENDING){ mosquitto__set_state(context, mosq_cs_connect_pending); + mux__add_out(context); } HASH_ADD(hh_sock, db.contexts_by_sock, sock, sizeof(context->sock), context); @@ -539,6 +546,7 @@ int bridge__connect(struct mosquitto *context) }else if(rc2 == MOSQ_ERR_EAI){ log__printf(NULL, MOSQ_LOG_ERR, "Error creating bridge: %s.", gai_strerror(errno)); } + mux__delete(context); net__socket_close(context); return rc2; } @@ -921,6 +929,7 @@ void bridge_check(void) COMPAT_CLOSE(context->bridge->primary_retry_sock); context->bridge->primary_retry_sock = INVALID_SOCKET; context->bridge->primary_retry = 0; + mux__delete(context); net__socket_close(context); context->bridge->cur_address = 0; } @@ -931,6 +940,7 @@ void bridge_check(void) COMPAT_CLOSE(context->bridge->primary_retry_sock); context->bridge->primary_retry_sock = INVALID_SOCKET; context->bridge->primary_retry = 0; + mux__delete(context); net__socket_close(context); context->bridge->cur_address = context->bridge->address_count-1; }else{ diff --git a/src/database.c b/src/database.c index 1908e37f..74ff87a3 100644 --- a/src/database.c +++ b/src/database.c @@ -110,7 +110,7 @@ bool db__ready_for_queue(struct mosquitto *context, int qos, struct mosquitto_ms return true; } - if(qos == 0){ + if(qos == 0 && db.config->queue_qos0_messages == false){ return false; /* This case is handled in db__ready_for_flight() */ }else{ source_bytes = (ssize_t)msg_data->msg_bytes12; diff --git a/src/handle_connect.c b/src/handle_connect.c index b5ac9d63..81ca6b95 100644 --- a/src/handle_connect.c +++ b/src/handle_connect.c @@ -940,11 +940,13 @@ handle_connect_error: mosquitto__free(will_struct->msg.topic); mosquitto__free(will_struct); } + context->will = NULL; #ifdef WITH_TLS if(client_cert) X509_free(client_cert); #endif /* We return an error here which means the client is freed later on. */ context->clean_start = true; context->session_expiry_interval = 0; + context->will_delay_interval = 0; return rc; } diff --git a/src/mux_poll.c b/src/mux_poll.c index 732a6f18..c9c9c827 100644 --- a/src/mux_poll.c +++ b/src/mux_poll.c @@ -106,36 +106,44 @@ int mux_poll__init(struct mosquitto__listener_sock *listensock, int listensock_c } -int mux_poll__add_out(struct mosquitto *context) +static int mux_poll__add(struct mosquitto* context, uint16_t evt) { size_t i; - if(!(context->events & POLLOUT)) { - if(context->pollfd_index != -1){ - pollfds[context->pollfd_index].fd = context->sock; - pollfds[context->pollfd_index].events = POLLIN | POLLOUT; - pollfds[context->pollfd_index].revents = 0; - }else{ - for(i=0; isock; - pollfds[i].events = POLLIN | POLLOUT; - pollfds[i].revents = 0; - context->pollfd_index = (int )i; - if(i > pollfd_current_max){ - pollfd_current_max = i; - } - break; + if(context->events == evt){ + return MOSQ_ERR_SUCCESS; + } + + if(context->pollfd_index != -1){ + pollfds[context->pollfd_index].fd = context->sock; + pollfds[context->pollfd_index].events = (short int)evt; + pollfds[context->pollfd_index].revents = 0; + }else{ + for(i=0; isock; + pollfds[i].events = POLLIN; + pollfds[i].revents = 0; + context->pollfd_index = (int)i; + if(i > pollfd_current_max){ + pollfd_current_max = i; } + break; } } - context->events = POLLIN | POLLOUT; } + context->events = evt; return MOSQ_ERR_SUCCESS; } +int mux_poll__add_out(struct mosquitto *context) +{ + return mux_poll__add(context, POLLIN | POLLOUT); +} + + int mux_poll__remove_out(struct mosquitto *context) { if(context->events & POLLOUT) { @@ -148,29 +156,7 @@ int mux_poll__remove_out(struct mosquitto *context) int mux_poll__new(struct mosquitto *context) { - size_t i; - - if(context->pollfd_index != -1){ - pollfds[context->pollfd_index].fd = context->sock; - pollfds[context->pollfd_index].events = POLLIN; - pollfds[context->pollfd_index].revents = 0; - }else{ - for(i=0; isock; - pollfds[i].events = POLLIN; - pollfds[i].revents = 0; - context->pollfd_index = (int )i; - if(i > pollfd_current_max){ - pollfd_current_max = i; - } - break; - } - } - } - context->events = POLLIN; - - return MOSQ_ERR_SUCCESS; + return mux_poll__add(context, POLLIN); } int mux_poll__delete(struct mosquitto *context) diff --git a/test/broker/07-will-delay-invalid-573191.py b/test/broker/07-will-delay-invalid-573191.py new file mode 100755 index 00000000..18f4acfc --- /dev/null +++ b/test/broker/07-will-delay-invalid-573191.py @@ -0,0 +1,32 @@ +#!/usr/bin/env python3 + +# Test for https://bugs.eclipse.org/bugs/show_bug.cgi?id=573191 +# Check under valgrind/asan for leaks. + +from mosq_test_helper import * + +def do_test(): + rc = 1 + keepalive = 60 + + mid = 1 + props = mqtt5_props.gen_uint32_prop(mqtt5_props.PROP_WILL_DELAY_INTERVAL, 3) + connect_packet = mosq_test.gen_connect("will-573191-test", keepalive=keepalive, proto_ver=5, will_topic="", will_properties=props) + connack_packet = b"" + + port = mosq_test.get_port() + broker = mosq_test.start_broker(filename=os.path.basename(__file__), port=port) + + try: + sock = mosq_test.do_client_connect(connect_packet, connack_packet, timeout=30, port=port) + sock.close() + rc = 0 + finally: + broker.terminate() + broker.wait() + (stdo, stde) = broker.communicate() + if rc: + print(stde.decode('utf-8')) + exit(rc) + +do_test() diff --git a/test/broker/Makefile b/test/broker/Makefile index e1ab2dc6..df15a79d 100644 --- a/test/broker/Makefile +++ b/test/broker/Makefile @@ -139,6 +139,7 @@ test : test-compile 01 02 03 04 05 06 07 08 09 10 11 12 13 14 ./06-bridge-config-reload.py 07 : + ./07-will-delay-invalid-573191.py ./07-will-delay-reconnect.py ./07-will-delay-recover.py ./07-will-delay-session-expiry.py diff --git a/test/broker/test.py b/test/broker/test.py index 82707691..fd9d984b 100755 --- a/test/broker/test.py +++ b/test/broker/test.py @@ -118,6 +118,7 @@ tests = [ (2, './06-bridge-reconnect-local-out.py'), (2, './06-bridge-config-reload.py'), + (1, './07-will-delay-invalid-573191.py'), (1, './07-will-delay-reconnect.py'), (1, './07-will-delay-recover.py'), (1, './07-will-delay-session-expiry.py'), diff --git a/www/pages/download.md b/www/pages/download.md index 974476d3..96c53083 100644 --- a/www/pages/download.md +++ b/www/pages/download.md @@ -1,7 +1,7 @@ + +Versions 2.0.11 and 1.6.15 of Mosquitto has been released. These are a security +and bugfix releases. + +# 2.0.11 + +## Security +- If an authenticated client connected with MQTT v5 sent a crafted CONNECT + message to the broker a memory leak would occur. + Affects versions 1.6 to 2.0.10 inclusive. + +## Broker +- Fix possible crash having just upgraded from 1.6 if `per_listener_settings + true` is set, and a SIGHUP is sent to the broker before a client has + reconnected to the broker. Closes [#2167]. +- Fix bridge not reconnectng if the first reconnection attempt fails. + Closes [#2207]. +- Improve QoS 0 outgoing packet queueing. +- Fix non-reachable bridge blocking the broker on Windows. Closes #2172. +- Fix possible corruption of pollfd array on Windows when bridges were + reconnecting. Closes [#2173]. +- Fix QoS 0 messages not being queued when `queue_qos0_messages` was enabled. + Closes [#2224]. + +## Clients +- If sending mosquitto_sub output to a pipe, mosquitto_sub will now detect + that the pipe has closed and disconnect. Closes [#2164]. +- Fix `mosquitto_pub -l` quitting if a message publication is attempted when + the broker is temporarily unavailable. Closes [#2187]. + +# 1.6.15 + +## Security +- If an authenticated client connected with MQTT v5 sent a crafted CONNECT + message to the broker a memory leak would occur. + Affects versions 1.6 to 2.0.10 inclusive. + +[#2164]: https://github.com/eclipse/mosquitto/issues/2164 +[#2167]: https://github.com/eclipse/mosquitto/issues/2167 +[#2172]: https://github.com/eclipse/mosquitto/issues/2172 +[#2173]: https://github.com/eclipse/mosquitto/issues/2173 +[#2187]: https://github.com/eclipse/mosquitto/issues/2187 +[#2207]: https://github.com/eclipse/mosquitto/issues/2207 +[#2224]: https://github.com/eclipse/mosquitto/issues/2224