From 4cb811a0b65e002332e1101f3142a683981a6db8 Mon Sep 17 00:00:00 2001
From: Roger Light <roger@atchoo.org>
Date: Thu, 7 Oct 2021 16:14:26 +0100
Subject: [PATCH] Add more basic auth rejection options for plugins.

---
 include/mosquitto.h  | 22 +++++++++++++++++-----
 src/handle_connect.c | 17 ++++++++++++++++-
 src/loop.c           | 29 +++++++++++++++++++++++++++--
 3 files changed, 60 insertions(+), 8 deletions(-)

diff --git a/include/mosquitto.h b/include/mosquitto.h
index 281273a9..93ab2805 100644
--- a/include/mosquitto.h
+++ b/include/mosquitto.h
@@ -119,12 +119,24 @@ enum mosq_err_t {
 	MOSQ_ERR_OVERSIZE_PACKET = 25,
 	MOSQ_ERR_OCSP = 26,
 	MOSQ_ERR_TIMEOUT = 27,
-	MOSQ_ERR_RETAIN_NOT_SUPPORTED = 28,
-	MOSQ_ERR_TOPIC_ALIAS_INVALID = 29,
-	MOSQ_ERR_ADMINISTRATIVE_ACTION = 30,
+	/* 28, 29, 30 - was internal only, moved to MQTT v5 section. */
 	MOSQ_ERR_ALREADY_EXISTS = 31,
-	MOSQ_ERR_RECEIVE_MAXIMUM_EXCEEDED = 32,
-	MOSQ_ERR_PLUGIN_IGNORE = 33,
+	MOSQ_ERR_PLUGIN_IGNORE = 32,
+
+	/* MQTT v5 direct equivalents 128-255 */
+	MOSQ_ERR_UNSPECIFIED = 128,
+	MOSQ_ERR_IMPLEMENTATION_SPECIFIC = 131,
+	MOSQ_ERR_CLIENT_IDENTIFIER_NOT_VALID = 133,
+	MOSQ_ERR_BAD_USERNAME_OR_PASSWORD = 134,
+	MOSQ_ERR_SERVER_UNAVAILABLE = 136,
+	MOSQ_ERR_SERVER_BUSY = 137,
+	MOSQ_ERR_BANNED = 138,
+	MOSQ_ERR_BAD_AUTHENTICATION_METHOD = 140,
+	MOSQ_ERR_RECEIVE_MAXIMUM_EXCEEDED = 147,
+	MOSQ_ERR_TOPIC_ALIAS_INVALID = 148,
+	MOSQ_ERR_ADMINISTRATIVE_ACTION = 152,
+	MOSQ_ERR_RETAIN_NOT_SUPPORTED = 154,
+	MOSQ_ERR_CONNECTION_RATE_EXCEEDED = 159,
 };
 
 /* Option values */
diff --git a/src/handle_connect.c b/src/handle_connect.c
index d193dfa7..40a7f2de 100644
--- a/src/handle_connect.c
+++ b/src/handle_connect.c
@@ -982,7 +982,22 @@ int handle__connect(struct mosquitto *context)
 					}else{
 						send__connack(context, 0, CONNACK_REFUSED_NOT_AUTHORIZED, NULL);
 					}
-					rc = MOSQ_ERR_AUTH;
+					goto handle_connect_error;
+					break;
+				case MOSQ_ERR_UNSPECIFIED:
+				case MOSQ_ERR_IMPLEMENTATION_SPECIFIC:
+				case MOSQ_ERR_CLIENT_IDENTIFIER_NOT_VALID:
+				case MOSQ_ERR_BAD_USERNAME_OR_PASSWORD:
+				case MOSQ_ERR_SERVER_UNAVAILABLE:
+				case MOSQ_ERR_SERVER_BUSY:
+				case MOSQ_ERR_BANNED:
+				case MOSQ_ERR_BAD_AUTHENTICATION_METHOD:
+				case MOSQ_ERR_CONNECTION_RATE_EXCEEDED:
+					if(context->protocol == mosq_p_mqtt5){
+						send__connack(context, 0, (uint8_t)rc, NULL);
+					}else{
+						send__connack(context, 0, CONNACK_REFUSED_NOT_AUTHORIZED, NULL);
+					}
 					goto handle_connect_error;
 					break;
 				default:
diff --git a/src/loop.c b/src/loop.c
index dce72c16..da5d175f 100644
--- a/src/loop.c
+++ b/src/loop.c
@@ -372,6 +372,33 @@ void do_disconnect(struct mosquitto *context, int reason)
 					case MOSQ_ERR_RECEIVE_MAXIMUM_EXCEEDED:
 						log__printf(NULL, MOSQ_LOG_NOTICE, "Client %s disconnected due to exceeding the receive maximum.", id);
 						break;
+					case MOSQ_ERR_IMPLEMENTATION_SPECIFIC:
+						log__printf(NULL, MOSQ_LOG_NOTICE, "Client %s disconnected, implementation specific error.", id);
+						break;
+					case MOSQ_ERR_CLIENT_IDENTIFIER_NOT_VALID:
+						log__printf(NULL, MOSQ_LOG_NOTICE, "Client %s disconnected, client identifier not valid.", id);
+						break;
+					case MOSQ_ERR_BAD_USERNAME_OR_PASSWORD:
+						log__printf(NULL, MOSQ_LOG_NOTICE, "Client %s disconnected, bad username or password.", id);
+						break;
+					case MOSQ_ERR_SERVER_UNAVAILABLE:
+						log__printf(NULL, MOSQ_LOG_NOTICE, "Client %s disconnected, server unavailable.", id);
+						break;
+					case MOSQ_ERR_SERVER_BUSY:
+						log__printf(NULL, MOSQ_LOG_NOTICE, "Client %s disconnected, server busy.", id);
+						break;
+					case MOSQ_ERR_BANNED:
+						log__printf(NULL, MOSQ_LOG_NOTICE, "Client %s disconnected, client banned.", id);
+						break;
+					case MOSQ_ERR_BAD_AUTHENTICATION_METHOD:
+						log__printf(NULL, MOSQ_LOG_NOTICE, "Client %s disconnected, bad authentication method.", id);
+						break;
+					case MOSQ_ERR_QUOTA_EXCEEDED:
+						log__printf(NULL, MOSQ_LOG_NOTICE, "Client %s disconnected, quota exceeded.", id);
+						break;
+					case MOSQ_ERR_CONNECTION_RATE_EXCEEDED:
+						log__printf(NULL, MOSQ_LOG_NOTICE, "Client %s disconnected, connection rate exceeded.", id);
+						break;
 					default:
 						log__printf(NULL, MOSQ_LOG_NOTICE, "Bad socket read/write on client %s: %s", id, mosquitto_strerror(reason));
 						break;
@@ -388,5 +415,3 @@ void do_disconnect(struct mosquitto *context, int reason)
 		context__disconnect(context);
 	}
 }
-
-