Fix accessor functions for username and client id when used in plugin auth check.

7 years ago · 63bfcb224e
parent becbff406b
commit 63bfcb224e
6 changed files with 196 additions and 92 deletions
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@ -24,6 +24,8 @@ Broker:
 - Fix UNSUBACK messages not being logged. Closes #903.
 - Fix possible endian issue when reading the `memory_limit` option.
 - Fix building for libwebsockets < 1.6.
+- Fix accessor functions for username and client id when used in plugin auth
+  check.

 Library:
 - Fix some places where return codes were incorrect, including to the
--- a/src/handle_connect.c
+++ b/src/handle_connect.c
@ -497,7 +497,13 @@ int handle__connect(struct mosquitto_db *db, struct mosquitto *context)
 	}else{
 #endif /* WITH_TLS */
 		if(username_flag){
+			/* FIXME - these ensure the mosquitto_client_id() and
+			 * mosquitto_client_username() functions work, but is hacky */
+			context->id = client_id;
+			context->username = username;
 			rc = mosquitto_unpwd_check(db, context, username, password);
+			context->username = NULL;
+			context->id = NULL;
 			switch(rc){
 				case MOSQ_ERR_SUCCESS:
 					break;
--- a/test/broker/Makefile
+++ b/test/broker/Makefile
@ -120,6 +120,7 @@ endif
 	./09-plugin-auth-defer-unpwd-success.py
 	./09-plugin-auth-defer-unpwd-fail.py
 	./09-plugin-auth-msg-params.py
+	./09-plugin-auth-context-params.py

 10 :
 	./10-listener-mount-point.py
--- a/test/broker/c/Makefile
+++ b/test/broker/c/Makefile
@ -2,7 +2,7 @@

 CFLAGS=-I../../../lib -I../../../src -Wall -Werror

-all : auth_plugin.so auth_plugin_pwd.so auth_plugin_acl.so auth_plugin_v2.so auth_plugin_msg_params.so 08
+all : auth_plugin.so auth_plugin_pwd.so auth_plugin_acl.so auth_plugin_v2.so auth_plugin_msg_params.so auth_plugin_context_params.so 08

 08 : 08-tls-psk-pub.test 08-tls-psk-bridge.test

@ -18,6 +18,9 @@ auth_plugin_acl.so : auth_plugin_acl.c
 auth_plugin_v2.so : auth_plugin_v2.c
 	$(CC) ${CFLAGS} -fPIC -shared $^ -o $@

+auth_plugin_context_params.so : auth_plugin_context_params.c
+	$(CC) ${CFLAGS} -fPIC -shared $^ -o $@
+
 auth_plugin_msg_params.so : auth_plugin_msg_params.c
 	$(CC) ${CFLAGS} -fPIC -shared $^ -o $@

--- a/test/broker/c/auth_plugin_context_params.c
+++ b/test/broker/c/auth_plugin_context_params.c
@ -0,0 +1,91 @@
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <mosquitto.h>
+#include <mosquitto_broker.h>
+#include <mosquitto_plugin.h>
+
+int mosquitto_auth_plugin_version(void)
+{
+	return MOSQ_AUTH_PLUGIN_VERSION;
+}
+
+int mosquitto_auth_plugin_init(void **user_data, struct mosquitto_opt *auth_opts, int auth_opt_count)
+{
+	return MOSQ_ERR_SUCCESS;
+}
+
+int mosquitto_auth_plugin_cleanup(void *user_data, struct mosquitto_opt *auth_opts, int auth_opt_count)
+{
+	return MOSQ_ERR_SUCCESS;
+}
+
+int mosquitto_auth_security_init(void *user_data, struct mosquitto_opt *auth_opts, int auth_opt_count, bool reload)
+{
+	return MOSQ_ERR_SUCCESS;
+}
+
+int mosquitto_auth_security_cleanup(void *user_data, struct mosquitto_opt *auth_opts, int auth_opt_count, bool reload)
+{
+	return MOSQ_ERR_SUCCESS;
+}
+
+int mosquitto_auth_acl_check(void *user_data, int access, const struct mosquitto *client, const struct mosquitto_acl_msg *msg)
+{
+	return MOSQ_ERR_PLUGIN_DEFER;
+}
+
+int mosquitto_auth_unpwd_check(void *user_data, const struct mosquitto *client, const char *username, const char *password)
+{
+	const char *tmp;
+
+	tmp = mosquitto_client_address(client);
+	if(!tmp || strcmp(tmp, "127.0.0.1")){
+		return MOSQ_ERR_AUTH;
+	}
+
+	if(!mosquitto_client_clean_session(client)){
+		fprintf(stderr, "mosquitto_auth_unpwd_check clean_session error: %d\n", mosquitto_client_clean_session(client));
+		return MOSQ_ERR_AUTH;
+	}
+
+	tmp = mosquitto_client_id(client);
+	if(!tmp || strcmp(tmp, "client-params-test")){
+		fprintf(stderr, "mosquitto_auth_unpwd_check client_id error: %s\n", tmp);
+		return MOSQ_ERR_AUTH;
+	}
+
+	if(mosquitto_client_keepalive(client) != 42){
+		fprintf(stderr, "mosquitto_auth_unpwd_check keepalive error: %d\n", mosquitto_client_keepalive(client));
+		return MOSQ_ERR_AUTH;
+	}
+
+	if(!mosquitto_client_certificate(client)){
+		// FIXME
+		//return MOSQ_ERR_AUTH;
+	}
+
+	if(mosquitto_client_protocol(client) != 2){
+		fprintf(stderr, "mosquitto_auth_unpwd_check protocol error: %d\n", mosquitto_client_protocol(client));
+		return MOSQ_ERR_AUTH;
+	}
+
+	if(mosquitto_client_sub_count(client)){
+		fprintf(stderr, "mosquitto_auth_unpwd_check sub_count error: %d\n", mosquitto_client_sub_count(client));
+		return MOSQ_ERR_AUTH;
+	}
+
+	tmp = mosquitto_client_username(client);
+	if(!tmp || strcmp(tmp, "client-username")){
+		fprintf(stderr, "mosquitto_auth_unpwd_check username error: %s\n", tmp);
+		return MOSQ_ERR_AUTH;
+	}
+
+	return MOSQ_ERR_SUCCESS;
+}
+
+int mosquitto_auth_psk_key_get(void *user_data, const struct mosquitto *client, const char *hint, const char *identity, char *key, int max_key_len)
+{
+	return MOSQ_ERR_AUTH;
+}
+
--- a/test/broker/ptest.py
+++ b/test/broker/ptest.py
@ -92,6 +92,7 @@ tests = [
    (1, './09-plugin-auth-defer-unpwd-success.py'),
    (1, './09-plugin-auth-defer-unpwd-fail.py'),
    (1, './09-plugin-auth-msg-params.py'),
+    (1, './09-plugin-auth-context-params.py'),

    (2, './10-listener-mount-point.py'),