From 63f46a999fc28128caca8e372ff349756f11aed4 Mon Sep 17 00:00:00 2001 From: "Roger A. Light" Date: Fri, 8 Jul 2016 11:50:50 +0100 Subject: [PATCH] Add username accessor. --- src/Makefile | 6 +++++- src/linker-macosx.syms | 1 + src/linker.syms | 1 + src/mosquitto_broker.h | 18 ++++++++++++++++++ src/plugin.c | 30 ++++++++++++++++++++++++++++++ src/plugin_defer.c | 4 ++++ src/security.c | 10 ---------- test/broker/c/auth_plugin.c | 7 +++++-- 8 files changed, 64 insertions(+), 13 deletions(-) create mode 100644 src/plugin.c diff --git a/src/Makefile b/src/Makefile index 6ffdee49..80e89867 100644 --- a/src/Makefile +++ b/src/Makefile @@ -27,10 +27,11 @@ OBJS= mosquitto.o \ logging.o \ loop.o \ memory_mosq.o \ - persist.o \ net.o \ net_mosq.o \ packet_mosq.o \ + persist.o \ + plugin.o \ read_handle.o \ security.o \ security_default.o \ @@ -125,6 +126,9 @@ persist.o : persist.c persist.h mosquitto_broker_internal.h packet_mosq.o : ../lib/packet_mosq.c ../lib/packet_mosq.h ${CROSS_COMPILE}${CC} $(BROKER_CFLAGS) -c $< -o $@ +plugin.o : plugin.c mosquitto_plugin.h mosquitto_broker_internal.h + ${CROSS_COMPILE}${CC} $(BROKER_CFLAGS) -c $< -o $@ + read_handle.o : read_handle.c mosquitto_broker_internal.h ${CROSS_COMPILE}${CC} $(BROKER_CFLAGS) -c $< -o $@ diff --git a/src/linker-macosx.syms b/src/linker-macosx.syms index b60de069..b2692598 100644 --- a/src/linker-macosx.syms +++ b/src/linker-macosx.syms @@ -1 +1,2 @@ _mosquitto_log_printf +_mosquitto_client_username diff --git a/src/linker.syms b/src/linker.syms index 83d23668..9d4663eb 100644 --- a/src/linker.syms +++ b/src/linker.syms @@ -1,3 +1,4 @@ { mosquitto_log_printf; + mosquitto_client_username; }; diff --git a/src/mosquitto_broker.h b/src/mosquitto_broker.h index 4249feb0..dc82c52c 100644 --- a/src/mosquitto_broker.h +++ b/src/mosquitto_broker.h @@ -17,6 +17,8 @@ Contributors: #ifndef MOSQUITTO_BROKER_H #define MOSQUITTO_BROKER_H +struct mosquitto; + struct mosquitto_opt { char *key; char *value; @@ -54,4 +56,20 @@ struct mosquitto_opt { */ void mosquitto_log_printf(int level, const char *fmt, ...); + +/* ========================================================================= + * + * Client Functions + * + * Use these functions to access client information. + * + * ========================================================================= */ + +/* + * Function: mosquitto_client_username + * + * Retrieve the username associated with a client. + */ +const char *mosquitto_client_username(const struct mosquitto *client); + #endif diff --git a/src/plugin.c b/src/plugin.c new file mode 100644 index 00000000..31c2b6b9 --- /dev/null +++ b/src/plugin.c @@ -0,0 +1,30 @@ +/* +Copyright (c) 2016 Roger Light + +All rights reserved. This program and the accompanying materials +are made available under the terms of the Eclipse Public License v1.0 +and Eclipse Distribution License v1.0 which accompany this distribution. + +The Eclipse Public License is available at + http://www.eclipse.org/legal/epl-v10.html +and the Eclipse Distribution License is available at + http://www.eclipse.org/org/documents/edl-v10.php. + +Contributors: + Roger Light - initial implementation and documentation. +*/ + +#include "mosquitto_internal.h" +#include "mosquitto_broker_internal.h" + +const char *mosquitto_client_username(const struct mosquitto *context) +{ +#ifdef WITH_BRIDGE + if(context->bridge){ + return context->bridge->local_username; + }else +#endif + { + return context->username; + } +} diff --git a/src/plugin_defer.c b/src/plugin_defer.c index b554276d..d8b188d6 100644 --- a/src/plugin_defer.c +++ b/src/plugin_defer.c @@ -16,6 +16,9 @@ Contributors: /* This is a skeleton authentication and access control plugin that simply defers all checks. */ +#include + +#include "mosquitto_broker.h" #include "mosquitto_plugin.h" #include "mosquitto.h" @@ -46,6 +49,7 @@ int mosquitto_auth_security_cleanup(void *user_data, struct mosquitto_auth_opt * int mosquitto_auth_acl_check(void *user_data, int access, const struct mosquitto *client, struct mosquitto_acl_msg *msg) { + printf("mosquitto_acl_check(u:%s)\n", mosquitto_client_username(client)); return MOSQ_ERR_PLUGIN_DEFER; } diff --git a/src/security.c b/src/security.c index 4ef594e8..0278fd13 100644 --- a/src/security.c +++ b/src/security.c @@ -235,7 +235,6 @@ int mosquitto_security_cleanup(struct mosquitto_db *db, bool reload) int mosquitto_acl_check(struct mosquitto_db *db, struct mosquitto *context, const char *topic, int access) { - char *username; int rc; int i; struct mosquitto_acl_msg msg; @@ -244,15 +243,6 @@ int mosquitto_acl_check(struct mosquitto_db *db, struct mosquitto *context, cons return MOSQ_ERR_ACL_DENIED; } -#ifdef WITH_BRIDGE - if(context->bridge){ - username = context->bridge->local_username; - }else -#endif - { - username = context->username; - } - rc = mosquitto_acl_check_default(db, context, topic, access); if(rc != MOSQ_ERR_PLUGIN_DEFER){ return rc; diff --git a/test/broker/c/auth_plugin.c b/test/broker/c/auth_plugin.c index 81d2f41c..ce7dcd09 100644 --- a/test/broker/c/auth_plugin.c +++ b/test/broker/c/auth_plugin.c @@ -1,6 +1,7 @@ #include #include #include +#include #include int mosquitto_auth_plugin_version(void) @@ -28,9 +29,11 @@ int mosquitto_auth_security_cleanup(void *user_data, struct mosquitto_auth_opt * return MOSQ_ERR_SUCCESS; } -int mosquitto_auth_acl_check(void *user_data, const char *clientid, const char *username, const char *topic, int access) +int mosquitto_auth_acl_check(void *user_data, int access, const struct mosquitto *client, struct mosquitto_acl_msg *msg) { - if(!strcmp(username, "readonly") && access == MOSQ_ACL_READ){ + const char *username = mosquitto_client_username(client); + + if(username && !strcmp(username, "readonly") && access == MOSQ_ACL_READ){ return MOSQ_ERR_SUCCESS; }else{ return MOSQ_ERR_ACL_DENIED;