Merge branch 'NorbertHeusser-develop' into develop

4 years ago · 7f22caaa3d
parent d2a6a25c04 e7e8b6e832
commit 7f22caaa3d
16 changed files with 193 additions and 224 deletions
--- a/apps/mosquitto_ctrl/dynsec.c
+++ b/apps/mosquitto_ctrl/dynsec.c
@ -28,6 +28,8 @@ Contributors:
 #include "password_mosq.h"
 #include "get_password.h"

+#define MAX_STRING_LEN 4096
+
 void dynsec__print_usage(void)
 {
 	printf("\nDynamic Security module\n");
@ -128,43 +130,55 @@ static void print_list(cJSON *j_response, const char *arrayname, const char *key
 	}
 }

-
-static void print_roles(cJSON *j_roles, size_t slen)
+static void print_json_value(cJSON* value, const char* null_value)
 {
-	bool first;
-	cJSON *j_elem, *jtmp;
+	if (value){
+		if (cJSON_IsString(value)){
+			printf("%s", value->valuestring);
+		}else{
+			char buffer[MAX_STRING_LEN];
+			cJSON_PrintPreallocated(value, buffer, sizeof(buffer), 0);
+			printf("%s", buffer);
+		}
+	} else if (null_value){
+		printf("%s",null_value);
+	}
+}

-	if(j_roles && cJSON_IsArray(j_roles)){
-		first = true;
-		cJSON_ArrayForEach(j_elem, j_roles){
-			jtmp = cJSON_GetObjectItem(j_elem, "rolename");
-			if(jtmp && cJSON_IsString(jtmp)){
-				if(first){
-					first = false;
-					printf("%-*s %s", (int)slen, "Roles:", jtmp->valuestring);
-				}else{
-					printf("%-*s %s", (int)slen, "", jtmp->valuestring);
-				}
-				jtmp = cJSON_GetObjectItem(j_elem, "priority");
-				if(jtmp && cJSON_IsNumber(jtmp)){
-					printf(" (priority: %d)", (int)jtmp->valuedouble);
-				}else{
-					printf(" (priority: -1)");
+static void print_json_array(cJSON *j_list, int slen, const char* label, const char* element_name, const char* optional_element_name, const char* optional_element_null_value)
+{
+	cJSON *j_elem;
+
+	if(j_list && cJSON_IsArray(j_list)){
+		cJSON_ArrayForEach(j_elem, j_list){
+			if (cJSON_IsObject(j_elem)) {
+				cJSON* jtmp = cJSON_GetObjectItem(j_elem, element_name);
+				if(!jtmp || !cJSON_IsString(jtmp)){
+					continue;
 				}
-				printf("\n");
-			}
+				printf("%-*s %s", (int)slen, label, jtmp->valuestring);
+				if (optional_element_name) {
+					printf(" (%s: ", optional_element_name);
+					print_json_value(cJSON_GetObjectItem(j_elem,optional_element_name),optional_element_null_value);
+					printf(")");
+				}	
+			} else if (cJSON_IsString(j_elem)) {
+				printf("%-*s %s", (int)slen, label, j_elem->valuestring);
+			}					
+			label = "";
+			printf("\n");
 		}
 	}else{
-		printf("Roles:\n");
+		printf("%s\n", label);
 	}
 }


 static void print_client(cJSON *j_response)
 {
-	cJSON *j_data, *j_client, *j_array, *j_elem, *jtmp;
-	bool first;
-
+	cJSON *j_data, *j_client, *jtmp;	
+	const int label_width = strlen( "Connections:");
+	
 	j_data = cJSON_GetObjectItem(j_response, "data");
 	if(j_data == NULL || !cJSON_IsObject(j_data)){
 		fprintf(stderr, "Error: Invalid response from server.\n");
@ -182,54 +196,30 @@ static void print_client(cJSON *j_response)
 		fprintf(stderr, "Error: Invalid response from server.\n");
 		return;
 	}
-	printf("Username: %s\n", jtmp->valuestring);
+	printf("%-*s %s\n",  label_width, "Username:", jtmp->valuestring);

 	jtmp = cJSON_GetObjectItem(j_client, "clientid");
 	if(jtmp && cJSON_IsString(jtmp)){
-		printf("Clientid: %s\n", jtmp->valuestring);
+		printf("%-*s %s\n",  label_width, "Clientid:", jtmp->valuestring);
 	}else{
 		printf("Clientid:\n");
 	}

 	jtmp = cJSON_GetObjectItem(j_client, "disabled");
 	if(jtmp && cJSON_IsBool(jtmp)){
-		printf("Disabled: %s\n", cJSON_IsTrue(jtmp)?"true":"false");
+		printf("%-*s %s\n",  label_width, "Disabled:", cJSON_IsTrue(jtmp)?"true":"false");
 	}

-	j_array = cJSON_GetObjectItem(j_client, "roles");
-	print_roles(j_array, strlen("Username:"));
-
-	j_array = cJSON_GetObjectItem(j_client, "groups");
-	if(j_array && cJSON_IsArray(j_array)){
-		first = true;
-		cJSON_ArrayForEach(j_elem, j_array){
-			jtmp = cJSON_GetObjectItem(j_elem, "groupname");
-			if(jtmp && cJSON_IsString(jtmp)){
-				if(first){
-					printf("Groups:   %s", jtmp->valuestring);
-					first = false;
-				}else{
-					printf("          %s", jtmp->valuestring);
-				}
-				jtmp = cJSON_GetObjectItem(j_elem, "priority");
-				if(jtmp && cJSON_IsNumber(jtmp)){
-					printf(" (priority: %d)", (int)jtmp->valuedouble);
-				}else{
-					printf(" (priority: -1)");
-				}
-				printf("\n");
-			}
-		}
-	}else{
-		printf("Groups:\n");
-	}
+	print_json_array(cJSON_GetObjectItem(j_client, "roles"), label_width, "Roles:",  "rolename", "priority", "-1");	
+	print_json_array(cJSON_GetObjectItem(j_client, "groups"), label_width, "Groups:", "groupname", "priority", "-1");
+	print_json_array(cJSON_GetObjectItem(j_client, "connections"), label_width, "Connections:", "address", NULL, NULL);
 }


 static void print_group(cJSON *j_response)
 {
-	cJSON *j_data, *j_group, *j_array, *j_elem, *jtmp;
-	bool first;
+	cJSON *j_data, *j_group, *jtmp;
+	int label_width = strlen("Groupname:");

 	j_data = cJSON_GetObjectItem(j_response, "data");
 	if(j_data == NULL || !cJSON_IsObject(j_data)){
@ -250,24 +240,8 @@ static void print_group(cJSON *j_response)
 	}
 	printf("Groupname: %s\n", jtmp->valuestring);

-	j_array = cJSON_GetObjectItem(j_group, "roles");
-	print_roles(j_array, strlen("Groupname:"));
-
-	j_array = cJSON_GetObjectItem(j_group, "clients");
-	if(j_array && cJSON_IsArray(j_array)){
-		first = true;
-		cJSON_ArrayForEach(j_elem, j_array){
-			jtmp = cJSON_GetObjectItem(j_elem, "username");
-			if(jtmp && cJSON_IsString(jtmp)){
-				if(first){
-					first = false;
-					printf("Clients:   %s\n", jtmp->valuestring);
-				}else{
-					printf("           %s\n", jtmp->valuestring);
-				}
-			}
-		}
-	}
+	print_json_array(cJSON_GetObjectItem(j_group, "roles"), label_width, "Roles:",  "rolename", "priority", "-1");	
+	print_json_array(cJSON_GetObjectItem(j_group, "clients"), label_width, "Clients:",  "username", NULL, NULL);	
 }


--- a/include/mosquitto_broker.h
+++ b/include/mosquitto_broker.h
@ -651,6 +651,18 @@ mosq_EXPORT int mosquitto_kick_client_by_clientid(const char *clientid, bool wit
 */
 mosq_EXPORT int mosquitto_kick_client_by_username(const char *username, bool with_will);

+/* Function: mosquitto_apply_on_all_clients
+ *
+ * Apply a given functor to all clients
+ *
+ * The functor will be applied to all existing client structures. If the functor
+ * returns an error code the iteration over the clients will be stopped. The
+ * functor_context pointer maybe used to pass additional data structures into
+ * the functor as second argument.
+ *
+ * The result value will be the result of the last functor invoked.
+ */
+mosq_EXPORT int mosquitto_apply_on_all_clients(int (*FUNC_client_functor)(const struct mosquitto *, void *), void *functor_context);

 /* =========================================================================
 *
--- a/man/Makefile
+++ b/man/Makefile
@ -57,37 +57,7 @@ uninstall :
 	-rm -f "${DESTDIR}${mandir}/man7/mosquitto-tls.7"
 	-rm -f "${DESTDIR}${mandir}/man3/libmosquitto.3"

-mosquitto.8 : mosquitto.8.xml manpage.xsl
-	$(XSLTPROC) $<
-
-mosquitto.conf.5 : mosquitto.conf.5.xml manpage.xsl
-	$(XSLTPROC) $<
-
-mosquitto_ctrl.1 : mosquitto_ctrl.1.xml manpage.xsl
-	$(XSLTPROC) $<
-
-mosquitto_ctrl_dynsec.1 : mosquitto_ctrl_dynsec.1.xml manpage.xsl
-	$(XSLTPROC) $<
-
-mosquitto_passwd.1 : mosquitto_passwd.1.xml manpage.xsl
-	$(XSLTPROC) $<
-
-mosquitto_pub.1 : mosquitto_pub.1.xml manpage.xsl
-	$(XSLTPROC) $<
-
-mosquitto_sub.1 : mosquitto_sub.1.xml manpage.xsl
-	$(XSLTPROC) $<
-
-mosquitto_rr.1 : mosquitto_rr.1.xml manpage.xsl
-	$(XSLTPROC) $<
-
-mqtt.7 : mqtt.7.xml manpage.xsl
-	$(XSLTPROC) $<
-
-mosquitto-tls.7 : mosquitto-tls.7.xml manpage.xsl
-	$(XSLTPROC) $<
-
-libmosquitto.3 : libmosquitto.3.xml manpage.xsl
+% : %.xml %.meta manpage.xsl
 	$(XSLTPROC) $<

 html : *.xml
--- a/plugins/common/plugin_common.c
+++ b/plugins/common/plugin_common.c
@ -1,5 +1,9 @@
-#include <cjson/cJSON.h>
 #include "plugin_common.h"
+#include <mqtt_protocol.h>
+#include <mosquitto_broker.h>
+
+#include <stdlib.h>
+#include <string.h>

 void plugin__command_reply(struct plugin_cmd *cmd, const char *error)
 {
@ -19,3 +23,21 @@ void plugin__command_reply(struct plugin_cmd *cmd, const char *error)

 	cJSON_AddItemToArray(cmd->j_responses, j_response);
 }
+
+void plugin_send_response(cJSON *tree, const char* topic)
+{
+	char *payload;
+	size_t payload_len;
+
+	payload = cJSON_PrintUnformatted(tree);
+	cJSON_Delete(tree);
+	if(payload == NULL) return;
+
+	payload_len = strlen(payload);
+	if(payload_len > MQTT_MAX_PAYLOAD){
+		free(payload);
+		return;
+	}
+	mosquitto_broker_publish(NULL, topic, (int)payload_len, payload, 0, 0, NULL);
+}
+
--- a/plugins/common/plugin_common.h
+++ b/plugins/common/plugin_common.h
@ -12,4 +12,6 @@ struct plugin_cmd{

 void plugin__command_reply(struct plugin_cmd *cmd, const char *error);

+void plugin_send_response(cJSON *tree, const char* topic);
+
 #endif
--- a/plugins/dynamic-security/Makefile
+++ b/plugins/dynamic-security/Makefile
@ -94,7 +94,7 @@ password_mosq.o : ${R}/common/password_mosq.c ${R}/common/password_mosq.h
 plugin.o : plugin.c dynamic_security.h
 	${CROSS_COMPILE}${CC} $(LOCAL_CPPFLAGS) $(PLUGIN_CPPFLAGS) $(PLUGIN_CFLAGS) -c $< -o $@

-plugin_common.o : ${R}/plugins/common/plugin_common.c dynamic_security.h
+plugin_common.o : ${R}/plugins/common/plugin_common.c ${R}/plugins/common/plugin_common.h
 	${CROSS_COMPILE}${CC} $(LOCAL_CPPFLAGS) $(PLUGIN_CPPFLAGS) $(PLUGIN_CFLAGS) -c $< -o $@

 roles.o : roles.c dynamic_security.h
--- a/plugins/dynamic-security/clients.c
+++ b/plugins/dynamic-security/clients.c
@ -859,12 +859,59 @@ static int dynsec__remove_client_from_all_groups(struct dynsec__data *data, cons
 	return MOSQ_ERR_SUCCESS;
 }

+struct connection_array_context {
+	const char* username;
+	cJSON *j_connections;
+};
+
+static int dynsec__add_client_address(const struct mosquitto* client, void* context_ptr)
+{
+	struct connection_array_context* functor_context = (struct connection_array_context*)context_ptr;
+
+	if (!strcmp(functor_context->username,mosquitto_client_username(client))) {
+		cJSON *j_connection = cJSON_CreateObject();
+		const char* address;
+		if (!j_connection){
+			return MOSQ_ERR_NOMEM;
+		}
+		if ((address=mosquitto_client_address(client)) && !cJSON_AddStringToObject(j_connection,"address",address)) {
+			cJSON_Delete(j_connection);
+			return MOSQ_ERR_NOMEM;
+		}			
+		cJSON_AddItemToArray(functor_context->j_connections,j_connection);
+	}
+	return MOSQ_ERR_SUCCESS;
+}
+			
+
+static cJSON* dynsec_connections__all_to_json(const char* username, const char* clientid)
+{
+	struct connection_array_context functor_context = { username, cJSON_CreateArray()};
+	//	functor_context.j_connections = cJSON_CreateArray();
+	//functor_context.username = username;
+	if (clientid) {
+		const struct mosquitto* client = mosquitto_client(clientid);
+		if (client && dynsec__add_client_address(client, &functor_context) != MOSQ_ERR_SUCCESS) {
+			cJSON_Delete(functor_context.j_connections);
+			return NULL;
+		}
+	} else {
+		if (mosquitto_apply_on_all_clients(&dynsec__add_client_address, &functor_context) != MOSQ_ERR_SUCCESS) {
+			cJSON_Delete(functor_context.j_connections);
+			return NULL;
+		}
+	}
+	return functor_context.j_connections;
+}
+

 static cJSON *add_client_to_json(struct dynsec__client *client, bool verbose)
 {
-	cJSON *j_client = NULL, *j_groups, *j_roles;
+	cJSON *j_client = NULL;

 	if(verbose){
+		cJSON *j_groups, *j_roles, *j_connections;
+		
 		j_client = cJSON_CreateObject();
 		if(j_client == NULL){
 			return NULL;
@ -894,6 +941,13 @@ static cJSON *add_client_to_json(struct dynsec__client *client, bool verbose)
 			return NULL;
 		}
 		cJSON_AddItemToObject(j_client, "groups", j_groups);
+
+		j_connections = dynsec_connections__all_to_json(client->username, client->clientid);
+		if (j_connections == NULL){
+			cJSON_Delete(j_client);
+			return NULL;
+		}
+		cJSON_AddItemToObject(j_client, "connections", j_connections);
 	}else{
 		j_client = cJSON_CreateString(client->username);
 		if(j_client == NULL){
--- a/plugins/dynamic-security/config_init.c
+++ b/plugins/dynamic-security/config_init.c
@ -160,12 +160,8 @@ static int client_add_admin(FILE *pwfile, cJSON *j_clients)
 	free(password_hash);
 	free(salt);

-	if(client_role_add(j_roles, "broker-admin")
-			|| client_role_add(j_roles, "dynsec-admin")
-			|| client_role_add(j_roles, "sys-observe")
-			|| client_role_add(j_roles, "topic-observe")
-			){
-
+	if(client_role_add(j_roles, "super-admin")
+	        || client_role_add(j_roles, "topic-observe")){
 		free(password);
 		return MOSQ_ERR_NOMEM;
 	}
@ -311,8 +307,7 @@ static int acl_add(cJSON *j_acls, const char *acltype, const char *topic, int pr
 	}
 }

-
-static int role_add_client(cJSON *j_roles)
+static int add_role_with_full_permission(cJSON *j_roles, const char *role_name, const char *text_description, const char *topic_pattern)
 {
 	cJSON *j_role, *j_acls;

@ -322,79 +317,16 @@ static int role_add_client(cJSON *j_roles)
 	}
 	cJSON_AddItemToArray(j_roles, j_role);

-	if(cJSON_AddStringToObject(j_role, "rolename", "client") == NULL
-			|| cJSON_AddStringToObject(j_role, "textdescription",
-				"Read/write access to the full application topic hierarchy.") == NULL
-			|| (j_acls = cJSON_AddArrayToObject(j_role, "acls")) == NULL
-			){
-
+	if(cJSON_AddStringToObject(j_role, "rolename", role_name) == NULL
+		   || cJSON_AddStringToObject(j_role, "textdescription", text_description) == NULL
+		   || (j_acls = cJSON_AddArrayToObject(j_role, "acls")) == NULL){
 		return MOSQ_ERR_NOMEM;
 	}

-	if(acl_add(j_acls, "publishClientSend", "#", 0, true)
-			|| acl_add(j_acls, "publishClientReceive", "#", 0, true)
-			|| acl_add(j_acls, "subscribePattern", "#", 0, true)
-			|| acl_add(j_acls, "unsubscribePattern", "#", 0, true)
-			){
-
-		return MOSQ_ERR_NOMEM;
-	}
-	return MOSQ_ERR_SUCCESS;
-}
-
-static int role_add_broker_admin(cJSON *j_roles)
-{
-	cJSON *j_role, *j_acls;
-
-	j_role = cJSON_CreateObject();
-	if(j_role == NULL){
-		return MOSQ_ERR_NOMEM;
-	}
-	cJSON_AddItemToArray(j_roles, j_role);
-
-	if(cJSON_AddStringToObject(j_role, "rolename", "broker-admin") == NULL
-			|| cJSON_AddStringToObject(j_role, "textdescription",
-				"Grants access to administer general broker configuration.") == NULL
-			|| (j_acls = cJSON_AddArrayToObject(j_role, "acls")) == NULL
-			){
-
-		return MOSQ_ERR_NOMEM;
-	}
-
-	if(acl_add(j_acls, "publishClientSend", "$CONTROL/broker/#", 0, true)
-			|| acl_add(j_acls, "publishClientReceive", "$CONTROL/broker/#", 0, true)
-			|| acl_add(j_acls, "subscribePattern", "$CONTROL/broker/#", 0, true)
-			){
-
-		return MOSQ_ERR_NOMEM;
-	}
-	return MOSQ_ERR_SUCCESS;
-}
-
-static int role_add_dynsec_admin(cJSON *j_roles)
-{
-	cJSON *j_role, *j_acls;
-
-	j_role = cJSON_CreateObject();
-	if(j_role == NULL){
-		return MOSQ_ERR_NOMEM;
-	}
-	cJSON_AddItemToArray(j_roles, j_role);
-
-	if(cJSON_AddStringToObject(j_role, "rolename", "dynsec-admin") == NULL
-			|| cJSON_AddStringToObject(j_role, "textdescription",
-				"Grants access to administer clients/groups/roles.") == NULL
-			|| (j_acls = cJSON_AddArrayToObject(j_role, "acls")) == NULL
-			){
-
-		return MOSQ_ERR_NOMEM;
-	}
-
-	if(acl_add(j_acls, "publishClientSend", "$CONTROL/dynamic-security/#", 0, true)
-			|| acl_add(j_acls, "publishClientReceive", "$CONTROL/dynamic-security/#", 0, true)
-			|| acl_add(j_acls, "subscribePattern", "$CONTROL/dynamic-security/#", 0, true)
-			){
-
+	if(acl_add(j_acls, "publishClientSend", topic_pattern, 0, true)
+		|| acl_add(j_acls, "publishClientReceive", topic_pattern, 0, true)
+		|| acl_add(j_acls, "subscribePattern", topic_pattern, 0, true)
+		|| acl_add(j_acls, "unsubscribePattern", topic_pattern, 0, true)){
 		return MOSQ_ERR_NOMEM;
 	}
 	return MOSQ_ERR_SUCCESS;
@ -494,13 +426,11 @@ static int add_roles(cJSON *j_tree)
 		return MOSQ_ERR_NOMEM;
 	}

-	if(role_add_client(j_roles)
-			|| role_add_broker_admin(j_roles)
-			|| role_add_dynsec_admin(j_roles)
-			|| role_add_sys_notify(j_roles)
-			|| role_add_sys_observe(j_roles)
-			|| role_add_topic_observe(j_roles)
-			){
+	if(add_role_with_full_permission(j_roles, "client", "Read/write access to the full application topic hierarchy.", "#")
+		|| add_role_with_full_permission(j_roles, "broker-admin", "Grants access to administer general broker configuration.", "$CONTROL/broker/#")
+		|| add_role_with_full_permission(j_roles, "dynsec-admin", "Grants access to administer clients/groups/roles.", "$CONTROL/dynamic-security/#")
+		|| add_role_with_full_permission(j_roles, "super-admin", "Grants access to administer all kind of broker controls", "$CONTROL/#")
+		|| role_add_sys_notify(j_roles) || role_add_sys_observe(j_roles) || role_add_topic_observe(j_roles)){
 		return MOSQ_ERR_NOMEM;
 	}

--- a/plugins/dynamic-security/control.c
+++ b/plugins/dynamic-security/control.c
@ -35,20 +35,7 @@ Contributors:

 static void send_response(cJSON *tree)
 {
-	char *payload;
-	size_t payload_len;
-
-	payload = cJSON_PrintUnformatted(tree);
-	cJSON_Delete(tree);
-	if(payload == NULL) return;
-
-	payload_len = strlen(payload);
-	if(payload_len > MQTT_MAX_PAYLOAD){
-		free(payload);
-		return;
-	}
-	mosquitto_broker_publish(NULL, "$CONTROL/dynamic-security/v1/response",
-			(int)payload_len, payload, 0, 0, NULL);
+	plugin_send_response(tree, "$CONTROL/dynamic-security/v1/response");
 }


--- a/src/linker.syms
+++ b/src/linker.syms
@ -20,6 +20,7 @@
 	mosquitto_free;
 	mosquitto_kick_client_by_clientid;
 	mosquitto_kick_client_by_username;
+	mosquitto_apply_on_all_clients;
 	mosquitto_log_printf;
 	mosquitto_malloc;
 	mosquitto_persist_client_add;
--- a/src/plugin_public.c
+++ b/src/plugin_public.c
@ -400,6 +400,20 @@ int mosquitto_kick_client_by_username(const char *username, bool with_will)
 	return MOSQ_ERR_SUCCESS;
 }

+int mosquitto_apply_on_all_clients(int (*FUNC_client_functor)(const struct mosquitto *, void *), void *functor_context)
+{
+	int rc = MOSQ_ERR_SUCCESS;
+	struct mosquitto *ctxt, *ctxt_tmp;
+
+	HASH_ITER(hh_id, db.contexts_by_id, ctxt, ctxt_tmp){
+		rc = (*FUNC_client_functor)(ctxt, functor_context);
+		if(rc != MOSQ_ERR_SUCCESS){
+			break;
+		}
+	}
+
+	return rc;
+}

 int mosquitto_persist_client_add(struct mosquitto_evt_persist_client *client)
 {
--- a/test/broker/14-dynsec-client.py
+++ b/test/broker/14-dynsec-client.py
@ -44,15 +44,15 @@ list_clients_verbose_command = { "commands": [{
            "command": "listClients", "verbose": True, "correlationData": "20"}]
 }
 list_clients_verbose_response = {'responses':[{"command": "listClients", "data":{"totalCount":2, "clients":[
-    {'username': 'admin', 'textname': 'Dynsec admin user', 'roles': [{'rolename': 'admin'}], 'groups': []},
+    {'username': 'admin', 'textname': 'Dynsec admin user', 'roles': [{'rolename': 'admin'}], 'groups': [], 'connections': [{'address': '127.0.0.1'}]},
    {"username":"user_one", "clientid":"cid", "textname":"Name", "textdescription":"Description",
-        "roles":[], "groups":[]}]}, "correlationData":"20"}]}
+        "roles":[], "groups":[], 'connections': []}]}, "correlationData":"20"}]}


 get_client_command = { "commands": [{
    "command": "getClient", "username": "user_one", "correlationData": "42"}]}
 get_client_response = {'responses':[{'command': 'getClient', 'data': {'client': {'username': 'user_one', 'clientid': 'cid',
-    'textname': 'Name', 'textdescription': 'Description', 'groups': [], 'roles': []}}, "correlationData":"42"}]}
+    'textname': 'Name', 'textdescription': 'Description', 'groups': [], 'connections': [], 'roles': []}}, "correlationData":"42"}]}

 set_client_password_command = {"commands": [{
    "command": "setClientPassword", "username": "user_one", "password": "password"}]}
--- a/test/broker/14-dynsec-disable-client.py
+++ b/test/broker/14-dynsec-disable-client.py
@ -38,9 +38,9 @@ add_client_repeat_response = {'responses':[{"command":"createClient","error":"Cl
 get_client_command = { "commands": [{
            "command": "getClient", "username": "user_one"}]}
 get_client_response1 = {'responses':[{'command': 'getClient', 'data': {'client': {'username': 'user_one', 'clientid': 'cid',
-    'textname': 'Name', 'textdescription': 'Description', 'groups': [], 'roles': []}}}]}
+            'textname': 'Name', 'textdescription': 'Description', 'groups': [], 'roles': [], 'connections': []}}}]}
 get_client_response2 = {'responses':[{'command': 'getClient', 'data': {'client': {'username': 'user_one', 'clientid': 'cid',
-    'textname': 'Name', 'textdescription': 'Description', 'disabled':True, 'groups': [], 'roles': []}}}]}
+            'textname': 'Name', 'textdescription': 'Description', 'disabled':True, 'groups': [], 'roles': [], 'connections': []}}}]}

 disable_client_command = { "commands": [{
            "command": "disableClient", "username": "user_one"}]}
--- a/test/broker/14-dynsec-group.py
+++ b/test/broker/14-dynsec-group.py
@ -70,11 +70,11 @@ list_groups_verbose_response = {'responses':[{'command': 'listGroups', 'data': {
 list_clients_verbose_command = { "commands": [{
            "command": "listClients", "verbose": True, "correlationData": "20"}]}
 list_clients_verbose_response = {'responses':[{"command": "listClients", "data":{"totalCount":3, "clients":[
-            {'username': 'admin', 'textname': 'Dynsec admin user', 'roles': [{'rolename': 'admin'}], 'groups': []},
+            {'username': 'admin', 'textname': 'Dynsec admin user', 'roles': [{'rolename': 'admin'}], 'groups': [], 'connections': [{'address': '127.0.0.1'}]},
            {"username":"user_one", "clientid":"cid", "textname":"Name", "textdescription":"description",
-            "groups":[{"groupname":"group_one"}, {"groupname":"group_two"}], "roles":[]},
+             "groups":[{"groupname":"group_one"}, {"groupname":"group_two"}], "roles":[], 'connections': []},
            {"username":"user_two", "textname":"Name", "textdescription":"description",
-            "groups":[{"groupname":"group_one"}], "roles":[]},
+             "groups":[{"groupname":"group_one"}], "roles":[],  'connections': []},
            ]}, "correlationData":"20"}]}

 get_group_command = { "commands": [{"command": "getGroup", "groupname":"group_one"}]}
--- a/test/broker/14-dynsec-modify-client.py
+++ b/test/broker/14-dynsec-modify-client.py
@ -109,6 +109,7 @@ get_client_response1 = {'responses':[{'command': 'getClient', 'data': {'client':
    'textname': 'Name', 'textdescription': 'Description',
    'roles': [],
    'groups': [],
+    'connections': []
    }}}]}

 get_client_command2 = { "commands": [{
@ -122,8 +123,9 @@ get_client_response2 = {'responses':[{'command': 'getClient', 'data': {'client':
    ],
    'groups': [
        {'groupname':'group_two', 'priority':8},
-        {'groupname':'group_one', 'priority':3}
-    ]}}}]}
+        {'groupname':'group_one', 'priority':3}],
+    'connections': []
+    }}}]}

 get_client_command3 = { "commands": [{
            "command": "getClient", "username": "user_one"}]}
@ -133,8 +135,9 @@ get_client_response3 = {'responses':[{'command': 'getClient', 'data': {'client':
    'roles': [
        {'rolename':'role_three', 'priority':10},
        {'rolename':'role_one', 'priority':2},
-        {'rolename':'role_two'}
-    ]}}}]}
+        {'rolename':'role_two'}],
+     'connections': []
+    }}}]}



--- a/test/broker/14-dynsec-role.py
+++ b/test/broker/14-dynsec-role.py
@ -148,11 +148,11 @@ list_clients_verbose_command = { "commands": [{
    "command": "listClients", "verbose": True, "correlationData": "20"}]
 }
 list_clients_verbose_response = {'responses':[{"command": "listClients", "data":{'totalCount':3, "clients":[
-    {'username': 'admin', 'textname': 'Dynsec admin user', 'roles': [{'rolename': 'admin'}], 'groups': []},
+    {'username': 'admin', 'textname': 'Dynsec admin user', 'roles': [{'rolename': 'admin'}], 'groups': [],  'connections': [{'address': '127.0.0.1'}]},
    {"username":"user_one", "clientid":"cid", "textname":"Name", "textdescription":"Description",
-    "groups":[], "roles":[{'rolename':'basic'}, {'rolename':'basic2'}]},
+     "groups":[], "roles":[{'rolename':'basic'}, {'rolename':'basic2'}],  'connections': []},
    {"username":"user_two", "textname":"Name", "textdescription":"Description",
-    "groups":[], "roles":[]}]}, "correlationData":"20"}]}
+     "groups":[], "roles":[], 'connections': []}]}, "correlationData":"20"}]}

 list_groups_verbose_command = { "commands": [{
    "command": "listGroups", "verbose": True, "correlationData": "20"}]