Use presence of password file as indicator for authentication checks.

Previously, authentication checks would only take place if usernames were defined in the password file. Closes #1545. Thanks to Timothy Godfrey.
6 years ago · d452ea138b
parent b6119bb759
commit d452ea138b
2 changed files with 5 additions and 2 deletions
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@ -1,6 +1,9 @@
 Broker:
 - Fix session expiry with very large expiry intervals. Closes #1525.
 - Check ACL patterns for validity when loading. Closes #1539.
+- Use presence of password file as indicator for whether username checks
+  should take place, not whether usernames are defined in the password file.
+  Closes #1545.

 1.6.8 - 20191128
 ================
--- a/src/security_default.c
+++ b/src/security_default.c
@ -881,10 +881,10 @@ int mosquitto_unpwd_check_default(struct mosquitto_db *db, struct mosquitto *con
 	if(db->config->per_listener_settings){
 		if(context->bridge) return MOSQ_ERR_SUCCESS;
 		if(!context->listener) return MOSQ_ERR_INVAL;
-		if(!context->listener->unpwd) return MOSQ_ERR_PLUGIN_DEFER;
+		if(context->listener->security_options.password_file == NULL) return MOSQ_ERR_PLUGIN_DEFER;
 		unpwd_ref = context->listener->unpwd;
 	}else{
-		if(!db->unpwd) return MOSQ_ERR_PLUGIN_DEFER;
+		if(db->config->security_options.password_file == NULL) return MOSQ_ERR_PLUGIN_DEFER;
 		unpwd_ref = db->unpwd;
 	}
 	if(!username){