From edee5aaf8d823c920e58e5e8b7bd3cf08773ed72 Mon Sep 17 00:00:00 2001
From: "Roger A. Light" <roger@atchoo.org>
Date: Tue, 27 Oct 2020 16:32:21 +0000
Subject: [PATCH] Add the `bridge_bind_address` option.

Closes #1311. Thanks to beville.
---
 ChangeLog.txt                   |  1 +
 man/mosquitto.conf.5.xml        | 11 +++++++++++
 mosquitto.conf                  |  4 ++++
 src/bridge.c                    | 10 ++++++++--
 src/conf.c                      | 11 +++++++++++
 src/mosquitto_broker_internal.h |  1 +
 6 files changed, 36 insertions(+), 2 deletions(-)

diff --git a/ChangeLog.txt b/ChangeLog.txt
index 0f6ba818..5b47f71e 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -59,6 +59,7 @@ Broker:
 - mosquitto_password now forbids the : character. Closes #1833.
 - Fix `log_timestamp_format` not applying to `log_dest topic`. Closes #1862.
 - Add the `bridge_max_packet_size` option. Closes #265.
+- Add the `bridge_bind_address` option. Closes #1311.
 
 Client library:
 - Client no longer generates random client ids for v3.1.1 clients, these are
diff --git a/man/mosquitto.conf.5.xml b/man/mosquitto.conf.5.xml
index 9367bb7a..adb3ac10 100644
--- a/man/mosquitto.conf.5.xml
+++ b/man/mosquitto.conf.5.xml
@@ -1521,6 +1521,17 @@ openssl dhparam -out dhparam.pem 2048</programlisting>
 						<replaceable>true</replaceable>.</para>
 				</listitem>
 			</varlistentry>
+			<varlistentry>
+				<term><option>bridge_bind_address</option> <replaceable>ip address</replaceable></term>
+				<listitem>
+					<para>
+						If you need to have the bridge connect over a particular
+						network interface, use bridge_bind_address to tell the
+						bridge which local IP address the socket should bind to,
+						e.g. <option>bridge_bind_address 192.168.1.10</option>.
+					</para>
+				</listitem>
+			</varlistentry>
 			<varlistentry>
 				<term><option>bridge_max_packet_size</option> <replaceable>value</replaceable></term>
 				<listitem>
diff --git a/mosquitto.conf b/mosquitto.conf
index 8979bcba..989efee5 100644
--- a/mosquitto.conf
+++ b/mosquitto.conf
@@ -650,6 +650,10 @@
 #address <host>[:<port>] [<host>[:<port>]]
 #topic <topic> [[[out | in | both] qos-level] local-prefix remote-prefix]
 
+# If you need to have the bridge connect over a particular network interface,
+# use bridge_bind_address to tell the bridge which local IP address the socket
+# should bind to, e.g. `bridge_bind_address 192.168.1.10`
+#bridge_bind_address
 
 # If a bridge has topics that have "out" direction, the default behaviour is to
 # send an unsubscribe request to the remote broker on that topic. This means
diff --git a/src/bridge.c b/src/bridge.c
index 59d1a53c..0df4f8b2 100644
--- a/src/bridge.c
+++ b/src/bridge.c
@@ -411,7 +411,12 @@ int bridge__connect(struct mosquitto_db *db, struct mosquitto *context)
 	}
 
 	log__printf(NULL, MOSQ_LOG_NOTICE, "Connecting bridge %s (%s:%d)", context->bridge->name, context->bridge->addresses[context->bridge->cur_address].address, context->bridge->addresses[context->bridge->cur_address].port);
-	rc = net__socket_connect(context, context->bridge->addresses[context->bridge->cur_address].address, context->bridge->addresses[context->bridge->cur_address].port, NULL, false);
+	rc = net__socket_connect(context,
+			context->bridge->addresses[context->bridge->cur_address].address,
+			context->bridge->addresses[context->bridge->cur_address].port,
+			context->bridge->bind_address,
+			false);
+
 	if(rc > 0){
 		if(rc == MOSQ_ERR_TLS){
 			net__socket_close(db, context);
@@ -679,7 +684,8 @@ void bridge_check(struct mosquitto_db *db)
 				if(context->bridge->primary_retry_sock == INVALID_SOCKET){
 					rc = net__try_connect(context->bridge->addresses[0].address,
 							context->bridge->addresses[0].port,
-							&context->bridge->primary_retry_sock, NULL, false);
+							&context->bridge->primary_retry_sock,
+							context->bridge->bind_address, false);
 
 					if(rc == 0){
 						COMPAT_CLOSE(context->bridge->primary_retry_sock);
diff --git a/src/conf.c b/src/conf.c
index 2df0e91a..cb292c75 100644
--- a/src/conf.c
+++ b/src/conf.c
@@ -961,6 +961,17 @@ int config__read_file_core(struct mosquitto__config *config, bool reload, struct
 					if(conf__parse_string(&token, "bridge_alpn", &cur_bridge->tls_alpn, saveptr)) return MOSQ_ERR_INVAL;
 #else
 					log__printf(NULL, MOSQ_LOG_WARNING, "Warning: Bridge and/or TLS support not available.");
+#endif
+				}else if(!strcmp(token, "bridge_bind_address")){
+#if defined(WITH_BRIDGE) && defined(WITH_TLS)
+					if(reload) continue; /* FIXME */
+					if(!cur_bridge){
+						log__printf(NULL, MOSQ_LOG_ERR, "Error: Invalid bridge configuration.");
+						return MOSQ_ERR_INVAL;
+					}
+					if(conf__parse_string(&token, "bridge_bind_address", &cur_bridge->bind_address, saveptr)) return MOSQ_ERR_INVAL;
+#else
+					log__printf(NULL, MOSQ_LOG_WARNING, "Warning: Bridge support not available.");
 #endif
 				}else if(!strcmp(token, "bridge_capath")){
 #if defined(WITH_BRIDGE) && defined(WITH_TLS)
diff --git a/src/mosquitto_broker_internal.h b/src/mosquitto_broker_internal.h
index 6c3eee05..3e76d11e 100644
--- a/src/mosquitto_broker_internal.h
+++ b/src/mosquitto_broker_internal.h
@@ -578,6 +578,7 @@ struct mosquitto__bridge{
 	char *local_username;
 	char *local_password;
 	char *notification_topic;
+	char *bind_address;
 	bool notifications;
 	bool notifications_local_only;
 	enum mosquitto_bridge_start_type start_type;