github
/
mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3,699 Commits
9 Branches
64 Tags
20 MiB
develop
master
fixes
release/2.0
release/1.6
dynamic-bridge
release/1.5
debian
debian-mosquitto
v2.0.15
v2.0.14
v2.0.13
v2.0.12
v2.0.11
v1.6.15
v2.0.10
v2.0.9
v1.6.14
v1.5.11
v2.0.8
v2.0.7
v1.6.13
v2.0.6
v2.0.5
v2.0.4
v2.0.3
v2.0.2
v2.0.1
v2.0.0
v1.5.10
v1.6.12
v1.6.11
v1.6.10
v1.6.9
v1.6.8
v1.6.7
v1.6.6
v1.5.9
v1.6.5
v1.6.4
v1.6.3
v1.6.2
v1.6.1
v1.6
v1.5.8
v1.5.7
v1.5.6
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5
v1.4.15
v1.4.14
v1.4.13
v1.4.12
v1.4.11
v1.4.10
v1.4.9
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.3.2-not-blessed
v1.3.3-not-blessed
v1.3.4-not-blessed
v1.3.5-not-blessed
v1.4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'develop'
${ noResults }
Commit Graph

184 Commits (develop)

Author SHA1 Message Date
Roger A. Light 5cf94d2e57 Merge branch 'fixes' of git://github.com/ChristianS99/mosquitto into fixes 6 years ago
Roger A. Light c84d175b3d Fixes for the poor souls stuck on <c99. 
Closes #1622.
 6 years ago
Roger A. Light d96543c0b8 Merge branch 'fixes' into develop 6 years ago
Roger A. Light b0a065f790 Update changelog. Release page. Bump copyright. 6 years ago
Roger A. Light 3a89059271 Don't call SSL_shutdown() if SSL init hasn't completed. 6 years ago
Roger A. Light 07c54627e9 Print OpenSSL errors in more situations 
Covers when loading certificates fails, or there are ENGINE problems.

Closes #1552. Thanks to Michael Richardson.
 6 years ago
Roger A. Light d60e86d2a3 Add TCP_NODELAY support to lib and clients. 
Closes #1526. Thanks to Felix Moessbauer.
 6 years ago
Christian Schneider a3ebeff9d7 fix: replace sleep with (p)select in loop_forever 
sleep was blocking loop_stop(force=false) since it
was uniteruptible

Signed-off-by: Christian Schneider <cschneider@radiodata.biz>
 6 years ago
Roger A. Light c0443637e8 Merge branch 'master' 
Conflicts:
	ChangeLog.txt
	config.mk
	src/context.c
	src/loop.c
	src/subs.c
	test/broker/01-connect-bad-packet.py
	test/broker/02-subpub-qos1-bad-pubcomp.py
	test/broker/02-subpub-qos1-bad-pubrec.py
	test/broker/02-subpub-qos2-bad-puback-1.py
	test/broker/02-subpub-qos2-bad-puback-2.py
	test/broker/02-subpub-qos2-bad-pubcomp.py
	test/broker/02-subpub-qos2.py
	test/broker/07-will-null-topic.py
 6 years ago
Roger A. Light 47dadb902d Only call ERR_clear_error() after an error has occurred. 6 years ago
Roger A. Light 499e2f2e98 Add support for unix sockets to broker, lib, and clients. 6 years ago
Roger A. Light 6a01453ce0 Build fixes. 6 years ago
Roger A. Light d8f6215569 Windows fix 6 years ago
Roger A. Light 46d12086c9 Set sock to invalid after closing. 6 years ago
Karl Palsson 22303848e2 ssl: support openssl with ENGINE support disabled. 
Alternatively, just drop support for this config.

Signed-off-by: Karl Palsson <karlp@etactica.com>
 7 years ago
Karl Palsson 0928797e57 lib: fix missing openssl/ui.h include. 
Signed-off-by: Karl Palsson <karlp@etactica.com>
 7 years ago
Roger A. Light dc4b823f92 Fix crash after client has been unable to connect to a broker 
This is part of the cleanup routine when the client is already exiting.

Closes #1246. Thanks to Christoph Krey.
 7 years ago
Roger A. Light f041cb484a No need to support versions that aren't supported by upstream. 7 years ago
John Hickey c011be62a4 Bridge TLS Application-Layer Protocol Negotiation 
In order to connect to brokers that support both websockets and
mqtt on the same port (such as Amazon IoT), we need to set an
application for the SSL context.  This change allows the specification
of an application by using the `bridge_alpn` configuration token.

Signed-off-by: John Hickey <jjh-github@daedalian.us>
 7 years ago
Roger A. Light ea046c2405 Merge branch 'master' of git://github.com/LarsVoelker/mosquitto into LarsVoelker-master 7 years ago
Roger A. Light 320ddc1303 Merge branch 'master' 
Conflicts:
	CMakeLists.txt
	ChangeLog.txt
	client/Makefile
	config.mk
	installer/mosquitto.nsi
	installer/mosquitto64.nsi
	lib/mosquitto.h
	lib/mqtt3_protocol.h
	lib/util_mosq.c
	set-version.sh
	snap/snapcraft.yaml
	src/bridge.c
	src/database.c
	src/handle_connack.c
	src/loop.c
	src/persist.c
	test/broker/Makefile
 7 years ago
Roger A. Light 110f4aada6 Don't overwrite disused client state. 7 years ago
Roger A. Light cc153cfc90 Cleanup TLS UI method on exit. 7 years ago
Roger A. Light 2dd24449ad Fix "unused parameter" warnings. 7 years ago
Roger A. Light ce31269e05 Update changelog, bump version, bump copyright year. 7 years ago
Roger A. Light 988554e7f0 Fix openssl deprecated warnings. 7 years ago
Roger A. Light a6f845bc67 Fix openssl deprecated function use. 7 years ago
Roger A. Light d3d6f3a980 Fix compiling with openssl < 1.1.1. 7 years ago
krismattheus 479d8e5f1a fix incorrect return code when connecting in non-blocking mode 
Signed-off-by: krismattheus <kris.mattheus@visionbms.com>
 7 years ago
Roger A. Light 1924afe49e Add explicit support for TLS v1.3 and drop TLS v1.0. 7 years ago
Roger A. Light 5aabc171b0 Merge branch 'mqtt5' into develop 7 years ago
Roger A. Light e862a047a8 Rework TLS engine support. 7 years ago
Nicolás Pernas Maradei 20894fcbce Add engine private key password support 
Some OpenSSL engines (selectable via tls_engine option) may require a
password to make use of private keys created with them in the first place.

The TPM engine for example, will require a password to access the underlying
TPM's Storage Root Key (SRK), which is the root key of a hierarchy of keys
associated with a TPM; it is generated within a TPM and is a non-migratable
key. Each owned TPM contains a SRK, generated by the TPM at the request
of the Owner. [1]

By default, the engine will prompt the user to introduce the SRK password
before any private keys created with the engine can be used. This could
be inconvenient when running on an unattended system.

Here's where the new tls_engine_kpass_sha option comes in handy. The user
can specify a SHA1 hash of its engine private key password via command
line or config file and it will be passed on to the engine directly.

This commit adds support for both clients (libmosquitto) and broker.

[1] https://goo.gl/qQoXBY

Signed-off-by: Nicolás Pernas Maradei <nicopernas@gmail.com>
 7 years ago
Nicolás Pernas Maradei f88cc06435 Add TLS engine and keyform support to libmosquitto 
- Clients can now offload crypto tasks to an external crypto device through
  the OpenSSL ENGINE API.
- The keyfiles can now be treated as PEM or ENGINE keys.
- Two new functions were added to libmosquitto to set up the previously
  mentioned features.
- Both mosquitto_sub and mosquitto_pub include support to turn on the mentioned
  features through command line options.

Signed-off-by: Nicolás Pernas Maradei <nicopernas@gmail.com>
 7 years ago
Roger A. Light 084062c85e Merge branch 'fixes' into mqtt5 7 years ago
Roger A. Light 7ff9c3763b Fix socks build when using cmake. 7 years ago
Roger A. Light f952ae3a67 Fixed durable clients being unable to receive messages when offline. 
This occurred when per_listener_settings was set to true.

Closes #1081. Thanks to dwin-wangjt.
 7 years ago
Matthias Stone 4325c44baf Don't clear SSL context when TLS connection is closed. 
Previous behaviour would clear the external SSL_CTX provided by
MOSQ_OPT_SSL_CTX. This required the user to reset the SSL_CTX every
disconnect, and trust that they were not leaking references.

Recreating the SSL context for every connection is not necessary, and the
SSL context is freed in mosquitto_destroy, which is sufficient.

Signed-off-by: Matthias Stone <matthias@bellstone.ca>
 7 years ago
Roger A. Light e8320cbf19 Fix TLS connections not working over SOCKS. 
Thanks to Mark Oeltjenbruns.
 7 years ago
Roger A. Light be9c1071b0 Fix compilation when openssl deprecated APIs are not available. 
Closes #1094. Thanks to Rosen Penev.
 7 years ago
Roger A. Light fcf4cd0b27 Merge branch 'master' into mqtt5 7 years ago
Roger A. Light a00dd29af8 Fix building where TLS-PSK is not available. 
Closes #68.
 7 years ago
Roger A. Light e169f1c7c2 When using ADNS, don't ask for all network protocols when connecting. 
This can lead to confusing "Protocol not supported" errors if the
network is down, because UDP sockets are provided.

Thanks to jsaak.

Closes #1062.

Bug: https://github.com/eclipse/mosquitto/issues/1062
 7 years ago
Roger A. Light 0a9ee5b4cf Fix memory leak when reconnecting with TLS errors. 
Fix memory leak that occurred if mosquitto_reconnect() was used when TLS
errors were present.

Closes #592. Thanks to smartdabao and aaronovz1.
 7 years ago
Roger Light 6c9e8d51c2 Merge branch 'develop' into mqtt5 7 years ago
Roger A. Light 0bacff11df Rename mqtt3_protocol.h -> mqtt_protocol.h. 7 years ago
Fredrik Fornwall 915e91d9be Fix build with OPENSSL_NO_ENGINE 
Signed-off-by: Fredrik Fornwall <fredrik@fornwall.net>
 7 years ago
Roger A. Light 0ec090f31a Fixes for building on FreeBSD. 7 years ago
Roger A. Light 10b19a42ed Fixes for building on NetBSD. 
Closes #258.

Thanks to Daniel Ölschlegel.
 7 years ago
Roger A. Light c757cb0912 Remove incorrect comment. 7 years ago
Roger A. Light e185d18917 Better fix for #851. 
Ensure all sockets that are closed are set to INVALID_SOCKET.

Signed-off-by: Roger A. Light <roger@atchoo.org>
 7 years ago
Roger A. Light 575dce91f0 Fix segfault on startup if bridge CA certificates could not be read. 
Closes #851.

Thanks to chelliwell.

Signed-off-by: Roger A. Light <roger@atchoo.org>
 7 years ago
Roger A. Light 4bacbecb1b Fix some places where return codes were incorrect. 
Closes #850.

Signed-off-by: Roger A. Light <roger@atchoo.org>
 7 years ago
Roger A. Light bcf76b9cb6 Remove use of AI_ADDRCONFIG. 
Closes #869, #901.

Thanks to Alex Richman.

Signed-off-by: Roger A. Light <roger@atchoo.org>
 7 years ago
Roger A. Light 286400abcf Use AF_UNSPEC etc. instead of PF_UNSPEC to comply with POSIX. 
Closes #863.

Thanks to denigmus and Patrick TJ McPhee.

Signed-off-by: Roger A. Light <roger@atchoo.org>
 7 years ago
Roger A. Light e90a32835b Merge branch 'fixes' into develop 8 years ago
Roger A. Light 6c7ecd7e97 Fix compiling without TLS. 8 years ago
Thomas Beckmann (M-Way) ee610ab19a _mosquitto_net_read must call WSASetLastError when changing errno so that the error code can be picked up by _mosquitto_packet_read 
Signed-off-by: Thomas Beckmann (M-Way) <t.beckmann@mwaysolutions.com>
 8 years ago
Roger A. Light e961bc9301 Comment to aid init_ssl_ctx understanding. 8 years ago
Roger A. Light b649799c78 Protect mosq->ssl_ctx against double initialisation. 8 years ago
Roger A. Light 943b311344 Don't use deprecated openssl functions. 8 years ago
Roger A. Light 24d68b5af8 Remove support for openssl 1.0.0 and 1.0.1. 
These are no longer supported by openssl.
 8 years ago
Roger A. Light 8470ca89b9 Add MOSQ_OPT_SSL_CTX and MOSQ_OPT_SSL_CTX_WITH_DEFAULTS options. 
Closes #567 and #715.
 8 years ago
Roger A. Light f4d238be18 Bump copyright years. 8 years ago
Thomas Beckmann (M-Way) 8e3c2d9af7 _mosquitto_net_read must call WSASetLastError when changing errno so that the error code can be picked up by _mosquitto_packet_read 
Signed-off-by: Thomas Beckmann (M-Way) <t.beckmann@mwaysolutions.com>
 8 years ago
Viktor Gotwig e90afb8526 Adding tls host name extension (SNI) 
Signed-off-by: Viktor Gotwig <viktor.gotwig@q-loud.de>
 8 years ago
Roger A. Light 81cb7ab547 Merge branch 'fixes' into develop 8 years ago
JonoJensen 7d8d04bc39 Fix issue when SSL_connect() returns SSL_ERROR_WANT_READ. A call to SSL_write here will later transmit a new client hello and make ssl connection fail. 
Signed-off-by: JonoJensen <jono.jensen@yahoo.se>
 8 years ago
Roger A. Light b193918ca0 [649] Don't close socket again if nonblock fails. 
Thanks to Edwin van den Oetelaar.

Bug: https://github.com/eclipse/mosquitto/issues/649
 8 years ago
Roger A. Light 124ee1af91 [490] Further fix for auth related crashes. 
Bug: https://github.com/eclipse/mosquitto/issues/490
 8 years ago
Roger A. Light 22063013be [490] Fix auth plugin+WS client+MOSQ_ERR_AUTH related crash. 
Thanks to "hasunperera".

Bug: https://github.com/eclipse/mosquitto/issues/490
 8 years ago
Roger A. Light e74203de2c Merge branch 'master' into develop 8 years ago
Dr. Lars Voelker 74adb43cc1 Adding OCSP Stapling support to mosquitto 
Adding OCSP Stapling support to mosquitto, so that the TLS client side
requests the certificate status and checks it.
This code uses the OpenSSL-based OCSP implementation and is somewhat
based on the libcurl code for OCSP stapling.

Signed-off-by: Dr. Lars Voelker <lars.voelker@bmw.de>
 8 years ago
Jan Lukavsky 621f18d696 #419 Broker sometimes kills connection to client 
Signed-off-by: Jan Lukavsky <je.ik@seznam.cz>
 8 years ago
Roger A. Light b61fefcf08 Merge branch 'master' into develop 8 years ago
Jelle van der Waa ab266e7f5f lib: fix OpenSSL 1.1 deprecation warning for ERR_remove_state 
ERR_remove_state has been marked deprecated in OpenSSL 1.1.0 and do
nothing, as the OpenSSL libraries now normally do all thread
initialization and deinitialisation automatically.

Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl>
 9 years ago
Roger A. Light 91b308a11d Merge branch 'master' into develop 9 years ago
Roger A. Light ac981782db Fix typo and use net__print_ssl_error() as available. 9 years ago
Jiří Pinkava cd0985c3e2 Log more TLS error details 
Signed-off-by: Jiří Pinkava <j-pi@seznam.cz>
 9 years ago
Roger A. Light 433ee5c4d6 [344] Don't compile in async dns support by default for makefiles. 9 years ago
Roger A. Light 6f45ab9624 [344] Only do async dns on glibc. 9 years ago
Roger A. Light 5eae4b56d6 [344] More leak fixes. 9 years ago
Roger A. Light e13af18ed9 Start of fix for [344]. 9 years ago
Roger A. Light 98ea684906 [323] Allow outgoing IPv6 connections to use TLS. 
Bug: https://github.com/eclipse/mosquitto/issues/323
 9 years ago
Roger A. Light f0485d1398 [344] Don't compile in async dns support by default for makefiles. 9 years ago
Roger A. Light 3d40ffe18b [344] Only do async dns on glibc. 9 years ago
Roger A. Light ee543a25f5 [344] More leak fixes. 9 years ago
Roger A. Light ef7a230365 Start of fix for [344]. 9 years ago
Roger A. Light 6f7a0bff4b [323] Allow outgoing IPv6 connections to use TLS. 
Bug: https://github.com/eclipse/mosquitto/issues/323
 9 years ago
Roger A. Light 017db6706f Rename mosquitto_broker.h -> mosquitto_broker_internal.h 9 years ago
Roger A. Light 8378fe44cf Update copyrights. 9 years ago
Roger A. Light 1c3988a397 Merge branch 'master' into develop 9 years ago
Roger A. Light e8185ddaa7 [166] Don't cancel external threads. 
libmosquitto shouldn't cancel threads it didn't create. This change
allows us to keep track of whether threads were created by the library
or by external code.

Thanks to Josip Ćavar.

Bug: https://github.com/eclipse/mosquitto/issues/166
 10 years ago
Roger A. Light c6ef86bd1f Print openssl errors when debugging enabled. 10 years ago
Dmitry Kaukov 606aa5b4fa Workaround for Windows SSL (#160) 
Closes #154.

Signed-off-by: Dmitry Kaukov <dkaukov@opentable.com>
 10 years ago
Roger A. Light af995d211d Fix client library keepalive handling. 
Fix the case where a message received just before the keepalive timer
expired would cause the client to miss the keepalive timer.

Thanks to Graham Benton.
 10 years ago
Roger A. Light d5abf5a18a Outgoing connections can use any TLS version. 10 years ago
Roger A. Light c7d4f4bcff mosq->want_write should be cleared immediately before a call to SSL_write. 
This allows clients using mosquitto_want_write() to get accurate results.
 10 years ago
Roger A. Light fca9ac84f7 Merge fixes into develop. 10 years ago
Roger A. Light 2549919413 Fix support for libwebsockets 1.22. 10 years ago