Fix reconnecting failing when MOSQ_OPT_TLS_USE_OS_CERTS was in use, but none
of capath, cafile, psk, nor MOSQ_OPT_SSL_CTX were set, and
MOSQ_OPT_SSL_CTX_WITH_DEFAULTS was set to the default value of true.
Closes#2288. Thanks to Poltorak Serguei.
Incoming QoS 2 messages that had not completed the QoS flow were not being
checked for ACL access when a clean session=False client was reconnecting.
Closes#575314.
An MQTT v5 client connecting with a large number of user-property properties
could cause excessive CPU usage, leading to a loss of performance and
possible denial of service. This has been fixed.
If a plugin had granted ACL subscription access to a
durable/non-clean-session client, then removed that access, the client would
keep its existing subscription. This has been fixed.
Threaded mode is deconfigured when the mosquitto_loop_start() thread ends,
which allows mosquitto_loop_start() to be called again.
Closes#2242. Thanks to Timo Lange.
This would happen with a corrupt/crafted configuration file. Unless your
configuration file is writable by untrusted users this is not a risk.
Closes#567213. Thanks to Roland Sako.
Happens if `per_listener_settings true` is set, and a SIGHUP is sent to
the broker before a client has reconnected to the broker.
Closes#2167. Thanks to momoskitto.
If sending mosquitto_sub output to a pipe, mosquitto_sub will now detect
that the pipe has closed and disconnect.
Closes#2164. Thanks to Frantisek Fuka.
CVE-xxxx-xxxx: If an authenticated client connected with MQTT v5 sent a
malformed CONNACK message to the broker a NULL pointer dereference occurred,
most likely resulting in a segfault. This will be updated with the CVE
number when it is assigned.
Affects versions 2.0.0 to 2.0.9 inclusive.
Closes#2163. Thanks to Bryan Pearson.
This would occur if a client was using `mosquitto_loop_start()`, then if
the connection failed due to the remote server being inaccessible they
called `mosquitto_loop_stop(, true)` and recreated the mosquitto object.
See: https://www.eclipse.org/forums/index.php?t=rview&goto=1839865#msg_1839865
Roger A. Light
Abilio Marques