github
/
mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,174 Commits
9 Branches
64 Tags
20 MiB
develop
master
fixes
release/2.0
release/1.6
dynamic-bridge
release/1.5
debian
debian-mosquitto
v2.0.15
v2.0.14
v2.0.13
v2.0.12
v2.0.11
v1.6.15
v2.0.10
v2.0.9
v1.6.14
v1.5.11
v2.0.8
v2.0.7
v1.6.13
v2.0.6
v2.0.5
v2.0.4
v2.0.3
v2.0.2
v2.0.1
v2.0.0
v1.5.10
v1.6.12
v1.6.11
v1.6.10
v1.6.9
v1.6.8
v1.6.7
v1.6.6
v1.5.9
v1.6.5
v1.6.4
v1.6.3
v1.6.2
v1.6.1
v1.6
v1.5.8
v1.5.7
v1.5.6
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5
v1.4.15
v1.4.14
v1.4.13
v1.4.12
v1.4.11
v1.4.10
v1.4.9
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.3.2-not-blessed
v1.3.3-not-blessed
v1.3.4-not-blessed
v1.3.5-not-blessed
v1.4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c90e49af1b'
${ noResults }
Commit Graph

94 Commits (c90e49af1bf8bdd397f578966afb0ce18fcfb5cd)

Author SHA1 Message Date
Roger A. Light c90e49af1b Merge remote-tracking branch 'origin/fixes' into develop 5 years ago
Roger A. Light 54b9571516 Enable TLS with certfile+keyfile, not capath/cafile. 5 years ago
Roger A. Light d7d3087b04 Breaking: Bind to loopback if no listeners are configured. 5 years ago
Roger Light 3eb60e2e6a Fix some winsock argument types. 5 years ago
Abilio Marques d5aae3eca7 lazy init SSL 
Signed-off-by: Abilio Marques <abiliojr@gmail.com>
 5 years ago
Sigmund Vik 5481575f8b Fix FormatMessage warnings for Windows. 
From the FormatMessage() Win32 API documentation: "The lpBuffer
parameter is a pointer to an LPTSTR; you must cast the pointer
to an LPTSTR (for example, (LPTSTR)&lpBuffer)."

https://docs.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-formatmessage#parameters

This commit fixes warnings like these:
warning C4047: 'function': 'LPSTR' differs in levels of indirection from 'char **'
warning C4024: 'FormatMessageA': different types for formal and actual parameter 5

Signed-off-by: Sigmund Vik <sigmund_vik@yahoo.com>
 5 years ago
Roger A. Light 762ad432e8 Fix support for openssl 3.0 5 years ago
Michael 24e34434a4 Move SSL prepare and accept operations out of deep loop 
Since all resources are ready, do not need lookup again.

Signed-off-by: Michael Liu <michael.liu.point@gmail.com>
 6 years ago
Roger A. Light c84d175b3d Fixes for the poor souls stuck on <c99. 
Closes #1622.
 6 years ago
Roger A. Light c175e836a7 Print openssl error when unable to load server key. 6 years ago
Roger A. Light d96543c0b8 Merge branch 'fixes' into develop 6 years ago
Roger A. Light b0a065f790 Update changelog. Release page. Bump copyright. 6 years ago
Roger A. Light 07c54627e9 Print OpenSSL errors in more situations 
Covers when loading certificates fails, or there are ENGINE problems.

Closes #1552. Thanks to Michael Richardson.
 6 years ago
Roger A. Light 812c0636d5 Satisfy valgrind when exiting on error. 
This is when due to not being able to open a listening socket, solved by
calling freeaddrinfo in the error cases.

Closes #1565. Thanks to back1127.
 6 years ago
Roger A. Light c0443637e8 Merge branch 'master' 
Conflicts:
	ChangeLog.txt
	config.mk
	src/context.c
	src/loop.c
	src/subs.c
	test/broker/01-connect-bad-packet.py
	test/broker/02-subpub-qos1-bad-pubcomp.py
	test/broker/02-subpub-qos1-bad-pubrec.py
	test/broker/02-subpub-qos2-bad-puback-1.py
	test/broker/02-subpub-qos2-bad-puback-2.py
	test/broker/02-subpub-qos2-bad-pubcomp.py
	test/broker/02-subpub-qos2.py
	test/broker/07-will-null-topic.py
 6 years ago
Roger A. Light d49988fa6f Rejig unix socket support. 6 years ago
Roger A. Light 17c32d89d9 Restrict access to unix socket. 6 years ago
Roger A. Light 499e2f2e98 Add support for unix sockets to broker, lib, and clients. 6 years ago
Roger A. Light cfacd961c9 Only a single CRL could be loaded at once. This has been fixed. 
Closes #1442. Thanks to charlemagnelasse.
 6 years ago
Roger A. Light 5941291bd5 Fix build WITH_TLS=no 6 years ago
Roger A. Light 4dc98c4cef Fix CRL file not being reloaded on HUP. 
Closes #35.
 6 years ago
Roger A. Light b42bb99ba6 Disable TLS renegotiation. 
Client initiated renegotiation is considered to be a potential attack
vector against servers.

Closes #1257. Thanks to Daniele Sluijters.
 6 years ago
Karl Palsson 22303848e2 ssl: support openssl with ENGINE support disabled. 
Alternatively, just drop support for this config.

Signed-off-by: Karl Palsson <karlp@etactica.com>
 7 years ago
Roger A. Light 42fb2f5538 Fix build for WITH_TLS=no. 
Closes #1250. Thanks to bmparr.
 7 years ago
Roger A. Light 449103e960 Merge remote-tracking branch 'refs/remotes/origin/fixes' 
Conflicts:
	ChangeLog.txt
 7 years ago
Roger A. Light fb1979c0ea Fix build on SmartOS due to missing IPV6_V6ONLY. 
Thanks to Matt Ingenthron.

Closes #1212.
 7 years ago
Roger A. Light 9faad1e078 Fix a variety of scan-build warnings. 7 years ago
Roger A. Light 320ddc1303 Merge branch 'master' 
Conflicts:
	CMakeLists.txt
	ChangeLog.txt
	client/Makefile
	config.mk
	installer/mosquitto.nsi
	installer/mosquitto64.nsi
	lib/mosquitto.h
	lib/mqtt3_protocol.h
	lib/util_mosq.c
	set-version.sh
	snap/snapcraft.yaml
	src/bridge.c
	src/database.c
	src/handle_connack.c
	src/loop.c
	src/persist.c
	test/broker/Makefile
 7 years ago
Roger A. Light 2dd24449ad Fix "unused parameter" warnings. 7 years ago
Vinod Kumar e9350fbb56 print error when listener bind address is not valid 
Signed-off-by: Vinod Kumar <kumar003vinod@gmail.com>
 7 years ago
Roger A. Light ce31269e05 Update changelog, bump version, bump copyright year. 7 years ago
Roger A. Light d3d6f3a980 Fix compiling with openssl < 1.1.1. 7 years ago
Roger A. Light 1924afe49e Add explicit support for TLS v1.3 and drop TLS v1.0. 7 years ago
Roger A. Light 130ddf47f7 Add `dhparamfile` option, to allow DH parameters to be loaded. 
This is for Ephemeral DH support on listeners.
 7 years ago
Steven Lawrance 208c3d3e85 Allow binding a listener to a specific network interface 
Signed-off-by: Steven Lawrance <stl@koffein.net>
 7 years ago
Roger A. Light 5aabc171b0 Merge branch 'mqtt5' into develop 7 years ago
Roger A. Light e862a047a8 Rework TLS engine support. 7 years ago
Nicolás Pernas Maradei 20894fcbce Add engine private key password support 
Some OpenSSL engines (selectable via tls_engine option) may require a
password to make use of private keys created with them in the first place.

The TPM engine for example, will require a password to access the underlying
TPM's Storage Root Key (SRK), which is the root key of a hierarchy of keys
associated with a TPM; it is generated within a TPM and is a non-migratable
key. Each owned TPM contains a SRK, generated by the TPM at the request
of the Owner. [1]

By default, the engine will prompt the user to introduce the SRK password
before any private keys created with the engine can be used. This could
be inconvenient when running on an unattended system.

Here's where the new tls_engine_kpass_sha option comes in handy. The user
can specify a SHA1 hash of its engine private key password via command
line or config file and it will be passed on to the engine directly.

This commit adds support for both clients (libmosquitto) and broker.

[1] https://goo.gl/qQoXBY

Signed-off-by: Nicolás Pernas Maradei <nicopernas@gmail.com>
 7 years ago
Nicolás Pernas Maradei d5f039ec7c Add TLS engine and keyform support to mosquitto 
Add same OpenSSL engine support to mosquitto (server side) previously added to
client side only.

Signed-off-by: Nicolás Pernas Maradei <nicopernas@gmail.com>
 7 years ago
Roger A. Light fcf4cd0b27 Merge branch 'master' into mqtt5 7 years ago
Roger A. Light 89f3d7bb3f Don't print connect/disconnect messages when connection_messages false. 
Closes #772. Closes #613. Closes #537.

Thanks to Christopher Maynard, Brandon Arrendondo, and qubeck.
 7 years ago
Roger A. Light a00dd29af8 Fix building where TLS-PSK is not available. 
Closes #68.
 7 years ago
Roger A. Light d29dac087d Add socket_domain option. 7 years ago
Roger A. Light ba67e1ffe5 Don't use gnu-specific strerror_r. 7 years ago
Roger Light 6c9e8d51c2 Merge branch 'develop' into mqtt5 7 years ago
Roger A. Light 0e16a248f2 Elevate log level to warning for situation when socket limit is hit. 7 years ago
Roger A. Light 3ae387e232 Close spare sock at exit. 7 years ago
Roger A. Light 0bacff11df Rename mqtt3_protocol.h -> mqtt_protocol.h. 7 years ago
Roger A. Light d1b36507db Better implementation of #948. 7 years ago
Roger A. Light ee8e20de75 Fix excessive CPU usage when the number of sockets exceeds the system limit. 
Closes #948. Thanks to wiebeytec.
 7 years ago