Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to create a client connection to mosquitto broker 2.0.12 or newer #1290

Closed
renkei opened this issue Nov 8, 2021 · 5 comments
Closed

Unable to create a client connection to mosquitto broker 2.0.12 or newer #1290

renkei opened this issue Nov 8, 2021 · 5 comments
Labels
bug Something isn't working

Comments

@renkei
Copy link

renkei commented Nov 8, 2021

I use MQTTnet for client connections and mosquitto as broker for several years without issues. But now, when I update the mosquitto broker from 2.0.11 to the latest versions 2.0.12 or 2.0.13 I'm no longer able to connect to the broker with MQTTnet.

What I can see so far:

1. MQTTnet version
Reproducible with version 3.0.16 and 3.1.0.

2. Exception:

MQTTnet.Adapter.MqttConnectingFailedException: Connecting with MQTT server failed (ClientIdentifierNotValid).
    at MQTTnet.Client.MqttClient.AuthenticateAsync(IMqttChannelAdapter channelAdapter, MqttApplicationMessage willApplicationMessage, CancellationToken cancellationToken)
    at MQTTnet.Client.MqttClient.ConnectAsync(IMqttClientOptions options, CancellationToken cancellationToken)
    at MQTTnet.Client.MqttClient.ConnectAsync(IMqttClientOptions options, CancellationToken cancellationToken)`

3. The Client ID
Not set in my code, so I'm always using the MQTTnet default implementation that results in something like this eb97c79a96a04ec4bb593253e317c942. I've checked this again, client ID looks fine to me.

4. Other environments
I've also Node.js projects that are using MQTT.js to create client connections to the mosquitto broker. MQTT.js still works without any issues even with the latest versions of mosquitto ==> Seems to be an issue with MQTTnet.

5. Workaround
When I downgrade mosquitto to 2.0.11 everything works as expected again with MQTTnet ==> Seems to be an issue with mosquitto.

Any idea?
@renkei renkei added the bug Something isn't working label Nov 8, 2021
@SeppPenner
Copy link
Collaborator

Does the Mosquitto broker maybe only allow certain logins / client ids by default?

@renkei
Copy link
Author

renkei commented Nov 8, 2021

No, it is a very simple setup in the LAN. The mosquitto broker 1.6.x run with default configuration, for the newer 2.0.x versions I've changed only two options in the conf file:

  1. listener set to port 1883 to listen on this this port on all network interfaces
  2. allow_anonymus set to true

I don't use user credentials, client certificates, or TLS encryption. This configuraton worked since years and is suddenly broken with MQTTnet + Eclipse Mosquitto >= 2.0.12 and fine again with 2.0.11 or older versions. Usually I would say this is a bug in the mosquitto broker, but as I said, the MQTT.js npm package works fine with 2.0.12 and 2.0.13. So, I'm unsure,

@renkei
Copy link
Author

renkei commented Nov 9, 2021
edited

I've done some more tests with MQTTnet running on a Windows machine with .NET Core 3.1 LTS and mosquitto 2.0.13 on several setups:

On Windows 64bit, I've tested 32bit and 64bit versions of the broker and on my Raspberry Pi 2 and 4 I've tested the 32bit Linux ARMv7 and 64bit Linux ARMv8 versions of the broker with always the same result. I'm not able to connect to any of these brokers anymore with MQTTnet. The exception is always the same: ClientIdentifierNotValid although the identifier is not set by me but by MQTTnet (as always). In contrast, I've no issues with the npm package MQTT.js on all setups.

@renkei renkei mentioned this issue Nov 13, 2021
Closed
@renkei
Copy link
Author

renkei commented Nov 13, 2021

I've found #2309. Setting KeepAlive to another value than TimeSpan.Zero fixes the connection problem. So, this is no bug of MQTTnet but Mosquitto.

@renkei renkei closed this as completed Nov 13, 2021
@MattBrittan
Copy link

Realise this has been closed but I thought adding some context might help others experiencing this issue. The error is the result of a change made in Mosquitto 2.0.12:

Fix max_keepalive not applying to MQTT v3.1.1 and v3.1 connections. These clients are now rejected if their keepalive value exceeds max_keepalive. This option allows CVE-2020-13849, which is for the MQTT v3.1.1 protocol itself rather than an implementation, to be addressed.

A change made in 2.0.9 also comes into play:

Fix max_keepalive option not applying to clients connecting with keepalive set to 0. Closes #2117.

These changes were made to address an issue with the MQTT protocol itself which permits a denial of service attack (CVE-2020-13849).

The default value for the max_keepalive is 65535 so this change means that attempting to connect with keep alive set to 0 (meaning no keepalive) will fail unless mosquitto.conf specifies max_keepalive 0. Unfortunately the error Mosquitto logs (Bad socket read/write on client XXXXXYYYYY: Invalid arguments provided.) does not really help identify the cause.

There are two possible solutions:

  • Specify max_keepalive 0 in mosquitto.conf (Mosquitto 2.0.13 or later).
  • Set KeepAlive to another value than TimeSpan.Zero when connecting with this library. For example .WithKeepAlivePeriod(TimeSpan.FromSeconds(60)).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@SeppPenner @renkei @MattBrittan