Merge branch 'master' into fixes

CMakeLists.txt

@@ -8,7 +8,7 @@ cmake_minimum_required(VERSION 3.1)
 cmake_policy(SET CMP0042 NEW)
 
 project(mosquitto)
-set (VERSION 2.0.17)
+set (VERSION 2.0.18)
 
 list(APPEND CMAKE_MODULE_PATH "${PROJECT_SOURCE_DIR}/cmake/")
 

ChangeLog.txt

@@ -1,3 +1,14 @@
+2.0.18 - 2023-09-18
+===================
+
+Broker:
+- Fix crash on subscribe under certain unlikely conditions. Closes #2885.
+ Closes #2881.
+
+Clients:
+- Fix mosquitto_rr not honouring `-R`. Closes #2893.
+
+
 2.0.17 - 2023-08-22
 ===================
 

client/rr_client.c

@@ -84,7 +84,11 @@ static void my_message_callback(struct mosquitto *mosq, void *obj, const struct
  UNUSED(obj);
  UNUSED(properties);
 
+ if(process_messages == false) return;
+ if(message->retain && cfg.no_retain) return;
+
  print_message(&cfg, message, properties);
+
  switch(cfg.pub_mode){
  case MSGMODE_CMD:
  case MSGMODE_FILE:
@@ -96,33 +100,6 @@ static void my_message_callback(struct mosquitto *mosq, void *obj, const struct
  client_state = rr_s_ready_to_publish;
  break;
  }
- /* FIXME - check all below
- if(process_messages == false) return;
-
- if(cfg.retained_only && !message->retain && process_messages){
- process_messages = false;
- mosquitto_disconnect_v5(mosq, 0, cfg.disconnect_props);
- return;
- }
-
- if(message->retain && cfg.no_retain) return;
- if(cfg.filter_outs){
- for(i=0; i<cfg.filter_out_count; i++){
- mosquitto_topic_matches_sub(cfg.filter_outs[i], message->topic, &res);
- if(res) return;
- }
- }
-
- //print_message(&cfg, message);
-
- if(cfg.msg_count>0){
- msg_count++;
- if(cfg.msg_count == msg_count){
- process_messages = false;
- mosquitto_disconnect_v5(mosq, 0, cfg.disconnect_props);
- }
- }
- */
 }
 
 void my_connect_callback(struct mosquitto *mosq, void *obj, int result, int flags, const mosquitto_property *properties)

config.mk

@@ -120,14 +120,17 @@ WITH_JEMALLOC:=no
 # probably of no particular interest to end users.
 WITH_XTREPORT=no
 
+# Build using clang and with address sanitiser enabled
+WITH_ASAN=no
+
 # =============================================================================
 # End of user configuration
 # =============================================================================
 
 
 # Also bump lib/mosquitto.h, CMakeLists.txt,
 # installer/mosquitto.nsi, installer/mosquitto64.nsi
-VERSION=2.0.17
+VERSION=2.0.18
 
 # Client library SO version. Bump if incompatible API/ABI changes are made.
 SOVERSION=1
@@ -152,6 +155,12 @@ else
  CFLAGS?=-Wall -ggdb -O2 -Wconversion -Wextra
 endif
 
+ifeq ($(WITH_ASAN),yes)
+ CC:=clang
+ CFLAGS+=-fsanitize=address
+ LDFLAGS+=-fsanitize=address
+endif
+
 STATIC_LIB_DEPS:=
 
 APP_CPPFLAGS=$(CPPFLAGS) -I. -I../../ -I../../include -I../../src -I../../lib

docker/1.5-openssl/Dockerfile

@@ -45,7 +45,7 @@ RUN set -x && \
  export GNUPGHOME="$(mktemp -d)" && \
  found=''; \
  for server in \
- htps:https://keys.openpgp.org \
+ hkps:https://keys.openpgp.org \
  hkp:https://keyserver.ubuntu.com:80 \
  pgp.mit.edu \
  ; do \

docker/2.0-openssl/Dockerfile

@@ -3,8 +3,8 @@ FROM alpine:3.18
 LABEL maintainer="Roger Light <[email protected]>" \
  description="Eclipse Mosquitto MQTT Broker"
 
-ENV VERSION=2.0.17 \
- DOWNLOAD_SHA256=3be7a911236567c1a9fbe25baf3e3167004ba4a0c151a448ef1f7fc077dba52f \
+ENV VERSION=2.0.18 \
+ DOWNLOAD_SHA256=d665fe7d0032881b1371a47f34169ee4edab67903b2cd2b4c083822823f4448a \
  GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \
  LWS_VERSION=4.2.1 \
  LWS_SHA256=842da21f73ccba2be59e680de10a8cce7928313048750eb6ad73b6fa50763c51

docker/2.0/Dockerfile

@@ -3,8 +3,8 @@ FROM alpine:3.18
 LABEL maintainer="Roger Light <[email protected]>" \
  description="Eclipse Mosquitto MQTT Broker"
 
-ENV VERSION=2.0.17 \
- DOWNLOAD_SHA256=3be7a911236567c1a9fbe25baf3e3167004ba4a0c151a448ef1f7fc077dba52f \
+ENV VERSION=2.0.18 \
+ DOWNLOAD_SHA256=d665fe7d0032881b1371a47f34169ee4edab67903b2cd2b4c083822823f4448a \
  GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7 \
  LWS_VERSION=4.2.1 \
  LWS_SHA256=842da21f73ccba2be59e680de10a8cce7928313048750eb6ad73b6fa50763c51

include/mosquitto.h

@@ -66,7 +66,7 @@ extern "C" {
 
 #define LIBMOSQUITTO_MAJOR 2
 #define LIBMOSQUITTO_MINOR 0
-#define LIBMOSQUITTO_REVISION 17
+#define LIBMOSQUITTO_REVISION 18
 /* LIBMOSQUITTO_VERSION_NUMBER looks like 1002001 for e.g. version 1.2.1. */
 #define LIBMOSQUITTO_VERSION_NUMBER (LIBMOSQUITTO_MAJOR*1000000+LIBMOSQUITTO_MINOR*1000+LIBMOSQUITTO_REVISION)
 

installer/mosquitto.nsi

@@ -9,7 +9,7 @@
 !define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"'
 
 Name "Eclipse Mosquitto"
-!define VERSION 2.0.17
+!define VERSION 2.0.18
 OutFile "mosquitto-${VERSION}-install-windows-x86.exe"
 
 InstallDir "$PROGRAMFILES\mosquitto"

installer/mosquitto64.nsi

@@ -9,7 +9,7 @@
 !define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"'
 
 Name "Eclipse Mosquitto"
-!define VERSION 2.0.17
+!define VERSION 2.0.18
 OutFile "mosquitto-${VERSION}-install-windows-x64.exe"
 
 !include "x64.nsh"

lib/CMakeLists.txt

@@ -94,6 +94,8 @@ set_target_properties(libmosquitto PROPERTIES
  OUTPUT_NAME mosquitto
  VERSION ${VERSION}
  SOVERSION 1
+ LINK_DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/linker.version
+ LINK_FLAGS "-Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/linker.version"
 )
 
 install(TARGETS libmosquitto

lib/misc_mosq.c

@@ -158,8 +158,9 @@ FILE *mosquitto__fopen(const char *path, const char *mode, bool restrict_read)
 #else
  fprintf(stderr,
 #endif
- "Warning: File %s has world readable permissions. Future versions will refuse to load this file.",
- path);
+ "Warning: File %s has world readable permissions. Future versions will refuse to load this file.\n"
+ "To fix this, use `chmod 0700 %s`.",
+ path, path);
 #if 0
  return NULL;
 #endif
@@ -175,8 +176,9 @@ FILE *mosquitto__fopen(const char *path, const char *mode, bool restrict_read)
 #else
  fprintf(stderr,
 #endif
- "Warning: File %s owner is not %s. Future versions will refuse to load this file.",
- path, result->pw_name);
+ "Warning: File %s owner is not %s. Future versions will refuse to load this file."
+ "To fix this, use `chown %s %s`.",
+ path, result->pw_name, result->pw_name, path);
  }
 #if 0
  // Future version

plugins/dynamic-security/plugin.c

@@ -166,8 +166,9 @@ FILE *mosquitto__fopen(const char *path, const char *mode, bool restrict_read)
 #else
  fprintf(stderr,
 #endif
- "Warning: File %s has world readable permissions. Future versions will refuse to load this file.",
- path);
+ "Warning: File %s has world readable permissions. Future versions will refuse to load this file."
+ "To fix this, use `chmod 0700 %s`.",
+ path, path);
 #if 0
  return NULL;
 #endif
@@ -183,8 +184,9 @@ FILE *mosquitto__fopen(const char *path, const char *mode, bool restrict_read)
 #else
  fprintf(stderr,
 #endif
- "Warning: File %s owner is not %s. Future versions will refuse to load this file.",
- path, result->pw_name);
+ "Warning: File %s owner is not %s. Future versions will refuse to load this file."
+ "To fix this, use `chown %s %s`.",
+ path, result->pw_name, result->pw_name, path);
  }
 #if 0
  // Future version

set-version.sh

@@ -2,7 +2,7 @@
 
 MAJOR=2
 MINOR=0
-REVISION=17
+REVISION=18
 
 sed -i "s/^VERSION=.*/VERSION=${MAJOR}.${MINOR}.${REVISION}/" config.mk
 

snap/snapcraft.yaml

@@ -1,5 +1,5 @@
 name: mosquitto
-version: 2.0.17
+version: 2.0.18
 summary: Eclipse Mosquitto MQTT broker
 description: This is a message broker that supports version 5.0, 3.1.1, and 3.1 of the MQTT
  protocol.

src/subs.c

@@ -389,7 +389,6 @@ static int sub__remove_normal(struct mosquitto *context, struct mosquitto__subhi
  if(context->subs[i] && context->subs[i]->hier == subhier){
  mosquitto__free(context->subs[i]);
  context->subs[i] = NULL;
- context->sub_count--;
  break;
  }
  }
@@ -430,7 +429,6 @@ static int sub__remove_shared(struct mosquitto *context, struct mosquitto__subhi
 
  mosquitto__free(context->subs[i]);
  context->subs[i] = NULL;
- context->sub_count--;
  break;
  }
  }

test/broker/data/REGRESSION.json

@@ -0,0 +1,18 @@
+[
+ {
+ "group": "REGRESSIONS",
+ "tests": [
+ { "name": "subscribe-unsubscribe-crash part 1", "ver":4, "expect_disconnect":false, "msgs": [
+ {"type":"send", "payload":"82 26 1234 0009 64 72 61 73 68 2F 31 2F 23 00 0009 65 72 61 73 68 2F 32 2F 23 00 0009 63 72 61 73 68 2F 33 2F 23 00"},
+ {"type":"recv", "payload":"90 05 1234 00 00 00"},
+ {"type":"send", "payload":"A2 0D 1234 0009 64 72 61 73 68 2F 31 2F 23"},
+ {"type":"recv", "payload":"B0 02 1234"}
+ ], "comment": "Must be used with part 2 immediately after",
+ "comment2": "Requires WITH_ASAN=yes"},
+ { "name": "subscribe-unsubscribe-crash part 2", "ver":4, "expect_disconnect":false, "msgs": [
+ {"type":"send", "payload":"82 0E 1234 0009 63 72 61 73 68 2F 33 2F 23 00"},
+ {"type":"recv", "payload":"90 03 1234 00"}
+ ], "comment": "https://github.com/eclipse/mosquitto/issues/2885"}
+ ]
+ }
+]

www/pages/security.md

@@ -19,7 +19,13 @@ follow the steps on [Eclipse Security] page to report it.
 Listed with most recent first. Further information on security related issues
 can be found in the [security category].
 
-* June 2023: [CVE-2023-28366]: Clients sending unacknowledged QoS 2 messages
+* August 2023: [CVE-2023-0809]: Fix excessive memory being allocated based on
+ malicious initial packets that are not CONNECT packets. Affecting versions
+ **1.5.0** to **2.0.15**. Fixed in **2.0.16**.
+* August 2023: [CVE-2023-3592]: Fix memory leak when clients send v5 CONNECT
+ packets with a will message that contains invalid property types. Affecting
+ version **1.6.0** to **2.0.15** Fixed in **2.0.16**.
+* August 2023: [CVE-2023-28366]: Clients sending unacknowledged QoS 2 messages
  with duplicate message ids cause a memory leak. Affecting versions **1.3.2**
  to **2.0.15** inclusive, fixed in **2.0.16**.
 * August 2022: Deleting the anonymous group in the dynamic security plugin

www/posts/2023/08/version-2-0-17-released.md

@@ -1,6 +1,6 @@
 <!--
-.. title: Version 2.0.16 released.
-.. slug: version-2-0-16-released
+.. title: Version 2.0.17 released.
+.. slug: version-2-0-17-released
 .. date: 2023-08-16 12:57:38 UTC+1
 .. tags: Releases
 .. category:
@@ -9,7 +9,7 @@
 .. type: text
 -->
 
-Version 2.0.16 of Mosquitto has been released. This is a bugfix release.
+Version 2.0.17 of Mosquitto has been released. This is a bugfix release.
 
 Broker:
 - Fix `max_queued_messages 0` stopping clients from receiving messages.

www/posts/2023/09/version-2-0-18-released.md

@@ -0,0 +1,23 @@
+<!--
+.. title: Version 2.0.18 released.
+.. slug: version-2-0-18-released
+.. date: 2023-09-18 22:18:38 UTC+1
+.. tags: Releases
+.. category:
+.. link:
+.. description:
+.. type: text
+-->
+
+Version 2.0.18 of Mosquitto has been released. This is a bugfix release.
+
+Broker:
+- Fix crash on subscribe under certain unlikely conditions. Closes [#2885].
+ Closes [#2881].
+
+Clients:
+- Fix mosquitto_rr not honouring `-R`. Closes [#2893].
+
+[#2881]: https://github.com/eclipse/mosquitto/issues/2881
+[#2885]: https://github.com/eclipse/mosquitto/issues/2885
+[#2893]: https://github.com/eclipse/mosquitto/issues/2893