Merge branch 'fixes'

CMakeLists.txt

@@ -11,7 +11,7 @@ project(mosquitto)
 cmake_minimum_required(VERSION 2.8)
 # Only for version 3 and up. cmake_policy(SET CMP0042 NEW)
 
-set (VERSION 1.5.4)
+set (VERSION 1.5.5)
 
 add_definitions (-DCMAKE -DVERSION=\"${VERSION}\")
 

ChangeLog.txt

@@ -1,3 +1,39 @@
+1.5.5 - 20181211
+================
+
+Security:
+- If `per_listener_settings` is set to true, then the `acl_file` setting was
+ ignored for the "default listener" only. This has been fixed. This does not
+ affect any listeners defined with the `listener` option. Closes #1073.
+
+Broker:
+- Add `socket_domain` option to allow listeners to disable IPv6 support.
+ This is required to work around a problem in libwebsockets that means
+ sockets only listen on IPv6 by default if IPv6 support is compiled in.
+ Closes #1004.
+- When using ADNS, don't ask for all network protocols when connecting,
+ because this can lead to confusing "Protocol not supported" errors if the
+ network is down. Closes #1062.
+- Fix outgoing retained messages not being sent by bridges on initial
+ connection. Closes #1040.
+- Don't reload auth_opt_ options on reload, to match the behaviour of the
+ other plugin options. Closes #1068.
+- Print message on error when installing/uninstalling as a Windows service.
+- All non-error connect/disconnect messages are controlled by the
+ `connection_messages` option. Closes #772. Closes #613. Closes #537.
+
+Library:
+- Fix reconnect delay backoff behaviour. Closes #1027.
+- Don't call on_disconnect() twice if keepalive tests fail. Closes #1067.
+
+Client:
+- Always print leading zeros in mosquitto_sub when output format is hex.
+ Closes #1066.
+
+Build:
+- Fix building where TLS-PSK is not available. Closes #68.
+
+
 1.5.4 - 20181108
 ================
 

client/client_shared.c

@@ -151,7 +151,7 @@ void client_config_cleanup(struct mosq_config *cfg)
  free(cfg->keyfile);
  free(cfg->ciphers);
  free(cfg->tls_version);
-# ifdef WITH_TLS_PSK
+# ifdef FINAL_WITH_TLS_PSK
  free(cfg->psk);
  free(cfg->psk_identity);
 # endif
@@ -309,7 +309,7 @@ int client_config_load(struct mosq_config *cfg, int pub_or_sub, int argc, char *
  return 1;
  }
 #endif
-#ifdef WITH_TLS_PSK
+#ifdef FINAL_WITH_TLS_PSK
  if((cfg->cafile || cfg->capath) && cfg->psk){
  if(!cfg->quiet) fprintf(stderr, "Error: Only one of --psk or --cafile/--capath may be used at once.\n");
  return 1;
@@ -673,7 +673,7 @@ int client_config_line_proc(struct mosq_config *cfg, int pub_or_sub, int argc, c
  i++;
  }
 #endif
-#ifdef WITH_TLS_PSK
+#ifdef FINAL_WITH_TLS_PSK
  }else if(!strcmp(argv[i], "--psk")){
  if(i==argc-1){
  fprintf(stderr, "Error: --psk argument given but no key specified.\n\n");
@@ -912,7 +912,7 @@ int client_opts_set(struct mosquitto *mosq, struct mosq_config *cfg)
  mosquitto_lib_cleanup();
  return 1;
  }
-# ifdef WITH_TLS_PSK
+# ifdef FINAL_WITH_TLS_PSK
  if(cfg->psk && mosquitto_tls_psk_set(mosq, cfg->psk, cfg->psk_identity, NULL)){
  if(!cfg->quiet) fprintf(stderr, "Error: Problem setting TLS-PSK options.\n");
  mosquitto_lib_cleanup();
@@ -985,7 +985,7 @@ int client_connect(struct mosquitto *mosq, struct mosq_config *cfg)
  if(cfg->port < 0){
 #ifdef WITH_TLS
  if(cfg->cafile || cfg->capath
-# ifdef WITH_TLS_PSK
+# ifdef FINAL_WITH_TLS_PSK
  || cfg->psk
 # endif
  ){

client/client_shared.h

@@ -66,7 +66,7 @@ struct mosq_config {
  char *ciphers;
  bool insecure;
  char *tls_version;
-# ifdef WITH_TLS_PSK
+# ifdef FINAL_WITH_TLS_PSK
  char *psk;
  char *psk_identity;
 # endif

client/pub_client.c

@@ -223,7 +223,7 @@ void print_usage(void)
 #ifdef WITH_TLS
  printf(" [{--cafile file | --capath dir} [--cert file] [--key file]\n");
  printf(" [--ciphers ciphers] [--insecure]]\n");
-#ifdef WITH_TLS_PSK
+#ifdef FINAL_WITH_TLS_PSK
  printf(" [--psk hex-key --psk-identity identity [--ciphers ciphers]]\n");
 #endif
 #endif
@@ -280,7 +280,7 @@ void print_usage(void)
  printf(" hostname. Using this option means that you cannot be sure that the\n");
  printf(" remote host is the server you wish to connect to and so is insecure.\n");
  printf(" Do not use this option in a production environment.\n");
-# ifdef WITH_TLS_PSK
+# ifdef FINAL_WITH_TLS_PSK
  printf(" --psk : pre-shared-key in hexadecimal (no leading 0x) to enable TLS-PSK mode.\n");
  printf(" --psk-identity : client identity string for TLS-PSK mode.\n");
 # endif

client/sub_client.c

@@ -155,7 +155,7 @@ void print_usage(void)
 #ifdef WITH_TLS
  printf(" [{--cafile file | --capath dir} [--cert file] [--key file]\n");
  printf(" [--ciphers ciphers] [--insecure]]\n");
-#ifdef WITH_TLS_PSK
+#ifdef FINAL_WITH_TLS_PSK
  printf(" [--psk hex-key --psk-identity identity [--ciphers ciphers]]\n");
 #endif
 #endif
@@ -218,7 +218,7 @@ void print_usage(void)
  printf(" hostname. Using this option means that you cannot be sure that the\n");
  printf(" remote host is the server you wish to connect to and so is insecure.\n");
  printf(" Do not use this option in a production environment.\n");
-#ifdef WITH_TLS_PSK
+#ifdef FINAL_WITH_TLS_PSK
  printf(" --psk : pre-shared-key in hexadecimal (no leading 0x) to enable TLS-PSK mode.\n");
  printf(" --psk-identity : client identity string for TLS-PSK mode.\n");
 #endif

client/sub_client_output.c

@@ -85,11 +85,11 @@ static void write_payload(const unsigned char *payload, int payloadlen, int hex)
  (void)fwrite(payload, 1, payloadlen, stdout);
  }else if(hex == 1){
  for(i=0; i<payloadlen; i++){
- fprintf(stdout, "%x", payload[i]);
+ fprintf(stdout, "%02x", payload[i]);
  }
  }else if(hex == 2){
  for(i=0; i<payloadlen; i++){
- fprintf(stdout, "%X", payload[i]);
+ fprintf(stdout, "%02X", payload[i]);
  }
  }
 }

config.h

@@ -37,4 +37,12 @@
 #define uthash_malloc(sz) mosquitto__malloc(sz)
 #define uthash_free(ptr,sz) mosquitto__free(ptr)
 
+
+#ifdef WITH_TLS
+# include <openssl/opensslconf.h>
+# if defined(WITH_TLS_PSK) && !defined(OPENSSL_NO_PSK)
+# define FINAL_WITH_TLS_PSK
+# endif
+#endif
+
 #endif

config.mk

@@ -105,7 +105,7 @@ WITH_BUNDLED_DEPS:=yes
 
 # Also bump lib/mosquitto.h, CMakeLists.txt,
 # installer/mosquitto.nsi, installer/mosquitto64.nsi
-VERSION=1.5.4
+VERSION=1.5.5
 
 # Client library SO version. Bump if incompatible API/ABI changes are made.
 SOVERSION=1

docker/1.5/Dockerfile

@@ -67,8 +67,8 @@ RUN set -x && \
  WITH_WEBSOCKETS=yes \
  prefix=/usr \
  binary && \
- addgroup -S mosquitto 2>/dev/null && \
- adduser -S -D -H -h /var/empty -s /sbin/nologin -G mosquitto -g mosquitto mosquitto 2>/dev/null && \
+ addgroup -S -g 1883 mosquitto 2>/dev/null && \
+ adduser -S -u 1883 -D -H -h /var/empty -s /sbin/nologin -G mosquitto -g mosquitto mosquitto 2>/dev/null && \
  mkdir -p /mosquitto/config /mosquitto/data /mosquitto/log && \
  install -d /usr/sbin/ && \
  install -s -m755 /build/mosq/src/mosquitto /usr/sbin/mosquitto && \

docker/1.5/README.md

@@ -13,6 +13,11 @@ Two docker volumes have been created in the image to be used for persistent stor
 /mosquitto/log
 ```
 
+## User/Group
+
+The image runs mosqutto under the mosquitto user and group, which are created
+with a uid and gid of 1883.
+
 ## Configuration
 When creating a container from the image, the default configuration values are used.
 To use a custom configuration file, mount a **local** configuration file to `/mosquitto/config/mosquitto.conf`

installer/mosquitto.nsi

@@ -9,7 +9,7 @@
 !define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"'
 
 Name "Eclipse Mosquitto"
-!define VERSION 1.5.4
+!define VERSION 1.5.5
 OutFile "mosquitto-${VERSION}-install-windows-x86.exe"
 
 InstallDir "$PROGRAMFILES\mosquitto"
@@ -18,8 +18,7 @@ InstallDir "$PROGRAMFILES\mosquitto"
 ; Installer pages
 !insertmacro MUI_PAGE_WELCOME
 
-Page custom DependencyPage
-!insertmacro MUI_PAGE_COMPONENTS
+;!insertmacro MUI_PAGE_COMPONENTS
 !insertmacro MUI_PAGE_DIRECTORY
 !insertmacro MUI_PAGE_INSTFILES
 !insertmacro MUI_PAGE_FINISH
@@ -55,8 +54,8 @@ Section "Files" SecInstall
  File "..\readme.md"
  File "..\readme-windows.txt"
  ;File "C:\pthreads\Pre-built.2\dll\x86\pthreadVC2.dll"
- ;File "C:\OpenSSL-Win32\bin\libssl_1-1.dll"
- ;File "C:\OpenSSL-Win32\bin\libcrypto_1-1.dll"
+ File "C:\OpenSSL-Win32\bin\libssl-1_1.dll"
+ File "C:\OpenSSL-Win32\bin\libcrypto-1_1.dll"
  File "..\edl-v10"
  File "..\epl-v10"
 
@@ -96,8 +95,8 @@ Section "Uninstall"
  Delete "$INSTDIR\readme.txt"
  Delete "$INSTDIR\readme-windows.txt"
  ;Delete "$INSTDIR\pthreadVC2.dll"
- ;Delete "$INSTDIR\libssl_1-1.dll"
- ;Delete "$INSTDIR\libcrypto_1-1.dll"
+ Delete "$INSTDIR\libssl-1_1.dll"
+ Delete "$INSTDIR\libcrypto-1_1.dll"
  Delete "$INSTDIR\edl-v10"
  Delete "$INSTDIR\epl-v10"
 
@@ -120,28 +119,3 @@ LangString DESC_SecInstall ${LANG_ENGLISH} "The main installation."
  !insertmacro MUI_DESCRIPTION_TEXT ${SecInstall} $(DESC_SecInstall)
 !insertmacro MUI_FUNCTION_DESCRIPTION_END
 
-Var Dialog
-Var OSSLLink
-Var PTHLink
-
-Function DependencyPage
- nsDialogs::Create 1018
- Pop $Dialog
-
- ${If} $Dialog == error
- Abort
- ${EndIf}
-
- ${NSD_CreateLabel} 0 0 100% 12u "OpenSSL - install 'Win32 OpenSSL v1.1.0* Light' then copy libssl_1-1.dll and libcrypto_1-1.dll to the mosquitto directory"
- ${NSD_CreateLink} 13u 13u 100% 12u "http:https://slproweb.com/products/Win32OpenSSL.html"
- Pop $OSSLLink
- ${NSD_OnClick} $OSSLLink OnClick_OSSL
-
- !insertmacro MUI_HEADER_TEXT_PAGE "Dependencies" "This page lists packages that must be installed if not already present"
- nsDialogs::Show
-FunctionEnd
-
-Function OnClick_OSSL
- Pop $0
- ExecShell "open" "http:https://slproweb.com/products/Win32OpenSSL.html"
-FunctionEnd

installer/mosquitto64.nsi

@@ -9,7 +9,7 @@
 !define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"'
 
 Name "Eclipse Mosquitto"
-!define VERSION 1.5.4
+!define VERSION 1.5.5
 OutFile "mosquitto-${VERSION}-install-windows-x64.exe"
 
 !include "x64.nsh"
@@ -19,8 +19,7 @@ InstallDir "$PROGRAMFILES64\mosquitto"
 ; Installer pages
 !insertmacro MUI_PAGE_WELCOME
 
-Page custom DependencyPage
-!insertmacro MUI_PAGE_COMPONENTS
+;!insertmacro MUI_PAGE_COMPONENTS
 !insertmacro MUI_PAGE_DIRECTORY
 !insertmacro MUI_PAGE_INSTFILES
 !insertmacro MUI_PAGE_FINISH
@@ -56,8 +55,8 @@ Section "Files" SecInstall
  File "..\readme.md"
  File "..\readme-windows.txt"
  ;File "C:\pthreads\Pre-built.2\dll\x64\pthreadVC2.dll"
- ;File "C:\OpenSSL-Win64\bin\libssl_1-1-x64.dll"
- ;File "C:\OpenSSL-Win64\bin\libcrypto_1-1-x64.dll"
+ File "C:\OpenSSL-Win64\bin\libssl-1_1-x64.dll"
+ File "C:\OpenSSL-Win64\bin\libcrypto-1_1-x64.dll"
  File "..\edl-v10"
  File "..\epl-v10"
 
@@ -97,8 +96,8 @@ Section "Uninstall"
  Delete "$INSTDIR\readme.txt"
  Delete "$INSTDIR\readme-windows.txt"
  ;Delete "$INSTDIR\pthreadVC2.dll"
- ;Delete "$INSTDIR\libssl_1-1-x64.dll"
- ;Delete "$INSTDIR\libcrypto_1-1-x64.dll"
+ Delete "$INSTDIR\libssl-1_1-x64.dll"
+ Delete "$INSTDIR\libcrypto-1_1-x64.dll"
  Delete "$INSTDIR\edl-v10"
  Delete "$INSTDIR\epl-v10"
 
@@ -121,28 +120,3 @@ LangString DESC_SecInstall ${LANG_ENGLISH} "The main installation."
  !insertmacro MUI_DESCRIPTION_TEXT ${SecInstall} $(DESC_SecInstall)
 !insertmacro MUI_FUNCTION_DESCRIPTION_END
 
-Var Dialog
-Var OSSLLink
-Var PTHLink
-
-Function DependencyPage
- nsDialogs::Create 1018
- Pop $Dialog
-
- ${If} $Dialog == error
- Abort
- ${EndIf}
-
- ${NSD_CreateLabel} 0 0 100% 12u "OpenSSL - install 'Win64 OpenSSL v1.1.0* Light' then copy libssl_1-1-x64.dll and libcrypto_1-1-x64.dll to the mosquitto directory"
- ${NSD_CreateLink} 13u 13u 100% 12u "http:https://slproweb.com/products/Win32OpenSSL.html"
- Pop $OSSLLink
- ${NSD_OnClick} $OSSLLink OnClick_OSSL
-
- !insertmacro MUI_HEADER_TEXT_PAGE "Dependencies" "This page lists packages that must be installed if not already present"
- nsDialogs::Show
-FunctionEnd
-
-Function OnClick_OSSL
- Pop $0
- ExecShell "open" "http:https://slproweb.com/products/Win32OpenSSL.html"
-FunctionEnd