-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
After upgrade to fix OpenSSL vulnerability websockets have stopped working #195
Comments
This is probably of no help, but I have WebSocket working on 1.4.9 and:
I do have a problem when WebSocket is NOT enabled... Ticket 194. JJ |
Hi websockcets should be enabled, they were before the upgrade and I have rebuilt again with websockets enabled. They were working before upgrade of OpenSSL |
Hi Adam, The only way you can get the To avoid any doubt, to compile with websockets support do exactly:
Could you try recompiling? |
Hi I understand but in this case this is scenario: A. Websockets was available and functioning I have made public examples of this, it was 100% working. B. After upgrading to the latest OpenSSL it failed to work. C. I have recompiled as mentioned above. |
Can you give me a bit more info on ldd /path/to/mosquitto As mentioned though I rebuilt twice today and also a few days ago and last week or so when the issue first occurred. Something when upgrading to the latest OpenSSL has messed something up. This is on CentOS |
Here is the video to prove it was working before the upgrade: |
The config.mk had the option set to yes in the first place and I have "make install"ed a few times today, nothing has changed |
|
I believe you that it was working beforehand. As to why it failed when you upgraded openssl I can't say. This is the relevant code though:
If you're getting that message then websockets support isn't compiled in. I've recorded an asciicast of me compiling with websockets support: https://asciinema.org/a/d2v33b1722xukttxnlkyyhpu1 One thought - maybe try running |
Still no, make clean, make, make install... sudo service mosquitto restart |
Whatever way it is done it is not rebuilding with Websockets but the question more why has it gone in the first place. |
I am getting this following your example: websockets.c:106: warning: initialization makes integer from pointer without a cast |
Right, that's progress - it's definitely trying to compile websockets support in now. What version of libwebsockets are you using? Version 2.x isn't supported in current releases. |
1.4 as far as I can remember one of the guys from the websockets github helped me install it last time as was having weird issues with GCC one sec will find the link. |
v1.4-chrome43-firefox-36 |
Getting the error message about initialization when trying to rebuild with 1.4.8 as well and that was 100% working with the version I had. |
Ok, the initialisation warning shouldn't be important then - does it work now? |
No nothing has changed |
So just to be clear, you've recompiled and got warnings when the web
|
Yes mate every time this was the issue that brought me here. |
I'm not trying to be awkward, but the only way what you are describing (compiled from a clean source tree using If you are successfully compiling with I imagine that this is probably down to something like you having old version of mosquitto kicking around somewhere that is getting picked up instead of the version you've newly compiled. Could you try and reproduce my asciicast exactly - that is to say run the executable from the directory not installing it. If you could produce your own asciicast as well that would be even better. |
The setup has authplugin that is the only difference. This is in live environment and I am reluctant to start installing new versions, I need to know why it suddenly stopped. My interest is not in installing new versions, my interest is in how to get the existing setup functioning again. Re your asciicast what is wf.conf ? Does this mean that 1.4.9 is totally different to 1.4.8 ? Have never seen that before and again I need to fix the existing setup not replace it with a new one and have to start again, sorry not being a pain, but there is no time to reset up the entire system |
Incidently when I did try and recompile none of the files in /etc/mosquitto were changed all the authplugin and mosquitto.conf was still the same, not sure if this is any relevance. |
ws.conf is a config file that just contains listener 1888 This means there is nothing else to get in the way.
|
If I get the new version running is this compatible with jpmens authplugin ? I understand it is a config file, but the other versions use mosquitto.conf and the auth plugin is built to use that as well, does ws.conf replace this file in the new version? I need to look more at the existing version and why that is not working, I honestly cannot spare time to rebuild and mess with the system again, this is live now. Did you see my comment about none of the configs etc being replaced when rebuilding ? Also I thought also maybe there was a conflicting setup, how do I locate these? Although that doesn't make much sense as it is only websockets not working the authplugin is working correctly, at first I thought it was directly related to the OpenSSL upgrade but the auth plugin also uses OpenSSL and continues to function |
Version of mosquitto 1.4.9 is completely compatible with version 1.4.8, it only includes bug fixes. Likewise with mosquitto_auth_plugin. You can use any configuration file you want with mosquitto, the file I was using was just for testing purposes to demonstrate how to compile and test with websockets support. If you reproduce those steps exactly it should work for you. If it doesn't work for you, then the best way to get it solved is for you to install asciinema and record yourself replicating my exact steps so I can see where things go wrong. I'm only asking you to do these things to help you - if you've not got time to look at it please just close the bug. |
I said I didn't have time to rebuild the entire system not that I have no time to get the existing fixed. Thanks I know you are helping I will test this tonight and get back to you thanks again. |
This issue still remains, have not been successful in getting websockets working again. |
I can't see how this could be possible based on what you've said. If you could put together a video of you installing libwebsockets and mosquitto from scratch showing the config and demonstrating the problem then we should be able to make some progress. |
I'm closing this because I don't believe there is an actual problem with mosquitto. If you disagree, feel free to reopen it and provide more information about the problem. |
After upgrading to the latest OpenSSL version to fix the recent security vulnerability, I get the following:
[FAILED] Starting Mosquitto MQTT brokerError: Websockets support not available. Error found at /etc/mosquitto/conf.d/mosquitto.conf:42. Error found at /etc/mosquitto/mosquitto.conf:10. Error: Unable to open configuration file.
I have rebuilt Mosquitto 1.4.8 and still the same message despite rebuilding with Websockets = yes. It was previously working before upgrade to latest OpenSSL and was definitely functioning correctly.
Anyone experienced this or know how to get around ? TIA
The text was updated successfully, but these errors were encountered: