-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Drop a secure connection in mosquitto auth plugin #2150
Comments
If you require client certificates and set |
can someone help me? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I have written a plugin for mosquitto auth. I have configured only the
SSL
connection (usingrequire_certificate true
in the conf file) on one port. This is how my conf file looks like:I was expecting mosquitto_auth_unpwd_check to be called before
mosquitto_auth_acl_check
but that's not happening. I get call tomosquitto_auth_acl_check
without any call tomosquitto_auth_unpwd_check
.All I want to achieve is to
drop
the connection if the client hasX509
having a serial number not specified in my list (stored in a file). I can do access control by disallowing subscription and publish but I want to drop the connection also.My partial auth_plugin function implementation:
Is there any other way to drop the connection? If I don't drop the connection, can a hacker use comprised certificate to do DOS attack?
I have posted the same question/issue over here
The text was updated successfully, but these errors were encountered: