Mosquitto should not send CONNACK on re-authentication with wrong credentials. #2339
Labels
Component: mosquitto-broker
Status: Completed
Nothing further to be done with this issue, it can be closed by the requestor or committer.
Type: Bug
Milestone
Comments
|
Thanks very much, I've committed a change in the |
ralight
added
Component: mosquitto-broker
Status: Completed
|
Thanks. I see you applied the same change to the MOSQ_ERR_NOT_SUPPORTED leg. I did not include that in my patch because I don't see how that code can ever be reached in a re-authenticate scenario. If extended authentication is not supported, a client would not be able to connect with extended authentication in the first place, much less re-authenticate. But it doesn't harm either. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
When re-authentication fails due to bad credentials, mosquitto sends a CONNACK message with reason code 135. This is the second CONNACK within the connection. That is explicitly prohibited by conformance statement MQTT-3.2.0-2 ("The Server MUST NOT send more than one CONNACK in a Network Connection"). As I understand it, a broker is supposed to send a DISCONNECT message (with reason code 135) in this situation.
Something like reauth_not_authorized.diff.txt might fix it.
The issue has been checked against the latest check-in of the master branch (9afeeb1, version 2.0.12) on linux.
The text was updated successfully, but these errors were encountered: