From 68963d6fbc01d3bce4e158353c44f87672959dd1 Mon Sep 17 00:00:00 2001 From: Brandon Arrendondo Date: Mon, 6 Nov 2017 16:06:40 -0500 Subject: [PATCH 1/5] Fix for issue #537: should not log connection message if option to log it disabled Signed-off-by: Brandon Arrendondo --- src/net.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/net.c b/src/net.c index b8a03dc0fd..c5bac53eea 100644 --- a/src/net.c +++ b/src/net.c @@ -4,12 +4,12 @@ Copyright (c) 2009-2014 Roger Light All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse Public License v1.0 and Eclipse Distribution License v1.0 which accompany this distribution. - + The Eclipse Public License is available at http://www.eclipse.org/legal/epl-v10.html and the Eclipse Distribution License is available at http://www.eclipse.org/org/documents/edl-v10.php. - + Contributors: Roger Light - initial implementation and documentation. */ @@ -191,7 +191,9 @@ int mqtt3_socket_accept(struct mosquitto_db *db, mosq_sock_t listensock) } #endif - _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "New connection from %s on port %d.", new_context->address, new_context->listener->port); + if(db->config->connection_messages == true){ + _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "New connection from %s on port %d.", new_context->address, new_context->listener->port); + } return new_sock; } From 594b8303d565bf63e72b25ab6f562dc57230daca Mon Sep 17 00:00:00 2001 From: Brandon Arrendondo Date: Tue, 7 Nov 2017 17:04:56 -0500 Subject: [PATCH 2/5] Additional fix for issue #537: connection_messages logging Signed-off-by: Brandon Arrendondo --- src/loop.c | 12 +++++++----- src/net.c | 26 ++++++++++++++++---------- src/security.c | 8 ++++++-- src/security_default.c | 8 ++++++-- src/websockets.c | 6 ++++-- 5 files changed, 39 insertions(+), 21 deletions(-) diff --git a/src/loop.c b/src/loop.c index bf4876bc94..215be5e5f6 100644 --- a/src/loop.c +++ b/src/loop.c @@ -323,12 +323,14 @@ int mosquitto_main_loop(struct mosquitto_db *db, mosq_sock_t *listensock, int li * expire it and clean up. */ if(now_time > context->disconnect_t+db->config->persistent_client_expiration){ - if(context->id){ - id = context->id; - }else{ - id = ""; + if(db->config->connection_messages == true){ + if(context->id){ + id = context->id; + }else{ + id = ""; + } + _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "Expiring persistent client %s due to timeout.", id); } - _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "Expiring persistent client %s due to timeout.", id); #ifdef WITH_SYS_TREE g_clients_expired++; #endif diff --git a/src/net.c b/src/net.c index c5bac53eea..a0136d6c01 100644 --- a/src/net.c +++ b/src/net.c @@ -118,7 +118,9 @@ int mqtt3_socket_accept(struct mosquitto_db *db, mosq_sock_t listensock) if(!hosts_access(&wrap_req)){ /* Access is denied */ if(!_mosquitto_socket_get_address(new_sock, address, 1024)){ - _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "Client connection from %s denied access by tcpd.", address); + if(db->config->connection_messages == true){ + _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "Client connection from %s denied access by tcpd.", address); + } } COMPAT_CLOSE(new_sock); return -1; @@ -144,7 +146,9 @@ int mqtt3_socket_accept(struct mosquitto_db *db, mosq_sock_t listensock) } if(new_context->listener->max_connections > 0 && new_context->listener->client_count > new_context->listener->max_connections){ - _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "Client connection from %s denied: max_connections exceeded.", new_context->address); + if(db->config->connection_messages == true){ + _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "Client connection from %s denied: max_connections exceeded.", new_context->address); + } mqtt3_context_cleanup(db, new_context, true); return -1; } @@ -174,12 +178,14 @@ int mqtt3_socket_accept(struct mosquitto_db *db, mosq_sock_t listensock) }else if(rc == SSL_ERROR_WANT_WRITE){ new_context->want_write = true; }else{ - e = ERR_get_error(); - while(e){ - _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, - "Client connection from %s failed: %s.", - new_context->address, ERR_error_string(e, ebuf)); + if(db->config->connection_messages == true){ e = ERR_get_error(); + while(e){ + _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, + "Client connection from %s failed: %s.", + new_context->address, ERR_error_string(e, ebuf)); + e = ERR_get_error(); + } } mqtt3_context_cleanup(db, new_context, true); return -1; @@ -191,9 +197,9 @@ int mqtt3_socket_accept(struct mosquitto_db *db, mosq_sock_t listensock) } #endif - if(db->config->connection_messages == true){ - _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "New connection from %s on port %d.", new_context->address, new_context->listener->port); - } + if(db->config->connection_messages == true){ + _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "New connection from %s on port %d.", new_context->address, new_context->listener->port); + } return new_sock; } diff --git a/src/security.c b/src/security.c index 67a4f791d5..40eaab20ef 100644 --- a/src/security.c +++ b/src/security.c @@ -242,11 +242,15 @@ int mosquitto_acl_check(struct mosquitto_db *db, struct mosquitto *context, cons * plugins against possible pattern based attacks. */ if(username && strpbrk(username, "+#")){ - _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "ACL denying access to client with dangerous username \"%s\"", username); + if(db->config->connection_messages == true){ + _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "ACL denying access to client with dangerous username \"%s\"", username); + } return MOSQ_ERR_ACL_DENIED; } if(context->id && strpbrk(context->id, "+#")){ - _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "ACL denying access to client with dangerous client id \"%s\"", context->id); + if(db->config->connection_messages == true){ + _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "ACL denying access to client with dangerous client id \"%s\"", context->id); + } return MOSQ_ERR_ACL_DENIED; } } diff --git a/src/security_default.c b/src/security_default.c index c408582815..a7a6e23f7f 100644 --- a/src/security_default.c +++ b/src/security_default.c @@ -274,12 +274,16 @@ int mosquitto_acl_check_default(struct mosquitto_db *db, struct mosquitto *conte * publish or receive messages to its own place in the hierarchy). */ if(context->username && strpbrk(context->username, "+#")){ - _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "ACL denying access to client with dangerous username \"%s\"", context->username); + if(db->config->connection_messages == true){ + _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "ACL denying access to client with dangerous username \"%s\"", context->username); + } return MOSQ_ERR_ACL_DENIED; } if(context->id && strpbrk(context->id, "+#")){ - _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "ACL denying access to client with dangerous client id \"%s\"", context->id); + if(db->config->connection_messages == true){ + _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "ACL denying access to client with dangerous client id \"%s\"", context->id); + } return MOSQ_ERR_ACL_DENIED; } } diff --git a/src/websockets.c b/src/websockets.c index 5fdf12b30c..05c0dcea3b 100644 --- a/src/websockets.c +++ b/src/websockets.c @@ -219,7 +219,9 @@ static int callback_mqtt(struct libwebsocket_context *context, return -1; } if(mosq->listener->max_connections > 0 && mosq->listener->client_count > mosq->listener->max_connections){ - _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "Client connection from %s denied: max_connections exceeded.", mosq->address); + if(db->config->connection_messages == true){ + _mosquitto_log_printf(NULL, MOSQ_LOG_NOTICE, "Client connection from %s denied: max_connections exceeded.", mosq->address); + } _mosquitto_free(mosq); u->mosq = NULL; return -1; @@ -535,7 +537,7 @@ static int callback_http(struct libwebsocket_context *context, "Server: mosquitto\r\n" "Content-Length: %u\r\n\r\n", (unsigned int)filestat.st_size); - if(libwebsocket_write(wsi, buf, buflen, LWS_WRITE_HTTP) < 0){ + if(libwebsocket_write(wsi, buf, buflen, LWS_WRITE_HTTP) < 0){ fclose(u->fptr); u->fptr = NULL; return -1; From 498205a867cbc9fc2434b56eb11be7806067e90f Mon Sep 17 00:00:00 2001 From: Brandon Arrendondo Date: Thu, 9 Nov 2017 18:03:05 -0500 Subject: [PATCH 3/5] Fixed issue #520: Documentation issue --- man/mosquitto.conf.5.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/man/mosquitto.conf.5.xml b/man/mosquitto.conf.5.xml index 37614dd4d6..50c274922a 100644 --- a/man/mosquitto.conf.5.xml +++ b/man/mosquitto.conf.5.xml @@ -116,7 +116,7 @@ user <username> The username referred to here is the same as in - e. It is not the + . It is not the clientid. It is also possible to define ACLs based on pattern @@ -189,7 +189,7 @@ value Options to be passed to the auth plugin. See the - specific plugin instructions. + specific plugin instructions. @@ -698,7 +698,7 @@ client connected to a listener with mount point example can only see messages that are published in the topic hierarchy - example and above. + example and below. Not reloaded on reload signal. From 93fc56860ce7276339b1cb212ddc9b8eee8fcf96 Mon Sep 17 00:00:00 2001 From: Brandon Arrendondo Date: Fri, 10 Nov 2017 10:06:41 -0500 Subject: [PATCH 4/5] Fix readme documentation - xsltproc is also needed to build the documentation --- readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme.md b/readme.md index 0ae7587f70..6474fc2831 100644 --- a/readme.md +++ b/readme.md @@ -61,7 +61,7 @@ to build. For Windows, see also `readme-windows.md`. If you are building from the git repository then the documentation will not already be built. Use `make binary` to skip building the man pages, or install -`docbook-xsl` on Debian/Ubuntu systems. +`docbook-xsl` and `xsltproc` on Debian/Ubuntu systems. ### Build Dependencies From 17da84735f8b9eaf21d1f59fa9a2025c5f57ac03 Mon Sep 17 00:00:00 2001 From: Brandon Arrendondo Date: Mon, 13 Nov 2017 09:19:29 -0500 Subject: [PATCH 5/5] Fixed #621 - rewording regarding keepalive for the client Signed-off-by: Brandon Arrendondo --- lib/mosquitto.h | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/mosquitto.h b/lib/mosquitto.h index b7cc749fba..4ac6dccb86 100644 --- a/lib/mosquitto.h +++ b/lib/mosquitto.h @@ -334,8 +334,8 @@ libmosq_EXPORT int mosquitto_username_pw_set(struct mosquitto *mosq, const char * mosq - a valid mosquitto instance. * host - the hostname or ip address of the broker to connect to. * port - the network port to connect to. Usually 1883. - * keepalive - the number of seconds after which the broker should send a PING - * message to the client if no other messages have been exchanged + * keepalive - the number of seconds after which the client should send a PING + * message to the broker if no other messages have been exchanged * in that time. * * Returns: @@ -362,8 +362,8 @@ libmosq_EXPORT int mosquitto_connect(struct mosquitto *mosq, const char *host, i * mosq - a valid mosquitto instance. * host - the hostname or ip address of the broker to connect to. * port - the network port to connect to. Usually 1883. - * keepalive - the number of seconds after which the broker should send a PING - * message to the client if no other messages have been exchanged + * keepalive - the number of seconds after which the client should send a PING + * message to the broker if no other messages have been exchanged * in that time. * bind_address - the hostname or ip address of the local network interface to * bind to. @@ -395,8 +395,8 @@ libmosq_EXPORT int mosquitto_connect_bind(struct mosquitto *mosq, const char *ho * mosq - a valid mosquitto instance. * host - the hostname or ip address of the broker to connect to. * port - the network port to connect to. Usually 1883. - * keepalive - the number of seconds after which the broker should send a PING - * message to the client if no other messages have been exchanged + * keepalive - the number of seconds after which the client should send a PING + * message to the broker if no other messages have been exchanged * in that time. * * Returns: @@ -430,8 +430,8 @@ libmosq_EXPORT int mosquitto_connect_async(struct mosquitto *mosq, const char *h * mosq - a valid mosquitto instance. * host - the hostname or ip address of the broker to connect to. * port - the network port to connect to. Usually 1883. - * keepalive - the number of seconds after which the broker should send a PING - * message to the client if no other messages have been exchanged + * keepalive - the number of seconds after which the client should send a PING + * message to the broker if no other messages have been exchanged * in that time. * bind_address - the hostname or ip address of the local network interface to * bind to. @@ -466,8 +466,8 @@ libmosq_EXPORT int mosquitto_connect_bind_async(struct mosquitto *mosq, const ch * Parameters: * mosq - a valid mosquitto instance. * host - the hostname or ip address of the broker to connect to. - * keepalive - the number of seconds after which the broker should send a PING - * message to the client if no other messages have been exchanged + * keepalive - the number of seconds after which the client should send a PING + * message to the broker if no other messages have been exchanged * in that time. * bind_address - the hostname or ip address of the local network interface to * bind to.