Permalink
Browse files

Merge branch 'fixes'

2 parents d813e11 + 87b6a74 commit ee1fd1718b5aafedf62baff87eb802f7515e3c4f @ralight ralight committed Aug 16, 2016
View
@@ -11,7 +11,7 @@ project(mosquitto)
cmake_minimum_required(VERSION 2.8)
# Only for version 3 and up. cmake_policy(SET CMP0042 NEW)
-set (VERSION 1.4.9)
+set (VERSION 1.4.10)
if (WIN32)
execute_process(COMMAND cmd /c echo %DATE% %TIME% OUTPUT_VARIABLE TIMESTAMP
View
@@ -1,3 +1,29 @@
+1.4.10 - 20160816
+=================
+
+Broker:
+- Fix TLS operation with websockets listeners and libwebsockts 2.x. Closes
+ #186.
+- Don't disconnect client on HUP before reading the pending data. Closes #7.
+- Fix some $SYS messages being incorrectly persisted. Closes #191.
+- Support OpenSSL 1.1.0.
+- Call fsync after persisting data to ensure it is correctly written. Closes
+ #189.
+- Fix persistence saving of subscription QoS on big-endian machines.
+- Fix will retained flag handling on Windows. Closes #222.
+- Broker now displays an error if it is unable to open the log file. Closes
+ #234.
+
+Client library:
+- Support OpenSSL 1.1.0.
+- Fixed the C++ library not allowing SOCKS support to be used. Closes #198.
+- Fix memory leak when verifying a server certificate with a subjectAltName
+ section. Closes #237.
+
+Build:
+- Don't attempt to install docs when WITH_DOCS=no. Closes #184.
+
+
1.4.9 - 20160603
================
View
@@ -36,7 +36,9 @@ test : mosquitto
install : mosquitto
set -e; for d in ${DIRS}; do $(MAKE) -C $${d} install; done
+ifeq ($(WITH_DOCS),yes)
set -e; for d in ${DOCDIRS}; do $(MAKE) -C $${d} install; done
+endif
$(INSTALL) -d ${DESTDIR}/etc/mosquitto
$(INSTALL) -m 644 mosquitto.conf ${DESTDIR}/etc/mosquitto/mosquitto.conf.example
$(INSTALL) -m 644 aclfile.example ${DESTDIR}/etc/mosquitto/aclfile.example
View
@@ -55,6 +55,7 @@ Michael Hekel
Michael Laing
Michael Rushton
Mike Bush
+Milan Tucic
Neil Bothwick
Nicholas Humfrey
Nicholas O'Leary
View
@@ -83,7 +83,7 @@ WITH_SOCKS:=yes
# Also bump lib/mosquitto.h, CMakeLists.txt,
# installer/mosquitto.nsi, installer/mosquitto-cygwin.nsi
-VERSION=1.4.9
+VERSION=1.4.10
TIMESTAMP:=$(shell date "+%F %T%z")
# Client library SO version. Bump if incompatible API/ABI changes are made.
@@ -7,7 +7,7 @@
!define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"'
Name "mosquitto"
-!define VERSION 1.4.9
+!define VERSION 1.4.10
OutFile "mosquitto-${VERSION}-install-cygwin.exe"
InstallDir "$PROGRAMFILES\mosquitto"
@@ -9,7 +9,7 @@
!define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"'
Name "mosquitto"
-!define VERSION 1.4.9
+!define VERSION 1.4.10
OutFile "mosquitto-${VERSION}-install-win32.exe"
InstallDir "$PROGRAMFILES\mosquitto"
@@ -281,11 +281,7 @@ void mosquittopp::user_data_set(void *userdata)
int mosquittopp::socks5_set(const char *host, int port, const char *username, const char *password)
{
-#ifdef WITH_SOCKS
return mosquitto_socks5_set(m_mosq, host, port, username, password);
-#else
- return MOSQ_ERR_NOT_SUPPORTED;
-#endif
}
View
@@ -45,7 +45,7 @@ extern "C" {
#define LIBMOSQUITTO_MAJOR 1
#define LIBMOSQUITTO_MINOR 4
-#define LIBMOSQUITTO_REVISION 9
+#define LIBMOSQUITTO_REVISION 10
/* LIBMOSQUITTO_VERSION_NUMBER looks like 1002001 for e.g. version 1.2.1. */
#define LIBMOSQUITTO_VERSION_NUMBER (LIBMOSQUITTO_MAJOR*1000000+LIBMOSQUITTO_MINOR*1000+LIBMOSQUITTO_REVISION)
View
@@ -129,27 +129,32 @@ int _mosquitto_verify_certificate_hostname(X509 *cert, const char *hostname)
if(nval->type == GEN_DNS){
data = ASN1_STRING_data(nval->d.dNSName);
if(data && !mosquitto__cmp_hostname_wildcard((char *)data, hostname)){
+ sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
return 1;
}
have_san_dns = true;
}else if(nval->type == GEN_IPADD){
data = ASN1_STRING_data(nval->d.iPAddress);
if(nval->d.iPAddress->length == 4 && ipv4_ok){
if(!memcmp(ipv4_addr, data, 4)){
+ sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
return 1;
}
}else if(nval->d.iPAddress->length == 16 && ipv6_ok){
if(!memcmp(ipv6_addr, data, 16)){
+ sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
return 1;
}
}
}
}
+ sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
if(have_san_dns){
/* Only check CN if subjectAltName DNS entry does not exist. */
return 0;
}
}
+
subj = X509_get_subject_name(cert);
if(X509_NAME_get_text_by_NID(subj, NID_commonName, name, sizeof(name)) > 0){
name[sizeof(name) - 1] = '\0';
@@ -41,7 +41,7 @@
<refsect1>
<title>Description</title>
<para><command>mosquitto_passwd</command> is a tool for managing
- password files the the mosquitto MQTT broker.</para>
+ password files the mosquitto MQTT broker.</para>
<para>Usernames must not contain ":". Passwords are stored in a similar
format to
<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>.</para>
View
@@ -11,16 +11,17 @@ separately in the case that they are not already available.
Capabilities
------------
-The network support in Windows is severely limited. The broker is limited to approximately
-1024 MQTT connections.
+Some versions of Windows have limitations on the number of concurrent
+connections. Non-server versions have been reported to be limited to
+approximately 1024 connections.
Websockets
----------
The broker executables provided in the installers do not have Websockets support enabled.
If you wish to have a version of the broker with Websockets support, you will need to compile
-libwebsockets version v1.3-chrome37-firefox30 yourself and mosquitto version 1.4 yourself.
+libwebsockets version v1.7 onwards because no Windows binaries are provided.
Please note that on Windows, libwebsockets limits connections to a maximum of 64 clients.
View
@@ -2,7 +2,11 @@ Eclipse Mosquitto
=================
Mosquitto is an open source implementation of a server for version 3.1 and
-3.1.1 of the MQTT protocol.
+3.1.1 of the MQTT protocol. It also includes a C and C++ client library, and
+the `mosquitto_pub` and `mosquitto_sub` utilities for publishing and
+subscribing.
+
+## Links
See the following links for more information on MQTT:
@@ -17,6 +21,57 @@ Mosquitto project information is available at the following locations:
There is also a public test server available at <http://test.mosquitto.org/>
+## Installing
+
+See <http://mosquitto.org/download/> for details on installing binaries for
+various platforms.
+
+## Quick start
+
+If you have installed a binary package the broker should have been started
+automatically. If not, it can be started with a basic configuration:
+
+ mosquitto
+
+Then use `mosquitto_sub` to subscribe to a topic:
+
+ mosquitto_sub -t 'test/topic' -v
+
+And to publish a message:
+
+ mosquitto_pub -t 'test/topic' -m 'hello world'
+
+## Documentation
+
+Documentation for the broker, clients and client library API can be found in
+the man pages, which are available online at <http://mosquitto.org/man/>. There
+are also pages with an introduction to the features of MQTT, the
+`mosquitto_passwd` utility for dealing with username/passwords, and a
+description of the configuration file options available for the broker.
+
+Detailed client library API documentation can be found at <http://mosquitto.org/api/>
+
+## Building from source
+
+To build from source the recommended route for end users is to download the
+archive from <http://mosquitto.org/download/>.
+
+On Windows and Mac, use `cmake` to build. On other platforms, just run `make`
+to build. For Windows, see also `readme-windows.md`.
+
+If you are building from the git repository then the documentation will not
+already be built. Use `make binary` to skip building the man pages, or install
+`docbook-xsl` on Debian/Ubuntu systems.
+
+### Build Dependencies
+
+* c-ares (libc-ares2-dev on Debian based systems) - disable with `make WITH_DNS_SRV=no`
+* libuuid (uuid-dev) - disable with `make WITH_UUID=no`
+* libwebsockets (libwebsockets-dev) - enable with `make WITH_LIBWEBSOCKETS=yes`
+* openssl (libssl-dev on Debian based systems) - disable with `make WITH_TLS=no`
+
+## Credits
+
Mosquitto was written by Roger Light <roger@atchoo.org>
Master: [![Travis Build Status (master)](https://travis-ci.org/eclipse/mosquitto.svg?branch=master)](https://travis-ci.org/eclipse/mosquitto)
View
@@ -104,8 +104,10 @@ mosquitto_passwd.o : mosquitto_passwd.c
install : all
$(INSTALL) -d ${DESTDIR}$(prefix)/sbin
$(INSTALL) -s --strip-program=${CROSS_COMPILE}${STRIP} mosquitto ${DESTDIR}${prefix}/sbin/mosquitto
+ $(INSTALL) -d ${DESTDIR}$(prefix)/include
$(INSTALL) mosquitto_plugin.h ${DESTDIR}${prefix}/include/mosquitto_plugin.h
ifeq ($(WITH_TLS),yes)
+ $(INSTALL) -d ${DESTDIR}$(prefix)/bin
$(INSTALL) -s --strip-program=${CROSS_COMPILE}${STRIP} mosquitto_passwd ${DESTDIR}${prefix}/bin/mosquitto_passwd
endif
View
@@ -71,6 +71,8 @@ int mqtt3_log_init(struct mqtt3_config *config)
}
config->log_fptr = _mosquitto_fopen(config->log_file, "at");
if(!config->log_fptr){
+ log_destinations = MQTT3_LOG_STDERR;
+ log_priorities = MOSQ_LOG_ERR;
_mosquitto_log_printf(NULL, MOSQ_LOG_ERR, "Error: Unable to open log file %s for writing.", config->log_file);
return MOSQ_ERR_INVAL;
}
View
@@ -449,10 +449,6 @@ static void loop_handle_reads_writes(struct mosquitto_db *db, struct pollfd *pol
}
assert(pollfds[context->pollfd_index].fd == context->sock);
- if(pollfds[context->pollfd_index].revents & (POLLERR | POLLNVAL | POLLHUP)){
- do_disconnect(db, context);
- continue;
- }
#ifdef WITH_TLS
if(pollfds[context->pollfd_index].revents & POLLOUT ||
context->want_write ||
@@ -496,6 +492,10 @@ static void loop_handle_reads_writes(struct mosquitto_db *db, struct pollfd *pol
}
}while(SSL_DATA_PENDING(context));
}
+ if(pollfds[context->pollfd_index].revents & (POLLERR | POLLNVAL | POLLHUP)){
+ do_disconnect(db, context);
+ continue;
+ }
}
}
View
@@ -287,7 +287,10 @@ int main(int argc, char *argv[])
/* Initialise logging only after initialising the database in case we're
* logging to topics */
- mqtt3_log_init(&config);
+ if(mqtt3_log_init(&config)){
+ rc = 1;
+ return rc;
+ }
_mosquitto_log_printf(NULL, MOSQ_LOG_INFO, "mosquitto version %s (build date %s) starting", VERSION, TIMESTAMP);
if(config.config_file){
_mosquitto_log_printf(NULL, MOSQ_LOG_INFO, "Config loaded from %s.", config.config_file);
@@ -31,6 +31,7 @@ and the Eclipse Distribution License is available at
# define libwebsocket_write(A, B, C, D) lws_write((A), (B), (C), (D))
# define libwebsocket_get_socket_fd(A) lws_get_socket_fd((A))
# define libwebsockets_return_http_status(A, B, C, D) lws_return_http_status((B), (C), (D))
+# define libwebsocket_get_protocol(A) lws_get_protocol((A))
# define libwebsocket_context lws_context
# define libwebsocket_protocols lws_protocols
@@ -90,7 +90,11 @@ int output_new_password(FILE *fptr, const char *username, const char *password)
unsigned char hash[EVP_MAX_MD_SIZE];
unsigned int hash_len;
const EVP_MD *digest;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
EVP_MD_CTX context;
+#else
+ EVP_MD_CTX *context;
+#endif
rc = RAND_bytes(salt, SALT_LEN);
if(!rc){
@@ -113,12 +117,21 @@ int output_new_password(FILE *fptr, const char *username, const char *password)
return 1;
}
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
EVP_MD_CTX_init(&context);
EVP_DigestInit_ex(&context, digest, NULL);
EVP_DigestUpdate(&context, password, strlen(password));
EVP_DigestUpdate(&context, salt, SALT_LEN);
EVP_DigestFinal_ex(&context, hash, &hash_len);
EVP_MD_CTX_cleanup(&context);
+#else
+ context = EVP_MD_CTX_new();
+ EVP_DigestInit_ex(context, digest, NULL);
+ EVP_DigestUpdate(context, password, strlen(password));
+ EVP_DigestUpdate(context, salt, SALT_LEN);
+ EVP_DigestFinal_ex(context, hash, &hash_len);
+ EVP_MD_CTX_free(context);
+#endif
rc = base64_encode(hash, hash_len, &hash64);
if(rc){
@@ -34,6 +34,11 @@ struct mosquitto_auth_opt {
* shared library. Using gcc this can be achieved as follows:
*
* gcc -I<path to mosquitto_plugin.h> -fPIC -shared plugin.c -o plugin.so
+ *
+ * On Mac OS X:
+ *
+ * gcc -I<path to mosquitto_plugin.h> -fPIC -shared plugin.c -undefined dynamic_lookup -o plugin.so
+ *
*/
/* =========================================================================
View
@@ -302,7 +302,7 @@ static int _mosquitto_tls_server_ctx(struct _mqtt3_listener *listener)
#endif
#ifdef WITH_EC
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && OPENSSL_VERSION_NUMBER < 0x10100000L
SSL_CTX_set_ecdh_auto(listener->ssl_ctx, 1);
#elif OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10002000L
ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
Oops, something went wrong.

0 comments on commit ee1fd17

Please sign in to comment.