Merge branch 'fixes'

CMakeLists.txt

@@ -11,7 +11,7 @@ project(mosquitto)
 cmake_minimum_required(VERSION 2.8)
 # Only for version 3 and up. cmake_policy(SET CMP0042 NEW)
 
-set (VERSION 1.4.9)
+set (VERSION 1.4.10)
 
 if (WIN32)
 	execute_process(COMMAND cmd /c echo %DATE% %TIME% OUTPUT_VARIABLE TIMESTAMP

ChangeLog.txt

@@ -1,3 +1,29 @@
+1.4.10 - 20160816
+=================
+
+Broker:
+- Fix TLS operation with websockets listeners and libwebsockts 2.x. Closes
+  #186.
+- Don't disconnect client on HUP before reading the pending data. Closes #7.
+- Fix some $SYS messages being incorrectly persisted. Closes #191.
+- Support OpenSSL 1.1.0.
+- Call fsync after persisting data to ensure it is correctly written. Closes
+  #189.
+- Fix persistence saving of subscription QoS on big-endian machines.
+- Fix will retained flag handling on Windows. Closes #222.
+- Broker now displays an error if it is unable to open the log file. Closes
+  #234.
+
+Client library:
+- Support OpenSSL 1.1.0.
+- Fixed the C++ library not allowing SOCKS support to be used. Closes #198.
+- Fix memory leak when verifying a server certificate with a subjectAltName
+  section. Closes #237.
+
+Build:
+- Don't attempt to install docs when WITH_DOCS=no. Closes #184.
+
+
 1.4.9 - 20160603
 ================
 

Makefile

@@ -36,7 +36,9 @@ test : mosquitto
 
 install : mosquitto
 	set -e; for d in ${DIRS}; do $(MAKE) -C $${d} install; done
+ifeq ($(WITH_DOCS),yes)
 	set -e; for d in ${DOCDIRS}; do $(MAKE) -C $${d} install; done
+endif
 	$(INSTALL) -d ${DESTDIR}/etc/mosquitto
 	$(INSTALL) -m 644 mosquitto.conf ${DESTDIR}/etc/mosquitto/mosquitto.conf.example
 	$(INSTALL) -m 644 aclfile.example ${DESTDIR}/etc/mosquitto/aclfile.example

THANKS.txt

@@ -55,6 +55,7 @@ Michael Hekel
 Michael Laing
 Michael Rushton
 Mike Bush
+Milan Tucic
 Neil Bothwick
 Nicholas Humfrey
 Nicholas O'Leary

config.mk

@@ -83,7 +83,7 @@ WITH_SOCKS:=yes
 
 # Also bump lib/mosquitto.h, CMakeLists.txt,
 # installer/mosquitto.nsi, installer/mosquitto-cygwin.nsi
-VERSION=1.4.9
+VERSION=1.4.10
 TIMESTAMP:=$(shell date "+%F %T%z")
 
 # Client library SO version. Bump if incompatible API/ABI changes are made.

installer/mosquitto-cygwin.nsi

@@ -7,7 +7,7 @@
 !define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"'
 
 Name "mosquitto"
-!define VERSION 1.4.9
+!define VERSION 1.4.10
 OutFile "mosquitto-${VERSION}-install-cygwin.exe"
 
 InstallDir "$PROGRAMFILES\mosquitto"

installer/mosquitto.nsi

@@ -9,7 +9,7 @@
 !define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session Manager\Environment"'
 
 Name "mosquitto"
-!define VERSION 1.4.9
+!define VERSION 1.4.10
 OutFile "mosquitto-${VERSION}-install-win32.exe"
 
 InstallDir "$PROGRAMFILES\mosquitto"

lib/cpp/mosquittopp.cpp

@@ -281,11 +281,7 @@ void mosquittopp::user_data_set(void *userdata)
 
 int mosquittopp::socks5_set(const char *host, int port, const char *username, const char *password)
 {
-#ifdef WITH_SOCKS
 	return mosquitto_socks5_set(m_mosq, host, port, username, password);
-#else
-	return MOSQ_ERR_NOT_SUPPORTED;
-#endif
 }
 
 

lib/mosquitto.h

@@ -45,7 +45,7 @@ extern "C" {
 
 #define LIBMOSQUITTO_MAJOR 1
 #define LIBMOSQUITTO_MINOR 4
-#define LIBMOSQUITTO_REVISION 9
+#define LIBMOSQUITTO_REVISION 10
 /* LIBMOSQUITTO_VERSION_NUMBER looks like 1002001 for e.g. version 1.2.1. */
 #define LIBMOSQUITTO_VERSION_NUMBER (LIBMOSQUITTO_MAJOR*1000000+LIBMOSQUITTO_MINOR*1000+LIBMOSQUITTO_REVISION)
 

lib/tls_mosq.c

@@ -129,27 +129,32 @@ int _mosquitto_verify_certificate_hostname(X509 *cert, const char *hostname)
 			if(nval->type == GEN_DNS){
 				data = ASN1_STRING_data(nval->d.dNSName);
 				if(data && !mosquitto__cmp_hostname_wildcard((char *)data, hostname)){
+					sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
 					return 1;
 				}
 				have_san_dns = true;
 			}else if(nval->type == GEN_IPADD){
 				data = ASN1_STRING_data(nval->d.iPAddress);
 				if(nval->d.iPAddress->length == 4 && ipv4_ok){
 					if(!memcmp(ipv4_addr, data, 4)){
+						sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
 						return 1;
 					}
 				}else if(nval->d.iPAddress->length == 16 && ipv6_ok){
 					if(!memcmp(ipv6_addr, data, 16)){
+						sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
 						return 1;
 					}
 				}
 			}
 		}
+		sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
 		if(have_san_dns){
 			/* Only check CN if subjectAltName DNS entry does not exist. */
 			return 0;
 		}
 	}
+
 	subj = X509_get_subject_name(cert);
 	if(X509_NAME_get_text_by_NID(subj, NID_commonName, name, sizeof(name)) > 0){
 		name[sizeof(name) - 1] = '\0';

man/mosquitto_passwd.1.xml

@@ -41,7 +41,7 @@
 	<refsect1>
 		<title>Description</title>
 		<para><command>mosquitto_passwd</command> is a tool for managing
-			password files the the mosquitto MQTT broker.</para>
+			password files the mosquitto MQTT broker.</para>
 		<para>Usernames must not contain ":". Passwords are stored in a similar
 			format to
 			<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>.</para>

readme-windows.txt

@@ -11,16 +11,17 @@ separately in the case that they are not already available.
 Capabilities
 ------------
 
-The network support in Windows is severely limited. The broker is limited to approximately
-1024 MQTT connections.
+Some versions of Windows have limitations on the number of concurrent
+connections. Non-server versions have been reported to be limited to
+approximately 1024 connections.
 
 
 Websockets
 ----------
 
 The broker executables provided in the installers do not have Websockets support enabled.
 If you wish to have a version of the broker with Websockets support, you will need to compile
-libwebsockets version v1.3-chrome37-firefox30 yourself and mosquitto version 1.4 yourself.
+libwebsockets version v1.7 onwards because no Windows binaries are provided.
 
 Please note that on Windows, libwebsockets limits connections to a maximum of 64 clients.
 

readme.md

@@ -2,7 +2,11 @@ Eclipse Mosquitto
 =================
 
 Mosquitto is an open source implementation of a server for version 3.1 and
-3.1.1 of the MQTT protocol.
+3.1.1 of the MQTT protocol. It also includes a C and C++ client library, and
+the `mosquitto_pub` and `mosquitto_sub` utilities for publishing and
+subscribing.
+
+## Links
 
 See the following links for more information on MQTT:
 
@@ -17,6 +21,57 @@ Mosquitto project information is available at the following locations:
 
 There is also a public test server available at <http://test.mosquitto.org/>
 
+## Installing
+
+See <http://mosquitto.org/download/> for details on installing binaries for
+various platforms.
+
+## Quick start
+
+If you have installed a binary package the broker should have been started
+automatically. If not, it can be started with a basic configuration:
+
+    mosquitto
+
+Then use `mosquitto_sub` to subscribe to a topic:
+
+    mosquitto_sub -t 'test/topic' -v
+
+And to publish a message:
+
+    mosquitto_pub -t 'test/topic' -m 'hello world'
+
+## Documentation
+
+Documentation for the broker, clients and client library API can be found in
+the man pages, which are available online at <http://mosquitto.org/man/>. There
+are also pages with an introduction to the features of MQTT, the
+`mosquitto_passwd` utility for dealing with username/passwords, and a
+description of the configuration file options available for the broker.
+
+Detailed client library API documentation can be found at <http://mosquitto.org/api/>
+
+## Building from source
+
+To build from source the recommended route for end users is to download the
+archive from <http://mosquitto.org/download/>.
+
+On Windows and Mac, use `cmake` to build. On other platforms, just run `make`
+to build. For Windows, see also `readme-windows.md`.
+
+If you are building from the git repository then the documentation will not
+already be built. Use `make binary` to skip building the man pages, or install
+`docbook-xsl` on Debian/Ubuntu systems.
+
+### Build Dependencies
+
+* c-ares (libc-ares2-dev on Debian based systems) - disable with `make WITH_DNS_SRV=no`
+* libuuid (uuid-dev) - disable with `make WITH_UUID=no`
+* libwebsockets (libwebsockets-dev) - enable with `make WITH_LIBWEBSOCKETS=yes`
+* openssl (libssl-dev on Debian based systems) - disable with `make WITH_TLS=no`
+
+## Credits
+
 Mosquitto was written by Roger Light <roger@atchoo.org>
 
 Master: [![Travis Build Status (master)](https://travis-ci.org/eclipse/mosquitto.svg?branch=master)](https://travis-ci.org/eclipse/mosquitto)

src/Makefile

@@ -104,8 +104,10 @@ mosquitto_passwd.o : mosquitto_passwd.c
 install : all
 	$(INSTALL) -d ${DESTDIR}$(prefix)/sbin
 	$(INSTALL) -s --strip-program=${CROSS_COMPILE}${STRIP} mosquitto ${DESTDIR}${prefix}/sbin/mosquitto
+	$(INSTALL) -d ${DESTDIR}$(prefix)/include
 	$(INSTALL) mosquitto_plugin.h ${DESTDIR}${prefix}/include/mosquitto_plugin.h
 ifeq ($(WITH_TLS),yes)
+	$(INSTALL) -d ${DESTDIR}$(prefix)/bin
 	$(INSTALL) -s --strip-program=${CROSS_COMPILE}${STRIP} mosquitto_passwd ${DESTDIR}${prefix}/bin/mosquitto_passwd
 endif
 

src/logging.c

@@ -71,6 +71,8 @@ int mqtt3_log_init(struct mqtt3_config *config)
 		}
 		config->log_fptr = _mosquitto_fopen(config->log_file, "at");
 		if(!config->log_fptr){
+			log_destinations = MQTT3_LOG_STDERR;
+			log_priorities = MOSQ_LOG_ERR;
 			_mosquitto_log_printf(NULL, MOSQ_LOG_ERR, "Error: Unable to open log file %s for writing.", config->log_file);
 			return MOSQ_ERR_INVAL;
 		}

src/loop.c

@@ -449,10 +449,6 @@ static void loop_handle_reads_writes(struct mosquitto_db *db, struct pollfd *pol
 		}
 
 		assert(pollfds[context->pollfd_index].fd == context->sock);
-		if(pollfds[context->pollfd_index].revents & (POLLERR | POLLNVAL | POLLHUP)){
-			do_disconnect(db, context);
-			continue;
-		}
 #ifdef WITH_TLS
 		if(pollfds[context->pollfd_index].revents & POLLOUT ||
 				context->want_write ||
@@ -496,6 +492,10 @@ static void loop_handle_reads_writes(struct mosquitto_db *db, struct pollfd *pol
 				}
 			}while(SSL_DATA_PENDING(context));
 		}
+		if(pollfds[context->pollfd_index].revents & (POLLERR | POLLNVAL | POLLHUP)){
+			do_disconnect(db, context);
+			continue;
+		}
 	}
 }
 

src/mosquitto.c

@@ -287,7 +287,10 @@ int main(int argc, char *argv[])
 
 	/* Initialise logging only after initialising the database in case we're
 	 * logging to topics */
-	mqtt3_log_init(&config);
+	if(mqtt3_log_init(&config)){
+		rc = 1;
+		return rc;
+	}
 	_mosquitto_log_printf(NULL, MOSQ_LOG_INFO, "mosquitto version %s (build date %s) starting", VERSION, TIMESTAMP);
 	if(config.config_file){
 		_mosquitto_log_printf(NULL, MOSQ_LOG_INFO, "Config loaded from %s.", config.config_file);

src/mosquitto_broker.h

@@ -31,6 +31,7 @@ and the Eclipse Distribution License is available at
 #    define libwebsocket_write(A, B, C, D) lws_write((A), (B), (C), (D))
 #    define libwebsocket_get_socket_fd(A) lws_get_socket_fd((A))
 #    define libwebsockets_return_http_status(A, B, C, D) lws_return_http_status((B), (C), (D))
+#    define libwebsocket_get_protocol(A) lws_get_protocol((A))
 
 #    define libwebsocket_context lws_context
 #    define libwebsocket_protocols lws_protocols

src/mosquitto_passwd.c

@@ -90,7 +90,11 @@ int output_new_password(FILE *fptr, const char *username, const char *password)
 	unsigned char hash[EVP_MAX_MD_SIZE];
 	unsigned int hash_len;
 	const EVP_MD *digest;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	EVP_MD_CTX context;
+#else
+	EVP_MD_CTX *context;
+#endif
 
 	rc = RAND_bytes(salt, SALT_LEN);
 	if(!rc){
@@ -113,12 +117,21 @@ int output_new_password(FILE *fptr, const char *username, const char *password)
 		return 1;
 	}
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	EVP_MD_CTX_init(&context);
 	EVP_DigestInit_ex(&context, digest, NULL);
 	EVP_DigestUpdate(&context, password, strlen(password));
 	EVP_DigestUpdate(&context, salt, SALT_LEN);
 	EVP_DigestFinal_ex(&context, hash, &hash_len);
 	EVP_MD_CTX_cleanup(&context);
+#else
+	context = EVP_MD_CTX_new();
+	EVP_DigestInit_ex(context, digest, NULL);
+	EVP_DigestUpdate(context, password, strlen(password));
+	EVP_DigestUpdate(context, salt, SALT_LEN);
+	EVP_DigestFinal_ex(context, hash, &hash_len);
+	EVP_MD_CTX_free(context);
+#endif
 
 	rc = base64_encode(hash, hash_len, &hash64);
 	if(rc){

src/mosquitto_plugin.h

@@ -34,6 +34,11 @@ struct mosquitto_auth_opt {
  * shared library. Using gcc this can be achieved as follows:
  *
  * gcc -I<path to mosquitto_plugin.h> -fPIC -shared plugin.c -o plugin.so
+ *
+ * On Mac OS X:
+ *
+ * gcc -I<path to mosquitto_plugin.h> -fPIC -shared plugin.c -undefined dynamic_lookup -o plugin.so
+ *
  */
 
 /* =========================================================================

src/net.c

@@ -302,7 +302,7 @@ static int _mosquitto_tls_server_ctx(struct _mqtt3_listener *listener)
 #endif
 
 #ifdef WITH_EC
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && OPENSSL_VERSION_NUMBER < 0x10100000L
 	SSL_CTX_set_ecdh_auto(listener->ssl_ctx, 1);
 #elif OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10002000L
 	ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);