Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
reading mosquitto.conf with line > 1023 chars does unexpected things (with patch) #652
while testing TLS I added a line :
The line is 1600 chars long, the config reader fails unexpectedly :
Error: Unable to open configuration file.
It also fails if the ciphers line starts with # and is commented out
Any line longer than 1023 will be read as a new configuration line starting at byte 1024... this has unexpected consequenses. (reading commented content as if it had not been commented out, possible security implications? )
The problem is in src/conf.c line 572
the buffer is on the stack:
I could fix this and submit a patch if you like that. (please say so)
For my test setup I will just hack the buffer to 4096 bytes for now and continue testing.
You are right. But try "openssl ciphers shortening strings" may minimize the length of the list of valid ciphers. See mosquitto.conf and https://www.openssl.org/docs/man1.0.2/apps/ciphers.html for details.
I think 3 things should be done.
Here is the fix (fully tested), but I can make a pull request if you want that.