Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

V5 connection connack missing authentication method #110

Closed
michaelg9 opened this issue Nov 14, 2019 · 2 comments · Fixed by michaelg9/hivemq-community-edition#1 or #126
Closed

V5 connection connack missing authentication method #110

michaelg9 opened this issue Nov 14, 2019 · 2 comments · Fixed by michaelg9/hivemq-community-edition#1 or #126

Comments

@michaelg9
Copy link
Contributor

Expected behavior

The CONNACK packet sent by the broker in response to a successful v5 client authentication request must contain the same authentication method value as specified by the CONNECT packet, as specified in the MQTTv5 protocol specification:
If the initial CONNECT packet included an Authentication Method property then all AUTH packets, and any successful CONNACK packet MUST include an Authentication Method Property with the same value as in the CONNECT packet [MQTT-4.12.0-5].

Actual behavior

At the moment the v5 CONNACK is always sent with an empty authentication method field

To Reproduce

Steps

Use a v5 client (hivemq client works as well) to authenticate with the broker using an extended authentication method (in my case it's an extension of SimpleAuthenticator). The broker successfully authenticates the client and sends a CONNACK but the client rejects the connection because of this

Details

  • Affected HiveMQ CE version(s): latest
  • Used JVM version: 11

Proposed bugfix:

In ConnectHandler.java, method buildMqtt5Connack:

        final CONNACK.Mqtt5Builder builder = new CONNACK.Mqtt5Builder()
                .withSessionPresent(sessionPresent)
                .withReasonCode(Mqtt5ConnAckReasonCode.SUCCESS)
                .withReceiveMaximum(configurationService.mqttConfiguration().serverReceiveMaximum())
                .withSubscriptionIdentifierAvailable(configurationService.mqttConfiguration().subscriptionIdentifierEnabled())
                .withMaximumPacketSize(configurationService.mqttConfiguration().maxPacketSize())
                .withWildcardSubscriptionAvailable(configurationService.mqttConfiguration().wildcardSubscriptionsEnabled())
                .withSharedSubscriptionAvailable(configurationService.mqttConfiguration().sharedSubscriptionsEnabled())
                .withMaximumQoS(configurationService.mqttConfiguration().maximumQos())
                .withRetainAvailable(configurationService.mqttConfiguration().retainedMessagesEnabled());

A .withAuthMethod(msg.getAuthMethod()); is missing from there
@michaelg9 michaelg9 mentioned this issue Nov 14, 2019
Merged
@michaelg9 michaelg9 reopened this Nov 14, 2019
@SgtSilvio
Copy link
Member

Hi @michaelg9
This issue will be solved when enhanced authentication is exposed to the extension SDK.
Enhanced authentication will be implemented soon. We will then link and close this ticket.

@Florian-Limpoeck Florian-Limpoeck mentioned this issue Jan 30, 2020
Merged
@michaelg9
Copy link
Contributor Author

Hi
When will this feature be published to the SDK repo?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@michaelg9 @SgtSilvio