2020-09-23 23:59:31 +02:00
|
|
|
/*
|
2021-11-03 23:08:24 +01:00
|
|
|
Copyright (c) 2020-2021 Roger Light <roger@atchoo.org>
|
2020-09-23 23:59:31 +02:00
|
|
|
|
|
|
|
|
All rights reserved. This program and the accompanying materials
|
2020-11-25 18:34:21 +01:00
|
|
|
are made available under the terms of the Eclipse Public License 2.0
|
2020-09-23 23:59:31 +02:00
|
|
|
and Eclipse Distribution License v1.0 which accompany this distribution.
|
|
|
|
|
|
|
|
|
|
The Eclipse Public License is available at
|
2020-11-25 18:34:21 +01:00
|
|
|
https://www.eclipse.org/legal/epl-2.0/
|
2020-09-23 23:59:31 +02:00
|
|
|
and the Eclipse Distribution License is available at
|
|
|
|
|
http://www.eclipse.org/org/documents/edl-v10.php.
|
|
|
|
|
|
2021-01-20 12:46:18 +01:00
|
|
|
SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
|
2020-12-01 19:21:59 +01:00
|
|
|
|
2020-09-23 23:59:31 +02:00
|
|
|
Contributors:
|
|
|
|
|
Roger Light - initial implementation and documentation.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include "config.h"
|
|
|
|
|
|
2020-11-24 01:36:54 +01:00
|
|
|
#include <errno.h>
|
2020-09-23 23:59:31 +02:00
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <sys/stat.h>
|
|
|
|
|
|
2022-02-24 13:01:26 +01:00
|
|
|
#ifndef WIN32
|
|
|
|
|
# include <strings.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
2023-12-23 13:59:58 +01:00
|
|
|
#include "mosquitto/broker_plugin.h"
|
2020-09-23 23:59:31 +02:00
|
|
|
|
|
|
|
|
#include "dynamic_security.h"
|
2023-12-23 13:59:58 +01:00
|
|
|
#include "json_help.h"
|
2020-09-23 23:59:31 +02:00
|
|
|
|
2021-09-30 11:56:48 +02:00
|
|
|
MOSQUITTO_PLUGIN_DECLARE_VERSION(5);
|
|
|
|
|
|
2022-02-03 22:50:20 +01:00
|
|
|
static struct dynsec__data dynsec_data;
|
2020-09-23 23:59:31 +02:00
|
|
|
static mosquitto_plugin_id_t *plg_id = NULL;
|
2020-10-29 12:38:34 +01:00
|
|
|
|
2020-09-23 23:59:31 +02:00
|
|
|
int mosquitto_plugin_init(mosquitto_plugin_id_t *identifier, void **user_data, struct mosquitto_opt *options, int option_count)
|
|
|
|
|
{
|
|
|
|
|
int i;
|
2022-08-16 02:27:55 +02:00
|
|
|
int rc;
|
2020-09-23 23:59:31 +02:00
|
|
|
|
2021-01-09 21:59:42 +01:00
|
|
|
UNUSED(user_data);
|
|
|
|
|
|
2022-02-03 22:50:20 +01:00
|
|
|
memset(&dynsec_data, 0, sizeof(struct dynsec__data));
|
2022-01-27 17:09:09 +01:00
|
|
|
|
2020-09-23 23:59:31 +02:00
|
|
|
for(i=0; i<option_count; i++){
|
|
|
|
|
if(!strcasecmp(options[i].key, "config_file")){
|
2022-02-03 22:50:20 +01:00
|
|
|
dynsec_data.config_file = mosquitto_strdup(options[i].value);
|
|
|
|
|
if(dynsec_data.config_file == NULL){
|
2020-09-23 23:59:31 +02:00
|
|
|
return MOSQ_ERR_NOMEM;
|
|
|
|
|
}
|
2022-06-22 18:33:39 +02:00
|
|
|
}else if(!strcasecmp(options[i].key, "password_init_file")){
|
|
|
|
|
dynsec_data.password_init_file = mosquitto_strdup(options[i].value);
|
|
|
|
|
if(dynsec_data.password_init_file == NULL){
|
|
|
|
|
return MOSQ_ERR_NOMEM;
|
|
|
|
|
}
|
2020-09-23 23:59:31 +02:00
|
|
|
}
|
|
|
|
|
}
|
2022-02-03 22:50:20 +01:00
|
|
|
if(dynsec_data.config_file == NULL){
|
2020-09-23 23:59:31 +02:00
|
|
|
mosquitto_log_printf(MOSQ_LOG_WARNING, "Warning: Dynamic security plugin has no plugin_opt_config_file defined. The plugin will not be activated.");
|
|
|
|
|
return MOSQ_ERR_SUCCESS;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
plg_id = identifier;
|
2021-09-07 23:03:24 +02:00
|
|
|
mosquitto_plugin_set_info(identifier, "dynamic-security", NULL);
|
2020-09-23 23:59:31 +02:00
|
|
|
|
2022-02-03 22:50:20 +01:00
|
|
|
dynsec__config_load(&dynsec_data);
|
2022-08-16 02:27:55 +02:00
|
|
|
|
2022-08-17 17:18:24 +02:00
|
|
|
rc = mosquitto_callback_register(plg_id, MOSQ_EVT_CONTROL, dynsec_control_callback, "$CONTROL/dynamic-security/v1", &dynsec_data);
|
2022-08-16 02:27:55 +02:00
|
|
|
if(rc == MOSQ_ERR_ALREADY_EXISTS){
|
|
|
|
|
mosquitto_log_printf(MOSQ_LOG_ERR, "Error: Dynamic security plugin can currently only be loaded once.");
|
|
|
|
|
mosquitto_log_printf(MOSQ_LOG_ERR, "Note that this was previously incorrectly allowed but could cause problems with duplicate entries in the config.");
|
|
|
|
|
goto error;
|
|
|
|
|
}else if(rc == MOSQ_ERR_NOMEM){
|
|
|
|
|
mosquitto_log_printf(MOSQ_LOG_ERR, "Error: Out of memory.");
|
|
|
|
|
goto error;
|
|
|
|
|
}else if(rc != MOSQ_ERR_SUCCESS){
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
|
2022-08-17 17:18:24 +02:00
|
|
|
rc = mosquitto_callback_register(plg_id, MOSQ_EVT_BASIC_AUTH, dynsec_auth__basic_auth_callback, NULL, &dynsec_data);
|
2022-08-16 02:27:55 +02:00
|
|
|
if(rc == MOSQ_ERR_ALREADY_EXISTS){
|
|
|
|
|
mosquitto_log_printf(MOSQ_LOG_ERR, "Error: Dynamic security plugin can only be loaded once.");
|
|
|
|
|
goto error;
|
|
|
|
|
}else if(rc == MOSQ_ERR_NOMEM){
|
|
|
|
|
mosquitto_log_printf(MOSQ_LOG_ERR, "Error: Out of memory.");
|
|
|
|
|
goto error;
|
|
|
|
|
}else if(rc != MOSQ_ERR_SUCCESS){
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
|
2022-08-17 17:18:24 +02:00
|
|
|
rc = mosquitto_callback_register(plg_id, MOSQ_EVT_ACL_CHECK, dynsec__acl_check_callback, NULL, &dynsec_data);
|
2022-08-16 02:27:55 +02:00
|
|
|
if(rc == MOSQ_ERR_ALREADY_EXISTS){
|
|
|
|
|
mosquitto_log_printf(MOSQ_LOG_ERR, "Error: Dynamic security plugin can only be loaded once.");
|
|
|
|
|
goto error;
|
|
|
|
|
}else if(rc == MOSQ_ERR_NOMEM){
|
|
|
|
|
mosquitto_log_printf(MOSQ_LOG_ERR, "Error: Out of memory.");
|
|
|
|
|
goto error;
|
|
|
|
|
}else if(rc != MOSQ_ERR_SUCCESS){
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
2020-09-23 23:59:31 +02:00
|
|
|
|
2022-08-17 17:18:24 +02:00
|
|
|
rc = mosquitto_callback_register(plg_id, MOSQ_EVT_TICK, dynsec__tick_callback, NULL, &dynsec_data);
|
|
|
|
|
if(rc == MOSQ_ERR_NOMEM){
|
|
|
|
|
mosquitto_log_printf(MOSQ_LOG_ERR, "Error: Out of memory.");
|
|
|
|
|
goto error;
|
|
|
|
|
}else if(rc != MOSQ_ERR_SUCCESS){
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
2020-09-23 23:59:31 +02:00
|
|
|
|
|
|
|
|
return MOSQ_ERR_SUCCESS;
|
2022-08-16 02:27:55 +02:00
|
|
|
error:
|
2022-08-17 17:18:24 +02:00
|
|
|
mosquitto_free(dynsec_data.config_file);
|
|
|
|
|
dynsec_data.config_file = NULL;
|
2022-08-16 02:27:55 +02:00
|
|
|
return rc;
|
2020-09-23 23:59:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int mosquitto_plugin_cleanup(void *user_data, struct mosquitto_opt *options, int option_count)
|
|
|
|
|
{
|
2021-01-09 21:59:42 +01:00
|
|
|
UNUSED(user_data);
|
|
|
|
|
UNUSED(options);
|
|
|
|
|
UNUSED(option_count);
|
|
|
|
|
|
2022-02-03 22:50:20 +01:00
|
|
|
dynsec_groups__cleanup(&dynsec_data);
|
|
|
|
|
dynsec_clients__cleanup(&dynsec_data);
|
|
|
|
|
dynsec_roles__cleanup(&dynsec_data);
|
2022-08-17 17:18:24 +02:00
|
|
|
dynsec_kicklist__cleanup(&dynsec_data);
|
2020-09-23 23:59:31 +02:00
|
|
|
|
2022-02-03 22:50:20 +01:00
|
|
|
mosquitto_free(dynsec_data.config_file);
|
|
|
|
|
dynsec_data.config_file = NULL;
|
2022-06-22 18:33:39 +02:00
|
|
|
|
|
|
|
|
mosquitto_free(dynsec_data.password_init_file);
|
|
|
|
|
dynsec_data.password_init_file = NULL;
|
|
|
|
|
|
2023-04-13 09:35:11 +02:00
|
|
|
mosquitto_callback_unregister(plg_id, MOSQ_EVT_CONTROL, dynsec_control_callback, "$CONTROL/dynamic-security/v1");
|
|
|
|
|
mosquitto_callback_unregister(plg_id, MOSQ_EVT_BASIC_AUTH, dynsec_auth__basic_auth_callback, NULL);
|
|
|
|
|
mosquitto_callback_unregister(plg_id, MOSQ_EVT_ACL_CHECK, dynsec__acl_check_callback, NULL);
|
|
|
|
|
mosquitto_callback_unregister(plg_id, MOSQ_EVT_TICK, dynsec__tick_callback, NULL);
|
|
|
|
|
|
2020-09-23 23:59:31 +02:00
|
|
|
return MOSQ_ERR_SUCCESS;
|
|
|
|
|
}
|
