nicolabs/mosquitto
1
0
Fork 0
mirror of https://github.com/eclipse-mosquitto/mosquitto.git synced 2026-05-21 12:24:29 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
3905 commits 12 branches 70 tags 29 MiB
Commit graph

174 commits

Author SHA1 Message Date
Roger A. Light
dcd5b803f2 Merge branch 'fixes' into develop 2024-02-21 23:30:33 +00:00
Roger A. Light
fe3b72ef61 Remove a load of cmake boilerplate 2024-02-15 13:39:11 +00:00
Roger A. Light
c6436ad6b2 Revert change of default ACL priority 2024-02-15 11:40:12 +00:00
Roger A. Light
f0c5b69e64 Fix dynsec config init with password from envvar. 2024-02-15 11:22:39 +00:00
Roger A. Light
a5490a7408 oss-fuzz build fixes 2024-02-13 13:11:07 +00:00
Roger A. Light
3199768aef Dynsec: Max priority of 100,000 2024-02-11 23:40:41 +00:00
Roger A. Light
05e42f7dbb Default to using argon2 for passwords 2024-02-11 22:08:16 +00:00
Roger A. Light
d17a88d916 Refactor headers for easier discovery. 2023-12-23 12:59:58 +00:00
Roger A. Light
837c272c29 Add argon2 password hash support 2023-11-20 22:58:42 +00:00
Roger A. Light
b6710f9364 Refactor password code 2023-11-20 22:58:42 +00:00
Roger A. Light
fe4fe0102f Place client context in mosquitto_control_cmd for API simplicity 2023-10-11 15:12:49 +01:00
Roger A. Light
13fa9f535a Protect password init file 2023-09-20 21:40:22 +01:00
Roger A. Light
7a011ede19 Localise variable use 2023-09-20 21:38:48 +01:00
Roger A. Light
c8e313aac0 Fix build 
This is for the case where command line overrides are set.
 2023-09-19 22:48:24 +01:00
Roger A. Light
97c25654ed Add helper messages for lax permissions 2023-09-18 22:21:56 +01:00
Roger A. Light
e656e694ed Merge branch 'master' into develop 2023-09-09 15:20:40 +01:00
Roger A. Light
b76c3c7820 Dynsec: Don't allow duplicate c/g/r when loading config 2023-08-16 14:01:21 +01:00
Roger A. Light
8bc047511a Fix any possible case where a json string might be incorrectly loaded. 2023-08-16 14:01:21 +01:00
Roger A. Light
411ed41c27 Dynsec: Simplify config load 2023-08-16 14:01:21 +01:00
Roger A. Light
67ac8cbe17 mosquitto_memcmp_const is now more constant time. 2023-08-16 14:01:21 +01:00
Roger A. Light
4ca294fd9c Warn on lax permissions on sensitive files. 
- Broker will log warnings if sensitive files are world readable/writable, or
  if the owner/group is not the same as the user/group the broker is running
  as. In future versions the broker will refuse to open these files.
 2023-08-16 14:01:21 +01:00
Roger A. Light
a31bee722f Simplify make build. 2023-05-10 16:20:06 +01:00
Roger A. Light
bc1315820c Don't require cJSON in mosquitto_broker.h 2023-04-24 20:09:41 +01:00
Roger A. Light
f317a0fdfe Fix incorrect free 2023-04-23 20:14:03 +01:00
Roger A. Light
747fcacd67 Make args const where possible, fix persist-sqlite build. 2023-04-19 22:54:53 +01:00
Roger A. Light
56462c1229 Refactor for more consistent json helper use. 2023-04-19 17:12:20 +01:00
Roger A. Light
b648ba227b Fuzzing: Add dynsec file load fuzz target. 2023-04-13 08:35:11 +01:00
Roger A. Light
2940d9cc4c Move control common helper functions to broker. 2023-04-02 00:27:15 +01:00
Roger A. Light
53dc3006a2 Make cJSON a hard dependency. 2023-04-01 23:35:03 +01:00
Roger A. Light
1195dd991e Clearer len calculation. 2023-04-01 08:50:03 +01:00
Roger Light
ec6a56d759
Merge pull request #2734 from axos88/patch-1 
Fix malloc size for file path
 2023-04-01 08:48:30 +01:00
Roger A. Light
910b8e2c1d Remove effectively duplicate parameter. 2023-03-23 12:10:00 +00:00
Akos Vandra-Meyer
e0d8ef20fa
Fix malloc size for file path 
We need 4 more characters to store the suffix.
 2023-01-20 21:13:54 +01:00
Roger A. Light
4199e7b2d3 Move control functions to common, and use in the broker. 2022-12-31 14:34:26 +00:00
Roger A. Light
611c43e537 Dynsec: Save file at end of command batch, not after each command 2022-12-27 08:16:41 +00:00
Norbert Heusser
170cd85cec Add target test-compile to all Makefile to allow tests in plugin folders 
Signed-off-by: Norbert Heusser <norbert.heusser@cedalo.com>
 2022-12-09 18:03:54 +00:00
Roger Light
a54e5e3abc
Merge pull request #2689 from zivillian/patch-1 
fix example JSON
 2022-12-07 22:42:45 +00:00
zivillian
a562c93079 fix example JSON 
Signed-off-by: zivillian <devel@zivillian.de>
 2022-11-22 20:26:38 +01:00
Roger A. Light
54365ec53b Dynsec: Fix improbably out of memory case 2022-11-16 20:09:03 +00:00
Roger A. Light
7ebe148065 Dynsec: Simplify config load 2022-11-16 20:05:44 +00:00
Roger A. Light
6dc27d8214 Fix Coverity Scan 1499812, 1499810 2022-10-17 07:30:07 +01:00
Roger A. Light
9aeb756dac Fix Coverity Scan 1499842 2022-10-16 23:28:02 +01:00
Roger Light
db114fa1d3
Merge pull request #2614 from HashimJVZ/patch-1 
Correct a wrong example
 2022-10-10 11:26:01 +01:00
Roger A. Light
1d230bd255 dynsec: Fix listClients/getClient crashing if an anon user present 
This only affects the unreleased `develop` branch.
 2022-08-22 10:50:10 +01:00
Roger A. Light
fd68bf00c7 Merge branch 'master' into develop 2022-08-17 16:18:24 +01:00
Roger A. Light
ba13edc6a4 dynsec: Forbid deleting the anon group. 2022-08-17 12:10:24 +01:00
Roger A. Light
4d1b587e29 dynsec: Forbid deleting the anon group. 2022-08-16 12:55:48 +01:00
Roger A. Light
df317ff71f Dynamic security: Fix the plugin being able to be loaded twice. 
Currently only a single plugin can interact with a unique $CONTROL
topic. Using multiple instances of the plugin would produce duplicate
entries in the config file.

Closes #2601.
Closes #2470.
 2022-08-16 01:27:55 +01:00
Roger A. Light
436f0b9348 dynsec: Fix modifyClient and modifyGroup commands 
They will now not modify the client/group if a new group/client being
added is not valid, or on other failures.

Closes #2598. Thanks to Sebastian Szczepański.
 2022-08-16 00:48:02 +01:00
Roger A. Light
b22df5140e Clear errno before check. 2022-08-16 00:23:06 +01:00