-
Notifications
You must be signed in to change notification settings - Fork 2.4k
/
ChangeLog.txt
3302 lines (2815 loc) · 137 KB
/
ChangeLog.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
2.0.20 - 2024-10-16
===================
Broker:
- Fix QoS 1 / QoS 2 publish incorrectly returning "no subscribers".
Closes #3128.
- Open files with appropriate access on Windows. Closes #3119.
- Don't allow invalid response topic values.
- Fix some strict protocol compliance issues. Closes #3052.
Client library:
- Fix cmake build on OS X. Closes #3125.
Build:
- Fix build on NetBSD
2.0.19 - 2024-10-02
===================
Security:
- Fix mismatched subscribe/unsubscribe with normal/shared topics.
- Fix crash on bridge using remapped topic being sent a crafted packet.
Broker:
- Fix assert failure when loading a persistence file that contains
subscriptions with no client id.
- Fix local bridges being incorrectly expired when
persistent_client_expiration is in use.
- Fix use of CLOCK_BOOTTIME for getting time. Closes #3089.
- Fix mismatched subscribe/unsubscribe with normal/shared topics.
- Fix crash on bridge using remapped topic being sent a crafted packet.
Client library:
- Fix some error codes being converted to string as "unknown". Closes #2579.
- Clear SSL error state to avoid spurious error reporting. Closes #3054.
- Fix "payload format invalid" not being allowed as a PUBREC reason code.
- Don't allow SUBACK with missing reason codes.
Build:
- Thread support is re-enabled on Windows.
2.0.18 - 2023-09-18
===================
Broker:
- Fix crash on subscribe under certain unlikely conditions. Closes #2885.
Closes #2881.
Clients:
- Fix mosquitto_rr not honouring `-R`. Closes #2893.
Windows:
- Installer will start/stop the mosquitto service when installing and
uninstalling, to prevent problems with not being able to overwrite or remove
mosquitto.exe.
2.0.17 - 2023-08-22
===================
Broker:
- Fix `max_queued_messages 0` stopping clients from receiving messages.
Closes #2879.
- Fix `max_inflight_messages` not being set correctly. Closes #2876.
Apps:
- Fix `mosquitto_passwd -U` backup file creation. Closes #2873.
2.0.16 - 2023-08-16
===================
Security:
- CVE-2023-28366: Fix memory leak in broker when clients send multiple QoS 2
messages with the same message ID, but then never respond to the PUBREC
commands.
- CVE-2023-0809: Fix excessive memory being allocated based on malicious
initial packets that are not CONNECT packets.
- CVE-2023-3592: Fix memory leak when clients send v5 CONNECT packets with a
will message that contains invalid property types.
- Broker will now reject Will messages that attempt to publish to $CONTROL/.
- Broker now validates usernames provided in a TLS certificate or TLS-PSK
identity are valid UTF-8.
- Fix potential crash when loading invalid persistence file.
- Library will no longer allow single level wildcard certificates, e.g. *.com
Broker:
- Fix $SYS messages being expired after 60 seconds and hence unchanged values
disappearing.
- Fix some retained topic memory not being cleared immediately after used.
- Fix error handling related to the `bind_interface` option.
- Fix std* files not being redirected when daemonising, when built with
assertions removed. Closes #2708.
- Fix default settings incorrectly allowing TLS v1.1. Closes #2722.
- Use line buffered mode for stdout. Closes #2354. Closes #2749.
- Fix bridges with non-matching cleansession/local_cleansession being expired
on start after restoring from persistence. Closes #2634.
- Fix connections being limited to 2048 on Windows. The limit is now 8192,
where supported. Closes #2732.
- Broker will log warnings if sensitive files are world readable/writable, or
if the owner/group is not the same as the user/group the broker is running
as. In future versions the broker will refuse to open these files.
- mosquitto_memcmp_const is now more constant time.
- Only register with DLT if DLT logging is enabled.
- Fix any possible case where a json string might be incorrectly loaded. This
could have caused a crash if a textname or textdescription field of a role was
not a string, when loading the dynsec config from file only.
- Dynsec plugin will not allow duplicate clients/groups/roles when loading
config from file, which matches the behaviour for when creating them.
- Fix heap overflow when reading corrupt config with "log_dest file".
Client library:
- Use CLOCK_BOOTTIME when available, to keep track of time. This solves the
problem of the client OS sleeping and the client hence not being able to
calculate the actual time for keepalive purposes. Closes #2760.
- Fix default settings incorrectly allowing TLS v1.1. Closes #2722.
- Fix high CPU use on slow TLS connect. Closes #2794.
Clients:
- Fix incorrect topic-alias property value in mosquitto_sub json output.
- Fix confusing message on TLS certificate verification. Closes #2746.
Apps:
- mosquitto_passwd uses mkstemp() for backup files.
- `mosquitto_ctrl dynsec init` will refuse to overwrite an existing file,
without a race-condition.
2.0.15 - 2022-08-16
===================
Security:
- Deleting the group configured as the anonymous group in the Dynamic Security
plugin, would leave a dangling pointer that could lead to a single crash.
This is considered a minor issue - only administrative users should have
access to dynsec, the impact on availability is one-off, and there is no
associated loss of data. It is now forbidden to delete the group configured
as the anonymous group.
Broker:
- Fix memory leak when a plugin modifies the topic of a message in
MOSQ_EVT_MESSAGE.
- Fix bridge `restart_timeout` not being honoured.
- Fix potential memory leaks if a plugin modifies the message in the
MOSQ_EVT_MESSAGE event.
- Fix unused flags in CONNECT command being forced to be 0, which is not
required for MQTT v3.1. Closes #2522.
- Improve documentation of `persistent_client_expiration` option.
Closes #2404.
- Add clients to session expiry check list when restarting and reloading from
persistence. Closes #2546.
- Fix bridges not sending failure notification messages to the local broker if
the remote bridge connection fails. Closes #2467. Closes #1488.
- Fix some PUBLISH messages not being counted in $SYS stats. Closes #2448.
- Fix incorrect return code being sent in DISCONNECT when a client session is
taken over. Closes #2607.
- Fix confusing "out of memory" error when a client is kicked in the dynamic
security plugin. Closes #2525.
- Fix confusing error message when dynamic security config file was a
directory. Closes #2520.
- Fix bridge queued messages not being persisted when local_cleansession is
set to false and cleansession is set to true. Closes #2604.
- Dynamic security: Fix modifyClient and modifyGroup commands to not modify
the client/group if a new group/client being added is not valid.
Closes #2598.
- Dynamic security: Fix the plugin being able to be loaded twice. Currently
only a single plugin can interact with a unique $CONTROL topic. Using
multiple instances of the plugin would produce duplicate entries in the
config file. Closes #2601. Closes #2470.
- Fix case where expired messages were causing queued messages not to be
delivered. Closes #2609.
- Fix websockets not passing on the X-Forwarded-For header.
Client library:
- Fix threads library detection on Windows under cmake. Bumps the minimum
cmake version to 3.1, which is still ancient.
- Fix use of `MOSQ_OPT_TLS_ENGINE` being unable to be used due to the openssl
ctx not being initialised until starting to connect. Closes #2537.
- Fix incorrect use of SSL_connect. Closes #2594.
- Don't set SIGPIPE to ignore, use MSG_NOSIGNAL instead. Closes #2564.
- Add documentation of struct mosquitto_message to header. Closes #2561.
- Fix documentation omission around mosquitto_reinitialise. Closes #2489.
- Fix use of MOSQ_OPT_SSL_CTX when used in conjunction with
MOSQ_OPT_SSL_CTX_DEFAULTS. Closes #2463.
- Fix failure to close thread in some situations. Closes #2545.
Clients:
- Fix mosquitto_pub incorrectly reusing topic aliases when reconnecting.
Closes #2494.
Apps:
- Fix `-o` not working in `mosquitto_ctrl`, and typo in related documentation.
Closes #2471.
2.0.14 - 2021-11-17
===================
Broker:
- Fix bridge not respecting receive-maximum when reconnecting with MQTT v5.
Client library:
- Fix mosquitto_topic_matches_sub2() not using the length parameters.
Closes #2364.
- Fix incorrect subscribe_callback in mosquittopp.h. Closes #2367.
2.0.13 - 2021-10-27
===================
Broker:
- Fix `max_keepalive` option not being able to be set to 0.
- Fix LWT messages not being delivered if `per_listener_settings` was set to
true. Closes #2314.
- Various fixes around inflight quota management. Closes #2306.
- Fix problem parsing config files with Windows line endings. Closes #2297.
- Don't send retained messages when a shared subscription is made.
- Fix log being truncated in Windows.
- Fix client id not showing in log on failed connections, where possible.
- Fix broker sending duplicate CONNACK on failed MQTT v5 reauthentication.
Closes #2339.
- Fix mosquitto_plugin.h not including mosquitto_broker.h. Closes #2350.
- Fix unlimited message quota not being properly checked for incoming
messages. Closes #2593.
- Fixed build for openssl compiled with OPENSSL_NO_ENGINE. Closes #2589.
Client library:
- Initialise sockpairR/W to invalid in `mosquitto_reinitialise()` to avoid
closing invalid sockets in `mosquitto_destroy()` on error. Closes #2326.
Clients:
- Fix date format in mosquitto_sub output. Closes #2353.
2.0.12 - 2021-08-31
===================
Security:
- An MQTT v5 client connecting with a large number of user-property properties
could cause excessive CPU usage, leading to a loss of performance and
possible denial of service. This has been fixed.
- Fix `max_keepalive` not applying to MQTT v3.1.1 and v3.1 connections.
These clients are now rejected if their keepalive value exceeds
max_keepalive. This option allows CVE-2020-13849, which is for the MQTT
v3.1.1 protocol itself rather than an implementation, to be addressed.
- Using certain listener related configuration options e.g. `cafile`, that
apply to the default listener without defining any listener would cause a
remotely accessible listener to be opened that was not confined to the local
machine but did have anonymous access enabled, contrary to the
documentation. This has been fixed. Closes #2283.
- CVE-2021-34434: If a plugin had granted ACL subscription access to a
durable/non-clean-session client, then removed that access, the client would
keep its existing subscription. This has been fixed.
- Incoming QoS 2 messages that had not completed the QoS flow were not being
checked for ACL access when a clean session=False client was reconnecting.
This has been fixed.
Broker:
- Fix possible out of bounds memory reads when reading a corrupt/crafted
configuration file. Unless your configuration file is writable by untrusted
users this is not a risk. Closes #567213.
- Fix `max_connections` option not being correctly counted.
- Fix TLS certificates and TLS-PSK not being able to be configured at the same
time.
- Disable TLS v1.3 when using TLS-PSK, because it isn't correctly configured.
- Fix `max_keepalive` not applying to MQTT v3.1.1 and v3.1 connections.
These clients are now rejected if their keepalive value exceeds
max_keepalive. This option allows CVE-2020-13849, which is for the MQTT
v3.1.1 protocol itself rather than an implementation, to be addressed.
- Fix broker not quiting if e.g. the `password_file` is specified as a
directory. Closes #2241.
- Fix listener mount_point not being removed on outgoing messages.
Closes #2244.
- Strict protocol compliance fixes, plus test suite.
- Fix $share subscriptions not being recovered for durable clients that
reconnect.
- Update plugin configuration documentation. Closes #2286.
Client library:
- If a client uses TLS-PSK then force the default cipher list to use "PSK"
ciphers only. This means that a client connecting to a broker configured
with x509 certificates only will now fail. Prior to this, the client would
connect successfully without verifying certificates, because they were not
configured.
- Disable TLS v1.3 when using TLS-PSK, because it isn't correctly configured.
- Threaded mode is deconfigured when the mosquitto_loop_start() thread ends,
which allows mosquitto_loop_start() to be called again. Closes #2242.
- Fix MOSQ_OPT_SSL_CTX not being able to be set to NULL. Closes #2289.
- Fix reconnecting failing when MOSQ_OPT_TLS_USE_OS_CERTS was in use, but none
of capath, cafile, psk, nor MOSQ_OPT_SSL_CTX were set, and
MOSQ_OPT_SSL_CTX_WITH_DEFAULTS was set to the default value of true.
Closes #2288.
Apps:
- Fix `mosquitto_ctrl dynsec setDefaultACLAccess` command not working.
Clients:
- mosquitto_sub and mosquitto_rr now open stdout in binary mode on Windows
so binary payloads are not modified when printing.
- Document TLS certificate behaviour when using `-p 8883`.
Build:
- Fix installation using WITH_TLS=no. Closes #2281.
- Fix builds with libressl 3.4.0. Closes #2198.
- Remove some unnecessary code guards related to libressl.
- Fix printf format build warning on MIPS. Closes #2271.
2.0.11 - 2021-06-08
===================
Security:
- If a MQTT v5 client connects with a crafted CONNECT packet a memory leak
will occur. This has been fixed.
Broker:
- Fix possible crash having just upgraded from 1.6 if `per_listener_settings
true` is set, and a SIGHUP is sent to the broker before a client has
reconnected to the broker. Closes #2167.
- Fix bridge not reconnectng if the first reconnection attempt fails.
Closes #2207.
- Improve QoS 0 outgoing packet queueing.
- Fix non-reachable bridge blocking the broker on Windows. Closes #2172.
- Fix possible corruption of pollfd array on Windows when bridges were
reconnecting. Closes #2173.
- Fix QoS 0 messages not being queued when `queue_qos0_messages` was enabled.
Closes #2224.
- Fix openssl not being linked to dynamic security plugin. Closes #2277.
Clients:
- If sending mosquitto_sub output to a pipe, mosquitto_sub will now detect
that the pipe has closed and disconnect. Closes #2164.
- Fix `mosquitto_pub -l` quitting if a message publication is attempted when
the broker is temporarily unavailable. Closes #2187.
2.0.10 - 2021-04-03
==================
Security:
- CVE-2021-28166: If an authenticated client connected with MQTT v5 sent a
malformed CONNACK message to the broker a NULL pointer dereference occurred,
most likely resulting in a segfault.
Affects versions 2.0.0 to 2.0.9 inclusive.
Broker:
- Don't over write new receive-maximum if a v5 client connects and takes over
an old session. Closes #2134.
- Fix CVE-2021-28166. Closes #2163.
Clients:
- Set `receive-maximum` to not exceed the `-C` message count in mosquitto_sub
and mosquitto_rr, to avoid potentially lost messages. Closes #2134.
- Fix TLS-PSK mode not working with port 8883. Closes #2152.
Client library:
- Fix possible socket leak. This would occur if a client was using
`mosquitto_loop_start()`, then if the connection failed due to the remote
server being inaccessible they called `mosquitto_loop_stop(, true)` and
recreated the mosquitto object.
Build:
- A variety of minor build related fixes, like functions not having previous
declarations.
- Fix CMake cross compile builds not finding opensslconf.h. Closes #2160.
- Fix build on Solaris non-sparc. Closes #2136.
2.0.9 - 2021-03-11
==================
Security:
- If an empty or invalid CA file was provided to the client library for
verifying the remote broker, then the initial connection would fail but
subsequent connections would succeed without verifying the remote broker
certificate. Closes #2130.
- If an empty or invalid CA file was provided to the broker for verifying the
remote broker for an outgoing bridge connection then the initial connection
would fail but subsequent connections would succeed without verifying the
remote broker certificate. Closes #2130.
Broker:
- Fix encrypted bridge connections incorrectly connecting when `bridge_cafile`
is empty or invalid. Closes #2130.
- Fix `tls_version` behaviour not matching documentation. It was setting the
exact TLS version to use, not the minimium TLS version to use. Closes #2110.
- Fix messages to `$` prefixed topics being rejected. Closes #2111.
- Fix QoS 0 messages not being delivered when max_queued_bytes was configured.
Closes #2123.
- Fix bridge increasing backoff calculation.
- Improve handling of invalid combinations of listener address and bind
interface configurations. Closes #2081.
- Fix `max_keepalive` option not applying to clients connecting with keepalive
set to 0. Closes #2117.
Client library:
- Fix encrypted connections incorrectly connecting when the CA file passed to
`mosquitto_tls_set()` is empty or invalid. Closes #2130.
- Fix connections retrying very rapidly in some situations.
Build:
- Fix cmake epoll detection.
2.0.8 - 2021-02-25
==================
Broker:
- Fix incorrect datatypes in `struct mosquitto_evt_tick`. This changes the
size and offset of two of the members of this struct, and changes the size
of the struct. This is an ABI break, but is considered to be acceptable
because plugins should never be allocating their own instance of this
struct, and currently none of the struct members are used for anything, so a
plugin should not be accessing them. It would also be safe to read/write
from the existing struct parameters.
- Give compile time warning if libwebsockets compiled without external poll
support. Closes #2060.
- Fix memory tracking not being available on FreeBSD or macOS. Closes #2096.
Client library:
- Fix mosquitto_{pub|sub}_topic_check() functions not returning MOSQ_ERR_INVAL
on topic == NULL.
Clients:
- Fix possible loss of data in `mosquitto_pub -l` when sending multiple long
lines. Closes #2078.
Build:
- Provide a mechanism for Docker users to run a broker that doesn't use
authentication, without having to provide their own configuration file.
Closes #2040.
2.0.7 - 2021-02-04
==================
Broker:
- Fix exporting of executable symbols on BSD when building via makefile.
- Fix some minor memory leaks on exit only.
- Fix possible memory leak on connect. Closes #2057.
- Fix openssl engine not being able to load private key. Closes #2066.
Clients:
- Fix config files truncating options after the first space. Closes #2059.
Build:
- Fix man page building to not absolutely require xsltproc when using CMake.
This now handles the case where we are building from the released tar, or
building from git if xsltproc is available, or building from git if xsltproc
is not available.
1.6.13 - 2021-02-04
===================
Broker:
- Fix crash on Windows if loading a plugin fails. Closes #1866.
- Fix DH group not being set for TLS connections, which meant ciphers using
DHE couldn't be used. Closes #1925. Closes #1476.
- Fix local bridges being disconnected on SIGHUP. Closes #1942.
- Fix $SYS/broker/publish/messages/+ counters not being updated for QoS 1, 2
messages. Closes #1968.
- Fix listener not being reassociated with client when reloading a persistence
file and `per_listener_settings true` is set and the client did not set a
username. Closes #1891.
- Fix file logging on Windows. Closes #1880.
- Fix bridge sock not being removed from sock hash on error. Closes #1897.
Client library:
- Fix build on Mac Big Sur. Closes #1905.
- Fix DH group not being set for TLS connections, which meant ciphers using
DHE couldn't be used. Closes #1925. Closes #1476.
Clients:
- mosquitto_sub will now quit with an error if the %U option is used on
Windows, rather than just quitting. Closes #1908.
- Fix config files truncating options after the first space. Closes #2059.
Apps:
- Perform stricter parsing of input username in mosquitto_passwd. Closes
#570126 (Eclipse bugzilla).
Build:
- Enable epoll support in CMake builds.
2.0.6 - 2021-01-28
==================
Broker:
- Fix calculation of remaining length parameter for websockets clients that
send fragmented packets. Closes #1974.
Broker:
- Fix potential duplicate Will messages being sent when a will delay interval
has been set.
- Fix message expiry interval property not being honoured in
`mosquitto_broker_publish` and `mosquitto_broker_publish_copy`.
- Fix websockets listeners with TLS not responding. Closes #2020.
- Add notes that libsystemd-dev or similar is needed if building with systemd
support. Closes #2019.
- Improve logging in obscure cases when a client disconnects. Closes #2017.
- Fix reloading of listeners where multiple listeners have been defined with
the same port but different bind addresses. Closes #2029.
- Fix `message_size_limit` not applying to the Will payload. Closes #2022.
- The error topic-alias-invalid was being sent if an MQTT v5 client published
a message with empty topic and topic alias set, but the topic alias hadn't
already been configured on the broker. This has been fixed to send a
protocol error, as per section 3.3.4 of the specification.
- Note in the man pages that SIGHUP reloads TLS certificates. Closes #2037.
- Fix bridges not always connecting on Windows. Closes #2043.
Apps:
- Allow command line arguments to override config file options in
mosquitto_ctrl. Closes #2010.
- mosquitto_ctrl: produce an error when requesting a new password if both
attempts do not match. Closes #2011.
Build:
- Fix cmake builds using `WITH_CJSON=no` not working if cJSON not found.
Closes #2026.
Other:
- The SPDX identifiers for EDL-1.0 have been changed to BSD-3-Clause as per
The Eclipse legal documentation generator. The licenses are identical.
2.0.5 - 2021-01-11
==================
Broker:
- Fix `auth_method` not being provided to the extended auth plugin event.
Closes #1975.
- Fix large packets not being completely published to slow clients.
Closes #1977.
- Fix bridge connection not relinquishing POLLOUT after messages are sent.
Closes #1979.
- Fix apparmor incorrectly denying access to
/var/lib/mosquitto/mosquitto.db.new. Closes #1978.
- Fix potential intermittent initial bridge connections when using poll().
- Fix `bind_interface` option. Closes #1999.
- Fix invalid behaviour in dynsec plugin if a group or client is deleted
before a role that was attached to the group or client is deleted.
Closes #1998.
- Improve logging in dynsec addGroupRole command. Closes #2005.
- Improve logging in dynsec addGroupClient command. Closes #2008.
Client library:
- Improve documentation around the `_v5()` and non-v5 functions, e.g.
`mosquitto_publish()` and `mosquitto_publish_v5().
Build:
- `install` Makefile target should depend on `all`, not `mosquitto`, to ensure
that man pages are always built. Closes #1989.
- Fixes for lots of minor build warnings highlighted by Visual Studio.
Apps:
- Disallow control characters in mosquitto_passwd usernames.
- Fix incorrect description in mosquitto_ctrl man page. Closes #1995.
- Fix `mosquitto_ctrl dynsec getGroup` not showing roles. Closes #1997.
2.0.4 - 2020-12-22
==================
Broker:
- Fix $SYS/broker/publish/messages/+ counters not being updated for QoS 1, 2
messages. Closes #1968.
- mosquitto_connect_bind_async() and mosquitto_connect_bind_v5() should not
reset the bind address option if called with bind_address == NULL.
- Fix dynamic security configuration possibly not being reloaded on Windows
only. Closes #1962.
- Add more log messages for dynsec load/save error conditions.
- Fix websockets connections blocking non-websockets connections on Windows.
Closes #1934.
Build:
- Fix man pages not being built when using CMake. Closes #1969.
2.0.3 - 2020-12-17
==================
Security:
- Running mosquitto_passwd with the following arguments only
`mosquitto_passwd -b password_file username password` would cause the
username to be used as the password.
Broker:
- Fix excessive CPU use on non-Linux systems when the open file limit is set
high. Closes #1947.
- Fix LWT not being sent on client takeover when the existing session wasn't
being continued. Closes #1946.
- Fix bridges possibly not completing connections when WITH_ADNS is in use.
Closes #1960.
- Fix QoS 0 messages not being delivered if max_queued_messages was set to 0.
Closes #1956.
- Fix local bridges being disconnected on SIGHUP. Closes #1942.
- Fix slow initial bridge connections for WITH_ADNS=no.
- Fix persistence_location not appending a '/'.
Clients:
- Fix mosquitto_sub being unable to terminate with Ctrl-C if a successful
connection is not made. Closes #1957.
Apps:
- Fix `mosquitto_passwd -b` using username as password (not if `-c` is also
used). Closes #1949.
Build:
- Fix `install` target when using WITH_CJSON=no. Closes #1938.
- Fix `generic` docker build. Closes #1945.
2.0.2 - 2020-12-10
==================
Broker:
- Fix build regression for WITH_WEBSOCKETS=yes on non-Linux systems.
2.0.1 - 2020-12-10
==================
Broker:
- Fix websockets connections on Windows blocking subsequent connections.
Closes #1934.
- Fix DH group not being set for TLS connections, which meant ciphers using
DHE couldn't be used. Closes #1925. Closes #1476.
- Fix websockets listeners not causing the main loop not to wake up.
Closes #1936.
Client library:
- Fix DH group not being set for TLS connections, which meant ciphers using
DHE couldn't be used. Closes #1925. Closes #1476.
Apps:
- Fix `mosquitto_passwd -U`
Build:
- Fix cjson include paths.
- Fix build using WITH_TLS=no when the openssl headers aren't available.
- Distribute cmake/ and snap/ directories in tar.
2.0.0 - 2020-12-03
==================
Breaking changes:
- When the Mosquitto broker is run without configuring any listeners it will
now bind to the loopback interfaces 127.0.0.1 and/or ::1. This means that
only connections from the local host will be possible.
Running the broker as `mosquitto` or `mosquitto -p 1883` will bind to the
loopback interface.
Running the broker with a configuration file with no listeners configured
will bind to the loopback interface with port 1883.
Running the broker with a listener defined will bind by default to `0.0.0.0`
/ `::` and so will be accessible from any interface. It is still possible to
bind to a specific address/interface.
If the broker is run as `mosquitto -c mosquitto.conf -p 1884`, and a
listener is defined in the configuration file, then the port defined on the
command line will be IGNORED, and no listener configured for it.
- All listeners now default to `allow_anonymous false` unless explicitly set
to true in the configuration file. This means that when configuring a
listener the user must either configure an authentication and access control
method, or set `allow_anonymous true`. When the broker is run without a
configured listener, and so binds to the loopback interface, anonymous
connections are allowed.
- If Mosquitto is run on as root on a unix like system, it will attempt to
drop privileges as soon as the configuration file has been read. This is in
contrast to the previous behaviour where elevated privileges were only
dropped after listeners had been started (and hence TLS certificates loaded)
and logging had been started. The change means that clients will never be
able to connect to the broker when it is running as root, unless the user
explicitly sets it to run as root, which is not advised. It also means that
all locations that the broker needs to access must be available to the
unprivileged user. In particular those people using TLS certificates from
Lets Encrypt will need to do something to allow Mosquitto to access
those certificates. An example deploy renewal hook script to help with this
is at `misc/letsencrypt/mosquitto-copy.sh`.
The user that Mosquitto will change to are the one provided in the
configuration, `mosquitto`, or `nobody`, in order of availability.
- The `pid_file` option will now always attempt to write a pid file,
regardless of whether the `-d` argument is used when running the broker.
- The `tls_version` option now defines the *minimum* TLS protocol version to
be used, rather than the exact version. Closes #1258.
- The `max_queued_messages` option has been increased from 100 to 1000 by
default, and now also applies to QoS 0 messages, when a client is connected.
- The mosquitto_sub, mosquitto_pub, and mosquitto_rr clients will now load
OS provided CA certificates by default if `-L mqtts://...` is used, or if
the port is set to 8883 and no other CA certificates are loaded.
- Minimum support libwebsockets version is now 2.4.0
- The license has changed from "EPL-1.0 OR EDL-1.0" to "EPL-2.0 OR EDL-1.0".
Broker features:
- New plugin interface which is more flexible, easier to develop for and
easier to extend.
- New dynamic security plugin, which allows clients, groups, and roles to be
defined and updated as the broker is running.
- Performance improvements, particularly for higher numbers of clients.
- When running as root, if dropping privileges to the "mosquitto" user fails,
then try "nobody" instead. This reduces the burden on users installing
Mosquitto themselves.
- Add support for Unix domain socket listeners.
- Add `bridge_outgoing_retain` option, to allow outgoing messages from a
bridge to have the retain bit completely disabled, which is useful when
bridging to e.g. Amazon or Google.
- Add support for MQTT v5 bridges to handle the "retain-available" property
being false.
- Allow MQTT v5.0 outgoing bridges to fall back to MQTT v3.1.1 if connecting
to a v3.x only broker.
- DLT logging is now configurable at runtime with `log_dest dlt`.
Closes #1735.
- Add `mosquitto_broker_publish()` and `mosquitto_broker_publish_copy()`
functions, which can be used by plugins to publish messages.
- Add `mosquitto_client_protocol_version()` function which can be used by
plugins to determine which version of MQTT a client has connected with.
- Add `mosquitto_kick_client_by_clientid()` and `mosquitto_kick_client_by_username()`
functions, which can be used by plugins to disconnect clients.
- Add support for handling $CONTROL/ topics in plugins.
- Add support for PBKDF2-SHA512 password hashing.
- Enabling certificate based TLS encryption is now through certfile and
keyfile, not capath or cafile.
- Added support for controlling UNSUBSCRIBE calls in v5 plugin ACL checks.
- Add "deny" acl type. Closes #1611.
- The broker now sends the receive-maximum property for MQTT v5 CONNACKs.
- Add the `bridge_max_packet_size` option. Closes #265.
- Add the `bridge_bind_address` option. Closes #1311.
- TLS certificates for the server are now reloaded on SIGHUP.
- Default for max_queued_messages has been changed to 1000.
- Add `ciphers_tls1.3` option, to allow setting TLS v1.3 ciphersuites.
Closes #1825.
- Bridges now obey MQTT v5 server-keepalive.
- Add bridge support for the MQTT v5 maximum-qos property.
- Log client port on new connections. Closes #1911.
Broker fixes:
- Send DISCONNECT with `malformed-packet` reason code on invalid PUBLISH,
SUBSCRIBE, and UNSUBSCRIBE packets.
- Document that X509_free() must be called after using
mosquitto_client_certificate(). Closes #1842.
- Fix listener not being reassociated with client when reloading a persistence
file and `per_listener_settings true` is set and the client did not set a
username. Closes #1891.
- Fix bridge sock not being removed from sock hash on error. Closes #1897.
- mosquitto_password now forbids the : character. Closes #1833.
- Fix `log_timestamp_format` not applying to `log_dest topic`. Closes #1862.
- Fix crash on Windows if loading a plugin fails. Closes #1866.
- Fix file logging on Windows. Closes #1880.
- Report an error if the config file is set to a directory. Closes #1814.
- Fix bridges incorrectly setting Wills to manage remote notifications when
`notifications_local_only` was set true. Closes #1902.
Client library features:
- Client no longer generates random client ids for v3.1.1 clients, these are
now expected to be generated on the broker. This matches the behaviour for
v5 clients. Closes #291.
- Add support for connecting to brokers through Unix domain sockets.
- Add `mosquitto_property_identifier()`, for retrieving the identifier integer
for a property.
- Add `mosquitto_property_identifier_to_string()` for converting a property
identifier integer to the corresponding property name string.
- Add `mosquitto_property_next()` to retrieve the next property in a list, for
iterating over property lists.
- mosquitto_pub now handles the MQTT v5 retain-available property by never
setting the retain bit.
- Added MOSQ_OPT_TCP_NODELAY, to allow disabling Nagle's algorithm on client
sockets. Closes #1526.
- Add `mosquitto_ssl_get()` to allow clients to access their SSL structure and
perform additional verification.
- Add MOSQ_OPT_BIND_ADDRESS to allow setting of a bind address independently
of the `mosquitto_connect*()` call.
- Add `MOSQ_OPT_TLS_USE_OS_CERTS` option, to instruct the client to load and
trust OS provided CA certificates for use with TLS connections.
Client library fixes:
- Fix send quota being incorrecly reset on reconnect. Closes #1822.
- Don't use logging until log mutex is initialised. Closes #1819.
- Fix missing mach/mach_time.h header on OS X. Closes #1831.
- Fix connect properties not being sent when the client automatically
reconnects. Closes #1846.
Client features:
- Add timeout return code (27) for `mosquitto_sub -W <secs>` and
`mosquitto_rr -W <secs>`. Closes #275.
- Add support for connecting to brokers through Unix domain sockets with the
`--unix` argument.
- Use cJSON library for producing JSON output, where available. Closes #1222.
- Add support for outputting MQTT v5 property information to mosquitto_sub/rr
JSON output. Closes #1416.
- Add `--pretty` option to mosquitto_sub/rr for formatted/unformatted JSON
output.
- Add support for v5 property printing to mosquitto_sub/rr in non-JSON mode.
Closes #1416.
- Add `--nodelay` to all clients to allow them to use the MOSQ_OPT_TCP_NODELAY
option.
- Add `-x` to all clients to all the session-expiry-interval property to be
easily set for MQTT v5 clients.
- Add `--random-filter` to mosquitto_sub, to allow only a certain proportion
of received messages to be printed.
- mosquitto_sub %j and %J timestamps are now in a ISO 8601 compatible format.
- mosquitto_sub now supports extra format specifiers for field width and
precision for some parameters.
- Add `--version` for all clients.
- All clients now load OS provided CA certificates if used with `-L
mqtts://...`, or if port is set to 8883 and no other CA certificates are
used. Closes #1824.
- Add the `--tls-use-os-certs` option to all clients.
Client fixes:
- mosquitto_sub will now exit if all subscriptions were denied.
- mosquitto_pub now sends 0 length files without an error when using `-f`.
- Fix description of `-e` and `-t` arguments in mosquitto_rr. Closes #1881.
- mosquitto_sub will now quit with an error if the %U option is used on
Windows, rather than just quitting. Closes #1908.
1.6.12 - 2020-08-19
===================
Security:
- In some circumstances, Mosquitto could leak memory when handling PUBLISH
messages. This is limited to incoming QoS 2 messages, and is related
to the combination of the broker having persistence enabled, a clean
session=false client, which was connected prior to the broker restarting,
then has reconnected and has now sent messages at a sufficiently high rate
that the incoming queue at the broker has filled up and hence messages are
being dropped. This is more likely to have an effect where
max_queued_messages is a small value. This has now been fixed. Closes #1793.
Broker:
- Build warning fixes when building with WITH_BRIDGE=no and WITH_TLS=no.
Clients:
- All clients exit with an error exit code on CONNACK failure. Closes #1778.
- Don't busy loop with `mosquitto_pub -l` on a slow connection.
1.5.10 - 2020-08-19
===================
Security:
- In some circumstances, Mosquitto could leak memory when handling PUBLISH
messages. This is limited to incoming QoS 2 messages, and is related
to the combination of the broker having persistence enabled, a clean
session=false client, which was connected prior to the broker restarting,
then has reconnected and has now sent messages at a sufficiently high rate
that the incoming queue at the broker has filled up and hence messages are
being dropped. This is more likely to have an effect where
max_queued_messages is a small value. This has now been fixed. Closes #1793.
1.6.11 - 2020-08-11
===================
Security:
- On Windows the Mosquitto service was being installed without appropriate
path quoting, this has been fixed.
Broker:
- Fix usage message only mentioning v3.1.1. Closes #1713.
- Fix broker refusing to start if only websockets listeners were defined.
Closes #1740.
- Change systemd unit files to create /var/log/mosquitto before starting.
Closes #821.
- Don't quit with an error if opening the log file isn't possible.
Closes #821.
- Fix bridge topic remapping when using "" as the topic. Closes #1749.
- Fix messages being queued for disconnected bridges when clean start was
set to true. Closes #1729.
- Fix `autosave_interval` not being triggered by messages being delivered.
Closes #1726.
- Fix websockets clients sometimes not being disconnected promptly.
Closes #1718.
- Fix "slow" file based logging by switching to line based buffering.
Closes #1689. Closes #1741.
- Log protocol error message where appropriate from a bad UNSUBSCRIBE, rather
than the generic "socket error".
- Don't try to start DLT logging if DLT unavailable, to avoid a long delay
when shutting down the broker. Closes #1735.
- Fix potential memory leaks. Closes #1773. Closes #1774.
- Fix clients not receiving messages after a previous client with the same
client ID and positive will delay interval quit. Closes #1752.
- Fix overly broad HAVE_PTHREAD_CANCEL compile guard. Closes #1547.
Client library:
- Improved documentation around connect callback return codes. Close #1730.
- Fix `mosquitto_publish*()` no longer returning `MOSQ_ERR_NO_CONN` when not
connected. Closes #1725.
- `mosquitto_loop_start()` now sets a thread name on Linux, FreeBSD, NetBSD,
and OpenBSD. Closes #1777.
- Fix `mosquitto_loop_stop()` not stopping on Windows. Closes #1748. Closes #117.
1.6.10 - 2020-05-25
===================
Broker:
- Report invalid bridge prefix+pattern combinations at config parsing time
rather than letting the bridge fail later. Issue #1635.
- Fix `mosquitto_passwd -b` not updating passwords for existing users
correctly. Creating a new user with `-b` worked without problem.
Closes #1664.
- Fix memory leak when connecting clients rejected.
- Don't disconnect clients that are already disconnected. This prevents the
session expiry being extended on SIGHUP. Closes #1521.
- Fix support for openssl 3.0.
- Fix check when loading persistence file of a different version than the
native version. Closes #1684.
- Fix possible assert crash associated with bridge reconnecting when compiled
without epoll support. Closes #1700.
Client library:
- Don't treat an unexpected PUBACK, PUBREL, or PUBCOMP as a fatal error.
Issue #1629.
- Fix support for openssl 3.0.
- Fix memory leaks from multiple calls to
`mosquitto_lib_init()`/`mosquitto_lib_cleanup()`. Closes #1691.
- Fix documentation on return code of `mosquitto_lib_init()` for Windows.
Closes #1690.
Clients:
- Fix mosquitto_sub %j or %J not working on Windows. Closes #1674.
Build:
- Various fixes for building with <C99 support. Closes #1622.
- Fix use of sed on BSD. Closes #1614.
1.6.9 - 20200227
================
Broker:
- Fix session expiry with very large expiry intervals. Closes #1525.
- Check ACL patterns for validity when loading. Closes #1539.
- Use presence of password file as indicator for whether username checks
should take place, not whether usernames are defined in the password file.
Closes #1545.
- Strip whitespace from end of config file string options. Closes #1566.
- Satisfy valgrind when exiting on error due to not being able to open a
listening socket, by calling freeaddrinfo. Closes #1565.
- Fix config->user not being freed on exit. Closes #1564.
- Fix trailing whitespace not being trimmed on acl users. Closes #1539.
- Fix `bind_interface` not working for the default listener. Closes #1533.
- Improve password file parsing in the broker and mosqitto_passwd. Closes #1584.
- Print OpenSSL errors in more situations, like when loading certificates
fails. Closes #1552.
- Fix `mosquitto_client_protocol() returning incorrect values.
Client library:
- Set minimum keepalive argument to `mosquitto_connect*()` to be 5 seconds.
Closes #1550.
- Fix `mosquitto_topic_matches_sub()` not returning MOSQ_ERR_INVAL if the
topic contains a wildcard. Closes #1589.
Clients:
- Fix `--remove-retained` not obeying the `-T` option for filtering out
topics. Closes #1585.
- Default behaviour for v5 clients using `-c` is now to use infinite length
sessions, as with v3 clients. Closes #1546.
1.6.8 - 20191128
================
Broker:
- Various fixes for `allow_zero_length_clientid` config, where this option was
not being set correctly. Closes #1429.
- Fix incorrect memory tracking causing problems with memory_limit option.
Closes #1437.
- Fix subscription topics being limited to 200 characters instead of 200
hierarchy levels. Closes #1441.
- Only a single CRL could be loaded at once. This has been fixed.
Closes #1442.
- Fix problems with reloading config when `per_listener_settings` was true.
Closes #1459.
- Fix retained messages with an expiry interval not being expired after being
restored from persistence. Closes #1464.
- Fix messages with an expiry interval being sent without an expiry interval
property just before they were expired. Closes #1464.
- Fix TLS Websockets clients not receiving messages after taking over a
previous connection. Closes #1489.
- Fix MQTT 3.1.1 clients using clean session false, or MQTT 5.0 clients using
session-expiry-interval set to infinity never expiring, even when the global
`persistent_client_expiration` option was set. Closes #1494.
Client library:
- Fix publish properties not being passed to on_message_v5 callback for QoS 2
messages. Closes #1432.
- Fix documentation issues in mosquitto.h. Closes #1478.
- Document `mosquitto_connect_srv()`. Closes #1499.
Clients:
- Fix duplicate cfg definition in rr_client. Closes #1453.
- Fix `mosquitto_pub -l` hang when stdin stream ends. Closes #1448.