Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
镜像
Eclipse Foundation
Eclipse Mosquitto
提交
02d36f99
E
Eclipse Mosquitto
项目概览
镜像
/
Eclipse Foundation
/
Eclipse Mosquitto
大约 1 年 前同步成功
通知
36
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
E
Eclipse Mosquitto
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
02d36f99
编写于
6月 08, 2023
作者:
R
Roger A. Light
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Broker now validates usernames provided over TLS are valid UTF-8.
上级
44b94875
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
23 addition
and
3 deletion
+23
-3
ChangeLog.txt
ChangeLog.txt
+3
-1
src/handle_connect.c
src/handle_connect.c
+13
-2
src/net.c
src/net.c
+4
-0
src/plugin_public.c
src/plugin_public.c
+3
-0
未找到文件。
ChangeLog.txt
浏览文件 @
02d36f99
Security:
Security:
- Broker will reject Will messages that attempt to publish to $CONTROL/.
- Broker will now reject Will messages that attempt to publish to $CONTROL/.
- Broker now validates usernames provided in a TLS certificate or TLS-PSK
identity are valid UTF-8.
Broker:
Broker:
- Fix $SYS messages being expired after 60 seconds and hence unchanged values
- Fix $SYS messages being expired after 60 seconds and hence unchanged values
...
...
src/handle_connect.c
浏览文件 @
02d36f99
...
@@ -794,11 +794,22 @@ int handle__connect(struct mosquitto *context)
...
@@ -794,11 +794,22 @@ int handle__connect(struct mosquitto *context)
rc
=
MOSQ_ERR_AUTH
;
rc
=
MOSQ_ERR_AUTH
;
goto
handle_connect_error
;
goto
handle_connect_error
;
}
}
const
char
*
new_username
;
#if OPENSSL_VERSION_NUMBER < 0x10100000L
#if OPENSSL_VERSION_NUMBER < 0x10100000L
context
->
username
=
mosquitto__strdup
((
char
*
)
ASN1_STRING_data
(
name_asn1
)
);
new_username
=
(
const
char
*
)
ASN1_STRING_data
(
name_asn1
);
#else
#else
context
->
username
=
mosquitto__strdup
((
char
*
)
ASN1_STRING_get0_data
(
name_asn1
)
);
new_username
=
(
const
char
*
)
ASN1_STRING_get0_data
(
name_asn1
);
#endif
#endif
if
(
mosquitto_validate_utf8
(
new_username
,
(
int
)
strlen
(
new_username
))){
if
(
context
->
protocol
==
mosq_p_mqtt5
){
send__connack
(
context
,
0
,
MQTT_RC_BAD_USERNAME_OR_PASSWORD
,
NULL
);
}
else
{
send__connack
(
context
,
0
,
CONNACK_REFUSED_BAD_USERNAME_PASSWORD
,
NULL
);
}
X509_free
(
client_cert
);
return
MOSQ_ERR_AUTH
;
}
context
->
username
=
mosquitto__strdup
(
new_username
);
if
(
!
context
->
username
){
if
(
!
context
->
username
){
if
(
context
->
protocol
==
mosq_p_mqtt5
){
if
(
context
->
protocol
==
mosq_p_mqtt5
){
send__connack
(
context
,
0
,
MQTT_RC_SERVER_UNAVAILABLE
,
NULL
);
send__connack
(
context
,
0
,
MQTT_RC_SERVER_UNAVAILABLE
,
NULL
);
...
...
src/net.c
浏览文件 @
02d36f99
...
@@ -296,6 +296,10 @@ static unsigned int psk_server_callback(SSL *ssl, const char *identity, unsigned
...
@@ -296,6 +296,10 @@ static unsigned int psk_server_callback(SSL *ssl, const char *identity, unsigned
}
}
if
(
listener
->
use_identity_as_username
){
if
(
listener
->
use_identity_as_username
){
if
(
mosquitto_validate_utf8
(
identity
,
(
int
)
strlen
(
identity
))){
mosquitto__free
(
psk_key
);
return
0
;
}
context
->
username
=
mosquitto__strdup
(
identity
);
context
->
username
=
mosquitto__strdup
(
identity
);
if
(
!
context
->
username
){
if
(
!
context
->
username
){
mosquitto__free
(
psk_key
);
mosquitto__free
(
psk_key
);
...
...
src/plugin_public.c
浏览文件 @
02d36f99
...
@@ -244,6 +244,9 @@ int mosquitto_set_username(struct mosquitto *client, const char *username)
...
@@ -244,6 +244,9 @@ int mosquitto_set_username(struct mosquitto *client, const char *username)
if
(
!
client
)
return
MOSQ_ERR_INVAL
;
if
(
!
client
)
return
MOSQ_ERR_INVAL
;
if
(
username
){
if
(
username
){
if
(
mosquitto_validate_utf8
(
username
,
(
int
)
strlen
(
username
))){
return
MOSQ_ERR_MALFORMED_UTF8
;
}
u_dup
=
mosquitto__strdup
(
username
);
u_dup
=
mosquitto__strdup
(
username
);
if
(
!
u_dup
)
return
MOSQ_ERR_NOMEM
;
if
(
!
u_dup
)
return
MOSQ_ERR_NOMEM
;
}
else
{
}
else
{
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录