Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
镜像
Eclipse Foundation
Eclipse Mosquitto
提交
b76c3c78
E
Eclipse Mosquitto
项目概览
镜像
/
Eclipse Foundation
/
Eclipse Mosquitto
10 个月 前同步成功
通知
36
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
E
Eclipse Mosquitto
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
b76c3c78
编写于
6月 13, 2023
作者:
R
Roger A. Light
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Dynsec: Don't allow duplicate c/g/r when loading config
上级
8bc04751
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
44 addition
and
23 deletion
+44
-23
ChangeLog.txt
ChangeLog.txt
+2
-0
plugins/dynamic-security/clients.c
plugins/dynamic-security/clients.c
+12
-6
plugins/dynamic-security/groups.c
plugins/dynamic-security/groups.c
+9
-5
plugins/dynamic-security/roles.c
plugins/dynamic-security/roles.c
+21
-12
未找到文件。
ChangeLog.txt
浏览文件 @
b76c3c78
...
...
@@ -28,6 +28,8 @@ Broker:
- Fix any possible case where a json string might be incorrectly loaded. This
could have caused a crash if a textname or textdescription field of a role was
not a string, when loading the dynsec config from file only.
- Dynsec plugin will not allow duplicate clients/groups/roles when loading
config from file, which matches the behaviour for when creating them.
Client library:
- Use CLOCK_BOOTTIME when available, to keep track of time. This solves the
...
...
plugins/dynamic-security/clients.c
浏览文件 @
b76c3c78
...
...
@@ -124,18 +124,24 @@ int dynsec_clients__config_load(cJSON *tree)
cJSON_ArrayForEach
(
j_client
,
j_clients
){
if
(
cJSON_IsObject
(
j_client
)
==
true
){
client
=
mosquitto_calloc
(
1
,
sizeof
(
struct
dynsec__client
));
if
(
client
==
NULL
){
return
MOSQ_ERR_NOMEM
;
}
/* Username */
char
*
username
;
json_get_string
(
j_client
,
"username"
,
&
username
,
false
);
if
(
!
username
){
mosquitto_free
(
client
);
continue
;
}
client
=
dynsec_clients__find
(
username
);
if
(
client
){
continue
;
}
client
=
mosquitto_calloc
(
1
,
sizeof
(
struct
dynsec__client
));
if
(
client
==
NULL
){
return
MOSQ_ERR_NOMEM
;
}
client
->
username
=
mosquitto_strdup
(
username
);
if
(
client
->
username
==
NULL
){
mosquitto_free
(
client
);
...
...
plugins/dynamic-security/groups.c
浏览文件 @
b76c3c78
...
...
@@ -214,16 +214,20 @@ int dynsec_groups__config_load(cJSON *tree)
cJSON_ArrayForEach
(
j_group
,
j_groups
){
if
(
cJSON_IsObject
(
j_group
)
==
true
){
/* Group name */
if
(
json_get_string
(
j_group
,
"groupname"
,
&
groupname
,
false
)
!=
MOSQ_ERR_SUCCESS
){
continue
;
}
group
=
dynsec_groups__find
(
groupname
);
if
(
group
){
continue
;
}
group
=
mosquitto_calloc
(
1
,
sizeof
(
struct
dynsec__group
));
if
(
group
==
NULL
){
return
MOSQ_ERR_NOMEM
;
}
/* Group name */
if
(
json_get_string
(
j_group
,
"groupname"
,
&
groupname
,
false
)
!=
MOSQ_ERR_SUCCESS
){
mosquitto_free
(
group
);
continue
;
}
group
->
groupname
=
strdup
(
groupname
);
if
(
group
->
groupname
==
NULL
){
mosquitto_free
(
group
);
...
...
plugins/dynamic-security/roles.c
浏览文件 @
b76c3c78
...
...
@@ -220,10 +220,19 @@ static int dynsec_roles__acl_load(cJSON *j_acls, const char *key, struct dynsec_
cJSON_ArrayForEach
(
j_acl
,
j_acls
){
char
*
acltype
;
char
*
topic
;
json_get_string
(
j_acl
,
"acltype"
,
&
acltype
,
false
);
if
(
!
acltype
||
strcasecmp
(
acltype
,
key
)
!=
0
){
json_get_string
(
j_acl
,
"topic"
,
&
topic
,
false
);
if
(
!
acltype
||
strcasecmp
(
acltype
,
key
)
!=
0
||
!
topic
){
continue
;
}
HASH_FIND
(
hh
,
*
acllist
,
topic
,
strlen
(
topic
),
acl
);
if
(
acl
){
continue
;
}
acl
=
mosquitto_calloc
(
1
,
sizeof
(
struct
dynsec__acl
));
if
(
acl
==
NULL
){
return
1
;
...
...
@@ -237,11 +246,7 @@ static int dynsec_roles__acl_load(cJSON *j_acls, const char *key, struct dynsec_
acl
->
allow
=
allow
;
}
char
*
topic
;
if
(
json_get_string
(
j_acl
,
"topic"
,
&
topic
,
false
)
==
MOSQ_ERR_SUCCESS
){
acl
->
topic
=
mosquitto_strdup
(
topic
);
}
acl
->
topic
=
mosquitto_strdup
(
topic
);
if
(
acl
->
topic
==
NULL
){
mosquitto_free
(
acl
);
continue
;
...
...
@@ -270,17 +275,21 @@ int dynsec_roles__config_load(cJSON *tree)
cJSON_ArrayForEach
(
j_role
,
j_roles
){
if
(
cJSON_IsObject
(
j_role
)
==
true
){
role
=
mosquitto_calloc
(
1
,
sizeof
(
struct
dynsec__role
));
if
(
role
==
NULL
){
return
MOSQ_ERR_NOMEM
;
}
/* Role name */
char
*
rolename
;
if
(
json_get_string
(
j_role
,
"rolename"
,
&
rolename
,
false
)
!=
MOSQ_ERR_SUCCESS
){
mosquitto_free
(
role
);
continue
;
}
role
=
dynsec_roles__find
(
rolename
);
if
(
role
){
continue
;
}
role
=
mosquitto_calloc
(
1
,
sizeof
(
struct
dynsec__role
));
if
(
role
==
NULL
){
return
MOSQ_ERR_NOMEM
;
}
role
->
rolename
=
mosquitto_strdup
(
rolename
);
if
(
role
->
rolename
==
NULL
){
mosquitto_free
(
role
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录