Mosquitto is an open source (EPL/EDL licensed) message broker that implements the MQTT protocol versions 3.1 and 3.1.1. MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "Internet of Things" messaging such as with low power sensors or mobile devices such as phones, embedded computers or microcontrollers like the Arduino.

Mosquitto is an iot.eclipse.org project

The first round of the logo contest has closed and we now need to shortlist 6 designers. A selection of 20 logos have been chosen out of the 100 entrants and you are invited to vote on them and make comments. If you like a particular logo but not the colour, or like an idea behind the logo but not another element then please say so.

The links for voting (please do look at them all) are:

https://en.99designs.fr/logo-design/vote-d8v9u9

https://en.99designs.fr/logo-design/vote-xlduhg

https://99designs.fr/logo-design/vote-n4ynig

Logo contest

We have initiated a paid contest to create a new logo for the Mosquitto project.

If you have graphics design skills or know someone who has,  please head over to the link below to see the design brief and submit your idea.

http://en.99designs.de/logo-design/contests/create-logo-eclipse-mosquitto-open-source-server-internet-605670/brief

 

Repository moved to github

The mosquitto repository is now hosted on github: https://github.com/eclipse/mosquitto This is now the canonical location for mosquitto development work.

Bug reports should also be made on github and the existing bug reports will be migrated over shortly.

The documentation still needs updating with the new location and processes, so please do be patient with regards that.

Contributions can now be made through a github pull request. If you want to contribute a bug fix, please base your work off the “fixes” branch, if you are developing a new feature please use the “develop” branch.

Here’s to a new stage in the mosquitto project!

Version 1.4.8 released

This is a security bugfix release. Any users of the “mount_point” feature are strongly advised to upgrade because versions prior to 1.4.8 allow clients to inject messages outside of their mount_point through the use of a Will.

Broker

  • Wills published by clients connected to a listener with mount_point defined
    now correctly obey the mount point. This was a potential security risk
    because it allowed clients to publish messages outside of their restricted
    mount point. This is only affects brokers where the mount_point option is in
    use. Closes #487178.
  • Fix detection of broken connections on Windows. Closes #485143.
  • Close stdin etc. when daemonised. Closes #485589.
  • Fix incorrect detection of FreeBSD and OpenBSD. Closes #485131.

Client library

  • mosq->want_write should be cleared immediately before a call to SSL_write,
    to allow clients using mosquitto_want_write() to get accurate results.

test6.mosquitto.org

Thanks to a short discussion on irc, test6.mosquitto.org now exists. This is a DNS entry that points to the same address as test.mosquitto.org, but only with an AAAA record. This means that test6.mosquitto.org can be used to test clients using IPv6 and to be sure that IPv6 is actually being used.

Version 1.4.7 released

This is a bugfix release. The changes below include the changes for 1.4.6, which wasn’t announced.

Broker

  • Add support for libwebsockets 1.6.

Client library

  • Fix _mosquitto_socketpair() on Windows, reducing the chance of delays when
    publishing. Closes #483979.

Clients

  • Fix “mosquitto_pub -l” stripping the final character on a line. Closes
    #483981.

If you want to use TLS certificates you’ve generated using the Let’s Encrypt service, this is how you should configure your listener (replace “example.com” with your own domain of course):

First you need a copy of the root certificate. This will either be the ISRG Root X1, or IdenTrust DST Root CA X3. You need to check which of these root CAs signed the intermediate certificate you are using:

openssl x509 -in /etc/letsencrypt/live/example.com/chain.pem -noout -issuer

If your intermediate was issued by the ISRG root then use:

wget https://letsencrypt.org/certs/isrgrootx1.pem

Otherwise you should go to https://www.identrust.com/certificates/trustid/root-download-x3.html to get the DST root certificate. Open a text editor, and paste the contents from that link, surrounding the text with the BEGIN and END lines as below:

-----BEGIN CERTIFICATE-----

pasted content goes here

-----END CERTIFICATE-----

Then, each time after your script to automatically generate your certificates runs you should also run:

cat /etc/letsencrypt/live/example.com/chain.pem /etc/letsencrypt/<your root>.pem > /etc/letsencrypt/live/example.com/chain-ca.pem

Then use the following for your mosquitto.conf:

listener 8883
cafile /etc/letsencrypt/live/example.com/chain-ca.pem
certfile /etc/letsencrypt/live/example.com/cert.pem
keyfile /etc/letsencrypt/live/example.com/privkey.pem

You need to be aware that current versions of mosquitto never update listener settings when running, so when you regenerate the server certificates you will need to completely restart the broker.

Version 1.4.5 released

This is a bugfix release:

Broker

  • Fix possible memory leak if bridge using SSL attempts to connect to a host that is not up.
  • Free unused topic tree elements (fix in 1.4.3 was incomplete). Closes
    #468987.

Clients

  • “mosquitto_pub -l” now no longer limited to 1024 byte lines. Closes #478917.

Version 1.4.4 released

This is a bugfix release.

  • Don’t leak sockets when outgoing bridge with multiple addresses cannot connect. Closes #477571.
  • Fix cross compiling of websockets. Closes #475807.
  • Fix memory free related crashes on openwrt and FreeBSD. Closes #475707.
  • Fix excessive calls to message retry check.

Version 1.4.3 released

This is a bugfix release.

Broker

  • Fix incorrect bridge notification on initial connection. Closes #467096.
  • Build fixes for OpenBSD.
  • Fix incorrect behaviour for autosave_interval, most noticable for autosave_interval=1. Closes #465438.
  • Fix handling of outgoing QoS>0 messages for bridges that could not be sent because the bridge connection was down.
  • Free unused topic tree elements. Closes #468987.
  • Fix some potential memory leaks. Closes #470253.
  • Fix potential crash on libwebsockets error.

Client library

  • Add missing error strings to mosquitto_strerror.
  • Handle fragmented TLS packets without a delay. Closes #470660.
  • Fix incorrect loop timeout being chosen when using threaded interface and keepalive = 0. Closes #471334.
  • Increment inflight messages count correctly. Closes #474935.

Clients

  • Report error string on connection failure rather than error code.