Archive for 'Releases'

Version 1.4.2 released

This is a bugfix release.

Broker

  • Fix bridge prefixes only working for the first outgoing message. Closes #464437.
  • Fix incorrect bridge connection notifications on local broker.
  • Fix persistent db writing on Windows. Closes #464779.
  • ACLs are now checked before sending a will message.
  • Fix possible crash when using bridges on Windows. Closes #465384.
  • Fix parsing of auth_opt_ arguments with extra spaces/tabs.
  • Broker will return CONNACK rc=5 when a username/password is not authorised. This was being incorrectly set as rc=4.
  • Fix handling of payload lengths>4096 with websockets.

Client library

  • Inflight message count wasn’t being decreased for outgoing messages using QoS 2, meaning that only up to 20 QoS 2 messages could be sent. This has been fixed. Closes #464436.
  • Fix CMake dependencies for C++ wrapper building. Closes #463884.
  • Fix possibility of select() being called with a socket that is >FD_SETSIZE. This is a fix for #464632 that will be followed up by removing the select() call in a future version.
  • Fix calls to mosquitto_connect*_async() not completing.

Version 1.4.1 released

This is a bugfix and security release. Users of mosquitto 1.4 are strongly advised to upgrade. Upgrading from earlier versions is recommended but not as important.

Broker

  • Fix possible crash under heavy network load. Closes #463241. This bug only affects version 1.4.
  • Fix possible crash when using pattern ACLs.
  • Fix problems parsing config strings with multiple leading spaces. Closes #462154.
  • Websockets clients are now periodically disconnected if they have not maintained their keepalive timer. Closes #461619.
  • Fix possible minor memory leak on acl parsing.

Client library

  • Inflight limits should only apply to outgoing messages. Closes #461620.
  • Fix reconnect bug on Windows. Closes #463000.
  • Return -1 on error from mosquitto_socket(). Closes #461705.
  • Fix crash on multiple calls to mosquitto_lib_init/mosquitto_lib_cleanup. Closes #462780.
  • Allow longer paths on Windows. Closes #462781.
  • Make _mosquitto_mid_generate() thread safe. Closes #463479.

Version 1.4 released

This is a feature release and is also the first release of the mosquitto project from the Eclipse Foundation umbrella. The code is now dual licenced under the EPL/EDL. The EDL and BSD 3 clause license are essentially identical so if you were happy with the BSD license then you should be happy with the EDL.

Files distributed will remain in the same place but will in some cases also be available on the Eclipse download servers.

Important changes

  • Websockets support in the broker.
  • Bridge behaviour on the local broker has changed due to the introduction of the local_* options. This may affect you if you are using authentication  and/or ACLs with bridges.
  • The default TLS behaviour has changed to accept all of TLS v1.2, v1.1 and v1.0, rather than only one version of the protocol. It is still possible to restrict a listener to a single version of TLS.
  • The Python client has been removed now that the Eclipse Paho Python client has had a release.
  • When a durable client reconnects, its queued messages are now checked against ACLs in case of a change in username/ACL state since it last connected.
  • New use_username_as_clientid option on the broker, for preventing hijacking of a client id.
  • The client library and clients now have experimental SOCKS5 support.
  • Wildcard TLS certificates are now supported for bridges and clients.
  • The clients have support for config files with default options.
  • Client and client libraries have support for MQTT v3.1.1.
  • Bridge support for MQTT v3.1.1.

Broker

  • Websockets support in the broker.
  • Add local_clientid, local_username, local_password for bridge connections to authenticate to the local broker.
  • Default TLS mode now accepts TLS v1.2, v1.1 and v1.0.
  • Support for ECDHE-ECDSA family ciphers.
  • Fix bug #1324411, which could have had unexpected consequences for delayed messages in rare circumstances.
  • Add support for “session present” in CONNACK messages for MQTT v3.1.1.
  • Remove strict protocol #ifdefs.
  • Change $SYS/broker/clients/active -> $SYS/broker/clients/connected
  • Change $SYS/broker/clients/inactive -> $SYS/broker/clients/disconnected
  • When a durable client reconnects, its queued messages are now checked against ACLs in case of a change in username/ACL state since it last connected.
  • libuuid is used to generate client ids, where it is available, when an MQTT v3.1.1 client connects with a zero length client id.
  • Anonymous clients are no longer accidently disconnected from the broker after a SIGHUP.
  • mosquitto_passwd now supports -b (batch mode) to allow the password to be provided at the command line.
  • Removed $SYS/broker/changeset. This was intended for use with debugging, but in practice is of no use.
  • Add support for use_username_as_clientid which can be used with authentication to restrict ownership of client ids and hence prevent one client disconnecting another by using the same client id.
  • When “require_certificate” was false, the broker was incorrectly asking for a certificate (but not checking it). This caused problems with some clients and has been fixed so the broker no longer asks.
  • When using syslog logging on non-Windows OSs, it is now possible to specify the logging facility to one of local0-7 instead of the default “daemon”.
  • The bridge_attempt_unsubscribe option has been added, to allow the sending of UNSUBSCRIBE requests to be disabled for topics with “out” direction. Closes bug #456899.
  • Wildcard TLS certificates are now supported for bridges.
  • Support for “hour” client expiration lengths for the persistent_client_expiration option. Closes bug #425835.
  • Bridge support for MQTT v3.1.1.
  • Root privileges are now dropped after starting listeners and loading certificates/private keys, to allow private keys to have their permissions restricted to the root user only. Closes bug #452914.
  • Usernames and topics given in ACL files can now include a space. Closes bug #431780.
  • Fix hang if pattern acl contains a %u but an anonymous client connect. Closes bug #455402.
  • Fix man page installation with cmake. Closes bug #458843.
  • When using “log_dest file” the output file is now flushed periodically.

Clients

  • Both clients can now load default configuration options from a file.
  • Add -C option to mosquitto_sub to allow the client to quit after receiving a certain count of messages. Closes bug #453850.
  • Add –proxy SOCKS5 support for both clients.
  • Pub client supports setting its keepalive. Closes bug #454852.
  • Add support for config files with default options.
  • Add support for MQTT v3.1.1.

Client library

  • Add experimental SOCKS5 support.
  • mosquitto_loop_forever now quits after a fatal error, rather than blindly retrying.
  • SRV support is now not compiled in by default.
  • Wildcard TLS certificates are now supported.
  • mosquittopp now has a virtual destructor. Closes bug #452915.
  • Add support for MQTT v3.1.1.
  • Don’t quit mosquitto_loop_forever() if broker not available on first connect. Closes bug #453293, but requires more work.

Dependencies

This release introduces two new dependencies, libwebsockets and libuuid. Both are optional. libuuid comes from the e2fsprogs project and allows the broker to generate random client ids for MQTT v.3.1.1. The libwebsockets dependency can use either libwebsockets 1.3 or 1.2.x, with 1.3 being the preferred choice.

Version 1.3.5 released

This is a bugfix release.

Broker

  • Fix possible memory leak when using a topic that has a leading slash. Fixes bug #1360985.
  • Fix saving persistent database on Windows.
  • Temporarily disable ACL checks on subscriptions when using MQTT v3.1.1. This is due to the complexity of checking wildcard ACLs against wildcard subscriptions. This does not have a negative impact on security because checks are still made before a message is sent to a client. Fixes bug #1374291.
  • When using -v and the broker receives a SIGHUP, verbose logging was being
    disabled. This has been fixed.

Client library

  • Fix mutex being incorrectly passed by value. Fixes bug #1373785.

Version 1.3.3 released

This is a bugfix release.

Broker

  • Fix incorrect handling of anonymous bridges on the local broker.

Binaries will follow shortly.

Version 1.3.2 released

This is a security and bugfix release.

Security

A bug in the way that mosquitto handles authentication plugins has been identified. When using a plugin for authentication purposes, if the plugin returns MOSQ_ERR_UNKNOWN when making an authentication check, as might happen if a database was unavailable for example, then mosquitto incorrectly treats this as a successful authentication. This has the potential for unauthorised clients to access the running mosquitto broker and gain access to information to which they are not authorised. This is an important update for users of authentication plugins in mosquitto.

Broker

  • Don’t allow access to clients when authenticating if a security plugin returns an application error. Fixes bug #1340782.
  • Ensure that bridges verify certificates by default when using TLS.
  • Fix possible crash when using pattern ACLs that do not include a %u and clients that connect without a username.
  • Fix subscriptions being deleted when clients subscribed to a topic beginning with a $ but that is not $SYS.
  • When a durable client reconnects, its queued messages are now checked against ACLs in case of a change in username/ACL state since it last connected.
  • Anonymous clients are no longer accidently disconnected from the broker after a SIGHUP.
  • Fix bug #1324411, which could have had unexpected consequences for delayed messages in rare circumstances.

Client library

  • Fix topic matching edge case.
  • Fix callback deadlocks after calling mosquitto_disconnect(), when using the threaded interfaces. Closes bug #1313725.
  • Fix SRV support when building with CMake.

General

  • Use $(STRIP) for stripping binaries when installing, to allow easier cross compilation.

Version 1.3.1 released

This is a bugfix release:

Broker

  • Prevent possible crash on client reconnect. Closes bug #1294108.
  • Don’t accept zero length unsubscription strings (MQTT v3.1.1 fix)
  • Don’t accept QoS 3 (MQTT v3.1.1 fix)
  • Don’t disconnect clients immediately on HUP to give chance for all data to be read.
  • Reject invalid un/subscriptions e.g. foo/+bar #/bar.
  • Take more care not to disconnect clients that are sending large messages.

Client library

  • Fix socketpair code on the Mac.
  • Fix compilation for WITH_THREADING=no.
  • Break out of select() when calling mosquitto_loop_stop().
  • Reject invalid un/subscriptions e.g. foo/+bar #/bar.

Clients

  • Fix keepalive value on mosquitto_pub.
  • Fix possibility of mosquitto_pub not exiting after sending messages when using -l.

Version 1.3 released

This is a feature and bugfix release. It is the final release, with the possible exception of bugfixes, outside of the Eclipse mosquitto project. The main reason for this release is to bring support for the current MQTT v3.1.1 draft ahead (just) of the MQTT interoperability testing day.

Broker

  • The broker no longer ignores the auth_plugin_init() return value.
  • Accept SSLv2/SSLv3 HELLOs when using TLSv1, whilst keeping SSLv2 and SSLv3 disabled. This increases client compatibility without sacrificing security.
  • The $SYS tree can now be disabled at runtime as well as at compile time.
  • When remapping bridged topics, only check for matches when the message direction is correct. This allows two identical topics to be remapped differently for both in and out.
  • Change “$SYS/broker/heap/current size” to “$SYS/broker/heap/current” for easier parsing.
  • Change “$SYS/broker/heap/maximum size” to “$SYS/broker/heap/maximum” for easier parsing.
  • Topics are no longer normalised from e.g a///topic to a/topic. This matches the behaviour as clarified by the Oasis MQTT spec. This will lead to unexpected behaviour if you were using topics of this form.
  • Log when outgoing messages for a client begin to drop off the end of the queue.
  • Bridge clients are recognised as bridges even after reloading from persistence.
  • Basic support for MQTT v3.1.1. This does not include being able to bridge to an MQTT v3.1.1 broker.
  • Username is displayed in log if present when a client connects.
  • Support for 0 length client ids (v3.1.1 only) that result in automatically generated client ids on the broker (see option allow_zero_length_clientid).
  • Ability to set the prefix of automatically generated client ids (see option auto_id_prefix).
  • Add support for TLS session resumption.
  • When using TLS, the server now chooses the cipher to use when negotiating with the client.
  • Weak TLS ciphers are now disabled by default.

Client library

  • Fix support for Python 2.6, 3.0, 3.1.
  • Add support for un/subscribing to multiple topics at once in un/subscribe().
  • Clients now close their socket after sending DISCONNECT.
  • Python client now contains its version number.
  • C library mosquitto_want_write() now supports TLS clients.
  • Fix possible memory leak in C/C++ library when communicating with a broker that doesn’t follow the spec.
  • Return strerror() through mosquitto_strerror() to make error printing easier.
  • Topics are no longer normalised from e.g a///topic to a/topic. This matches the behaviour as clarified by the Oasis MQTT spec. This will lead to unexpected behaviour if you were using topics of this form.
  • Add support for SRV lookups.
  • Break out of select() on publish(), subscribe() etc. when using the threaded interface. Fixes bug #1270062.
  • Handle incoming and outgoing messages separately. Fixes bug #1263172.
  • Don’t terminate threads on mosquitto_destroy() when a client is not using the threaded interface but does use their own thread. Fixes bug #1291473.

Clients

  • Add –ciphers to allow specifying which TLS ciphers to support.
  • Add support for SRV lookups.
  • Add -N to sub client to suppress printing of EOL after the payload.
  • Add -T to sub client to suppress printing of a topic hierarchy.

Version 1.2.2 released

This is a bugfix release:

Broker

  • Fix compliance with max_inflight_messages when a non-clean session client reconnects. Closes one of the issues on bug #1237389.

Client library

  • Fix incorrect inflight message accounting, which caused messages to go unsent. Partial fix for bug #1237351.
  • Fix potential memory corruption when sending QoS>0 messages at a high rate using the threaded interface. Further fix for #1237351.
  • Fix incorrect delay scaling when exponential_backoff=true in mosquitto_reconnect_delay_set().
  • Some pep8 fixes for Python.

Version 1.2.1 released

This is a bugfix release.

Broker:

  • The broker no longer ignores the auth_plugin_init() return value. Closes  bug #1215084.
  • Use RTLD_GLOBAL when opening authentication plugins on posix systems. Fixes resolving of symbols in libraries used by authentication plugins.
  • Add/fix some config documentation.
  • Fix ACLs for topics with $SYS.
  • Clients loaded from the persistence file on startup were not being added to the client hash, causing subtle problems when the client reconnected, including ACLs failing. This has been fixed.
  • Add note to mosquitto-tls man page stating that certificates need to be unique. Closes bug #1221285.
  • Fix incorrect retained message delivery when using wildcard subs in some circumstances. Fixes bug #1226040.

Client library

  • Fix support for Python 2.6, 3.0, 3.1.
  • Fix TLS subjectAltName verification and segfaults.
  • Handle EAGAIN in Python on Windows. Closes bug #1220004.
  • Fix compilation when using WITH_TLS=no.
  • Don’t fail reconnecting in Python when broker is temporarily unavailable.