This is a bugfix and security release.
Version 1.5.4 changes
- When using a TLS enabled websockets listener with
require_certificateenabled, the mosquitto broker does not correctly verify client certificates. This is now fixed. All other security measures operate as expected, and in particular non-websockets listeners are not affected by this. Closes #996.
- Process all pending messages even when a client has disconnected. This means a client that send a PUBLISH then DISCONNECT quickly, then disconnects will have its DISCONNECT message processed properly and so no Will will be sent. Closes #7.
- $SYS/broker/clients/disconnected should never be negative. Closes #287.
- Give better error message if a client sends a password without a username. Closes #1015.
- Fix bridge not honoring
restart_timeout. Closes #1019.
- Don't disconnect a client if an auth plugin denies access to SUBSCRIBE. Closes #1016.
- Fix memory leak that occurred if
mosquitto_reconnect()was used when TLS errors were present. Closes #592.
- Fix TLS connections when using an external event loop with
mosquitto_write(). Closes #990.