Commits

Roger Light committed e72962d

Packaging for debian 0.15-2.

Comments (0)

Files changed (5)

+mosquitto (0.15-2) unstable; urgency=low
+
+  * Fix broker crash when a client connects with a bad protocol version.
+    (Closes: #696889)
+  * Fix the possibility of topic access being granted when only acl_patterns
+    is in use. (Closes: #696895)
+  * Fix persistence option reloading. (Closes: #696891)
+
+ -- Roger A. Light <roger@atchoo.org>  Fri, 28 Dec 2012 22:55:03 +0000
+
 mosquitto (0.15-1) unstable; urgency=low
 
   * New upstream release: http://mosquitto.org/2012/02/version-0-15-released/

debian/patches/bug-acl-patterns.patch

+Description: Fix the possibility of topic access being granted when only acl_patterns is in use.
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696895
+Author: Roger Light <roger@atchoo.org>
+Forwarded: not-needed
+Origin: upstream, https://bitbucket.org/oojah/mosquitto/commits/e94254158103f8125e50b7b2fd8c292027da0354
+--- a/src/security.c
++++ b/src/security.c
+@@ -283,7 +283,7 @@
+ 	struct _mosquitto_acl *acl_root, *acl_tail;
+ 
+ 	if(!db || !context || !topic) return MOSQ_ERR_INVAL;
+-	if(!db->acl_list) return MOSQ_ERR_SUCCESS;
++	if(!db->acl_list && !db->acl_patterns) return MOSQ_ERR_SUCCESS;
+ 	if(!context->acl_list && !db->acl_patterns) return MOSQ_ERR_ACL_DENIED;
+ 
+ 	if(context->acl_list){

debian/patches/bug-persistence-reloading.patch

+Description: Fix persistence option reloading.
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696891
+Author: Roger Light <roger@atchoo.org>
+Forwarded: not-needed
+Origin: upstream, https://bitbucket.org/oojah/mosquitto/commits/12bc254794c07b348e709a459b4fe7286ccf9470
+--- a/src/conf.c
++++ b/src/conf.c
+@@ -602,10 +602,8 @@
+ 				}else if(!strcmp(token, "persistence") || !strcmp(token, "retained_persistence")){
+ 					if(_conf_parse_bool(&token, token, &config->persistence)) return MOSQ_ERR_INVAL;
+ 				}else if(!strcmp(token, "persistence_file")){
+-					if(reload) continue; // FIXME
+ 					if(_conf_parse_string(&token, "persistence_file", &config->persistence_file)) return MOSQ_ERR_INVAL;
+ 				}else if(!strcmp(token, "persistence_location")){
+-					if(reload) continue; // FIXME
+ 					if(_conf_parse_string(&token, "persistence_location", &config->persistence_location)) return MOSQ_ERR_INVAL;
+ 				}else if(!strcmp(token, "pid_file")){
+ 					if(reload) continue; // pid file not valid for reloading.

debian/patches/bug-proto-number.patch

+Description: Fix crash and simple DoS if an invalid protocol version is provided by a client.
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696889
+Author: Roger Light <roger@atchoo.org>
+Forwarded: not-needed
+Origin: upstream, https://bitbucket.org/oojah/mosquitto/commits/55ab9587dcd575f8434fc22b141b40978158afd3
+--- a/src/read_handle_server.c
++++ b/src/read_handle_server.c
+@@ -90,7 +90,6 @@
+ 			_mosquitto_log_printf(NULL, MOSQ_LOG_INFO, "Invalid protocol version %d in CONNECT from %s.",
+ 					protocol_version, context->address);
+ 		}
+-		_mosquitto_free(protocol_name);
+ 		_mosquitto_send_connack(context, 1);
+ 		mqtt3_context_disconnect(db, context_index);
+ 		return MOSQ_ERR_PROTOCOL;

debian/patches/series

 fix-prefix.patch
 mosquitto.conf.patch
 enable-libwrap.patch
+bug-proto-number.patch
+bug-persistence-reloading.patch
+bug-acl-patterns.patch