Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Difference between revisions of "Mosquitto/AuthenticationReview"
(ACL check proposal) |
|||
Line 54: | Line 54: | ||
==== Proposed ACL check function ==== | ==== Proposed ACL check function ==== | ||
− | int mosquitto_auth_acl_check(const struct mosquitto *context, void *user_data, int access, const char *username, const char *topic, int qos, long payloadlen, const void *payload, | + | int mosquitto_auth_acl_check(const struct mosquitto *context, void *user_data, int access, const char *username, const char *topic, int qos, long payloadlen, const void *payload, bool *retain); |
This adds the opaque <code>struct mosquitto *context</code> which can be used to get more client information with appropriate functions. | This adds the opaque <code>struct mosquitto *context</code> which can be used to get more client information with appropriate functions. | ||
Line 64: | Line 64: | ||
Function would be called as follows: | Function would be called as follows: | ||
− | + | bool acl_retain = msg->retain; | |
rc = mosquitto_auth_acl_check(context, plugin->user_data, MOSQ_ACL_WRITE, context->username, msg->topic, msg->qos, msg->payloadlen, msg->payload, &acl_retain); | rc = mosquitto_auth_acl_check(context, plugin->user_data, MOSQ_ACL_WRITE, context->username, msg->topic, msg->qos, msg->payloadlen, msg->payload, &acl_retain); | ||
− | final_retain = msg->retain & acl_retain; | + | final_retain = msg->retain && acl_retain; |
Line 73: | Line 73: | ||
Function would be called as follows: | Function would be called as follows: | ||
− | + | bool acl_retain = msg->retain; | |
rc = mosquitto_auth_acl_check(context, plugin->user_data, MOSQ_ACL_READ, context->username, msg->topic, msg->qos, msg->payloadlen, msg->payload, &acl_retain); | rc = mosquitto_auth_acl_check(context, plugin->user_data, MOSQ_ACL_READ, context->username, msg->topic, msg->qos, msg->payloadlen, msg->payload, &acl_retain); | ||
− | final_retain = msg->retain & acl_retain; | + | final_retain = msg->retain && acl_retain; |
Latest revision as of 05:36, 2 July 2015
Contents
Related bugs
- Allow restricting of CNs when using TLS for authentication
- Publishing retain messages control
- Explicit subscription control on plugin
- mosquitto_topic_matches_sub() ought to know username and clientid
- Support multiple authentication plugins
- CRLs need to be easily reloadable
- Add option to use full certificate subject as username
Discussion
The plugin currently has access to the following parameters:
- Username
- Password
- PSK hint
- PSK identity
- PSK key
What information should an authentication/access control plugin have access to?
- Username
- Password
- Network address
- Network port
- Client ID
- Certificate details
- PSK hint
- PSK identity
- PSK key
- Message information
- topic
- qos
- payload size
- retained status
- Subscription topic
ACL Checks
The broker currently makes ACL checks when a message is received from a client (MOSQ_ACL_WRITE), or when a message is about to be sent to a client (MOSQ_ACL_READ). The ACL check function looks like:
int mosquitto_auth_acl_check(void *user_data, const char *clientid, const char *username, const char *topic, int access);
The requirements for a new ACL check function are as follows:
- Control incoming messages
- Control outgoing messages
- Control subscriptions
- Have access to more client information
- Have access to message information
- Control retained message status (i.e. allow a message, but not as retained)
Proposed ACL check function
int mosquitto_auth_acl_check(const struct mosquitto *context, void *user_data, int access, const char *username, const char *topic, int qos, long payloadlen, const void *payload, bool *retain);
This adds the opaque struct mosquitto *context
which can be used to get more client information with appropriate functions.
It drops the clientid
argument, because this can be got from context
, and it is believed that username
is used in preference in the majority of cases.
It also adds the qos
, payloadlen
, payload
and retain
arguments to provide more information on the message. The retain
argument is a pointer so that the ACL check can decide to deny a message based on its retained status, or can accept the message but only as non-retained.
Scenario: Incoming message (client to broker)
Function would be called as follows:
bool acl_retain = msg->retain; rc = mosquitto_auth_acl_check(context, plugin->user_data, MOSQ_ACL_WRITE, context->username, msg->topic, msg->qos, msg->payloadlen, msg->payload, &acl_retain); final_retain = msg->retain && acl_retain;
Scenario: Outgoing message (broker to client)
Function would be called as follows:
bool acl_retain = msg->retain; rc = mosquitto_auth_acl_check(context, plugin->user_data, MOSQ_ACL_READ, context->username, msg->topic, msg->qos, msg->payloadlen, msg->payload, &acl_retain); final_retain = msg->retain && acl_retain;
Scenario: Subscription attempt
Function would be called as follows:
rc = mosquitto_auth_acl_check(context, plugin->user_data, MOSQ_ACL_SUBSCRIBE, NULL, subscription, qos, 0, NULL, NULL);