commit mosquitto for openSUSE:Factory
Hello community, here is the log from the commit of package mosquitto for openSUSE:Factory checked in at 2020-08-24 15:10:40 Comparing /work/SRC/openSUSE:Factory/mosquitto (Old) and /work/SRC/openSUSE:Factory/.mosquitto.new.3399 (New) Package is "mosquitto" Mon Aug 24 15:10:40 2020 rev:19 rq:828659 version:1.6.12 Changes: --- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2020-08-12 10:39:56.716393918 +0200 +++ /work/SRC/openSUSE:Factory/.mosquitto.new.3399/mosquitto.changes 2020-08-24 15:12:39.166673275 +0200 @@ -1,0 +2,22 @@ +Wed Aug 19 19:29:23 UTC 2020 - Martin Hauke + +- Update to version 1.6.12 + Security: + * In some circumstances, Mosquitto could leak memory when +handling PUBLISH messages. This is limited to incoming QoS 2 +messages, and is related to the combination of the broker +having persistence enabled, a clean session=false client, +which was connected prior to the broker restarting, then has +reconnected and has now sent messages at a sufficiently high +rate that the incoming queue at the broker has filled up and +hence messages are being dropped. This is more likely to have +an effect where max_queued_messages is a small value. +This has now been fixed. Closes #1793. + Broker: + * Build warning fixes when building with WITH_BRIDGE=no and +WITH_TLS=no. + Clients: + * All clients exit with an error exit code on CONNACK failure. + * Don't busy loop with `mosquitto_pub -l` on a slow connection. + +--- Old: mosquitto-1.6.11.tar.gz mosquitto-1.6.11.tar.gz.sig New: mosquitto-1.6.12.tar.gz mosquitto-1.6.12.tar.gz.sig Other differences: -- ++ mosquitto.spec ++ --- /var/tmp/diff_new_pack.386Y5o/_old 2020-08-24 15:12:41.062674199 +0200 +++ /var/tmp/diff_new_pack.386Y5o/_new 2020-08-24 15:12:41.062674199 +0200 @@ -20,7 +20,7 @@ %define c_lib libmosquitto1 %define cpp_lib libmosquittopp1 Name: mosquitto -Version:1.6.11 +Version:1.6.12 Release:0 Summary:A MQTT v3.1/v3.1.1 Broker License:EPL-1.0 ++ mosquitto-1.6.11.tar.gz -> mosquitto-1.6.12.tar.gz ++ 2326 lines of diff (skipped)
commit mosquitto for openSUSE:Factory
Hello community, here is the log from the commit of package mosquitto for openSUSE:Factory checked in at 2020-08-12 10:37:24 Comparing /work/SRC/openSUSE:Factory/mosquitto (Old) and /work/SRC/openSUSE:Factory/.mosquitto.new.3399 (New) Package is "mosquitto" Wed Aug 12 10:37:24 2020 rev:18 rq:825875 version:1.6.11 Changes: --- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2020-08-10 15:02:07.328131128 +0200 +++ /work/SRC/openSUSE:Factory/.mosquitto.new.3399/mosquitto.changes 2020-08-12 10:39:56.716393918 +0200 @@ -1,0 +2,35 @@ +Tue Aug 11 16:05:16 UTC 2020 - Martin Hauke + +- Update to version 1.6.11 + Broker: + * Fix usage message only mentioning v3.1.1. + * Fix broker refusing to start if only websockets listeners +were defined. + * Change systemd unit files to create /var/log/mosquitto before +starting. + * Don't quit with an error if opening the log file isn't +possible. + * Fix bridge topic remapping when using "" as the topic. + * Fix messages being queued for disconnected bridges when clean +start was set to true. + * Fix `autosave_interval` not being triggered by messages being +delivered. + * Fix websockets clients sometimes not being disconnected +promptly. + * Fix "slow" file based logging by switching to line based +buffering. + * Log protocol error message where appropriate from a bad +UNSUBSCRIBE, rather than the generic "socket error". + * Don't try to start DLT logging if DLT unavailable, to avoid a +long delay when shutting down the broker. + * Fix potential memory leaks. + * Fix clients not receiving messages after a previous client +with the same client ID and positive will delay interval quit. + * Fix overly broad HAVE_PTHREAD_CANCEL compile guard. + Client library: + * Improved documentation around connect callback return codes. + * Fix `mosquitto_publish*()` no longer returning +`MOSQ_ERR_NO_CONN` when not connected. + * `mosquitto_loop_start()` now sets a thread name on Linux + +--- Old: mosquitto-1.6.10.tar.gz mosquitto-1.6.10.tar.gz.sig New: mosquitto-1.6.11.tar.gz mosquitto-1.6.11.tar.gz.sig Other differences: -- ++ mosquitto.spec ++ --- /var/tmp/diff_new_pack.wiyl7l/_old 2020-08-12 10:39:59.656395377 +0200 +++ /var/tmp/diff_new_pack.wiyl7l/_new 2020-08-12 10:39:59.660395379 +0200 @@ -20,7 +20,7 @@ %define c_lib libmosquitto1 %define cpp_lib libmosquittopp1 Name: mosquitto -Version:1.6.10 +Version:1.6.11 Release:0 Summary:A MQTT v3.1/v3.1.1 Broker License:EPL-1.0 ++ mosquitto-1.6.10.tar.gz -> mosquitto-1.6.11.tar.gz ++ 2319 lines of diff (skipped)
commit mosquitto for openSUSE:Factory
Hello community,
here is the log from the commit of package mosquitto for openSUSE:Factory
checked in at 2020-08-10 15:00:43
Comparing /work/SRC/openSUSE:Factory/mosquitto (Old)
and /work/SRC/openSUSE:Factory/.mosquitto.new.3399 (New)
Package is "mosquitto"
Mon Aug 10 15:00:43 2020 rev:17 rq:825183 version:1.6.10
Changes:
--- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2020-06-02
14:42:13.224200636 +0200
+++ /work/SRC/openSUSE:Factory/.mosquitto.new.3399/mosquitto.changes
2020-08-10 15:02:07.328131128 +0200
@@ -1,0 +2,13 @@
+Sun Aug 2 18:14:23 UTC 2020 - Martin Hauke
+
+- Lets always build with support for systemd and websockets and
+ drop all the related ifdef's.
+- Run spec-cleaner.
+
+---
+Wed Jul 29 20:15:21 UTC 2020 - Martin Hauke
+
+- Fix for the apparmor profile to properly allow reading files
+ from /etc/mosquitto/conf.d/
+
+---
Other differences:
--
++ mosquitto.spec ++
--- /var/tmp/diff_new_pack.LXhfHO/_old 2020-08-10 15:02:11.528133345 +0200
+++ /var/tmp/diff_new_pack.LXhfHO/_new 2020-08-10 15:02:11.532133347 +0200
@@ -19,12 +19,6 @@
%define home%{_localstatedir}/lib/%{name}
%define c_lib libmosquitto1
%define cpp_lib libmosquittopp1
-%if 0%{?suse_version} > 1230 || 0%{?rhel_version} > 600 || 0%{?centos_version}
> 600 || 0%{?fedora_version} >= 20 ||
0%{?el7}%{?fc20}%{?fc21}%{?fc22}%{?fc23}%{?fc24}%{?fc25}
-%bcond_without systemd
-%else
-%bcond_with systemd
-%endif
-%bcond_without websockets
Name: mosquitto
Version:1.6.10
Release:0
@@ -44,17 +38,12 @@
BuildRequires: cmake
BuildRequires: gcc-c++
BuildRequires: libcares-devel
+BuildRequires: libwebsockets-devel
BuildRequires: openssl-devel >= 1.0.0
BuildRequires: tcpd-devel
BuildRequires: uthash-devel
Requires(pre): shadow
-%if %{with websockets}
-BuildRequires: libwebsockets-devel
-%endif
-%if %{with systemd}
-BuildRequires: pkgconfig(systemd)
-%{?systemd_requires}
-%endif
+%{?systemd_ordering}
%description
Mosquitto is a message broker that implements the
@@ -127,27 +116,20 @@
%build
%cmake \
- -DCMAKE_INSTALL_SYSCONFDIR=/etc \
- %if %{with websockets}
+ -DCMAKE_INSTALL_SYSCONFDIR=%{_sysconfdir} \
-DWITH_WEBSOCKETS=ON \
- %endif
-DUSE_LIBWRAP=OFF
-make
+%make_build
%install
%cmake_install
-%if %{with systemd}
-install -D -m 0644 %{SOURCE1} \
- %{buildroot}%{_unitdir}/%{name}.service
+install -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
-%endif
install -Dd -m 0750 %{buildroot}%{home}
chmod -R o= %{buildroot}%{_sysconfdir}/%{name}/
-%if 0%{?suse_version}
install -D -m 644 security/mosquitto.apparmor
%{buildroot}%{_sysconfdir}/apparmor.d/usr.sbin.mosquitto
install -D -m 755 -d
%{buildroot}%{_sysconfdir}/apparmor.d/local/
echo "# Site-specific additions and overrides for 'usr.sbin.mosquitto'" >
%{buildroot}%{_sysconfdir}/apparmor.d/local/usr.sbin.mosquitto
-%endif
install -D -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/mosquitto/conf.d/README
install -D -m 644 %{SOURCE5}
%{buildroot}%{_sysconfdir}/mosquitto/ca_certificates/README
install -D -m 644 %{SOURCE6} %{buildroot}%{_sysconfdir}/mosquitto/certs/README
@@ -155,43 +137,24 @@
%pre
getent group %{name} || %{_sbindir}/groupadd -r %{name}
getent passwd %{name} || %{_sbindir}/useradd -g %{name} -s /bin/false -r -c
"%{name}" -d %{home} %{name}
-# START BIG SYSTEMD
-%if %{with systemd}
-%if 0%{?suse_version}
+
%service_add_pre %{name}.service
-%endif
%preun
-%if 0%{?suse_version}
%service_del_preun %{name}.service
-%else
-%systemd_preun %{name}.service
-%endif
%post
-%if 0%{?suse_version}
%service_add_post %{name}.service
-%else
-%systemd_post %{name}.service
-%endif
%postun
-%if 0%{?suse_version}
%service_del_postun %{name}.service
-%else
-%systemd_postun_with_restart %{name}.service
-%endif
-%endif
-# /END BIG SYSTEMD
%post -n %{c_lib} -p /sbin/ldconfig
%postun -n %{c_lib} -p /sbin/ldconfig
-
%post -n %{cpp_lib} -p /sbin/ldconfig
%postun -n %{cpp_lib} -p /sbin/ldconfig
%files
-%defattr(-,root,root)
%license LICENSE.txt
%doc edl-v10 epl-v10
%doc CONTRIBUTING.md ChangeLog.txt readme.md *.html *.example
@@ -199,57 +162,47 @@
%config(noreplace) %attr(-,root,%{name}) %{_sysconfdir}/mosquitto/
%{_bindir}/mosquitto_passwd
%{_sbindir}/mosquitto
-%{_mandir}/man1/mosquitto_passwd.1%{ext_man}
-%{_mandir}/man5/mosquitto.conf.5%{ext_man}
-%{_mandir}/man7/mosquitto-tls.7%{ext_man}
-%{_mandir}/man7/mqtt.7%{ext_man}
-%{_mandir}/man8/mosquitto.8%{ext_man}
-%if %{with
commit mosquitto for openSUSE:Factory
Hello community, here is the log from the commit of package mosquitto for openSUSE:Factory checked in at 2020-06-02 14:41:22 Comparing /work/SRC/openSUSE:Factory/mosquitto (Old) and /work/SRC/openSUSE:Factory/.mosquitto.new.3606 (New) Package is "mosquitto" Tue Jun 2 14:41:22 2020 rev:16 rq:810719 version:1.6.10 Changes: --- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2020-03-01 21:28:49.428655176 +0100 +++ /work/SRC/openSUSE:Factory/.mosquitto.new.3606/mosquitto.changes 2020-06-02 14:42:13.224200636 +0200 @@ -1,0 +2,31 @@ +Tue May 26 06:36:17 UTC 2020 - Martin Hauke + +- Update to version 1.6.10 + Broker: + * Report invalid bridge prefix+pattern combinations at config +parsing time rather than letting the bridge fail later. + * Fix `mosquitto_passwd -b` not updating passwords for existing +users correctly. Creating a new user with `-b` worked without +problem. + * Fix memory leak when connecting clients rejected. + * Don't disconnect clients that are already disconnected. This +prevents the session expiry being extended on SIGHUP. + * Fix support for openssl 3.0. + * Fix check when loading persistence file of a different version +than the native version. + * Fix possible assert crash associated with bridge reconnecting +when compiled without epoll support. + Client library: + * Don't treat an unexpected PUBACK, PUBREL, or PUBCOMP as a +fatal error. + * Fix support for openssl 3.0. + * Fix memory leaks from multiple calls to +`mosquitto_lib_init()`/`mosquitto_lib_cleanup()`. + * Fix documentation on return code of `mosquitto_lib_init()` +for Windows. + Clients: + * Fix mosquitto_sub %j or %J not working on Windows. + Build: + * Various fixes for building with mosquitto-1.6.10.tar.gz ++ 3852 lines of diff (skipped)
commit mosquitto for openSUSE:Factory
Hello community,
here is the log from the commit of package mosquitto for openSUSE:Factory
checked in at 2020-03-01 21:28:20
Comparing /work/SRC/openSUSE:Factory/mosquitto (Old)
and /work/SRC/openSUSE:Factory/.mosquitto.new.26092 (New)
Package is "mosquitto"
Sun Mar 1 21:28:20 2020 rev:15 rq:780688 version:1.6.9
Changes:
--- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2020-01-24
13:13:26.081487805 +0100
+++ /work/SRC/openSUSE:Factory/.mosquitto.new.26092/mosquitto.changes
2020-03-01 21:28:49.428655176 +0100
@@ -1,0 +2,31 @@
+Sun Mar 1 09:34:15 UTC 2020 - Martin Hauke
+
+- Update to version 1.6.9
+ Broker:
+ * Fix session expiry with very large expiry intervals.
+ * Check ACL patterns for validity when loading.
+ * Use presence of password file as indicator for whether username
+checks should take place, not whether usernames are defined in
+the password file.
+ * Strip whitespace from end of config file string options.
+ * Satisfy valgrind when exiting on error due to not being able
+to open a listening socket, by calling freeaddrinfo.
+ * Fix config->user not being freed on exit.
+ * Fix trailing whitespace not being trimmed on acl users.
+ * Fix `bind_interface` not working for the default listener.
+ * Improve password file parsing in the broker and mosqitto_passwd.
+ * Print OpenSSL errors in more situations, like when loading
+certificates fails.
+ * Fix `mosquitto_client_protocol() returning incorrect values.
+ Client library:
+ * Set minimum keepalive argument to `mosquitto_connect*()` to be
+5 seconds.
+ * Fix `mosquitto_topic_matches_sub()` not returning
+MOSQ_ERR_INVAL if the topic contains a wildcard.
+ Clients:
+ * Fix `--remove-retained` not obeying the `-T` option for
+filtering out topics.
+ * Default behaviour for v5 clients using `-c` is now to use
+infinite length sessions, as with v3 clients.
+
+---
Old:
mosquitto-1.6.8.tar.gz
mosquitto-1.6.8.tar.gz.sig
New:
mosquitto-1.6.9.tar.gz
mosquitto-1.6.9.tar.gz.sig
Other differences:
--
++ mosquitto.spec ++
--- /var/tmp/diff_new_pack.PeO4vP/_old 2020-03-01 21:28:50.116656574 +0100
+++ /var/tmp/diff_new_pack.PeO4vP/_new 2020-03-01 21:28:50.116656574 +0100
@@ -1,7 +1,7 @@
#
# spec file for package mosquitto
#
-# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -26,7 +26,7 @@
%endif
%bcond_without websockets
Name: mosquitto
-Version:1.6.8
+Version:1.6.9
Release:0
Summary:A MQTT v3.1/v3.1.1 Broker
License:EPL-1.0
@@ -44,9 +44,9 @@
BuildRequires: cmake
BuildRequires: gcc-c++
BuildRequires: libcares-devel
-#BuildRequires: libuuid-devel
BuildRequires: openssl-devel >= 1.0.0
BuildRequires: tcpd-devel
+BuildRequires: uthash-devel
Requires(pre): shadow
%if %{with websockets}
BuildRequires: libwebsockets-devel
++ mosquitto-1.6.8.tar.gz -> mosquitto-1.6.9.tar.gz ++
6758 lines of diff (skipped)
commit mosquitto for openSUSE:Factory
Hello community,
here is the log from the commit of package mosquitto for openSUSE:Factory
checked in at 2020-01-24 13:12:28
Comparing /work/SRC/openSUSE:Factory/mosquitto (Old)
and /work/SRC/openSUSE:Factory/.mosquitto.new.26092 (New)
Package is "mosquitto"
Fri Jan 24 13:12:28 2020 rev:14 rq:766709 version:1.6.8
Changes:
--- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2019-12-02
11:33:20.990504352 +0100
+++ /work/SRC/openSUSE:Factory/.mosquitto.new.26092/mosquitto.changes
2020-01-24 13:13:26.081487805 +0100
@@ -1,0 +2,9 @@
+Wed Jan 22 22:03:28 UTC 2020 - James Oakley
+
+- Update apparmor profile to allow open of /etc/mosquitto/conf.d
+- Update default config to include files under /etc/mosquitto/conf.d
+ per the README in the directory
+- Add patch:
+ * mosquitto-1.6.8-config.patch
+
+---
New:
mosquitto-1.6.8-config.patch
Other differences:
--
++ mosquitto.spec ++
--- /var/tmp/diff_new_pack.YrWE42/_old 2020-01-24 13:13:27.361488319 +0100
+++ /var/tmp/diff_new_pack.YrWE42/_new 2020-01-24 13:13:27.361488319 +0100
@@ -1,7 +1,7 @@
#
# spec file for package mosquitto
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -40,6 +40,7 @@
Source5:README-ca_certificates
Source6:README-certs
Patch0: mosquitto-1.4.1_apparmor.patch
+Patch1: mosquitto-1.6.8-config.patch
BuildRequires: cmake
BuildRequires: gcc-c++
BuildRequires: libcares-devel
@@ -121,6 +122,7 @@
%prep
%setup -q
%patch0 -p1
+%patch1 -p1
find misc -type f -exec chmod a-x "{}" "+"
%build
++ mosquitto-1.4.1_apparmor.patch ++
--- /var/tmp/diff_new_pack.YrWE42/_old 2020-01-24 13:13:27.409488338 +0100
+++ /var/tmp/diff_new_pack.YrWE42/_new 2020-01-24 13:13:27.409488338 +0100
@@ -1,14 +1,20 @@
-Index: mosquitto-1.4.1/security/mosquitto.apparmor
-===
mosquitto-1.4.1.orig/security/mosquitto.apparmor
-+++ mosquitto-1.4.1/security/mosquitto.apparmor
+--- a/security/mosquitto.apparmor
b/security/mosquitto.apparmor
@@ -1,3 +1,5 @@
+#include
+
/usr/sbin/mosquitto {
#include
#include
-@@ -24,4 +26,5 @@
+@@ -6,6 +8,7 @@
+ /etc/mosquitto/mosquitto.conf r,
+ /etc/mosquitto/ca_certificates/* r,
+ /etc/mosquitto/certs/* r,
++ /etc/mosquitto/conf.d r,
+ /etc/mosquitto/conf.d/* r,
+ /var/lib/mosquitto/ r,
+ /var/lib/mosquitto/mosquitto.db rwk,
+@@ -24,4 +27,5 @@
/lib{,32,64}/libwrap.so* rm,
/etc/hosts.allow r,
/etc/hosts.deny r,
++ mosquitto-1.6.8-config.patch ++
--- mosquitto-1.6.8.orig/mosquitto.conf
+++ mosquitto-1.6.8/mosquitto.conf
@@ -985,4 +985,4 @@
# alphabetical order, with capital letters ordered first. If this option is
# given multiple times, all of the files from the first instance will be
# processed before the next instance. See the man page for examples.
-#include_dir
+include_dir /etc/mosquitto/conf.d
commit mosquitto for openSUSE:Factory
Hello community,
here is the log from the commit of package mosquitto for openSUSE:Factory
checked in at 2019-12-02 11:30:12
Comparing /work/SRC/openSUSE:Factory/mosquitto (Old)
and /work/SRC/openSUSE:Factory/.mosquitto.new.4691 (New)
Package is "mosquitto"
Mon Dec 2 11:30:12 2019 rev:13 rq:752520 version:1.6.8
Changes:
--- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2019-09-26
20:41:31.826494973 +0200
+++ /work/SRC/openSUSE:Factory/.mosquitto.new.4691/mosquitto.changes
2019-12-02 11:33:20.990504352 +0100
@@ -1,0 +2,41 @@
+Fri Nov 29 18:34:49 UTC 2019 - Martin Hauke
+
+- Update to version 1.6.8
+ Broker:
+ * Various fixes for `allow_zero_length_clientid` config, where
+this option was not being set correctly.
+ * Fix incorrect memory tracking causing problems with
+memory_limit option.
+ * Fix subscription topics being limited to 200 characters instead
+of 200 hierarchy levels.
+ * Only a single CRL could be loaded at once. This has been fixed.
+ * Fix problems with reloading config when `per_listener_settings`
+was true.
+ * Fix retained messages with an expiry interval not being expired
+after being restored from persistence.
+ * Fix messages with an expiry interval being sent without an
+expiry interval property just before they were expired.
+ * Fix TLS Websockets clients not receiving messages after taking
+over a previous connection.
+ * Fix MQTT 3.1.1 clients using clean session false, or MQTT 5.0
+clients using session-expiry-interval set to infinity never
+expiring, even when the global `persistent_client_expiration`
+option was set.
+ Client library:
+ * Fix publish properties not being passed to on_message_v5
+callback for QoS 2 messages.
+ * Fix documentation issues in mosquitto.h.
+ * Document `mosquitto_connect_srv()`.
+ Clients:
+ * Fix duplicate cfg definition in rr_client.
+ * Fix `mosquitto_pub -l` hang when stdin stream ends.
+ * Fix `mosquitto_pub -l` not sending the final line of stdin if
+it does not end with a new line.
+ * Make documentation for `mosquitto_pub -l` match reality - blank
+lines are sent as empty messages.
+ * Free memory in `mosquitto_sub` when quiting without having made
+a successful connection.
+- Drop patch:
+ * mosquitto-fix-pkgconf-path.patch (fixed upstream)
+
+---
Old:
mosquitto-1.6.7.tar.gz
mosquitto-1.6.7.tar.gz.sig
mosquitto-fix-pkgconf-path.patch
New:
mosquitto-1.6.8.tar.gz
mosquitto-1.6.8.tar.gz.sig
Other differences:
--
++ mosquitto.spec ++
--- /var/tmp/diff_new_pack.7dtqzu/_old 2019-12-02 11:33:21.850503954 +0100
+++ /var/tmp/diff_new_pack.7dtqzu/_new 2019-12-02 11:33:21.850503954 +0100
@@ -26,7 +26,7 @@
%endif
%bcond_without websockets
Name: mosquitto
-Version:1.6.7
+Version:1.6.8
Release:0
Summary:A MQTT v3.1/v3.1.1 Broker
License:EPL-1.0
@@ -40,7 +40,6 @@
Source5:README-ca_certificates
Source6:README-certs
Patch0: mosquitto-1.4.1_apparmor.patch
-Patch1: mosquitto-fix-pkgconf-path.patch
BuildRequires: cmake
BuildRequires: gcc-c++
BuildRequires: libcares-devel
@@ -122,7 +121,6 @@
%prep
%setup -q
%patch0 -p1
-%patch1 -p1
find misc -type f -exec chmod a-x "{}" "+"
%build
++ mosquitto-1.6.7.tar.gz -> mosquitto-1.6.8.tar.gz ++
3374 lines of diff (skipped)
commit mosquitto for openSUSE:Factory
Hello community, here is the log from the commit of package mosquitto for openSUSE:Factory checked in at 2019-09-26 20:41:27 Comparing /work/SRC/openSUSE:Factory/mosquitto (Old) and /work/SRC/openSUSE:Factory/.mosquitto.new.2352 (New) Package is "mosquitto" Thu Sep 26 20:41:27 2019 rev:12 rq:733249 version:1.6.7 Changes: --- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2019-09-23 12:39:42.765587304 +0200 +++ /work/SRC/openSUSE:Factory/.mosquitto.new.2352/mosquitto.changes 2019-09-26 20:41:31.826494973 +0200 @@ -1,0 +2,18 @@ +Wed Sep 25 20:42:16 UTC 2019 - Martin Hauke + +- Update to version 1.6.7 + Broker: + * Add workaround for working with libwebsockets 3.2.0. + * Fix potential crash when reloading config. + Client library: + * Don't use `/` in autogenerated client ids, to avoid confusing +with topics. + * Fix `mosquitto_max_inflight_messages_set()` and +`mosquitto_int_option(..., MOSQ_OPT_*_MAX, ...)` behaviour. + * Fix regression on use of `mosquitto_connect_async()` not working. + Clients: + * mosquitto_sub: Fix `-E` incorrectly not working unless `-d` was +also specified. + * Updated documentation around automatic client ids. + +--- Old: mosquitto-1.6.5.tar.gz mosquitto-1.6.5.tar.gz.sig New: mosquitto-1.6.7.tar.gz mosquitto-1.6.7.tar.gz.sig Other differences: -- ++ mosquitto.spec ++ --- /var/tmp/diff_new_pack.ti3yHP/_old 2019-09-26 20:41:32.574492975 +0200 +++ /var/tmp/diff_new_pack.ti3yHP/_new 2019-09-26 20:41:32.578492964 +0200 @@ -26,7 +26,7 @@ %endif %bcond_without websockets Name: mosquitto -Version:1.6.5 +Version:1.6.7 Release:0 Summary:A MQTT v3.1/v3.1.1 Broker License:EPL-1.0 ++ mosquitto-1.6.5.tar.gz -> mosquitto-1.6.7.tar.gz ++ 2183 lines of diff (skipped)
commit mosquitto for openSUSE:Factory
Hello community, here is the log from the commit of package mosquitto for openSUSE:Factory checked in at 2019-09-23 12:39:09 Comparing /work/SRC/openSUSE:Factory/mosquitto (Old) and /work/SRC/openSUSE:Factory/.mosquitto.new.7948 (New) Package is "mosquitto" Mon Sep 23 12:39:09 2019 rev:11 rq:732378 version:1.6.5 Changes: --- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2019-07-18 15:19:42.180151743 +0200 +++ /work/SRC/openSUSE:Factory/.mosquitto.new.7948/mosquitto.changes 2019-09-23 12:39:42.765587304 +0200 @@ -1,0 +2,128 @@ +Sat Sep 21 14:38:08 UTC 2019 - Martin Hauke + +- Update to version 1.6.5 + Fix CVE-2019-11779: + * In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT +client sends a SUBSCRIBE packet containing a topic that consists +of approximately 65400 or more '/' characters, i.e. the topic +hierarchy separator, then a stack overflow will occur. + Broker: + * Fix v5 DISCONNECT packets with remaining length == 2 being +treated as a protocol error. + * Fix support for libwebsockets 3.x. + * Fix slow websockets performance when sending large messages. + * Fix clients authorised using `use_identity_as_username` or +`use_subject_as_username` being disconnected on SIGHUP. + * Improve error messages in some situations when clients disconnect. +Reduces the number of "Socket error on client X, disconnecting" +messages. + * Fix Will for v5 clients not being sent if will delay interval was +greater than the session expiry interval. + * Fix CRL file not being reloaded on HUP. + Client library: + * Fix reconnect backoff for the situation where connections are +dropped rather than refused. + * Fix missing locks on `mosq->state`. + +- Update to version 1.6.4 + Fix CVE-2019-11778: + * If an MQTT v5 client connects to Eclipse Mosquitto versions 1.6.0 +to 1.6.4 inclusive, sets a last will and testament, sets a will +delay interval, sets a session expiry interval, and the will delay +interval is set longer than the session expiry interval, then a +use after free error occurs, which has the potential to cause a +crash in some situations. + Broker: + * Fix incoming QoS 2 messages being blocked when +`max_inflight_messages` was set to 1. + * Fix incoming messages not being removed for a client if the topic +being published to does not have any subscribers. + Client library: + * Fix MQTT v5 subscription options being incorrectly set for +MQTT v3 subscriptions. + * Make behaviour of `mosquitto_connect_async()` consistent with +`mosquitto_connect()` when connecting to a non-existent server. + * `mosquitto_string_option(mosq, MOSQ_OPT_TLS_KEYFORM, ...)` was +incorrectly returning `MOSQ_ERR_INVAL` with valid input. This has +been fixed. + * on_connect callback is now called with the correct v5 reason code +if a v5 client connects to a v3.x broker and is sent a CONNACK with +the "unacceptable protocol version" connack reason code. + * Fix memory leak when setting v5 properties in mosquitto_connect_v5(). + * Fix properties not being sent on QoS>0 PUBLISH messages. + Clients: + * mosquitto_pub: fix error codes not being returned when +mosquitto_pub exits. + * All clients: improve error messages when connecting to a v3.x broker +when in v5 mode. + Other: + - Various documentation fixes. + +- Update to version 1.6.3 + Broker: + * Fix detection of incoming v3.1/v3.1.1 bridges. + * Fix default max_topic_alias listener config not being copied to +the in-use listener when compiled without TLS support. + * Fix random number generation if compiling using `WITH_TLS=no` and +on Linux with glibc >= 2.25. Without this fix, no random numbers +would be generated for e.g. on broker client id generation, and so +clients connecting expecting this feature would be unable to connect. + * Fix compilation problem related to `getrandom()` on non-glibc systems. + * Fix Will message for a persistent client incorrectly being sent when the +client reconnects after a clean disconnect. + - Fix Will message for a persistent client not being sent on disconnect. + * Improve documentation around the upgrading of persistence files. + * Add 'extern "C"' on mosquitto_broker.h and mosquitto_plugin.h for +C++ plugin writing. + * Fix persistent Websockets clients not receiving messages after they +reconnect, having sent DISCONNECT on a previous session + * Disable TLS renegotiation. Client initiated renegotiation is considered to +be a potential attack vector against servers. + * Fix incorrect shared subscription topic '$shared'. + * Fix zero length client ids being rejected for MQTT v5 clients with clean +start set to true. + * Fix MQTT v5 overlapping subscription behaviour. Clients now
commit mosquitto for openSUSE:Factory
Hello community, here is the log from the commit of package mosquitto for openSUSE:Factory checked in at 2019-06-19 21:02:04 Comparing /work/SRC/openSUSE:Factory/mosquitto (Old) and /work/SRC/openSUSE:Factory/.mosquitto.new.4811 (New) Package is "mosquitto" Wed Jun 19 21:02:04 2019 rev:9 rq:706055 version:1.6.0 Changes: --- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2019-02-27 17:29:30.827312928 +0100 +++ /work/SRC/openSUSE:Factory/.mosquitto.new.4811/mosquitto.changes 2019-06-19 21:02:06.102173825 +0200 @@ -1,0 +2,80 @@ +Thu Apr 18 08:47:30 UTC 2019 - Martin Hauke + +- Update to version 1.6.0 + Broker features + * Add support for MQTT v5 + * Add support for OCSP stapling. + * Add support for ALPN on bridge TLS connections. + * Add support for Automotive DLT logging. + * Add TLS Engine support. + * Persistence file read/write performance improvements. + * General performance improvements. + * Add max_keepalive option, to allow a maximum keepalive value to +be set for MQTT v5 clients only. + * Add bind_interface option which allows a listener to be bound to +a specific network interface, in a similar fashion to the +bind_address option. Linux only. + * Add improved bridge restart interval based on Decorrelated Jitter. + * Add dhparamfile option, to allow DH parameters to be loaded for +Ephemeral DH support + * Disallow writing to $ topics where appropriate. + * Add explicit support for TLS v1.3. + * Drop support for TLS v1.0. + * Improved general support for broker generated client ids. +Removed libuuid dependency. + * auto_id_prefix now defaults to 'auto-'. + * QoS 1 and 2 flow control improvements. + Client library features + * Add support for MQTT v5 + * Add mosquitto_subscribe_multiple() for sending subscriptions to +multiple topics in one command. + * Add TLS Engine support. + * Add explicit support for TLS v1.3. + * Drop support for TLS v1.0. + * QoS 1 and 2 flow control improvements. + Client features + * Add support for MQTT v5 + * Add mosquitto_rr client, which can be used for "request-response" +messaging, by sending a request message and awaiting a response. + * Add TLS Engine support. + * Add support for ALPN on TLS connections. + * Add -D option for all clients to specify MQTT v5 properties. + * Add -E to mosquitto_sub, which causes it to exit immediately after +having its subscriptions acknowledged. Use with -c to create a +durable client session without requiring a message to be received. + * Add --remove-retained to mosquitto_sub, which can be used to clear +retained messages on a broker. + * Add --repeat and --repeat-delay to mosquitto_pub, which can be +used to repeat single message publishes at a regular interval. + * -V now accepts 5, 311, 31, as well as mqttv5 etc. + * Add explicit support for TLS v1.3. + * Drop support for TLS v1.0. + Broker fixes + * Improve error reporting when creating listeners. + * Fix mosquitto_passwd crashing on corrupt password file. + * Fix build on SmartOS due to missing IPV6_V6ONLY. + Client library fixes + * Add missing mosquitto_userdata() function. + Client fixes + * mosquitto_pub wouldn't always publish all messages when using -l +and QoS>0. This has been fixed. + * mosquitto_sub was incorrectly encoding special characters when +using %j output format. + +--- +Thu Feb 28 23:09:37 UTC 2019 - Martin Hauke + +- Update to version 1.5.8 + Broker: + * Fix clients being disconnected when ACLs are in use. This only +affects the case where a client connects using a username, and +the anonymous ACL list is defined but specific user ACLs are +not defined. + * Fix delayed bridge local subscriptions causing missing messages. + Library: + * Use higher resolution timer for random initialisation of client +id generation. + * Fix some Coverity Scan reported errors that could occur when the +library was already quitting. + +--- Old: mosquitto-1.5.7.tar.gz mosquitto-1.5.7.tar.gz.sig New: mosquitto-1.6.0.tar.gz mosquitto-1.6.0.tar.gz.sig Other differences: -- ++ mosquitto.spec ++ --- /var/tmp/diff_new_pack.Ony9Az/_old 2019-06-19 21:02:06.974174558 +0200 +++ /var/tmp/diff_new_pack.Ony9Az/_new 2019-06-19 21:02:06.978174561 +0200 @@ -27,7 +27,7 @@ %endif %bcond_without websockets Name: mosquitto -Version:1.5.7 +Version:1.6.0 Release:0 Summary:A MQTT v3.1/v3.1.1 Broker License:EPL-1.0 @@ -45,7 +45,7 @@ BuildRequires: cmake BuildRequires: gcc-c++ BuildRequires:
commit mosquitto for openSUSE:Factory
Hello community, here is the log from the commit of package mosquitto for openSUSE:Factory checked in at 2019-02-27 17:29:26 Comparing /work/SRC/openSUSE:Factory/mosquitto (Old) and /work/SRC/openSUSE:Factory/.mosquitto.new.28833 (New) Package is "mosquitto" Wed Feb 27 17:29:26 2019 rev:8 rq:679569 version:1.5.7 Changes: --- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2018-10-29 14:58:32.681987555 +0100 +++ /work/SRC/openSUSE:Factory/.mosquitto.new.28833/mosquitto.changes 2019-02-27 17:29:30.827312928 +0100 @@ -1,0 +2,126 @@ +Mon Feb 18 19:58:45 UTC 2019 - Martin Hauke + +- Use HTTPS for all URLs +- Verify source signature + +--- +Thu Feb 14 09:51:33 UTC 2019 - Martin Hauke + +- Update to version 1.5.7 + Broker: + - Ensure that an error occurs if `per_listener_settings true` is +given after other security options. + - Fix case where old unreferenced msg_store messages were being +saved to the persistence file, bloating its size unnecessarily. + Library: + - Fix `mosquitto_topic_matches_sub()` not returning MOSQ_ERR_INVAL +for invalid subscriptions like `topic/#abc`. This only affects +the return value, not the match/no match result, which was +already correct. + +--- +Wed Feb 13 21:14:36 UTC 2019 - Martin Hauke + +- Update to version 1.5.6 + Security: + * Fix CVE-2018-12551 (bsc#1125021): If Mosquitto is configured to +use a password file for authentication, any malformed data in +the password file will be treated as valid. This typically means +that the malformed data becomes a username and no password. +If this occurs, clients can circumvent authentication and get +access to the broker by using the malformed username. In +particular, a blank line will be treated as a valid empty username. +Other security measures are unaffected. Users who have only used +the mosquitto_passwd utility to create and modify their password +files are unaffected by this vulnerability. + * Fix CVE-2018-12550 (bsc#1125021): If an ACL file is empty, or +has only blank lines or comments, then mosquitto treats the ACL +file as not being defined, which means that no topic access is +denied. Although denying access to all topics is not a useful +configuration, this behaviour is unexpected and could lead +to access being incorrectly granted in some circumstances. This +is now fixed. + * Fix CVE-2018-12546 (bsc#1125019): If a client publishes a retained +message to a topic that they have access to, and then their access +to that topic is revoked, the retained message will still be +delivered to future subscribers. This behaviour may be undesirable +in some applications, so a configuration option `check_retain_source` +has been introduced to enforce checking of the retained message +source on publish. + Broker: + * Fixed comment handling for config options that have optional +arguments. + * Improved documentation around bridge topic remapping. + * Handle mismatched handshakes (e.g. QoS1 PUBLISH with QoS2 +reply) properly. + * Fix spaces not being allowed in the bridge remote_username +option. + * Allow broker to always restart on Windows when using +`log_dest file`. + * Fix Will not being sent for Websockets clients. + * Windows: Fix possible crash when client disconnects. + * Fixed durable clients being unable to receive messages when +offline, when per_listener_settings was set to true. + * Add log message for the case where a client is disconnected for +sending a topic with invalid UTF-8. + Library: + * Fix TLS connections not working over SOCKS. + * Don't clear SSL context when TLS connection is closed, meaning +if a user provided an external SSL_CTX they have less chance of +leaking references. + +--- +Mon Dec 17 20:15:50 UTC 2018 - mar...@gmx.de + +- FIX CVE-2018-20145: mosquitto: ACL bypass (bnc#1119536) +- Update to version 1.5.5 + Security: + * If `per_listener_settings` is set to true, then the `acl_file` setting was +ignored for the "default listener" only. This has been fixed. This does not +affect any listeners defined with the `listener` option. + Broker: + * Add `socket_domain` option to allow listeners to disable IPv6 support. +This is required to work around a problem in libwebsockets that means +sockets only listen on IPv6 by default if IPv6 support is compiled in. + * When using ADNS, don't ask for all network protocols when connecting, +because this can lead to confusing "Protocol not supported" errors if the +network is down. + * Fix outgoing retained
commit mosquitto for openSUSE:Factory
Hello community, here is the log from the commit of package mosquitto for openSUSE:Factory checked in at 2018-10-29 14:21:54 Comparing /work/SRC/openSUSE:Factory/mosquitto (Old) and /work/SRC/openSUSE:Factory/.mosquitto.new (New) Package is "mosquitto" Mon Oct 29 14:21:54 2018 rev:7 rq:644869 version:1.5.3 Changes: --- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2018-08-27 12:59:53.372851562 +0200 +++ /work/SRC/openSUSE:Factory/.mosquitto.new/mosquitto.changes 2018-10-29 14:58:32.681987555 +0100 @@ -1,0 +2,25 @@ +Thu Oct 25 18:06:26 UTC 2018 - mar...@gmx.de + +- Update to version 1.5.3 + Security: + * Fix CVE-2018-12543. If a message is sent to Mosquitto with a topic that +begins with $, but is not $SYS, then an assert that should be unreachable is +triggered and Mosquitto will exit. + Broker: + * Elevate log level to warning for situation when socket limit is hit. + * Fix retained messages not sent by bridges on outgoing topics at the first +connection. + * Fix duplicate clients being added to by_id hash before the old client was +removed. + +- Update to version 1.5.2 + Broker: + * Fix incorrect call to setsockopt() for TCP_NODELAY. + * Fix excessive CPU usage when the number of sockets exceeds the system limit. + * Fix round_robin false behaviour. + * Fix segfault on HUP when bridges and security options are configured. + Library: + * Fix situation where username and password is used with SOCKS5 proxy. + * Fix SOCKS5 behaviour when passing IP addresses. + +--- Old: mosquitto-1.5.1.tar.gz New: mosquitto-1.5.3.tar.gz Other differences: -- ++ mosquitto.spec ++ --- /var/tmp/diff_new_pack.d5z6Uf/_old 2018-10-29 14:58:33.529988969 +0100 +++ /var/tmp/diff_new_pack.d5z6Uf/_new 2018-10-29 14:58:33.533988976 +0100 @@ -27,7 +27,7 @@ %endif %bcond_without websockets Name: mosquitto -Version:1.5.1 +Version:1.5.3 Release:0 Summary:A MQTT v3.1/v3.1.1 Broker License:EPL-1.0 ++ mosquitto-1.5.1.tar.gz -> mosquitto-1.5.3.tar.gz ++ 4801 lines of diff (skipped)
commit mosquitto for openSUSE:Factory
Hello community, here is the log from the commit of package mosquitto for openSUSE:Factory checked in at 2018-08-27 12:59:52 Comparing /work/SRC/openSUSE:Factory/mosquitto (Old) and /work/SRC/openSUSE:Factory/.mosquitto.new (New) Package is "mosquitto" Mon Aug 27 12:59:52 2018 rev:6 rq:631606 version:1.5.1 Changes: --- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2018-05-15 10:31:51.455591579 +0200 +++ /work/SRC/openSUSE:Factory/.mosquitto.new/mosquitto.changes 2018-08-27 12:59:53.372851562 +0200 @@ -1,0 +2,42 @@ +Sun Aug 19 16:38:42 UTC 2018 - mar...@gmx.de + +- Update to version 1.5.1 + Broker: + * Fix plugin cleanup function not being called on exit of the broker. + * Print more OpenSSL errors when loading certificates/keys fail. + * Use AF_UNSPEC etc. instead of PF_UNSPEC to comply with POSIX. + * Remove use of AI_ADDRCONFIG, which means the broker can be used on systems +where only the loopback interface is defined. + * Fix IPv6 addresses not being able to be used as bridge addresses. + * All clients now time out if they exceed their keepalive*1.5, rather than +just reach it. This was inconsistent in two places. + * Fix segfault on startup if bridge CA certificates could not be read. + * Fix problem opening listeners on Pi caused by unsigned char being default. + * ACL patterns that do not contain either %c or %u now produce a warning in +the log. + * Fix bridge publishing failing when per_listener_settings was true. + * Fix `use_identity_as_username true` not working. + * Fix UNSUBACK messages not being logged. + * Fix possible endian issue when reading the `memory_limit` option. + * Fix building for libwebsockets < 1.6. + * Fix accessor functions for username and client id when used in plugin auth +check. + + Library: + * Fix some places where return codes were incorrect, including to the +on_disconnect() callback. This has resulted in two new error codes, +MOSQ_ERR_KEEPALIVE and MOSQ_ERR_LOOKUP. + * Fix connection problems when mosquitto_loop_start() was called before +mosquitto_connect_async(). + + Clients: + * When compiled using WITH_TLS=no, the default port was incorrectly being set +to -1. This has been fixed. + * Fix compiling on Mac OS X <10.12. + + Build: + * Fixes for building on NetBSD. + * Fixes for building on FreeBSD. + * Add support for compiling with static libwebsockets library. + +--- Old: mosquitto-1.5.tar.gz New: mosquitto-1.5.1.tar.gz Other differences: -- ++ mosquitto.spec ++ --- /var/tmp/diff_new_pack.MvvegQ/_old 2018-08-27 12:59:54.892853220 +0200 +++ /var/tmp/diff_new_pack.MvvegQ/_new 2018-08-27 12:59:54.908853238 +0200 @@ -27,7 +27,7 @@ %endif %bcond_without websockets Name: mosquitto -Version:1.5 +Version:1.5.1 Release:0 Summary:A MQTT v3.1/v3.1.1 Broker License:EPL-1.0 ++ mosquitto-1.5.tar.gz -> mosquitto-1.5.1.tar.gz ++ 5187 lines of diff (skipped)
commit mosquitto for openSUSE:Factory
Hello community, here is the log from the commit of package mosquitto for openSUSE:Factory checked in at 2018-05-15 10:09:41 Comparing /work/SRC/openSUSE:Factory/mosquitto (Old) and /work/SRC/openSUSE:Factory/.mosquitto.new (New) Package is "mosquitto" Tue May 15 10:09:41 2018 rev:5 rq:605073 version:1.5 Changes: --- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2018-03-04 12:52:40.003453739 +0100 +++ /work/SRC/openSUSE:Factory/.mosquitto.new/mosquitto.changes 2018-05-15 10:31:51.455591579 +0200 @@ -1,0 +2,158 @@ +Thu May 3 18:47:04 UTC 2018 - mar...@gmx.de + +- Update to version 1.5 + Security: + * Fix memory leak that could be caused by a malicious CONNECT packet. This +does not yet have a CVE assigned. Closes #533493 (on Eclipse bugtracker) + + Broker features: + * Add per_listener_settings to allow authentication and access control to be +per listener. + * Add limited support for reloading listener settings. This allows settings +for an already defined listener to be reloaded, but port numbers must not be +changed. + * Add ability to deny access to SUBSCRIBE messages as well as the current +read/write accesses. Currently for auth plugins only. + * Reduce calls to malloc through the use of UHPA. + * Outgoing messages with QoS>1 are no longer retried after a timeout period. +Messages will be retried when a client reconnects. This change in behaviour +can be justified by considering when the timeout may have occurred. ++ If a connection is unreliable and has dropped, but without one end + noticing, the messages will be retried on reconnection. Sending + additional PUBLISH or PUBREL would not have changed anything. ++ If a client is overloaded/unable to respond/has a slow connection then + sending additional PUBLISH or PUBREL would not help the client catch + up. Once the backlog has cleared the client will respond. If it is not + able to catch up, sending additional duplicates would not help either. + * Add use_subject_as_username option for certificate based client +authentication to use the entire certificate subject as a username, rather +than just the CN. Closes #469467. + * Change sys tree printing output. This format shouldn't be relied upon and +may change at any time. Closes #470246. + * Minimum supported libwebsockets version is now 1.3. + * Add systemd startup notification and services. Closes #471053. + * Reduce unnecessary malloc and memcpy when receiving a message and storing +it. Closes #470258. + * Support for Windows XP has been dropped. + * Bridge connections now default to using MQTT v3.1.1. + * mosquitto_db_dump tool can now output some stats on clients. + * Perform utf-8 validation on incoming will, subscription and unsubscription +topics. + * new $SYS/broker/store/messages/count (deprecates $SYS/broker/messages/stored) + * new $SYS/broker/store/messages/bytes + * max_queued_bytes feature to limit queues by real size rather than +than just message count. Closes Eclipse #452919 or Github #100 + * Add support for bridges to be configured to only send notifications to the +local broker. + * Add set_tcp_nodelay option to allow Nagle's algorithm to be disabled on +client sockets. Closes #433. + * The behaviour of allow_anonymous has changed. In the old behaviour, the +default if not set was to allow anonymous access. The new behaviour is to +default is to allow anonymous access unless another security option is set. +For example, if password_file is set and allow_anonymous is not set, then +anonymous access will be denied. It is still possible to allow anonymous +access by setting it explicitly. + Broker fixes: + * Fix UNSUBSCRIBE with no topic is accepted on MQTT 3.1.1. Closes #665. + * Produce an error if two bridges share the same local_clientid. + * Miscellaneous fixes on Windows. + * queue_qos0_messages was not observing max_queued_** limits + * When using the include_dir configuration option sort the files +alphabetically before loading them. Closes #17. + * IPv6 is no longer disabled for websockets listeners. + * Remove all build timestamp information including $SYS/broker/timestamp. +Close #651. + * Correctly handle incoming strings that contain a NULL byte. Closes #693. + * Use constant time memcmp for password comparisons. + * Fix incorrect PSK key being used if it had leading zeroes. + * Fix memory leak if a client provided a username/password for a listener with +use_identity_as_username configured. + * Fix use_identity_as_username not working on websockets clients. + * Don't crash if an auth plugin returns MOSQ_ERR_AUTH for a username check on +a websockets client. Closes #490. + * Fix 08-ssl-bridge.py test when using async
commit mosquitto for openSUSE:Factory
Hello community, here is the log from the commit of package mosquitto for openSUSE:Factory checked in at 2018-03-04 12:51:57 Comparing /work/SRC/openSUSE:Factory/mosquitto (Old) and /work/SRC/openSUSE:Factory/.mosquitto.new (New) Package is "mosquitto" Sun Mar 4 12:51:57 2018 rev:4 rq:582184 version:1.4.15 Changes: --- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2017-10-09 19:40:50.323051990 +0200 +++ /work/SRC/openSUSE:Factory/.mosquitto.new/mosquitto.changes 2018-03-04 12:52:40.003453739 +0100 @@ -1,0 +2,45 @@ +Thu Mar 1 14:37:54 UTC 2018 - mar...@gmx.de + +- Update to version 1.4.15 + Security: + * Fix CVE-2017-7652. If a SIGHUP is sent to the broker when there are no more +file descriptors, then opening the configuration file will fail and security +settings will be set back to their default values. + * Fix CVE-2017-7651. Unauthenticated clients can cause excessive memory use by +setting "remaining length" to be a large value. This is now mitigated by +limiting the size of remaining length to valid values. A "memory_limit" +configuration option has also been added to allow the overall memory used by +the broker to be limited. + + Broker: + * Use constant time memcmp for password comparisons. + * Fix incorrect PSK key being used if it had leading zeroes. + * Fix memory leak if a client provided a username/password for a listener with +use_identity_as_username configured. + * Fix use_identity_as_username not working on websockets clients. + * Don't crash if an auth plugin returns MOSQ_ERR_AUTH for a username check on +a websockets client. Closes #490. + * Fix 08-ssl-bridge.py test when using async dns lookups. Closes #507. + * Lines in the config file are no longer limited to 1024 characters long. +Closes #652. + * Fix $SYS counters of messages and bytes sent when message is sent over +a Websockets. Closes #250. + * Fix upgrade_outgoing_qos for retained message. Closes #534. + * Fix CONNACK message not being sent for unauthorised connect on websockets. +Closes #8. + + Client library: + * Fix incorrect PSK key being used if it had leading zeroes. + * Initialise "result" variable as soon as possible in +mosquitto_topic_matches_sub. Closes #654. + * No need to close socket again if setting non-blocking failed. Closes #649. + * Fix mosquitto_topic_matches_sub() not correctly matching foo/bar against +foo/+/#. Closes #670. + + Clients: + * Correctly handle empty files with "mosquitto_pub -l". Closes #676. + + Build: + * Don't run TLS-PSK tests if TLS-PSK disabled at compile time. Closes #636. + +--- Old: mosquitto-1.4.14.tar.gz New: mosquitto-1.4.15.tar.gz Other differences: -- ++ mosquitto.spec ++ --- /var/tmp/diff_new_pack.lwriaj/_old 2018-03-04 12:52:40.791425026 +0100 +++ /var/tmp/diff_new_pack.lwriaj/_new 2018-03-04 12:52:40.791425026 +0100 @@ -1,7 +1,7 @@ # # spec file for package mosquitto # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ %bcond_without websockets Name: mosquitto -Version:1.4.14 +Version:1.4.15 Release:0 Summary:A MQTT v3.1/v3.1.1 Broker License:EPL-1.0 ++ mosquitto-1.4.14.tar.gz -> mosquitto-1.4.15.tar.gz ++ 2588 lines of diff (skipped)
commit mosquitto for openSUSE:Factory
Hello community,
here is the log from the commit of package mosquitto for openSUSE:Factory
checked in at 2017-10-09 19:40:44
Comparing /work/SRC/openSUSE:Factory/mosquitto (Old)
and /work/SRC/openSUSE:Factory/.mosquitto.new (New)
Package is "mosquitto"
Mon Oct 9 19:40:44 2017 rev:3 rq:530404 version:1.4.14
Changes:
--- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2017-09-12
19:53:48.504461451 +0200
+++ /work/SRC/openSUSE:Factory/.mosquitto.new/mosquitto.changes 2017-10-09
19:40:50.323051990 +0200
@@ -1,0 +2,8 @@
+Mon Oct 2 10:57:39 UTC 2017 - mar...@gmx.de
+
+- Update to 1.4.14
+ * Broker:
+ - Fix regression from 1.4.13 where persistence data was not
+ being saved.
+
+---
Old:
mosquitto-1.4.13.tar.gz
New:
mosquitto-1.4.14.tar.gz
Other differences:
--
++ mosquitto.spec ++
--- /var/tmp/diff_new_pack.aqvlS4/_old 2017-10-09 19:40:51.427003469 +0200
+++ /var/tmp/diff_new_pack.aqvlS4/_new 2017-10-09 19:40:51.431003293 +0200
@@ -24,7 +24,7 @@
%bcond_without websockets
Name: mosquitto
-Version:1.4.13
+Version:1.4.14
Release:0
Summary:A MQTT v3.1/v3.1.1 Broker
License:EPL-1.0
++ mosquitto-1.4.13.tar.gz -> mosquitto-1.4.14.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mosquitto-1.4.13/CMakeLists.txt
new/mosquitto-1.4.14/CMakeLists.txt
--- old/mosquitto-1.4.13/CMakeLists.txt 2017-06-27 23:53:58.0 +0200
+++ new/mosquitto-1.4.14/CMakeLists.txt 2017-07-11 00:46:01.0 +0200
@@ -11,7 +11,7 @@
cmake_minimum_required(VERSION 2.8)
# Only for version 3 and up. cmake_policy(SET CMP0042 NEW)
-set (VERSION 1.4.13)
+set (VERSION 1.4.14)
if (WIN32)
execute_process(COMMAND cmd /c echo %DATE% %TIME% OUTPUT_VARIABLE
TIMESTAMP
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mosquitto-1.4.13/ChangeLog.txt
new/mosquitto-1.4.14/ChangeLog.txt
--- old/mosquitto-1.4.13/ChangeLog.txt 2017-06-27 23:53:58.0 +0200
+++ new/mosquitto-1.4.14/ChangeLog.txt 2017-07-11 00:46:01.0 +0200
@@ -1,3 +1,10 @@
+1.4.14 - 20170710
+=
+
+Broker:
+- Fix regression from 1.4.13 where persistence data was not being saved.
+
+
1.4.13 - 20170627
=
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mosquitto-1.4.13/config.mk
new/mosquitto-1.4.14/config.mk
--- old/mosquitto-1.4.13/config.mk 2017-06-27 23:53:58.0 +0200
+++ new/mosquitto-1.4.14/config.mk 2017-07-11 00:46:01.0 +0200
@@ -86,7 +86,7 @@
# Also bump lib/mosquitto.h, CMakeLists.txt,
# installer/mosquitto.nsi, installer/mosquitto-cygwin.nsi
-VERSION=1.4.13
+VERSION=1.4.14
TIMESTAMP:=$(shell date "+%F %T%z")
# Client library SO version. Bump if incompatible API/ABI changes are made.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mosquitto-1.4.13/installer/mosquitto-cygwin.nsi
new/mosquitto-1.4.14/installer/mosquitto-cygwin.nsi
--- old/mosquitto-1.4.13/installer/mosquitto-cygwin.nsi 2017-06-27
23:53:58.0 +0200
+++ new/mosquitto-1.4.14/installer/mosquitto-cygwin.nsi 2017-07-11
00:46:01.0 +0200
@@ -7,7 +7,7 @@
!define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session
Manager\Environment"'
Name "mosquitto"
-!define VERSION 1.4.13
+!define VERSION 1.4.14
OutFile "mosquitto-${VERSION}-install-cygwin.exe"
InstallDir "$PROGRAMFILES\mosquitto"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mosquitto-1.4.13/installer/mosquitto.nsi
new/mosquitto-1.4.14/installer/mosquitto.nsi
--- old/mosquitto-1.4.13/installer/mosquitto.nsi2017-06-27
23:53:58.0 +0200
+++ new/mosquitto-1.4.14/installer/mosquitto.nsi2017-07-11
00:46:01.0 +0200
@@ -9,7 +9,7 @@
!define env_hklm 'HKLM "SYSTEM\CurrentControlSet\Control\Session
Manager\Environment"'
Name "mosquitto"
-!define VERSION 1.4.13
+!define VERSION 1.4.14
OutFile "mosquitto-${VERSION}-install-win32.exe"
InstallDir "$PROGRAMFILES\mosquitto"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mosquitto-1.4.13/lib/mosquitto.h
new/mosquitto-1.4.14/lib/mosquitto.h
--- old/mosquitto-1.4.13/lib/mosquitto.h2017-06-27 23:53:58.0
+0200
+++ new/mosquitto-1.4.14/lib/mosquitto.h2017-07-11 00:46:01.0
+0200
@@ -45,7 +45,7 @@
#define LIBMOSQUITTO_MAJOR 1
#define LIBMOSQUITTO_MINOR 4
-#define LIBMOSQUITTO_REVISION 13
+#define LIBMOSQUITTO_REVISION 14
/*
commit mosquitto for openSUSE:Factory
Hello community,
here is the log from the commit of package mosquitto for openSUSE:Factory
checked in at 2017-09-12 19:53:46
Comparing /work/SRC/openSUSE:Factory/mosquitto (Old)
and /work/SRC/openSUSE:Factory/.mosquitto.new (New)
Package is "mosquitto"
Tue Sep 12 19:53:46 2017 rev:2 rq:522108 version:1.4.13
Changes:
--- /work/SRC/openSUSE:Factory/mosquitto/mosquitto.changes 2017-08-28
16:17:21.969115101 +0200
+++ /work/SRC/openSUSE:Factory/.mosquitto.new/mosquitto.changes 2017-09-12
19:53:48.504461451 +0200
@@ -1,0 +2,8 @@
+Thu Sep 7 12:13:21 UTC 2017 - jeng...@inai.de
+
+- Fix incorrect RPM groups.
+- Remove repeated license declaration from description.
+ Trim package descriptions for size.
+- Errors from user creation must not be ignored.
+
+---
Other differences:
--
++ mosquitto.spec ++
--- /var/tmp/diff_new_pack.WY9nhs/_old 2017-09-12 19:53:49.092378786 +0200
+++ /var/tmp/diff_new_pack.WY9nhs/_new 2017-09-12 19:53:49.092378786 +0200
@@ -15,6 +15,7 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
+
%if 0%{?suse_version} > 1230 || 0%{?rhel_version} > 600 || 0%{?centos_version}
> 600 || 0%{?fedora_version} >= 20 ||
0%{?el7}%{?fc20}%{?fc21}%{?fc22}%{?fc23}%{?fc24}%{?fc25}
%bcond_without systemd
%else
@@ -25,10 +26,10 @@
Name: mosquitto
Version:1.4.13
Release:0
+Summary:A MQTT v3.1/v3.1.1 Broker
License:EPL-1.0
-Summary:An Open Source MQTT v3.1/v3.1.1 Broker
+Group: Productivity/Networking/Other
Url:http://mosquitto.org/
-Group: System/Daemons
Source: http://mosquitto.org/files/source/mosquitto-%{version}.tar.gz
Source1:mosquitto.service
Source2:mosquitto.fw
@@ -52,6 +53,7 @@
BuildRequires: pkgconfig(systemd)
%{?systemd_requires}
%endif
+Requires(pre): shadow
%define _fwdefdir /etc/sysconfig/SuSEfirewall2.d/services
%define home/var/lib/%{name}
@@ -59,7 +61,7 @@
%define cpp_lib libmosquittopp1
%description
-Mosquitto is an open source (BSD licensed) message broker that implements the
+Mosquitto is a message broker that implements the
MQ Telemetry Transport protocol versions 3.1 and 3.1.1. MQTT provides a
lightweight method of carrying out messaging using a publish/subscribe model.
This makes it suitable for "machine to machine" messaging such as with low
@@ -69,63 +71,52 @@
monitoring and automation with his twittering house and twittering ferry.
%package -n %{c_lib}
-Group: Development/Libraries/C and C++
Summary:Shared C Library for %{name}
+Group: Development/Libraries/C and C++
+
%description -n %{c_lib}
-Mosquitto is an open source (BSD licensed) message broker that implements the
+Mosquitto is a message broker that implements the
MQ Telemetry Transport protocol versions 3.1 and 3.1.1. MQTT provides a
lightweight method of carrying out messaging using a publish/subscribe model.
-This makes it suitable for "machine to machine" messaging such as with low
-power sensors or mobile devices such as phones, embedded computers or
-microcontrollers like the Arduino. A good example of this is all of the work
-that Andy Stanford-Clark (one of the originators of MQTT) has done in home
-monitoring and automation with his twittering house and twittering ferry.
This package holds the shared C library.
%package -n %{cpp_lib}
-Group: Development/Libraries/C and C++
Summary:Shared C++ Library for %{name}
+Group: Development/Libraries/C and C++
+
%description -n %{cpp_lib}
-Mosquitto is an open source (BSD licensed) message broker that implements the
+Mosquitto is a message broker that implements the
MQ Telemetry Transport protocol versions 3.1 and 3.1.1. MQTT provides a
lightweight method of carrying out messaging using a publish/subscribe model.
-This makes it suitable for "machine to machine" messaging such as with low
-power sensors or mobile devices such as phones, embedded computers or
-microcontrollers like the Arduino. A good example of this is all of the work
-that Andy Stanford-Clark (one of the originators of MQTT) has done in home
-monitoring and automation with his twittering house and twittering ferry.
This package holds the shared C++ library.
%package devel
-Group: Development/Libraries/C and C++
Requires: %{c_lib} = %{version}
Requires: %{cpp_lib} = %{version}
Provides: libmosquitto-devel = %{version}-%{release}
Provides: libmosquittopp-devel = %{version}-%{release}
-Summary:Development files %{name}
+Summary:Development files for %{name}
+Group:
