#mosquitto #mqtt #broker #plugin #acl #password #header

mosquitto-plugin

A simple way to create plugins for mosquitto, using rust code

11 releases (stable)

2.1.3 Mar 28, 2023
2.1.2 Nov 4, 2022
2.1.1 Oct 11, 2022
1.3.0 Aug 22, 2022
0.1.0 Dec 3, 2020

#1128 in Network programming

Download history 105/week @ 2024-08-03 101/week @ 2024-08-10 128/week @ 2024-08-17 98/week @ 2024-08-24 90/week @ 2024-08-31 80/week @ 2024-09-07 84/week @ 2024-09-14 224/week @ 2024-09-21 121/week @ 2024-09-28 123/week @ 2024-10-05 110/week @ 2024-10-12 139/week @ 2024-10-19 125/week @ 2024-10-26 159/week @ 2024-11-02 160/week @ 2024-11-09 174/week @ 2024-11-16

634 downloads per month

MIT license

57KB
1K SLoC

CI

Mosquitto Plugin

A simple way to generate ACL and PASSWORD plugins for usage with the mosquitto broker.

Requires that mosquitto_plugin.h mosquitto.h files are installed on the system, on linux systems this is usually achieved through the mosquitto-dev packages. Not tested on windows.

To pass additional (clang) arguments to the clang invocation from bindgen, set MOSQUITTO_PLUGIN_CLANG_EXTRA_ARGS for e.g a special search path for the mosquitto headers: "-I ../mosquitto-2.0.4/include".

The optional functions are not implemented here.

Debugging Segfaults

being a plugin utilizing the C ABI interface of mosquitto, there might be segfaults due to unexpected behaviour in how mosquitto calls into the plugin, compiling in debug mode will enable asserts of most raw pointer usage and can help in debugging such cases.

Otherwise, look at unsafe code, thats where segfaults occur. Which leaves the entire mosquitto codebase, but mosquitto is quite well tested by now. So start looking in this code

Supported

- ease of access to write own mosquitto plugins
- auth_opt_<key> value in the mosquitto_conf
- mutable access to the structure between calls
- ACL implementations
- username/password implementatations

Example usage

There is an example usage in the github repo under "examples/acl" folder.

Basic authentification

Simple example that allows only password/username combos where the password is reversed (and no credentials as well, since those do not invoke ACL calls, and thus needs to be configured in a mosquitto configuration)

It also only allows messages on the topic specified in the mosquitto config as auth_opt_topic

See the provided examples/mosquitto-acl.conf for details.

Start build and run:

cargo build --example basic-auth
mosquitto -c examples/basic-auth.conf

Extended authentification

Example how to negotiate authentification with a client with v5 AUTH packages.

Start build and run:

cargo build --example extended-auth
mosquitto -c examples/extended-auth.conf

Dependencies

~0–2.4MB
~39K SLoC