CVE-2021-34432.patch

@@ -0,0 +1,62 @@
+From 9b08faf0bdaf5a4f2e6e3dd1ea7e8c57f70418d6 Mon Sep 17 00:00:00 2001
+From: "Roger A. Light" <roger@atchoo.org>
+Date: Tue, 9 Feb 2021 14:09:53 +0000
+Subject: [PATCH] Fix mosquitto_{pub|sub}_topic_check() function returns.
+
+The would not return MOSQ_ERR_INVAL on topic == NULL.
+---
+ ChangeLog.txt    |  5 +++++
+ lib/util_topic.c | 19 ++++++++++++++++---
+ 2 files changed, 21 insertions(+), 3 deletions(-)
+
+diff --git a/lib/util_topic.c b/lib/util_topic.c
+index fc24f0d1c..62b531127 100644
+--- a/lib/util_topic.c
++++ b/lib/util_topic.c
+@@ -54,6 +54,11 @@ int mosquitto_pub_topic_check(const char *str)
+ #ifdef WITH_BROKER
+ 	int hier_count = 0;
+ #endif
++
++	if(str == NULL){
++		return MOSQ_ERR_INVAL;
++	}
++
+ 	while(str && str[0]){
+ 		if(str[0] == '+' || str[0] == '#'){
+ 			return MOSQ_ERR_INVAL;
+@@ -81,7 +86,9 @@ int mosquitto_pub_topic_check2(const char *str, size_t len)
+ 	int hier_count = 0;
+ #endif
+ 
+-	if(len > 65535) return MOSQ_ERR_INVAL;
++	if(str == NULL || len > 65535){
++		return MOSQ_ERR_INVAL;
++	}
+ 
+ 	for(i=0; i<len; i++){
+ 		if(str[i] == '+' || str[i] == '#'){
+@@ -115,7 +122,11 @@ int mosquitto_sub_topic_check(const char *str)
+ 	int hier_count = 0;
+ #endif
+ 
+-	while(str && str[0]){
++	if(str == NULL){
++		return MOSQ_ERR_INVAL;
++	}
++
++	while(str[0]){
+ 		if(str[0] == '+'){
+ 			if((c != '\0' && c != '/') || (str[1] != '\0' && str[1] != '/')){
+ 				return MOSQ_ERR_INVAL;
+@@ -150,7 +161,9 @@ int mosquitto_sub_topic_check2(const char *str, size_t len)
+ 	int hier_count = 0;
+ #endif
+ 
+-	if(len > 65535) return MOSQ_ERR_INVAL;
++	if(str == NULL || len > 65535){
++		return MOSQ_ERR_INVAL;
++	}
+ 
+ 	for(i=0; i<len; i++){
+ 		if(str[i] == '+'){

CVE-2021-41039.patch

@@ -0,0 +1,121 @@
+From 1eb3d438f7cb658a1aa52ea5d7ff8b721fd4f0cc Mon Sep 17 00:00:00 2001
+From: "Roger A. Light" <roger@atchoo.org>
+Date: Tue, 10 Aug 2021 20:48:21 +0100
+Subject: [PATCH] Fix CONNECT performance with many user-properties.
+
+---
+ lib/property_mosq.c              | 14 ++++-----
+ test/broker/01-connect-575314.py | 49 ++++++++++++++++++++++++++++++++
+ test/broker/Makefile             |  1 +
+ test/broker/test.py              |  1 +
+ 4 files changed, 58 insertions(+), 7 deletions(-)
+ create mode 100755 test/broker/01-connect-575314.py
+
+diff --git a/lib/property_mosq.c b/lib/property_mosq.c
+index 859e28b..6eccdbd 100644
+--- a/lib/property_mosq.c
++++ b/lib/property_mosq.c
+@@ -878,14 +878,14 @@ int mosquitto_property_check_all(int command, const mosquitto_property *properti
+ 		if(rc) return rc;
+ 
+ 		/* Check for duplicates */
+-		tail = p->next;
+-		while(tail){
+-			if(p->identifier == tail->identifier
+-					&& p->identifier != MQTT_PROP_USER_PROPERTY){
+-
+-				return MOSQ_ERR_DUPLICATE_PROPERTY;
++		if(p->identifier != MQTT_PROP_USER_PROPERTY){
++			tail = p->next;
++			while(tail){
++				if(p->identifier == tail->identifier){
++					return MOSQ_ERR_DUPLICATE_PROPERTY;
++				}
++				tail = tail->next;
+ 			}
+-			tail = tail->next;
+ 		}
+ 
+ 		p = p->next;
+diff --git a/test/broker/01-connect-575314.py b/test/broker/01-connect-575314.py
+new file mode 100755
+index 0000000..4a8f314
+--- /dev/null
++++ b/test/broker/01-connect-575314.py
+@@ -0,0 +1,49 @@
++#!/usr/bin/env python3
++
++# Check for performance of processing user-property on CONNECT
++
++from mosq_test_helper import *
++
++def do_test():
++    rc = 1
++    props = mqtt5_props.gen_string_pair_prop(mqtt5_props.PROP_USER_PROPERTY, "key", "value")
++    for i in range(0, 20000):
++        props += mqtt5_props.gen_string_pair_prop(mqtt5_props.PROP_USER_PROPERTY, "key", "value")
++    connect_packet_slow = mosq_test.gen_connect("connect-user-property", proto_ver=5, properties=props)
++    connect_packet_fast = mosq_test.gen_connect("a"*65000, proto_ver=5)
++    connack_packet = mosq_test.gen_connack(rc=0, proto_ver=5)
++
++    port = mosq_test.get_port()
++    broker = mosq_test.start_broker(filename=os.path.basename(__file__), port=port)
++
++    try:
++        t_start = time.monotonic()
++        sock = mosq_test.do_client_connect(connect_packet_slow, connack_packet, port=port)
++        t_stop = time.monotonic()
++        sock.close()
++
++        t_diff_slow = t_stop - t_start
++
++        t_start = time.monotonic()
++        sock = mosq_test.do_client_connect(connect_packet_fast, connack_packet, port=port)
++        t_stop = time.monotonic()
++        sock.close()
++
++        t_diff_fast = t_stop - t_start
++        # 20 is chosen as a factor that works in plain mode and running under
++        # valgrind. The slow performance manifests as a factor of >100. Fast is <10.
++        if t_diff_slow / t_diff_fast < 20:
++            rc = 0
++    except mosq_test.TestError:
++        pass
++    finally:
++        broker.terminate()
++        broker.wait()
++        (stdo, stde) = broker.communicate()
++        if rc:
++            print(stde.decode('utf-8'))
++            exit(rc)
++
++
++do_test()
++exit(0)
+diff --git a/test/broker/Makefile b/test/broker/Makefile
+index fa889ce..f560b6e 100644
+--- a/test/broker/Makefile
++++ b/test/broker/Makefile
+@@ -20,6 +20,7 @@ ptest : test-compile
+ test : test-compile 01 02 03 04 05 06 07 08 09 10 11 12
+ 
+ 01 :
++	./01-connect-575314.py
+ 	./01-connect-anon-denied.py
+ 	./01-connect-bad-packet.py
+ 	./01-connect-disconnect-v5.py
+diff --git a/test/broker/test.py b/test/broker/test.py
+index 9a22262..6703f4b 100755
+--- a/test/broker/test.py
++++ b/test/broker/test.py
+@@ -5,6 +5,7 @@ import ptest
+ 
+ tests = [
+     #(ports required, 'path'),
++    (1, './01-connect-575314.py'),
+     (1, './01-connect-anon-denied.py'),
+     (1, './01-connect-bad-packet.py'),
+     (1, './01-connect-disconnect-v5.py'),
+-- 
+2.30.0
+

add-usage-output.patch

@@ -11,7 +11,7 @@ diff --git a/src/conf.c b/src/conf.c
 index 9d31ad9..ed989d5 100644
 --- a/src/conf.c
 +++ b/src/conf.c
-@@ -360,12 +360,12 @@ static void print_usage(void)
+@@ -358,12 +358,12 @@ static void print_usage(void)
  	printf("mosquitto version %s\n\n", VERSION);
  	printf("mosquitto is an MQTT v5.0/v3.1.1/v3.1 broker.\n\n");
  	printf("Usage: mosquitto [-c config_file] [-d] [-h] [-p port]\n\n");

fix-usage-exit-code.patch

@@ -1,6 +1,6 @@
-From 97cef5c831be58770f4a298023d358bd225601d4 Mon Sep 17 00:00:00 2001
+From 55ff763724f71e84ead9b0352506653dbb1c8d69 Mon Sep 17 00:00:00 2001
 From: lingsheng <lingsheng@huawei.com>
-Date: Wed, 10 May 2023 15:02:00 +0800
+Date: Thu, 30 Sep 2021 15:31:46 +0800
 Subject: [PATCH] fix usage exit code
 
 ---
@@ -10,10 +10,10 @@ Subject: [PATCH] fix usage exit code
  3 files changed, 11 insertions(+)
 
 diff --git a/client/pub_client.c b/client/pub_client.c
-index 7822e27..7e2d910 100644
+index 59162a2..4ad2fb3 100644
 --- a/client/pub_client.c
 +++ b/client/pub_client.c
-@@ -526,6 +526,10 @@ int main(int argc, char *argv[])
+@@ -491,6 +491,10 @@ int main(int argc, char *argv[])
  		if(rc == 2){
  			/* --help */
  			print_usage();
@@ -21,38 +21,38 @@ index 7822e27..7e2d910 100644
 +			client_config_cleanup(&cfg);
 +			pub_shared_cleanup();
 +			return 0;
- 		}else if(rc == 3){
- 			print_version();
  		}else{
+ 			fprintf(stderr, "\nUse 'mosquitto_pub --help' to see usage.\n");
+ 		}
 diff --git a/client/rr_client.c b/client/rr_client.c
-index e74536f..fc90803 100644
+index dec9468..180d3b8 100644
 --- a/client/rr_client.c
 +++ b/client/rr_client.c
-@@ -316,6 +316,9 @@ int main(int argc, char *argv[])
+@@ -267,6 +267,9 @@ int main(int argc, char *argv[])
  		if(rc == 2){
  			/* --help */
  			print_usage();
 +			mosquitto_lib_cleanup();
 +			client_config_cleanup(&cfg);
 +			return 0;
- 		}else if(rc == 3){
+ 		}else{
- 			/* --version */
+ 			fprintf(stderr, "\nUse 'mosquitto_rr --help' to see usage.\n");
- 			print_version();
+ 		}
 diff --git a/client/sub_client.c b/client/sub_client.c
-index 4ff3bf9..80f778f 100644
+index fb26638..5f4ac5f 100644
 --- a/client/sub_client.c
 +++ b/client/sub_client.c
-@@ -331,6 +331,10 @@ int main(int argc, char *argv[])
+@@ -294,6 +294,10 @@ int main(int argc, char *argv[])
  		if(rc == 2){
  			/* --help */
  			print_usage();
-+			mosquitto_destroy(g_mosq);
++			mosquitto_destroy(mosq);
 +			mosquitto_lib_cleanup();
 +			client_config_cleanup(&cfg);
 +			return 0;
- 		}else if(rc == 3){
+ 		}else{
- 			/* --version */
+ 			fprintf(stderr, "\nUse 'mosquitto_sub --help' to see usage.\n");
- 			print_version();
+ 		}
 -- 
-2.33.0
+2.23.0
 

mosquitto.spec

@@ -1,19 +1,22 @@
 Name:                mosquitto
-Version:             2.0.20
+Version:             1.6.15
-Release:             2
+Release:             6
 Summary:             Open Source MQTT v3.1/v3.1.1 Broker
-License:             EPL-1.0
+License:             BSD
-URL:                 https://mosquitto.org/
+URL:                 http://mosquitto.org/
-Source0:             https://mosquitto.org/files/source/%{name}-%{version}.tar.gz
+Source0:             http://mosquitto.org/files/source/%{name}-%{version}.tar.gz
 Patch0001:           add-usage-output.patch
 Patch0002:           fix-usage-exit-code.patch
+Patch0003:	     CVE-2021-41039.patch
+Patch0004:           CVE-2021-34432.patch
 BuildRequires:       c-ares-devel gcc-c++ libuuid-devel libwebsockets-devel openssl-devel
-BuildRequires:       systemd-devel cjson-devel
+BuildRequires:       systemd-devel
-BuildRequires:       cmake libxslt
+BuildRequires:       make
 Provides:            bundled(uthash)
 Requires(pre):       shadow-utils
-Conflicts:           mosquitto-devel < 2.0.20-2
+Requires(post):      systemd
-%{?systemd_requires}
+Requires(preun):     systemd
+Requires(postun):    systemd
 %description
 Mosquitto is an open source message broker that implements the MQ Telemetry
 Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method
@@ -30,23 +33,24 @@ Development headers and libraries for %{name}
 
 %prep
 %autosetup -p1
+sed -i "s|prefix?=/usr/local|prefix?=/usr|" config.mk
 sed -i "s|(INSTALL) -s|(INSTALL)|g" lib/Makefile src/Makefile client/Makefile
-sed -i "s/websockets_shared/websockets/" src/CMakeLists.txt
 
 %build
-%cmake -B %{__cmake_builddir} \
+export CFLAGS="%{optflags}"
-    -DCMAKE_INSTALL_LIBDIR=%{_libdir} \
+export LDFLAGS="%{optflags} %{__global_ldflags} -Wl,--as-needed"
-    -DCMAKE_INSTALL_SYSCONFDIR=%{_sysconfdir} \
+make all %{?_smp_mflags} WITH_WEBSOCKETS=yes WITH_SYSTEMD=yes
-    -DWITH_WEBSOCKETS=ON \
-    -DWITH_SYSTEMD=ON \
-    -DWITH_SRV=ON \
-    -DWITH_TLS=ON
-%__cmake --build "%{__cmake_builddir}"
 
 %install
-DESTDIR="%{buildroot}" %__cmake --install "%{__cmake_builddir}"
+%if "%{_lib}" == "lib64"
+export LIB_SUFFIX=64
+%endif
+%make_install
 mkdir -p %{buildroot}%{_unitdir}
 install -p -m 0644 service/systemd/%{name}.service.notify %{buildroot}%{_unitdir}/%{name}.service
+mv %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf.example %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf
+
+%check
 
 %pre
 getent group %{name} >/dev/null || groupadd -r %{name}
@@ -57,63 +61,37 @@ exit 0
 
 %post
 %systemd_post %{name}.service
+/sbin/ldconfig
 
 %preun
 %systemd_preun %{name}.service
 
 %postun
 %systemd_postun_with_restart %{name}.service
+/sbin/ldconfig
 
 %files
 %license LICENSE.txt
-%doc ChangeLog.txt CONTRIBUTING.md README.md
+%doc ChangeLog.txt CONTRIBUTING.md readme.md
 %{_bindir}/*
 %{_sbindir}/*
 %{_libdir}/*.so.*
-%{_libdir}/mosquitto_dynamic_security.so
 %dir %{_sysconfdir}/%{name}
 %config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf
 %config%{_sysconfdir}/%{name}/*.example
 %{_unitdir}/%{name}.service
-%{_mandir}/man*/%{name}*
+%{_mandir}/man1/*.1.*
-%{_mandir}/man7/mqtt.7.*
+%{_mandir}/man5/*.5.*
+%{_mandir}/man7/*.7.*
+%{_mandir}/man8/*.8.*
 
 %files devel
 %{_includedir}/*.h
-%{_libdir}/libmosquitto*.so
+%{_libdir}/*.so
 %{_libdir}/pkgconfig/*.pc
 %{_mandir}/man3/*.3.*
 
 %changelog
-* Tue Nov 12 2024 Funda Wang <fundawang@yeah.net> - 2.0.20-2
-- move mosquitto_dynamic_security into main package
-
-* Mon Nov 04 2024 yaoxin <yao_xin001@hoperun.com> - 2.0.20-1
-- Update to 2.0.20
-  * Fix QoS 1 / QoS 2 publish incorrectly returning "no subscribers". Closes #3128.
-  * Open files with appropriate access on Windows. Closes #3119.
-  * Don't allow invalid response topic values.
-  * Fix some strict protocol compliance issues. Closes #3052.
-  * Fix cmake build on OS X. Closes #3125.
-  * Fix build on NetBSD
-  * Fix mismatched subscribe/unsubscribe with normal/shared topics.
-  * Fix crash on bridge using remapped topic being sent a crafted packet.
-  * Don't allow SUBACK with missing reason codes in client library.
-  * Fix crash on subscribe under certain unlikely conditions. Closes #2885. Closes #2881.
-  * Fix mosquitto_rr not honouring -R. Closes #2893.
-  * Fix max_queued_messages 0 stopping clients from receiving messages. Closes #2879.
-  * Fix max_inflight_messages not being set correctly. Closes #2876.
-  * Fix mosquitto_passwd -U backup file creation. Closes #2873.
-
-* Wed Sep 13 2023 yaoxin <yao_xin001@hoperun.com> - 2.0.16-1
-- Update to 2.0.16 for fix CVE-2021-34431,CVE-2023-28366 and CVE-2023-3592
-
-* Wed May 10 2023 Ge Wang <wang__ge@126.com> - 2.0.15-1
-- Update to version 2.0.15
-
-* Mon May 9 2022 caodongxia <caodongxia@h-partners.com> - 1.6.15-7
-- License compliance rectification
-
 * Thu Feb 24 2022 yaoxin <yaoxin30@huawei.com> - 1.6.15-6
 - Fix CVE-2021-34432 and modify the CVE-2021-41039.patch.
 
@@ -126,7 +104,7 @@ exit 0
 * Thu Sep 30 2021 lingsheng <lingsheng@huawei.com> - 1.6.15-3
 - add usage output
 
-* Fri Sep 24 2021 zhengyaohui <zhengyaohui1@huawei.com> - 1.6.15-2
+* Tue Sep 24 2021 zhengyaohui <zhengyaohui1@huawei.com> - 1.6.15-2
 - add buildrequires make
 
 * Tue Sep 7 2021 zhengyaohui <zhengyaohui1@huawei.com> - 1.6.15-1