Использование файла MQTT ACL - PullRequest
Новая
       34

Использование файла MQTT ACL

0 голосов
/ 08 ноября 2018

Я новичок в MQTT и хотел бы проверить функцию списка контроля доступа. Я тестирую с комарами, брокером MQTT v3.1. У меня есть следующее для моего файла ACL: 

topic read $SYS/#
topic readwrite #         <---- anyone without a username can publish to any topic

user test                 <---- only a client with username test can subscribe to the topic test
topic readwrite testTopic/#

Вот что я получил, запустив брокер: 

sudo mosquitto -c /etc/mosquitto/mosquitto.conf -v
1541640112: mosquitto version 1.4.8 (build date Wed, 05 Sep 2018 15:51:27 -0300) starting
1541640112: Config loaded from /etc/mosquitto/mosquitto.conf.
1541640112: Opening ipv4 listen socket on port 1884.
1541640112: Opening ipv6 listen socket on port 1884.
1541640113: New connection from ::1 on port 1884.
1541640113: New client connected from ::1 as 3 (c1, k60).
1541640113: Sending CONNACK to 3 (0, 0)
1541640113: Received SUBSCRIBE from 3
1541640113:     testTopic (QoS 1)
1541640113: 3 1 testTopic
1541640113: Sending SUBACK to 3
1541640114: New connection from ::1 on port 1884.
1541640114: New client connected from ::1 as 1 (c1, k60, u'test').
1541640114: Sending CONNACK to 1 (0, 0)
1541640114: Received SUBSCRIBE from 1
1541640114:     testTopic (QoS 1)
1541640114: 1 1 testTopic
1541640114: Sending SUBACK to 1
1541640115: New connection from ::1 on port 1884.
1541640115: New client connected from ::1 as 2 (c1, k60).
1541640115: Sending CONNACK to 2 (0, 0)
1541640115: Received PUBLISH from 2 (d0, q1, r0, m1, 'testTopic', ... (4 bytes))
1541640115: Sending PUBACK to 2 (Mid: 1)
1541640115: Sending PUBLISH to 3 (d0, q1, r0, m1, 'testTopic', ... (4 bytes))
1541640115: Received DISCONNECT from 2
1541640115: Client 2 disconnected.
1541640115: Received PUBACK from 3 (Mid: 1)
1541640118: Socket error on client 1, disconnecting.
1541640118: Socket error on client 3, disconnecting.

с клиентом с именем пользователя 'test' подпишитесь на тему testTopic: 

mosquitto_sub -t 'testTopic' -p 1884 -d -q 1 -u test -i 1
Client 1 sending CONNECT
Client 1 received CONNACK
Client 1 sending SUBSCRIBE (Mid: 1, Topic: testTopic, QoS: 1)
Client 1 received SUBACK
Subscribed (mid: 1): 1

с клиентом без имени пользователя подписаться на тему testTopic: 

mosquitto_sub -t 'testTopic' -p 1884 -d -q 1 -i 3
Client 3 sending CONNECT
Client 3 received CONNACK
Client 3 sending SUBSCRIBE (Mid: 1, Topic: testTopic, QoS: 1)
Client 3 received SUBACK
Subscribed (mid: 1): 1
Client 3 received PUBLISH (d0, q1, r0, m1, 'testTopic', ... (4 bytes))
Client 3 sending PUBACK (Mid: 1)
1724

и клиент публикует в теме testTopic: 

mosquitto_pub -t 'testTopic' -m '1724' -p 1884 -d -q 1 -i 2 
Client 2 sending CONNECT
Client 2 received CONNACK
Client 2 sending PUBLISH (d0, q1, r0, m1, 'testTopic', ... (4 bytes))
Client 2 received PUBACK (Mid: 1)
Client 2 sending DISCONNECT

Вопрос в том, почему клиент с проверкой имени пользователя не получает сообщение 1724?

EDIT: Я также попытался изменить тему публикации и подписать тему на testTopic / foo без изменения файла ACL, и результат тот же:

Брокер: 

sudo mosquitto -c /etc/mosquitto/mosquitto.conf -v
1541967842: mosquitto version 1.4.8 (build date Wed, 05 Sep 2018 15:51:27 -0300) starting
1541967842: Config loaded from /etc/mosquitto/mosquitto.conf.
1541967842: Opening ipv4 listen socket on port 1884.
1541967842: Opening ipv6 listen socket on port 1884.
1541967844: New connection from ::1 on port 1884.
1541967844: New client connected from ::1 as 1 (c1, k60, u'test').
1541967844: Sending CONNACK to 1 (0, 0)
1541967844: Received SUBSCRIBE from 1
1541967844:     testTopic/foo (QoS 1)
1541967844: 1 1 testTopic/foo
1541967844: Sending SUBACK to 1
1541967861: New connection from ::1 on port 1884.
1541967861: New client connected from ::1 as 3 (c1, k60).
1541967861: Sending CONNACK to 3 (0, 0)
1541967861: Received SUBSCRIBE from 3
1541967861:     testTopic/foo (QoS 1)
1541967861: 3 1 testTopic/foo
1541967861: Sending SUBACK to 3
1541967875: New connection from ::1 on port 1884.
1541967875: New client connected from ::1 as 2 (c1, k60).
1541967875: Sending CONNACK to 2 (0, 0)
1541967875: Received PUBLISH from 2 (d0, q1, r0, m1, 'testTopic/foo', ... (4 bytes))
1541967875: Sending PUBACK to 2 (Mid: 1)
1541967875: Sending PUBLISH to 3 (d0, q1, r0, m1, 'testTopic/foo', ... (4 bytes))
1541967875: Received PUBACK from 3 (Mid: 1)
1541967875: Received DISCONNECT from 2
1541967875: Client 2 disconnected.

с клиентом с именем пользователя 'test' подпишитесь на тему testTopic / foo: 

mosquitto_sub -t 'testTopic/foo' -p 1884 -d -q 1 -u test -i 1
Client 1 sending CONNECT
Client 1 received CONNACK
Client 1 sending SUBSCRIBE (Mid: 1, Topic: testTopic/foo, QoS: 1)
Client 1 received SUBACK
Subscribed (mid: 1): 1

с клиентом без имени пользователя подписывается на тему testTopic / foo: 

mosquitto_sub -t 'testTopic/foo' -p 1884 -d -q 1 -i 3
Client 3 sending CONNECT
Client 3 received CONNACK
Client 3 sending SUBSCRIBE (Mid: 1, Topic: testTopic/foo, QoS: 1)
Client 3 received SUBACK
Subscribed (mid: 1): 1
Client 3 received PUBLISH (d0, q1, r0, m1, 'testTopic/foo', ... (4 bytes))
Client 3 sending PUBACK (Mid: 1)
1724

и клиент публикует в теме testTopic: 

mosquitto_pub -t 'testTopic/foo' -m '1724' -p 1884 -d -q 1 -i 2 
Client 2 sending CONNECT
Client 2 received CONNACK
Client 2 sending PUBLISH (d0, q1, r0, m1, 'testTopic/foo', ... (4 bytes))
Client 2 received PUBACK (Mid: 1)
Client 2 sending DISCONNECT

Остается вопрос, почему клиент с именем пользователя test не получает сообщение 1724?

...