eclipse-mosquitto編寫自定義驗(yàn)證插件

源碼

1.下載安裝OpenSSL v1.1.1w

image.png

2.下載eclipse/mosquitt源碼,并使用Visual Studio 打開

image.png

3. 修改mosquitto_payload_modification.c文件

3.1 修改插件初始化函數(shù)mosquitto_plugin_init 

// mosquitto_payload_modification.c

int mosquitto_plugin_init(mosquitto_plugin_id_t *identifier, void **user_data, struct mosquitto_opt *opts, int opt_count)
{
    UNUSED(user_data);
    UNUSED(opts);
    UNUSED(opt_count);
    int err_code = MOSQ_ERR_SUCCESS;

    mosq_pid = identifier;
    mosquitto_log_printf(MOSQ_LOG_INFO, "[mosquitto_plugin_init]");
    paser_opts(opts, opt_count); // 解析配置項(xiàng)

    // 注冊重啟
    err_code = mosquitto_callback_register(mosq_pid, MOSQ_EVT_RELOAD, callback_reload, NULL, NULL);
    if (err_code != MOSQ_ERR_SUCCESS) {
        mosquitto_log_printf(MOSQ_LOG_ERR, "[mosquitto_plugin_init][register] MOSQ_EVT_RELOAD err = %d", err_code);
        return err_code;
    }
    // 注冊基礎(chǔ)驗(yàn)證
    err_code = mosquitto_callback_register(mosq_pid, MOSQ_EVT_BASIC_AUTH, callback_basic_auth, NULL, NULL);
    if (err_code != MOSQ_ERR_SUCCESS) {
        mosquitto_log_printf(MOSQ_LOG_ERR, "[mosquitto_plugin_init][register] MOSQ_EVT_BASIC_AUTH err = %d", err_code);
        return err_code;
    }
    // 注冊ACL驗(yàn)證
    err_code = mosquitto_callback_register(mosq_pid, MOSQ_EVT_ACL_CHECK, callback_acl_check, NULL, NULL);
    if (err_code != MOSQ_ERR_SUCCESS) {
        mosquitto_log_printf(MOSQ_LOG_ERR, "[mosquitto_plugin_init][register] MOSQ_EVT_ACL_CHECK err = %d", err_code);
        return err_code;
    }


    return err_code;

}
  • step1: 解析配置項(xiàng) (這里是直接將配置項(xiàng)原樣打印出來)
  • step2: 注冊MOSQ_EVT_RELOAD回調(diào)函數(shù)
  • step3: 注冊MOSQ_EVT_BASIC_AUTH回調(diào)函數(shù)
  • step4: 注冊MOSQ_EVT_ACL_CHECK回調(diào)函數(shù)

3.2 修改插件清理函數(shù)mosquitto_plugin_cleanup 

// mosquitto_payload_modification.c

int mosquitto_plugin_cleanup(void *user_data, struct mosquitto_opt *opts, int opt_count)
{
    UNUSED(user_data);
    UNUSED(opts);
    UNUSED(opt_count);
    int err_code = MOSQ_ERR_SUCCESS;
    mosquitto_log_printf(MOSQ_LOG_INFO, "[mosquitto_plugin_cleanup]");

    err_code = mosquitto_callback_unregister(mosq_pid, MOSQ_EVT_RELOAD, callback_reload, NULL);
    if (err_code != MOSQ_ERR_SUCCESS) {
        mosquitto_log_printf(MOSQ_LOG_ERR, "[mosquitto_plugin_cleanup][unregister] MOSQ_EVT_RELOAD err = %d", err_code);
    }
    err_code = mosquitto_callback_unregister(mosq_pid, MOSQ_EVT_BASIC_AUTH, callback_basic_auth, NULL);
    if (err_code != MOSQ_ERR_SUCCESS) {
        mosquitto_log_printf(MOSQ_LOG_ERR, "[mosquitto_plugin_cleanup][unregister] MOSQ_EVT_BASIC_AUTH err = %d", err_code);
    }
    err_code = mosquitto_callback_unregister(mosq_pid, MOSQ_EVT_ACL_CHECK, callback_acl_check, NULL);
    if (err_code != MOSQ_ERR_SUCCESS) {
        mosquitto_log_printf(MOSQ_LOG_ERR, "[mosquitto_plugin_cleanup][unregister] MOSQ_EVT_ACL_CHECK err = %d", err_code);
    }

    return MOSQ_ERR_SUCCESS;
}
  • 這里清理函數(shù)將之前注冊的函數(shù)全部取消掉

3.3 實(shí)現(xiàn)callback_reload 

// mosquitto_payload_modification.c

static int callback_reload(int event, void* event_data, void* userdata) {
    UNUSED(event);
    UNUSED(userdata);

    mosquitto_log_printf(MOSQ_LOG_INFO, "[callback_reload]");

    struct mosquitto_evt_reload* ed = event_data;
    paser_opts(ed->options, ed->option_count);
    return MOSQ_ERR_SUCCESS;
}
  • 重啟重新解析的一次配置項(xiàng)

3.4 實(shí)現(xiàn)callback_basic_auth函數(shù)

static int callback_basic_auth(int event, void* event_data, void* userdata) {
    UNUSED(event);
    UNUSED(userdata);

    struct mosquitto_evt_basic_auth* ed = event_data;
    char* client_id = mosquitto_client_id(ed->client);
    char* client_address = mosquitto_client_address(ed->client);

    mosquitto_log_printf(MOSQ_LOG_INFO, "[callback_basic_auth] username=%s, password=%s, client_id=%s, client_address=%s", ed->username, ed->password, client_id, client_address);


    return MOSQ_ERR_SUCCESS;
}
  • 客戶端首次登陸時,會回調(diào)這里,來驗(yàn)證客戶端的登錄信息是否合法
  • 邏輯還沒有實(shí)現(xiàn),所以這里打印需要驗(yàn)證的常用信息,然后返回SUCCESS

3.5 實(shí)現(xiàn)callback_acl_check函數(shù)

static int callback_acl_check(int event, void* event_data, void* userdata) {
    UNUSED(event);
    UNUSED(userdata);

    struct mosquitto_evt_acl_check* ed = event_data;
    char* username = mosquitto_client_username(ed->client);
    char* client_id = mosquitto_client_id(ed->client);
    char* topic = ed->topic;
    int access = ed->access;
    int qos = ed->qos;
    bool retain = ed->retain;

    mosquitto_log_printf(MOSQ_LOG_INFO, "[callback_acl_check] username=%s, client_id=%s, topic=%s, access=%d, qos=%d, retain=%d", username, client_id, topic, access, qos, retain);
    
    return MOSQ_ERR_SUCCESS;
}
  • 客戶端需要對某個主題進(jìn)行收發(fā)消息,訂閱和取消訂閱的回調(diào)會到這里
  • access可選的操作有MOSQ_ACL_NONE,MOSQ_ACL_READ,MOSQ_ACL_WRITE,MOSQ_ACL_SUBSCRIBE,MOSQ_ACL_UNSUBSCRIBE
  • 目前邏輯沒有實(shí)現(xiàn),只是打印一下客戶端訪問信息,允許所有客戶端的所有操作

4. 使用自定義插件

4.1 編譯自定義插件

4.1.1 Windows

image.png

4.1.2 ubuntu

apt-get install build-essential
apt-get install libssl-dev
apt-get install xsltproc 
cmake -B ./cmakebuild
cd ./cmakebuild/plugins/payload-modification
make
  • step1: 安裝gcc等編譯工具
  • step2: 安裝openssl
  • step3: 安裝xsltproc
  • step4: cmake 編譯到cmakebuild目錄
  • step5: 到對應(yīng)插件目錄
  • step6: 得到對應(yīng)的插件

4.2 修改配置文件mosquitto.conf

image.png

5.啟動查看日志

屏幕截圖 2024-01-01 001614.png
  • 如圖啟動了兩個客戶端所有的認(rèn)證已被我們插件代理
最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時請結(jié)合常識與多方信息審慎甄別。
平臺聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡書系信息發(fā)布平臺,僅提供信息存儲服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容