Eclipse Mosquitto™ 2.0 Release Review

This is a major release with breaking changes.

Important changes

Listener security improvements

There are breaking changes to the way that Mosquitto configures listeners, in order that end users have to take an active decision in how clients can connect, in particular with some form of authentication.

When the Mosquitto broker is run without configuring any listeners it will now bind to the loopback interfaces 127.0.0.1 and/or ::1. This means that only connections from the local host will be possible. This means that local testing is straightforward, but starting a broker does not immediately open it to the entire internet.

Behaviour in different scenarios:

• Running the broker as mosquitto or mosquitto -p 1883 will bind to the loopback interface.
• Running the broker with a configuration file with no listeners configured will bind to the loopback interface with port 1883.
• Running the broker with a listener defined will bind by default to `0.0.0.0`  / `::` and so will be accessible from any interface. It is still possible to bind to a specific address/interface.
•  If the broker is run as mosquitto -c mosquitto.conf -p 1884, and a listener is defined in the configuration file, i.e. listeners are defined both in the configuration file and on the command line, then the port defined on the command line will be IGNORED, and no listener configured for it.

Performance

The internals of Mosquitto have been improved to give better performance across all situations, but particularly for the case where large numbers of clients are connected.

Anonymous clients must be explicitly allowed by the end user

This is a breaking change to how anonymous clients are handled in the broker configuration. An anonymous client is one that does not provide a username when connecting to the broker.

All listeners now default to allow_anonymous false unless explicitly set to true in the configuration file. This means that when configuring a listener the end user must either configure an authentication and access control method, or set allow_anonymous true. When the broker is run without a configured listener, and so binds to the loopback interface, anonymous connections are allowed but are only possible from the local machine.

New generic plugin interface

The existing plugin interface is entirely focussed on authentication and access control, and requires a plugin author to implement almost all of the plugin functionality even if only part of it is required. A new plugin interface has been developed which only requires the plugin to implement three functions, and it can then register callbacks to handle different events. The new approach allows greater ease of implementation for plugin writers, and is easier to extend in the future.

New functionality in the plugin interface includes the ability to:

• Interrogate and modify every message as it is processed, to do such tasks as attaching a timestamp property to each MQTT v5 message.
• Register as a handler for a $CONTROL/ topic, which is intended as an interface for controlling aspects of the broker and/or plugin.
• Receive a regular "tick" event for ancilliary processing.
• Receive a reload event, when the broker is told to reload configuration.

New dynamic authentication and access control plugin

A new plugin which makes use of the updated interface has been developed. The plugin handles authentication and access control, and can itself be configured via a topic $CONTROL/dynamic-security/v1 without restarting the broker. The plugin supports dynamic creation, modification, and deletion of clients, groups, and roles. A client can be a member of zero or more groups. Both clients and groups can have roles assigned to them. A role defines a set of different ACLs which affect how the client is able to publish/subscribe/unsubscribe. ACL types can be set as default accept or deny. Anonymous users can be automatically be placed in their own group with its own roles. For subscribing and unsubscribing, ACLs can be defined in terms of a literal string, so perhaps denying access to subscribe to the # topic, or a pattern, where wildcards are used to determine which range of topics are allowed.

New utility: mosquitto_ctrl

This command line utility is intended to be used to control various aspects of a running broker. At the moment it is limited to controlling the dynamic-security plugin, but future support for dynamic control of bridges and other features is planned.

Bridge support for MQTT v5

Bridges now support MQTT v5, with further v5 enhancements intended for future releases.

Support for Unix domain socket listeners

It is now possible to have Mosquitto listen on a Unix domain socket, using e.g. listener 0 /tmp/mosquitto.sock to define the listener in the configuration file. The mosquitto command line clients likewise can connect to Unix sockets.

Enhanced output format for mosquitto_sub

mosquitto_sub has a number of output improvements:

• Addition of --pretty to produce formatted/unformatted JSON, when using %j or %J.
• Added support for printing some MQTT v5 properties, e.g. %C to print the content-type property.
• Support for extra format specifiers for field width and precision for parameters where this makes sense.
• Addition of --random-filter, which will only print a certain percentage of matching messages. Useful where you want to keep an eye on a topic, but not see every message that is published.