From 22abd8ba720c2916faf264fdfbef8a60e6644291d6dcf0af7ea6a3edb39a56fc Mon Sep 17 00:00:00 2001 From: Marcus Rueckert Date: Tue, 8 Jan 2019 20:22:44 +0000 Subject: [PATCH 1/3] Accepting request 658974 from home:mnhauke - FIX CVE-2018-20145: mosquitto: ACL bypass (bnc#1119536) - Update to version 1.5.5 Security: * If `per_listener_settings` is set to true, then the `acl_file` setting was ignored for the "default listener" only. This has been fixed. This does not affect any listeners defined with the `listener` option. Broker: * Add `socket_domain` option to allow listeners to disable IPv6 support. This is required to work around a problem in libwebsockets that means sockets only listen on IPv6 by default if IPv6 support is compiled in. * When using ADNS, don't ask for all network protocols when connecting, because this can lead to confusing "Protocol not supported" errors if the network is down. * Fix outgoing retained messages not being sent by bridges on initial connection. * Don't reload auth_opt_ options on reload, to match the behaviour of the other plugin options. * Print message on error when installing/uninstalling as a Windows service. * All non-error connect/disconnect messages are controlled by the `connection_messages` option. Library: * Fix reconnect delay backoff behaviour. * Don't call on_disconnect() twice if keepalive tests fail. Client: * Always print leading zeros in mosquitto_sub when output format is hex. Build: * Fix building where TLS-PSK is not available. - Update to version 1.5.4 Security: * When using a TLS enabled websockets listener with "require_certificate" OBS-URL: https://build.opensuse.org/request/show/658974 OBS-URL: https://build.opensuse.org/package/show/network:messaging:mqtt/mosquitto?expand=0&rev=17 --- mosquitto-1.5.3.tar.gz | 3 --- mosquitto-1.5.5.tar.gz | 3 +++ mosquitto.changes | 54 ++++++++++++++++++++++++++++++++++++++++++ mosquitto.spec | 2 +- 4 files changed, 58 insertions(+), 4 deletions(-) delete mode 100644 mosquitto-1.5.3.tar.gz create mode 100644 mosquitto-1.5.5.tar.gz diff --git a/mosquitto-1.5.3.tar.gz b/mosquitto-1.5.3.tar.gz deleted file mode 100644 index 27fe02c..0000000 --- a/mosquitto-1.5.3.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:3081a998d303a883b1cd064009beabc88aa9159e26f5258a4ae6007160491d10 -size 425844 diff --git a/mosquitto-1.5.5.tar.gz b/mosquitto-1.5.5.tar.gz new file mode 100644 index 0000000..79218bf --- /dev/null +++ b/mosquitto-1.5.5.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:fcdb47e340864c545146681af7253399cc292e41775afd76400fda5b0d23d668 +size 431998 diff --git a/mosquitto.changes b/mosquitto.changes index 89010bf..b9d361f 100644 --- a/mosquitto.changes +++ b/mosquitto.changes @@ -1,3 +1,57 @@ +------------------------------------------------------------------- +Mon Dec 17 20:15:50 UTC 2018 - mardnh@gmx.de + +- FIX CVE-2018-20145: mosquitto: ACL bypass (bnc#1119536) +- Update to version 1.5.5 + Security: + * If `per_listener_settings` is set to true, then the `acl_file` setting was + ignored for the "default listener" only. This has been fixed. This does not + affect any listeners defined with the `listener` option. + Broker: + * Add `socket_domain` option to allow listeners to disable IPv6 support. + This is required to work around a problem in libwebsockets that means + sockets only listen on IPv6 by default if IPv6 support is compiled in. + * When using ADNS, don't ask for all network protocols when connecting, + because this can lead to confusing "Protocol not supported" errors if the + network is down. + * Fix outgoing retained messages not being sent by bridges on initial + connection. + * Don't reload auth_opt_ options on reload, to match the behaviour of the + other plugin options. + * Print message on error when installing/uninstalling as a Windows service. + * All non-error connect/disconnect messages are controlled by the + `connection_messages` option. + Library: + * Fix reconnect delay backoff behaviour. + * Don't call on_disconnect() twice if keepalive tests fail. + Client: + * Always print leading zeros in mosquitto_sub when output format is hex. + Build: + * Fix building where TLS-PSK is not available. + +- Update to version 1.5.4 + Security: + * When using a TLS enabled websockets listener with "require_certificate" + enabled, the mosquitto broker does not correctly verify client certificates. + This is now fixed. All other security measures operate as expected, and in + particular non-websockets listeners are not affected by this. + Broker: + * Process all pending messages even when a client has disconnected. This means + a client that send a PUBLISH then DISCONNECT quickly, then disconnects will + have its DISCONNECT message processed properly and so no Will will be sent. + * $SYS/broker/clients/disconnected should never be negative. + * Give better error message if a client sends a password without a username. + * Fix bridge not honoring restart_timeout. + * Don't disconnect a client if an auth plugin denies access to SUBSCRIBE. + Library: + * Fix memory leak that occurred if mosquitto_reconnect() was used when TLS + errors were present. + * Fix TLS connections when using an external event loop with + mosquitto_loop_read() and mosquitto_write(). + Build: + * Fix clients not being compiled with threading support when using CMake. + * Use _GNU_SOURCE to fix build errors in websockets and getaddrinfo usage. + ------------------------------------------------------------------- Thu Oct 25 18:06:26 UTC 2018 - mardnh@gmx.de diff --git a/mosquitto.spec b/mosquitto.spec index fd33a63..90d0f46 100644 --- a/mosquitto.spec +++ b/mosquitto.spec @@ -27,7 +27,7 @@ %endif %bcond_without websockets Name: mosquitto -Version: 1.5.3 +Version: 1.5.5 Release: 0 Summary: A MQTT v3.1/v3.1.1 Broker License: EPL-1.0 From 7a6ce37c8c055bbbae5dc02fd27f18ad68d688da993c519b6e55f7392b1dc47d Mon Sep 17 00:00:00 2001 From: Marcus Rueckert Date: Thu, 14 Feb 2019 15:33:56 +0000 Subject: [PATCH 2/3] Accepting request 674913 from home:mnhauke - Update to version 1.5.7 Broker: - Ensure that an error occurs if `per_listener_settings true` is given after other security options. - Fix case where old unreferenced msg_store messages were being saved to the persistence file, bloating its size unnecessarily. Library: - Fix `mosquitto_topic_matches_sub()` not returning MOSQ_ERR_INVAL for invalid subscriptions like `topic/#abc`. This only affects the return value, not the match/no match result, which was already correct. - Update to version 1.5.6 Security: * Fix CVE-2018-12551 (bsc#1125021): If Mosquitto is configured to use a password file for authentication, any malformed data in the password file will be treated as valid. This typically means that the malformed data becomes a username and no password. If this occurs, clients can circumvent authentication and get access to the broker by using the malformed username. In particular, a blank line will be treated as a valid empty username. Other security measures are unaffected. Users who have only used the mosquitto_passwd utility to create and modify their password files are unaffected by this vulnerability. * Fix CVE-2018-12550 (bsc#1125021): If an ACL file is empty, or has only blank lines or comments, then mosquitto treats the ACL file as not being defined, which means that no topic access is denied. Although denying access to all topics is not a useful configuration, this behaviour is unexpected and could lead to access being incorrectly granted in some circumstances. This OBS-URL: https://build.opensuse.org/request/show/674913 OBS-URL: https://build.opensuse.org/package/show/network:messaging:mqtt/mosquitto?expand=0&rev=18 --- mosquitto-1.5.5.tar.gz | 3 -- mosquitto-1.5.7.tar.gz | 3 ++ mosquitto.changes | 66 ++++++++++++++++++++++++++++++++++++++++++ mosquitto.spec | 6 ++-- 4 files changed, 72 insertions(+), 6 deletions(-) delete mode 100644 mosquitto-1.5.5.tar.gz create mode 100644 mosquitto-1.5.7.tar.gz diff --git a/mosquitto-1.5.5.tar.gz b/mosquitto-1.5.5.tar.gz deleted file mode 100644 index 79218bf..0000000 --- a/mosquitto-1.5.5.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:fcdb47e340864c545146681af7253399cc292e41775afd76400fda5b0d23d668 -size 431998 diff --git a/mosquitto-1.5.7.tar.gz b/mosquitto-1.5.7.tar.gz new file mode 100644 index 0000000..e6b5032 --- /dev/null +++ b/mosquitto-1.5.7.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d4024c3388502d50be4192991e90d66dfb344376104df3f63846c9f201779955 +size 438282 diff --git a/mosquitto.changes b/mosquitto.changes index b9d361f..d82469b 100644 --- a/mosquitto.changes +++ b/mosquitto.changes @@ -1,3 +1,69 @@ +------------------------------------------------------------------- +Thu Feb 14 09:51:33 UTC 2019 - Martin Hauke + +- Update to version 1.5.7 + Broker: + - Ensure that an error occurs if `per_listener_settings true` is + given after other security options. + - Fix case where old unreferenced msg_store messages were being + saved to the persistence file, bloating its size unnecessarily. + Library: + - Fix `mosquitto_topic_matches_sub()` not returning MOSQ_ERR_INVAL + for invalid subscriptions like `topic/#abc`. This only affects + the return value, not the match/no match result, which was + already correct. + +------------------------------------------------------------------- +Wed Feb 13 21:14:36 UTC 2019 - Martin Hauke + +- Update to version 1.5.6 + Security: + * Fix CVE-2018-12551 (bsc#1125021): If Mosquitto is configured to + use a password file for authentication, any malformed data in + the password file will be treated as valid. This typically means + that the malformed data becomes a username and no password. + If this occurs, clients can circumvent authentication and get + access to the broker by using the malformed username. In + particular, a blank line will be treated as a valid empty username. + Other security measures are unaffected. Users who have only used + the mosquitto_passwd utility to create and modify their password + files are unaffected by this vulnerability. + * Fix CVE-2018-12550 (bsc#1125021): If an ACL file is empty, or + has only blank lines or comments, then mosquitto treats the ACL + file as not being defined, which means that no topic access is + denied. Although denying access to all topics is not a useful + configuration, this behaviour is unexpected and could lead + to access being incorrectly granted in some circumstances. This + is now fixed. + * Fix CVE-2018-12546 (bsc#1125019): If a client publishes a retained + message to a topic that they have access to, and then their access + to that topic is revoked, the retained message will still be + delivered to future subscribers. This behaviour may be undesirable + in some applications, so a configuration option `check_retain_source` + has been introduced to enforce checking of the retained message + source on publish. + Broker: + * Fixed comment handling for config options that have optional + arguments. + * Improved documentation around bridge topic remapping. + * Handle mismatched handshakes (e.g. QoS1 PUBLISH with QoS2 + reply) properly. + * Fix spaces not being allowed in the bridge remote_username + option. + * Allow broker to always restart on Windows when using + `log_dest file`. + * Fix Will not being sent for Websockets clients. + * Windows: Fix possible crash when client disconnects. + * Fixed durable clients being unable to receive messages when + offline, when per_listener_settings was set to true. + * Add log message for the case where a client is disconnected for + sending a topic with invalid UTF-8. + Library: + * Fix TLS connections not working over SOCKS. + * Don't clear SSL context when TLS connection is closed, meaning + if a user provided an external SSL_CTX they have less chance of + leaking references. + ------------------------------------------------------------------- Mon Dec 17 20:15:50 UTC 2018 - mardnh@gmx.de diff --git a/mosquitto.spec b/mosquitto.spec index 90d0f46..1078554 100644 --- a/mosquitto.spec +++ b/mosquitto.spec @@ -1,7 +1,7 @@ # # spec file for package mosquitto # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -27,7 +27,7 @@ %endif %bcond_without websockets Name: mosquitto -Version: 1.5.5 +Version: 1.5.7 Release: 0 Summary: A MQTT v3.1/v3.1.1 Broker License: EPL-1.0 From 3a2f5a747c92c5d6c48e4d11072630f0981bc190256e309eb29c5bb4fe1753bb Mon Sep 17 00:00:00 2001 From: Marcus Rueckert Date: Tue, 19 Feb 2019 12:08:24 +0000 Subject: [PATCH 3/3] Accepting request 677198 from home:mnhauke - Use HTTPS for all URLs - Verify source signature OBS-URL: https://build.opensuse.org/request/show/677198 OBS-URL: https://build.opensuse.org/package/show/network:messaging:mqtt/mosquitto?expand=0&rev=19 --- mosquitto-1.5.7.tar.gz.sig | 16 ++++ mosquitto.changes | 6 ++ mosquitto.keyring | 191 +++++++++++++++++++++++++++++++++++++ mosquitto.spec | 6 +- 4 files changed, 217 insertions(+), 2 deletions(-) create mode 100644 mosquitto-1.5.7.tar.gz.sig create mode 100644 mosquitto.keyring diff --git a/mosquitto-1.5.7.tar.gz.sig b/mosquitto-1.5.7.tar.gz.sig new file mode 100644 index 0000000..d1f7332 --- /dev/null +++ b/mosquitto-1.5.7.tar.gz.sig @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEoNbuodyuSaY1o7Lwd5si37PnF7cFAlxksRsACgkQd5si37Pn +F7cnRA/9HK3zQy6K5B3mQevknublP4snNAA6RF/5sHstTFWKwlAUEORY5S0zCgbw +ZQ7lLT97qPaRSncMZufGsfbe01a/YqlEBiO3O3Vo3CQc1eU5qxL/CC6CukJDXTXS +jgHJVAHuV/R/rLET0CInW986KEGzZqjJ4635h2YlFIjCs69kgvCEjfTQH2Og1+kk +MIhL/czbHaOa5Z0WRud4UoNGga0NUDEag4OVLJ0KVSSzkCjYwTCVC0UVO7XV10K3 +PxqaHwEOWSmcL/dVTT910soR/CWLN/7Arxv+sK0dam4scP2GnBJvYioFDeBZGTAo +AkKKiQ6UXSbvUmbaTeEeiDwE16zreieT8mUohBDAizwwYKzf0YOOo4pX92Z/pYt+ +3uYuUsi9j4SWLd0Wmx/3AMWErLD1QntDnGXLHCfAvft+J2VuXlA405+Iw5w+hMvq +rczX1M6u1H9PtE0C/uPcR72cprmo4SfZaW8mfpKOzp7loa/fcA2eCuuJ0iprUfnp +MN7Vv7tBLQEUrABs2HE62B91nj6Bf53KSdOr3TxAnj59N64tvaGI8U/34zoECIc1 +ibYabopZTnNDZ8nTF9HxxBuiW8mPgA6nBJRVWH6sRgLkESdYUvuwxnTloNwwdT91 +mpTpoFy44/vKk/5BxrQwYCFVYQkO8UvD5BfAKaPgVjmmLUoBnAc= +=+rCG +-----END PGP SIGNATURE----- diff --git a/mosquitto.changes b/mosquitto.changes index d82469b..7b1ecb0 100644 --- a/mosquitto.changes +++ b/mosquitto.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Mon Feb 18 19:58:45 UTC 2019 - Martin Hauke + +- Use HTTPS for all URLs +- Verify source signature + ------------------------------------------------------------------- Thu Feb 14 09:51:33 UTC 2019 - Martin Hauke diff --git a/mosquitto.keyring b/mosquitto.keyring new file mode 100644 index 0000000..36d949f --- /dev/null +++ b/mosquitto.keyring @@ -0,0 +1,191 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBEoEgPwBEADeSeoLB59SoxrakvdK1WjGQZAbNXUgWhr9k0b08lpjwHhDFxZz +GalY/9IZ5C9WDzw8+DDvm7gD4vy1O5Q3peZ8qtQ1cD1H8MaM0Vzzz8fnXqWV2oww +sH7VH+ISKUZODCD76EG8JgUpWRO+TgfMylKWkuJC8BudSYUB5sdTyrcJ3n1PbbtJ +kZomIICIaoPR3VR5ySML4qe1as7PypxF3BnzgcmSKhByLNQcKyy35Lx86JnZvTm8 +FUcCsp+FgSMCubrvF4nhyJppUAbGoohyiULmfJAVHI01XQcqmQKim02nN88HQgKU +6FDbvgPMvCSDH9wCAHghPrccYGfAhaWC9/lkVAXo5NnJC7JdXi/l/VlXhZUwsAqc +pQFj7nJHliZLalrNe9MDdnRnBw5jGx+iRQ6n5a/uNH/ykPbgQKMzWF0O3tAGmqEl +zfLd46bFr09QNzs2HfBNygUhyKYO8VSLfl+WEsLT1pcpmWQuGNUsrrF1hT/UtAr0 +WTQw2pc2BQV1R/d7lGhAfB3VxtHjI2XIRHEPVJ2+r5bkc4GxVVw6l81AOhzUsoS9 +Bv+3SnRc5c7guR4ck/CgElXCw/xy9BcqyXN0fQtiMRmL33zo2ZE4ZNJeFsmFERUz +E+fHNfJrBHnVVboE6p/TX8dzIEKbYYGllInQVSQcoAv+Qm2/a19WidUQ8QARAQAB +tCFSb2dlciBBLiBMaWdodCA8cm9nZXJAYXRjaG9vLm9yZz6IRgQQEQIABgUCS96l +pwAKCRBhGkhEuMJTwdVYAJoD4voyORSCjlz32RPCMiE7ru4iJACeJweng6lCjBrg +T93OSCI/59FLKyKIRgQQEQIABgUCS+dHZwAKCRC6bhqXQ3UZAxAIAJ0VvKnKqeGm +ZpNdJwK/6Kdzfd0K6wCgrX0vJPcp7ZFLQpHeCB0yt+O7zr6IRgQQEQIABgUCS/ZX ++gAKCRAgmbZMvxVJCw4NAJ4z1YF3InURoqE/ZBHWCPvICqtWewCg30QxvdLz0nYf +/elPCss1nZIWOa+IRgQTEQgABgUCSgTUVQAKCRC88Em0D7n+z8RfAJ9Ie7JMWStp +eYck6Ay8IbQHyJLJCwCdEzfdkmpK4a1sIk32fc/5ss3NtjuJAhwEEAECAAYFAkvd +9U0ACgkQddvLEIxoAM4PVA/9FIyp7o/goX6GIf49jBrnUFZacWssL7Cs798PBy68 +hGbP10wZiKH5yc6ofuZOdEHzWVKvKuMja/Jo6eQJtmXwmXAwV0grQ0e/Lmadpswu +ojUA8tawch5xe/0f47FAmoGmNrL/yi8bpv2tBV/DFKWSg1BAbHM3BoH0qLSwvdL0 +zOPCWWvX1pkANbWUueREjzc/xNnkwEUFsO2+ol19YQmZe7rKpo5pa53DhPqvWuol +2z5TXc8YbDNOP4T2rqpdwZjbYpHduttNIzK4h8HsAp4QF3u2e2sbro3Uhx0uRp2d +/7y3x6hflHK2U6t1yGA5uC5yYT1KaXkFZQTth2kPoEk9Bb1MImnPiqmQeW6g8r/m +sMq+d/DcOO0KjTkuqhsIN0Xx6W75toXhEjplj2pes8+6lSQnTznd9Kj5GeziWUdY +hYmrpS/OJIDl0pKzJM0N6PnhBILMl8vbrpX8Zsbn/ipk8xIb1ck8X1hjg92RJPwP +Oy204yzpgK1xXXch8wKPwTSn8QleEndwrGxpBEbTrVaquYNy+lWuXs0RENJEy6EW +nebhF3ycGV2vvXLOOlAVE3upgLvNugKhT9qGPxqr/r+FmCfSx05LpX3bUvz0OLmS +6JhU/pnZGYrEa8pWY78Mbb3BMpIcwgYzPr+SzbLaOpOy4PyGUOAIM+oEcKrSr458 +/nqJAhwEEAEIAAYFAkvfG7QACgkQYum3VLFyNpIY5xAAlNai3YFtzxU7WjdITuVF +rOSH2xJlWAzdbZ+7ijSuPzeBmHI+fYFxfkv276sh+A4K9QV1tdJn9cZAiH4cSuRd +nCGdWFnPh+bAgsEjuLyt8U/OzvSOmbMT9g10iYiuR+qZNEde/NHUOTUWvgQcwATb +8sREx4bxgdrtB503DVs5WeOg8MpVJwp66xHtzxCRWj/6urvnqkmicIDeR2nMc/D9 +yJWP90wxBeZoJGqiqcCeCWknQeBj7Qijr0JtYs/If1g9fwj4vSXBctZb49xT/Kj/ +hwBnSWro8dQVz0iU1vxfGhxkRTQwXWfqiA6XFJPYKLdvN4wU/3xP3jEy7rLyyQaI +Ocx9K7F/UUn/C7TOOq47PEXeLGPp4DR12pPCurmWqcZQlB+GpVKP1W6c+1WGUmhR +vOKx5KJBj8IdFcOG0Y0OK4+2xaEq4aZOPg+tdjoULu38AW2yzHW6vzE9toZXMRXt +oPmbs5i+MCvOGp1HJkSnkVIdFS1Wnp1boQ3ZC+eCF2tScI8Ulbj99LlodipomHeI +xvo3DJcra9zV1KGGWCwU9hkLWugrcyWJPX1masdx2S7Y6dIurDV+M8PcNOY7nYbS +T2qwnnS7dGeQbV17RzNeeppfSwYCfwY9qmLZthkC1keFi/AoRIpIwGiQ/7RA9/4w +dKIBMaTKuqlgNUgc9+QcXvyJAjYEEwEIACAFAkoEgPwCGwMGCwkIBwMCBBUCCAME +FgIDAQIeAQIXgAAKCRB3myLfs+cXt6dzD/0TCL+PEVkmLqHGfa0/4gEb0Tl08iY9 +NbJSKUTxKfQ2mgr4/sf+E2jmfhGCNqGVNDPn5aXtrrsXKl7odKKrecfnytELCCGx +gDWiEauieYN54Q0WquNV3bLNDc4l3lYdWMvG8JNMJ0qYI/S6J4JYbILnQLiIjST/ +PCxnwnxQR/BP3VCa1nPQSAHoj3qyns28xMgdiAby4niq4iuFjl9e3DnCC97CeKtQ +FK9z4nG2+xQMro5JfWEmKPTsAokVUxk90iU7wYKmb/t0kMDKkLGXN0XYECwp6/Ju +w1v4xTm4khiSADSiQbfhmQh1ytFr+7Ba+dOxxOL7/2BorapV5PXMXGh18rRZxZN9 +S0XnXJu+/WXw5x2ZF/aZHk1PWodsfae9JTCVXw1kalY00qKtO6qj7MRaYJxnib46 +Prsv/rrz5JmCDsLJyhHS0GPxqVooA1toFyXl0yOGLzYVuFQbrRo1+KUzqNKv6tzS +tQlP9OZnnHmJWBOFzAd/vy/tJmVbs0uziOcjnir7VvHpqrnKPHvcYagkKf3BH78D +NziSx5a+8OukI/VsjTMQDsmNlG7s4uciNiCmQBQy92XgTYPQAGmA3itTA4mxiPhK +d6p2ftAcg9rlpnVrs4AC1roQQRRhcmUktvoKk1mIQvhH5da4q5t6J+UQbYrKdLzV +eobcA+eTImjeookCOgQTAQgAJAIbAwIeAQIXgAULCQgHAwUVCgkICwUWAgMBAAUC +SgSiaAIZAQAKCRB3myLfs+cXt6A/D/9ESZ7DQVvjnAJUUEnIscv7SopBf8H2iRpz +1+53eti0tM+Z4HTg4v60xvf+05MlvIIXasMu+MTUiuozB50MBj9swpI8nVFDk1Fr +RaNcYvGRUE6om4TwTqoY4usvr8NK7u/OirzHNwrFtYNGCLNJO4pD1AcQao8TxEM7 +JieRvIYfCyG06EZuGkF5fnmDGch84+JOjTh/6IXrUxuiaRfF2XKUycSMSoa4XT2M +pvijZTbOEL+l7vcA0YgCl/1lEeZRu3yN25iBp9+yPrgULD6qNOd/rxyH5COAMcV4 +LI7gHF5U6BgIOJp+nv8JKTzUrUM35IWf0qNtx57hAZ0i/YeYZMHnvpcEFsnps6DF +jK5fWfDiblrtxcp/R2kKKYpAb9pSraF4Z0PYoqzfRuo95plG5wUBmesvGB8C9qPZ +5MTKcmdJihUHZk1izuoJ76gy2nySRKXNrT3Uj2usFUUAQMatGy0k44S0cnxCHg1P +7Jb/IqambsPJZg4mVHlqH70byeOOUzywUfBY11ttaA7rM80L9WS2ItzRoJ67XTUz +drLX5F7FPZurWkUEpT/gMZF0Ti9URFiAd6OQNU/jGaXyPUkDoDOTiKTj+ZD60PLF +CwknPR50iVNXAfxfh3Aun3XAlqOkVBBVA3+0yTIYeeuutx+yuLjhRG8PB2W862wD +E96KmeJq+4kCQAQTAQoAKgIbAwIeAQIXgAIZAQULCQgHAwUVCgkICwUWAgMBAAUC +Vc0OjAUJD4r0jQAKCRB3myLfs+cXtzdFD/9NX2mnT5QCayWvcad2BHUomytG+I/M +Yo0ymlrOFrYzDTJ0U7rQ6FOTmY5u0zZehfQG8hlUGOZxXBBye18Jy6ro7j7mM+7v +cZAA/m80r/k4HYZDnUeZN36BC8KUp9xz/443dF940dxpBhmhQcsqZyDF3Ou3ErJN +Uxsq19y05jMaQ1UKaSU3tCKI1sA1vWq9w+PqqE6TXlbIR2+nZN+AFIgMl4zaTsd/ +FqkO6NDQlaEwqhaSMkVgUiOAhKc8byVaWcE2l/ljjmnJGshj7S6h4b5wqpag9ecr +d7hxop6qNAgeoRd1sDeZmhHHCSRJbrRZP+fkNF7ypRNlOfGdeCc4KMizar+BOb4A +38l+rm0OUO5IPD0fiimns+F3HyJqJGp17webnonhXxkvckC3XRDCMfYktxqUGKK0 +beFwVjuH3tP8TS99WXA+PpL/iDiSRYmgliGljbavce1dTFcTVDJMG8Gbw5ZEsXij +MCmNS7HgzHDAtKBAscGpBBxt2je6qJHgWwQavCTIAjR/S8QqKQgWw3VqmyGWLArP +Zqmf4DkM4pSZ6ZNkGd0E+ew2rnb4Uy+HSK3UTqLtST1ymUZ87AIP2GdG401VJLd+ +CVCchXwswDz2TY/MD6gmG57Fn94nUQY9DiGJi6nIZt+NfsY5UWHWxJd1A0wbm6XY +wJJfe6KoXV8znYkCQAQTAQoAKgIbAwIeAQIXgAIZAQULCQgHAwUVCgkICwUWAgMB +AAUCWph3nQUJFFZdngAKCRB3myLfs+cXt15KD/0eEytQHlha2VFO52doDA6K5NKa +GvJeR3hnTwHErhYBxjpspmsMk95UyYhlJRLD3dE9eJ1RRJzOY6Oamf/gy3Z55zZk +Pp1oLW+UVyOJkA4CZ8AExucLUMabrKWoUm6TUEvFLZ1sIkBLGeBdqzZUPXeXK6U7 +EvSNLtsOtVxQ+SMeYvG/18Co2YAFiT8UXyQuFQwWi+Acm2U2stIyl9fu3hyENTM6 +IkMXB3fNZgj+qmt5egUK/3EIaerh1+qv1dnQGiiVDHtqrLdY1150OHhwvBU4Jx7S +ePW09DzZzDiuyc3mbuxm+zEBYknQq4tpnSqQXkxy4svdfbPobiZOAK0/vB1PlvJD +1qqBCZzVGks62H9TETKUPuqRQqODbsCVhJn2RkoGjDDC4zeDiGzef7Nx97DsLzUs +E+VA2f2kBFYg0jdjyLNZVF1Qmu1FF3QfQheGKtSLk6TaHJ1st92rBK526di4kXx4 +UXaehefZYgAI8uxZ0/YXuAorQscadCDQxNNTfI9vSARW4TTiMJ75H+X4eoqRqLVi +EUnz0C6uzcchxUhsqEazjVM4bf4ButaOblNUUL2pCCoGCwjRx5O4gyYHbesd9qnx +Qb2dGQILRBlqni7rTBdpEy53rWUOOH1vR+qwB74FBNVCURVu6ST231EGPWGN+s7N +lUEwG8DDKg41aGygnLQlUm9nZXIgQS4gTGlnaHQgPHJvZ2VybGlnaHRAZ21haWwu +Y29tPohGBBARAgAGBQJL3qWnAAoJEGEaSES4wlPBPakAn2kOBc6KqnVOdjJVzjeq +8MGVVaQkAJ0ef9qh5PlG/96EbS+ukps57NpyMIhGBBARAgAGBQJL50dtAAoJELpu +GpdDdRkDUEwAnAhbpmIFVWIUXgcULKfEqnzWQ2sDAKCOJT8eIachZ1ZbqssEHf48 +zy2XYohGBBARAgAGBQJL9lf6AAoJECCZtky/FUkLzLYAoNkaCYTUbl4t0+2N6jzy +hSbUHrrnAJ442RYVKxgWTFxLb0XLJtIF+bKhy4hGBBMRCAAGBQJKBNRXAAoJELzw +SbQPuf7PboAAoJmInnVLgGno8Xraa66mrza0Q/AhAJoCEKjv+G5Vm9Au2ckmpA95 +2HT+xIkCHAQQAQIABgUCS931TQAKCRB128sQjGgAzh6gD/9NG+CelK+9ss5CBtyL +Zz4VZ6jWz5QeAkUT7RSG/xVOQHz7TKrRdxDVtmvqUMW39pjblvLywe3jzlgV5oNc +To3nfa16uO3Ca1VtRR5Az5nLPdp8kB8ZDrcjPpcElXp+wGKBe8j8LC3jWmSxbPgt +NGwPMFKIEIliH9thR00LrvsF9Ltmde4JC8vGNsF7YnHtWCy0vYI9DjHhUUNc2de6 +8O8eYHFYzjqJZ4+Z6c7XWU9hqDIfSsS5gPO201wC/CeRHPKINv8CU58PNcYQ7LFq +u/QGjD63+L/rAuLpUjlNRcPrvOUgK/nBjfT3diqrzpKSXAHCFBWAoIr17RJvNEn1 +h3PiPbDUgV5qd0EJIMlKdESlR8c/OoChW1ZFf3JX0+zrQBdQtpJbLoH/xaXokqET +lgbaUTzbMdOD2cjTB+ODV5thECOjx8LXrxbq/Ub5Wfzozo5GDNvh5PemoAOm3wlj +JfRsbQXQQS6PEFaejgJiXUn2D1z8ebDTnONUWV85/8TsPYumtVpKyerpim+0lwfU +wjWlRquDEXrssUzc49WqH6znP5wpD9yiT5BDJyOLf1uOI6mvqniAeTBXfccKEFDX +Tl9DbpM8qYD4gIcBkMGt9iVXvSEfaFEsWJiSxiW8oGAIWzq2EPBQQ3dVpCajivrq +pjkZBDFX4oz/qMB8GXzg57Y6+YkCHAQQAQgABgUCS98btAAKCRBi6bdUsXI2kmFZ +EACk8qJT+O+rBO3behvvXoCv0j6Y2WQMW5TGpJFO1oubKxqg93MMxNtE3kAg674t +eS89O4EWRpCpfqGzaJ8NIHA2PSSdYvDDM6NZZItpjkQhU/0+xZW4gVrCx2VV4+EL +X8EstmtB13Cxj3Va+lrk2uXNHegNg0yzEEPxDIRVQ9d80n15FlXTqzLj6DGs+KJ8 +bYfG84hHH5vDD4ASFiKV2qtntCprIvaUm019kDFvRpaRlHmi5h6qpWw+RuIbwMEz +ylXbfijcdfj2DLXUMpGptn4ubO4n+Kbyu8h1bryNtSkT3sJH9Iz8XJDacLslClVV +iZDMWXZ3DtNhMlxz3O8AxTA2M+ehJSUCUtsExet4zPRyTpe8TwuzGDT6PLZ4KRJm +f6drPWB89Jk478vkMI3IXYkHFAuy7L2GfimUBxm60NrCW38UqF0PZViuW8wfJ0jY +OBXBheNTlNQWKIs+yvgHwesPHZJUikuFaluFSEtM/IEswJAa/Xq85j3GTyCsfOaL +sGRI/gPRvgutZULGebwYZZ8AFRRCBeja1b4zCIs/GEhaDezEkEh9erDHaUP22yam +Rz+OP/hi3PPE8zL6BS48RN9AhkbtFD5eZG+hU0+15XrXoUxqxuetbi7gY51nay5w +2t1Hr99HbqQuT/K/P4X0xHy+6PaVHiK0/syAcidN1GQ0SYkCNgQTAQgAIAUCSgSi +AQIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEHebIt+z5xe3OtUQAJ/Rhzc8 +AFxslMecs657LExsFn9BRoENzEQsZap8AYscZ0ZsXfSZWETh8haYn5tUREbsv3nD +izNgNguwIxOx47FDOxg8yPoNWT3T1lz6Bnh/sSJbTx8obL1wzL7oKYKc+N1vZ/lv +HgFY1o6eqk09NsqE62WOpN/f6urtVd4nbZ9evceIzfomwE4vOI1owsurn5hehCRZ +Q0/0T8Q2PIAnFQhUcmIuGRHpaVtr8GXPw8kpB0+KZQ8JUK5YBMx4h5nsVNcd7bbo +ABVPHgzz+sGj+1GHOJfU4vm1MNWSFyi1drawtNXJLZheAZhG7qWfrhiAipAuKTre +DFehFkzQ/nkymhakoRDtKGmMXW15GfZtQ9oPeHmr3sgfDwkRuKvbaTsPJnrkIS9R +pGXxezHuZoNXUIqthmGkr8yRMf4JSLxSfFM/o3BP0CFL6jH5I9Xflhtr/BRqUYHG +kHgXtpLjz+1o5HrEmZ9pV4Nt7hCI5r5NfF6qy3TfJkondVGolxFGQtVRlngF7bZl +gat5oiR2UH8XDwQ7tx1NYn3HPB27x2nK938No9NNyjbnMqyY1X/YgdTjuaKUSYjX +PZoExjD1z6lTVj0lR1TDYfp9Y/7G9v2PBGutiphMHITneMY2SV7CcCPEMhVVEz/N +Usu/I8e9A9gcHyELK43Dv9/VrSJg4cewujyJiQI9BBMBCgAnAhsDAh4BAheABQsJ +CAcDBRUKCQgLBRYCAwEABQJVzQ6OBQkPivSNAAoJEHebIt+z5xe310cQAJQgH0c2 +o1Rakt6vKldeJ6p7hKjxOvYoVFs809KjnVTAovk9JBKswyCKibkRGqM6zNFwv8T7 +YlOxHyegiKgveaOTtBlAZUgRnhz0EGZw/dvP1TbBwroQQv7QPImKBjbNAjvyUgk6 +a6PNafWGCLW+u7YFXYR0KCwYAf+w4d/cRlwtnU4sSU/+u5DKZ4vnpOe4TFl78JJR +vlNrd+HjI/+D7Ney+ub9XMWyoJcQmVjggT/WpNIFi5Yl1nVc8nPt+5rk7JUJHW0Y +oswjFAQ1IgDfcmLmUD3lPR0MZob1UdkJhMDqZJhsy6+F4ya08uh3l38HgVGf8eX4 +0kA4eVDJuk3C7RYLeUhtZZMlVaLUQhULwZxSZSj9kTwPIGmTqAqAONkzZ7zs4ZGV +Eq58up6XPK9PwZBSUTMouWc640XS6aVubW3ahLYkjtquqRHdcPCg2yRg//36YGiK +nwxcEFb0ZxoMgv0pEPBW4/unRuXQ/aOf1i2OeJRbuTf9JoYflcrEFT1tVZnE5r/M +p0E2StZDhc3J+/Hmb2Pqc4DQ15t7F5BV8TGC6LX6BDWT00iM4b4zlaVEPxFcDxtz +SHLM90dldL1UB5p3a5AzpehWoo544QZD2LfFtEi/EEplflqo+g6SVFsYzYHfCrPt +HQT4rRIL2FTOoC53at78gaqlVqRAnGTESGKGiQI9BBMBCgAnAhsDAh4BAheABQsJ +CAcDBRUKCQgLBRYCAwEABQJamHefBQkUVl2eAAoJEHebIt+z5xe30vIQAJAp1zFG +OMSHrdBJK7DPp5r7BsRhPq4RCos1CtToHj2nSKW2vKBy/HZEmuYRHzaKb9a4PtNT +h2ChKRflDJAz1VlrRw3BRecXwlZqJCjBVlN3vJMgMqlJAwJo2SsXXPU14votNiEY +X6isxSkQAMfh0/QRcOdllPeA9lWzM0GMMRAi32NE5vtrrr9Jc/gMOxFPn8NhqfLr +Amnl/PrZmh7DxZA/mDBlZiH+OtIlUTYOskKWrP98/2TZSAnLTSAIFcyRTne9YPAL +tdTcB3aUEtP3c8YBx/PJ0aefk6eLRApH4/5rAB0flEJ9ZartebWL338vaaak0A6i +oJ4CJG8hz48yrd55Tct/g0I8IxPWERx8KDNAEvLrBwFFdz3oizFhpvhuYHvLya8R +bujnZCvvy62bMXJdalyc+TuGWJwQUyWlJfycbj56he/qQ/PxVxVNV6xHbzpGXW5q ++pRgqfK96/nYt15ymmVF8TVGRrmHAnTLsnTPX02Ftmm9J5PZmKWNV7JUVA78eOBq +AoTpRCK7O/4v5qNQGFIA8jwEbXxPsUbB1n9V+zKvTCel+1juh1Ng9X/pyVxbbmxQ +OhDX5hU4dvbaEaKRbUidfQovcyCixJUpvoE29qnEcsFpyodKBWiEI1pkdTYVUpgY +xIO50WQ5UxEkSH1iD0jr2ptGF/p0o8X0xkpvuQQNBEoEoqoQEADHBHhonZDqOZYn +P3JHyDlzA2wzBdQfvNBrk3cUheIis5qWfloh11gCAt3KQKSx3zyMAFeTYjFH7qZh +ILOZs0WxB/Yas1oo1eZjtTp/CANUaYas8jIwoeZYqCbh4+/1I4G8hYxA1PtKraCA +NN34fHniYCu7wzx7TeTNDmpa1xkhFESV0kocCq2cmDo57VrXXsmRGVs60vZvAYs7 +pn5KKfXZQyzuM8cB6JVnFaoKAzISY5w532nfroIlBqv4M3aVi/bVFFmuN+Qgzyd6 +o0/S3VoBg/eRJ8Z2Yc0Hvc22Fy+ACGS1deQXjTGsBvrtbhh4yyv6vIfNTVobkUpO +p2ZTJDxBrrhqMN/vFXCgkeu1TZSbBoEO0mmHrgytmIzQaLrzv3CE/zREARYCUwQn +AypKems2Vx4dgliSyBhVra+bBqbbX8HxPbsUIJzbTO8BpTkNzgvnd8CRZlsqoUwd +3mFknvVvHkWYQSQDgZwi080L7FvvPdOMZwKnSlzsZ1x2IzvB4SFQBpzeGX/+G81E +Bt+CUYIaNKMY6Qb+fqeMT5i0sheDZv5LOPdm727KtmstoznGtNAFVFeL+nH/N85t +KdT4o75OLMpqMO+SwYRMVlJXS6ZFGXFts7DCeXn/ikjulyu/AvgF9g+Vuv7WtP+D +zJmqQa1RwptPiqm96KEpPIecW+YGhwADBQ//W9lSsAkX/01XXTHPkx/futWDM936 +srIFbx7PT72FsCTPuShNt8UK+635vK6Ny3FAqcMZ57NvQO61DoVHg66/ofx8nZxc +sLSd6SwvsxmSLcn6d4nLQQC4ggaLfY//4Knns+VrS/KBssFc3W8JChAmzYCYa4zX +eVfzKiEFCaWIJGIoF4xpFPE6wnrDahVZ2CjCkr9uWjLt+NZ4F15pHMojycJw7Kfg +BF0HaRO17PTlwrhSjeXfAr1AKbgxW/MpyVudo2VG67wqyTb4+otavYKRN7f7hZ7k +1BF9/HAItAQh4OguU0iXeTSvUpo5qGNr4sGzdL8zDudodg14a58gju+bg+j7Ems8 +FvgrltgOdzF1/JTiCQaX1d1kDfIbQ7eeSdH99hcn1GDNfL0Y1VAzxgz3BjXrcpF7 +OwHLHZbm/w3DuSxBPpnOaj0lfmgxDfQ0p6+E1KugiFZekoqbNupQ/XRLVdItzIgj +MwSoJYvvlzhpsoVc9ES/kZOIlhUHVhmX9iJ+Qk8rIjL05Ka009e5wRIdb2W8KVfw +AtQ7Hl0S2u4KYU5mf3zuKCXxC69Uf/dG3E4eajVDdMbACgc34ukBMevJvE+3k47d +6ribnx82uw12fbA/2FI3XRpBEsX2OvrE4ktcxnRnvZHYKQMTpZ82FS+7lmWRBYvq +yibjPCfrmMdKx/WJAiUEGAEKAA8CGwwFAlqYd/IFCRRWPEYACgkQd5si37PnF7d8 +ow//aMRMJkOolabGnwjQ0Oz0ZDkU3lOBFqz6dfEITjtXHNDezFxbanBZCXmbEGAy +CjkfEnmhRJXURD6Pjg26bc853CZV0sHCeA7dkA8BohmRQxVIcQ6D1SRS3mIJMSMV +GdCkM4o78RShSRbLWYRjktHwOptjEnzo44K3XXHrO6UTBl3K9rb6ewqfJXg3jHyS +qVWXsZ/yf+BVCs8T/VCt7iX0uFqicuO7K6BrytU6KuFGJAqzTKh9xsGBRzo1a4Ca +OxIfmvK/HS+xVTKJWDgtfajgSpoaPD/YJviTYp4UuCp5l1UmlvL3NJvYR+1feWrq +p0WoeWlTBm+ZCyVHwLU0XIyewT82Gz+EdFXuLdkGxqucGnC8RTQafIT3Z3L20/Zm +MYFp/J1teB9pG6Lesl0Ly6/Ie9KrtNzXHTkTSTTzaBVCQR0XHhwb17itu90LaQFx +1/hkz6N84H8dYLU3QveKLJdYcOQML2yUqe/g0thdQ9JQ+Gaaf3j172dPuOqp8k1U +W/K5Ni1fGuQC2hNwRLH3ifStpf31fwTCAileZ7nq9BeYmdUNGJqhqQ9qt42nsTNi +s18v9UJUZIHkL1bcheJQVpLNga7rjPbeRdarL+n/VPfBzQTG/knhsPtlH3LHhb6O +I03vVu0JtEM/DtiH+hxqxX6JCiabtTrZEEDtu439+zWsP8I= +=LpUw +-----END PGP PUBLIC KEY BLOCK----- diff --git a/mosquitto.spec b/mosquitto.spec index 1078554..783bf77 100644 --- a/mosquitto.spec +++ b/mosquitto.spec @@ -32,8 +32,10 @@ Release: 0 Summary: A MQTT v3.1/v3.1.1 Broker License: EPL-1.0 Group: Productivity/Networking/Other -URL: http://mosquitto.org/ -Source: http://mosquitto.org/files/source/mosquitto-%{version}.tar.gz +URL: https://mosquitto.org/ +Source: https://mosquitto.org/files/source/mosquitto-%{version}.tar.gz +Source98: https://mosquitto.org/files/source/mosquitto-%{version}.tar.gz.asc#/%{name}-%{version}.tar.gz.sig +Source99: %{name}.keyring Source1: mosquitto.service Source2: mosquitto.fw Source4: README-conf-d