Better handling of the allow_anonymous setting

Wiebe Cazemier
1 parent e8e10352
Showing 3 changed files with 8 additions and 2 deletions
authplugin.cpp
mainapp.cpp
mqttpacket.cpp
@@ -454,7 +454,7 @@ AuthResult Authentication::aclCheckFromMosquittoAclFile(const std::string &amp;clien
  
 AuthResult Authentication::unPwdCheckFromMosquittoPasswordFile(const std::string &username, const std::string &password)
 {
-    if (this->mosquittoPasswordFile.empty())
+    if (this->mosquittoPasswordFile.empty() && settings.allowAnonymous)
         return AuthResult::success;
  
     if (!this->mosquittoPasswordEntries)
@@ -434,6 +434,8 @@ void MainApp::start()
         // No threads for execution stability/determinism.
         num_threads = 0;
  
+        settings->allowAnonymous = true;
+
         int fd = open(fuzzFilePath.c_str(), O_RDONLY);
         assert(fd > 0);
  
@@ -349,7 +349,11 @@ void MqttPacket::handleConnect()
         bool accessGranted = false;
         std::string denyLogMsg;
  
-        if (!settings.allowUnsafeUsernameChars && containsDangerousCharacters(username))
+        if (!user_name_flag && settings.allowAnonymous)
+        {
+            accessGranted = true;
+        }
+        else if (!settings.allowUnsafeUsernameChars && containsDangerousCharacters(username))
         {
             denyLogMsg = formatString("Username '%s' has + or # in the id and 'allow_unsafe_username_chars' is false.", username.c_str());
             sender->setDisconnectReason("Invalid username character");