Commit 794a28bb35440caffcf9a202e12926caa4323d87
1 parent
d22ad6e1
Deal with username and/or password presence for various MQTT versions
Showing
1 changed file
with
8 additions
and
0 deletions
mqttpacket.cpp
| @@ -510,8 +510,16 @@ void MqttPacket::handleConnect() | @@ -510,8 +510,16 @@ void MqttPacket::handleConnect() | ||
| 510 | } | 510 | } |
| 511 | if (password_flag) | 511 | if (password_flag) |
| 512 | { | 512 | { |
| 513 | + if (this->protocolVersion <= ProtocolVersion::Mqtt311 && !user_name_flag) | ||
| 514 | + { | ||
| 515 | + throw ProtocolError("MQTT 3.1.1: If the User Name Flag is set to 0, the Password Flag MUST be set to 0."); | ||
| 516 | + } | ||
| 517 | + | ||
| 513 | uint16_t password_length = readTwoBytesToUInt16(); | 518 | uint16_t password_length = readTwoBytesToUInt16(); |
| 514 | password = std::string(readBytes(password_length), password_length); | 519 | password = std::string(readBytes(password_length), password_length); |
| 520 | + | ||
| 521 | + if (password.empty()) | ||
| 522 | + throw ProtocolError("Password flagged as present, but it's 0 bytes.", ReasonCodes::MalformedPacket); | ||
| 515 | } | 523 | } |
| 516 | 524 | ||
| 517 | // The specs don't really say what to do when client id not UTF8, so including here. | 525 | // The specs don't really say what to do when client id not UTF8, so including here. |