mosquitto-auth-plug需要编译安装所以需要下载Mosquitto源码
由于之前Mosquitto是yum安装的,需要重新下载Mosqquitto源码
查看Mosquitto版本
systemctl status mosquitto
systemctl status mosquitto
● mosquitto.service - Mosquitto MQTT v3.1/v3.1.1 Broker
Loaded: loaded (/usr/lib/systemd/system/mosquitto.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2020-11-23 21:31:07 EST; 4s ago
Docs: man:mosquitto.conf(5)
man:mosquitto(8)
Main PID: 2442 (mosquitto)
Tasks: 1 (limit: 11302)
Memory: 1.3M
CGroup: /system.slice/mosquitto.service
└─2442 /usr/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf
11月 23 21:31:07 bogon systemd[1]: Starting Mosquitto MQTT v3.1/v3.1.1 Broker...
11月 23 21:31:07 bogon mosquitto[2442]: 1606185067: mosquitto version 1.6.10 starting
11月 23 21:31:07 bogon mosquitto[2442]: 1606185067: Config loaded from /etc/mosquitto/mosquitto.conf.
11月 23 21:31:07 bogon mosquitto[2442]: 1606185067: Opening ipv4 listen socket on port 1883.
11月 23 21:31:07 bogon mosquitto[2442]: 1606185067: Opening ipv6 listen socket on port 1883.
11月 23 21:31:07 bogon systemd[1]: Started Mosquitto MQTT v3.1/v3.1.1 Broker.
mosquitto version 1.6.10 starting
我的版本号是1.6.10,git的版本号是1.6.12
下载 1.6.10版本的Mosquitto源码
并解压
我的目录是/root/mosquitto
mkdir mosquitto
cd mosquittto
wget https://mosquitto.org/files/source/mosquitto-1.6.10.tar.gz
tar -xf mosquitto-1.6.10.tar.gz
解压后目录 /root/mosquitto/mosquitto-1.6.10
cd /root/mosquitto/mosquitto-1.6.10
make
编译后 查看 目录 找到libmosquitto.so.1(这个是我生成的文件名称)
cd lib
dir
actions.c cpp handle_ping.o handle_suback.c linker.version memory_mosq.o mosquitto_internal.h options.o read_handle.c send_mosq.o socks_mosq.o tls_mosq.h will_mosq.c
actions.o dummypthread.h handle_pubackcomp.c handle_suback.o logging_mosq.c messages_mosq.c mosquitto.o packet_datatypes.c read_handle.h send_publish.c srv_mosq.c tls_mosq.o will_mosq.h
alias_mosq.c handle_auth.c handle_pubackcomp.o handle_unsuback.c logging_mosq.h messages_mosq.h mqtt_protocol.h packet_datatypes.o read_handle.o send_publish.o srv_mosq.o utf8_mosq.c will_mosq.o
alias_mosq.h handle_auth.o handle_publish.c handle_unsuback.o logging_mosq.o messages_mosq.o net_mosq.c packet_mosq.c send_connect.c send_subscribe.c thread_mosq.c utf8_mosq.o
callbacks.c handle_connack.c handle_publish.o helpers.c loop.c misc_mosq.c net_mosq.h packet_mosq.h send_connect.o send_subscribe.o thread_mosq.o util_mosq.c
callbacks.o handle_connack.o handle_pubrec.c helpers.o loop.o misc_mosq.h net_mosq.o packet_mosq.o send_disconnect.c send_unsubscribe.c time_mosq.c util_mosq.h
CMakeLists.txt handle_disconnect.c handle_pubrec.o libmosquit.so Makefile misc_mosq.o net_mosq_ocsp.c property_mosq.c send_disconnect.o send_unsubscribe.o time_mosq.h util_mosq.o
connect.c handle_disconnect.o handle_pubrel.c memory_mosq.c mosquitto.c net_mosq_ocsp.o property_mosq.h send_mosq.c socks_mosq.c time_mosq.o util_topic.c
connect.o handle_ping.c handle_pubrel.o libmosquitto.so.1 memory_mosq.h mosquitto.h options.c property_mosq.o send_mosq.h socks_mosq.h tls_mosq.c util_topic.o
更改文件名,编译认证插件会用到
mv libmosquitto.so.1 libmosquitto.so
安装 git
下载mosquitto-auth-plug源码
解压
yum - y install git
cd /root/mosquitto/mosquitto-1.6.10
git clone https://github.com/jpmens/mosquitto-auth-plug.git
cd mosquitto-auth-plug
修改配置文件
cp config.mk.in config.mk
vi config.mk
# Select your backends from this list
BACKEND_CDB ?= no
BACKEND_MYSQL = yes
BACKEND_SQLITE ?= no
BACKEND_REDIS ?= no
BACKEND_POSTGRES ?= no
BACKEND_LDAP ?= no
BACKEND_HTTP ?= no
BACKEND_JWT ?= no
BACKEND_MONGO ?= no
BACKEND_FILES ?= no
BACKEND_MEMCACHED ?= no
# Specify the path to the Mosquitto sources here
# MOSQUITTO_SRC = /usr/local/Cellar/mosquitto/1.4.12
MOSQUITTO_SRC =/root/mosquitto/mosquitto-1.6.10
# Specify the path the OpenSSL here
OPENSSLDIR = /etc/pki/tls
# Add support for django hashers algorithm name
SUPPORT_DJANGO_HASHERS ?= no
# Specify optional/additional linker/compiler flags here
# On macOS, add
# CFG_LDFLAGS = -undefined dynamic_lookup
# as described in https://github.com/eclipse/mosquitto/issues/244
#
# CFG_LDFLAGS = -undefined dynamic_lookup -L/usr/local/Cellar/openssl/1.0.2l/lib
# CFG_CFLAGS = -I/usr/local/Cellar/openssl/1.0.2l/include -I/usr/local/Cellar/mosquitto/1.4.12/include
CFG_LDFLAGS =
CFG_CFLAGS =
Mosquitto源码目录
MOSQUITTO_SRC =/root/mosquitto/mosquitto-1.6.10
OPENSSL 通过openssl version -a查询
OPENSSLDIR = /etc/pki/tls
编译`
make
生成文件auth-plug.so
dir
auth-plug.c backends.h base64.o be-files.h be-jwt.h be-memcached.h be-mysql.h be-psk.c be-redis.h cache.h contrib examples LICENSE.txt Makefile pbkdf2-check.o
auth-plug.o backends.o be-cdb.c be-http.c be-ldap.c be-mongo.c be-mysql.o be-psk.h be-sqlite.c cache.o envs.c hash.c log.c np README.md
auth-plug.so base64.c be-cdb.h be-http.h be-ldap.h be-mongo.h be-postgres.c be-psk.o be-sqlite.h config.mk envs.h hash.h log.h np.c userdata.h
backends.c base64.h be-files.c be-jwt.c be-memcached.c be-mysql.c be-postgres.h be-redis.c cache.c config.mk.in envs.o hash.o log.o pbkdf2-check.c uthash.h
如果编译出现错误 内容 类似 类型冲突类的错误 需要修改文件auth-plug.c 去掉冲突的几个文件中相应const
如下
const struct mosquitto *client
修改为
struct mosquitto *client
复制auth-plug.so至/etc/mosquitto/
mv auth-plug.so /etc/mosquitto/auth-plug.so
复制插件
mosquitto-mysql.conf至/etc/mosquitto/
更改 原mosquitto.conf备份
修改 mosquitto-mysql.conf为 mosquitto.conf
mv mosquitto-mysql.conf mosquitto.conf
编辑mosquitto.conf
autosave_interval 1800
persistence true
persistence_file mosquitto.db
persistence_location /tmp/
connection_messages true
log_timestamp true
log_dest stderr
#log_type error
#log_type warning
#log_type notice
#log_type information
#log_type all
log_type debug
listener 1883
#
# __ __ ____ ___ _
# | \/ |_ _/ ___| / _ \| |
# | |\/| | | | \___ \| | | | |
# | | | | |_| |___) | |_| | |___
# |_| |_|\__, |____/ \__\_\_____|
# |___/
#
#
#auth_plugin /home/jpm/mosquitto-auth-plug/auth-plug.so
auth_plugin /Users/jpm/Auto/projects/on-github/MQTT/mosquitto-auth-plug/auth-plug.so
auth_opt_backends cdb,mysql //修改为 auth_opt_backends mysql
auth_opt_cdbname pwdb.cdb //删除
auth_opt_host localhost //按实际修改
auth_opt_port 3306 //按实际修改
auth_opt_dbname test //按实际修改
auth_opt_user jpm //按实际修改
auth_opt_pass secret //按实际修改
auth_opt_userquery SELECT pw FROM users WHERE username = '%s'
auth_opt_superquery SELECT IFNULL(COUNT(*), 0) FROM users WHERE username = '%s' AND super = 1
auth_opt_aclquery SELECT topic FROM acls WHERE username = '%s'
# Usernames with this fnmatch(3) (a.k.a glob(3)) pattern are exempt from the
# module's ACL checking
auth_opt_superusers S*
修改完成后重新运行Mosquitto
mosquitto -c /etc/mosquitto/mosquitto.conf -v
数据库导入插件examples下
mysql.sql
认证部分大功告成!
测试部分省略