[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [mosquitto-dev] How to get the IP address of the client connected to broker in authentication plug in
|
> Hi Guys:
>
> We are developing a plug-in for mosquitto used in your product.
>
> In this plug-in, we want to verify that a specific client (eg:
> user name is AAAA) can only connect to broker from address
> 192.168.5.XXX, and other clients can only connect to broker from
> address 192.168.4.XXX.
I wanted to do this initially, yet I solved my problem by allowing
anonymous connections per listener, yet I'll share my analysis.
I think that for backward compatibility, you should not change the
present plugin functions calls.
I planned to provide in the plugin a function pointer that mosquitto
would set to point to a new internal function that returns the current
ip address for authentication.
The authentication is then extended so that on entry before calling the
plugin authentication, the ip address is set, and on exit, the ip
address is removed again.
I'd set the ip address in ascii, to circumvent ipv4/ipv6 issues.
Since plugins exist today that don't have this fucntion pointer
exported, mosquitto should not fail on abscence.
Plugins exporting this function pointer, running on mosquitto without
auth ip support, will see that the function pointer remains zero, and
thus must not use it.
What do you think of my proposal?
All this is not present yet, and since I planned to use it only to
distinguish local vs. public networks, I didn't start developing
as I needed to do both mosquitto and plugin.
Kind regards,
Kurt
> Thanks very much.
>
> Michael
>
