From: Christopher Faulet <cfaulet@haproxy.com>
Date: Mon, 28 Jun 2021 13:37:59 +0000 (+0200)
Subject: BUG/MINOR: mqtt: Support empty client ID in CONNECT message
X-Git-Tag: v2.5-dev1~3
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0de0becf0b024b6beca9c5f7e1ed8a08120d781c;p=thirdparty%2Fhaproxy.git

BUG/MINOR: mqtt: Support empty client ID in CONNECT message

As specified by the MQTT specification (MQTT-3.1.3-6), the client ID may be
empty. That means the length of the client ID string may be 0. However, The
MQTT parser does not support empty strings.

So, to fix the bug, the mqtt_read_string() function may now parse empty
string. 2 bytes must be found to decode the string length, but the length
may be 0 now. It is the caller responsibility to test the string emptiness
if necessary. In addition, in mqtt_parse_connect(), the client ID may be
empty now.

This patch should partely fix the issue #1310. It must be backported to 2.4.
---

diff --git a/reg-tests/converter/mqtt.vtc b/reg-tests/converter/mqtt.vtc
index 59818246a7..ea2cbb4f89 100644
--- a/reg-tests/converter/mqtt.vtc
+++ b/reg-tests/converter/mqtt.vtc
@@ -9,9 +9,9 @@ server s1 {
     sendhex "20020000"
     close
 
-    # MQTT 3.1.1 CONNECT packet (id: test_sub - username: test - passwd: passwd)
+    # MQTT 3.1.1 CONNECT packet (id: <empty> - username: test - passwd: passwd)
     accept
-    recv 36
+    recv 28
     sendhex "20020000"
     close
 
@@ -120,8 +120,8 @@ client c1_311_1 -connect ${h1_fe1_sock} {
 } -run
 
 client c1_311_2 -connect ${h1_fe1_sock} {
-    # Valid MQTT 3.1.1 CONNECT packet (id: test_sub - username: test - passwd: passwd)
-    sendhex "102200044d51545404c2003c0008746573745f7375620004746573740006706173737764"
+    # Valid MQTT 3.1.1 CONNECT packet (id: <empty> - username: test - passwd: passwd)
+    sendhex "101a00044d51545404c2003c00000004746573740006706173737764"
     recv 4
     expect_close
 } -run
diff --git a/src/mqtt.c b/src/mqtt.c
index 8a6b6a0652..662420121c 100644
--- a/src/mqtt.c
+++ b/src/mqtt.c
@@ -291,7 +291,7 @@ static inline struct ist mqtt_read_string(struct ist parser, struct ist *str)
 	uint16_t len = 0;
 
 	/* read and compute the string length */
-	if (istlen(parser) <= 2)
+	if (istlen(parser) < 2)
 		goto error;
 
 	parser = mqtt_read_2byte_int(parser, &len);
@@ -862,7 +862,7 @@ static int mqtt_parse_connect(struct ist parser, struct mqtt_pkt *mpkt)
 	 */
 	/* read client identifier */
 	parser = mqtt_read_string(parser, &mpkt->data.connect.payload.client_identifier);
-	if (!isttest(parser) || !istlen(mpkt->data.connect.payload.client_identifier))
+	if (!isttest(parser))
 		goto end;
 
 	/* read Will Properties, for MQTT v5 only