mosquitto auth http 安全认证
安装curl依赖
yum install -y libcurl-dev libcurl-devel
安装mosquitto-auth-plug
下载安装包:https://github.com/jpmens/mosquitto-auth-plug/releases/
wget https://github.com/jpmens/mosquitto-auth-plug/archive/0.1.3.tar.gz
tar -xzvf mosquitto-auth-plug-0.1.3.tar.gz
cd mosquitto-auth-plug-0.1.3
cp config.mk.in config.mk
vim config.mk
# Select your backends from this list
BACKEND_CDB ?= no
BACKEND_MYSQL ?= no
BACKEND_SQLITE ?= no
BACKEND_REDIS ?= no
BACKEND_POSTGRES ?= no
BACKEND_LDAP ?= no
BACKEND_HTTP ?= yes
BACKEND_JWT ?= no
BACKEND_MONGO ?= no
BACKEND_FILES ?= no
BACKEND_MEMCACHED ?= no
# Specify the path to the Mosquitto sources here
# MOSQUITTO_SRC = /usr/local/Cellar/mosquitto/1.4.12
MOSQUITTO_SRC = /data/mosquitto
# Specify the path the OpenSSL here
OPENSSLDIR = /etc/pki/tls
# Add support for django hashers algorithm name
SUPPORT_DJANGO_HASHERS ?= no
# Specify optional/additional linker/compiler flags here
# On macOS, add
# CFG_LDFLAGS = -undefined dynamic_lookup
# as described in https://github.com/eclipse/mosquitto/issues/244
#
# CFG_LDFLAGS = -undefined dynamic_lookup -L/usr/local/Cellar/openssl/1.0.2l/lib
# CFG_CFLAGS = -I/usr/local/Cellar/openssl/1.0.2l/include -I/usr/local/Cellar/mosquitto/1.4.12/include
CFG_LDFLAGS =
CFG_CFLAGS =
查看openssl的安装目录的方法:
openssl version -a
将mosquitto目录下的config.h复制到 ./src/下一份
修改uthash.h,在uthash.h中添加一行
#define _mosquitto_free(ptr)
接下来执行编译指令(如果之前在使用其他插件时进行过编译,先执行make clean)
make
编译成功会在当前目录下生成auth-plug.so文件,然后将auth-plug.so复制到mosquitto的目录下的plugin中
修改mosquitto的配置文件
allow_anonymous false
auth_plugin /data/mqttbroker/mosquitto/plugin/auth-plug.so
auth_opt_backends http
auth_opt_http_ip 172.30.1.146
auth_opt_http_port 9060
#auth_opt_http_hostname example.org
auth_opt_http_getuser_uri /mosquitto/auth
auth_opt_http_superuser_uri /mosquitto/superuser
auth_opt_http_aclcheck_uri /mosquitto/acl
重启mosquitto