实现 mosquitto_plugin.h

1）CMakeLists.txt 文件

cmake_minimum_required(VERSION 3.7)
project(auth_plug C)

set(CMAKE_C_STANDARD 99)

# 指定头文件目录
include_directories(/tmp/tmp.rcJYQzXv2I/include /tmp/tmp.rcJYQzXv2I/lib)

add_library(auth_plug SHARED library.c)

2）library.c 文件

#include <stdio.h>
#include <string.h>

#include "mosquitto.h"
#include "mosquitto_broker.h"
#include "mosquitto_plugin.h"

int mosquitto_plugin_version(int supported_version_count, const int *supported_versions) {
    int i;
    printf("supported_version_count=%d\n", supported_version_count);
    for (i = 0; i < supported_version_count; i++) {
        printf("supported_versions[i]=%d\n", supported_versions[i]);
    }
    // 返回 MOSQ_AUTH_PLUGIN_VERSION 表示鉴权插件
    // 返回 MOSQ_PLUGIN_VERSION 表示一般插件
    // 因此这里返回 MOSQ_AUTH_PLUGIN_VERSION;
    return MOSQ_AUTH_PLUGIN_VERSION;
}

int mosquitto_auth_plugin_init(void **user_data, struct mosquitto_opt *opts, int opt_count) {
    printf("mosquitto_auth_plugin_init is called.\n");
    // 无需关注，返回 MOSQ_ERR_SUCCESS 即可
    return MOSQ_ERR_SUCCESS;
}
int mosquitto_auth_plugin_cleanup(void *user_data, struct mosquitto_opt *opts, int opt_count) {
    printf("mosquitto_auth_plugin_cleanup is called.\n");
    // 无需关注，返回 MOSQ_ERR_SUCCESS 即可
    return MOSQ_ERR_SUCCESS;
}
int mosquitto_auth_security_init(void *user_data, struct mosquitto_opt *opts, int opt_count, bool reload) {
    printf("mosquitto_auth_security_init is called.\n");
    // 无需关注，返回 MOSQ_ERR_SUCCESS 即可
    return MOSQ_ERR_SUCCESS;
}
int mosquitto_auth_security_cleanup(void *user_data, struct mosquitto_opt *opts, int opt_count, bool reload) {
    printf("mosquitto_auth_security_cleanup is called.\n");
    // 无需关注，返回 MOSQ_ERR_SUCCESS 即可
    return MOSQ_ERR_SUCCESS;
}

int mosquitto_auth_acl_check(void *user_data, int access, struct mosquitto *client, const struct mosquitto_acl_msg *msg) {
    printf("mosquitto_auth_acl_check is called.\n");
    const char *username = mosquitto_client_username(client);
    printf("username=%s, topic=%s, access=%d\n", username, msg->topic, access);
    // 无需关注，返回 MOSQ_ERR_SUCCESS 即可
    return MOSQ_ERR_SUCCESS;
}

int mosquitto_auth_unpwd_check(void *user_data, struct mosquitto *client, const char *username, const char *password) {
    printf("mosquitto_auth_unpwd_check is called.\n");
    printf("username=%s, password=%s\n", username, password);

    // username 和 passowrd 都是 root 才返回鉴权成功
    if ((username != NULL && strcmp(username, "root") == 0)
        && (password != NULL && strcmp(password, "root") == 0)) {
        return MOSQ_ERR_SUCCESS;
    }
    
    // 否则，返回鉴权失败
    return MOSQ_ERR_AUTH;
}

3）【Build】项目，生成 libauth_plug.so 文件。

控制台输出

====================[ Build | auth_plug | Debug ]===============================
/usr/bin/cmake --build /tmp/tmp.sCfaoIoQvu/cmake-build-debug --target auth_plug -- -j 3
Scanning dependencies of target auth_plug
[ 50%] Building C object CMakeFiles/auth_plug.dir/library.c.o
[100%] Linking C shared library libauth_plug.so
[100%] Built target auth_plug

Build finished

使用 libauth_plug.so

1）在 mosquitto 项目中的 mosquitto.conf 文件中新增如下配置：

# -----------------------------------------------------------------
# External authentication and topic access plugin options
# -----------------------------------------------------------------

# External authentication and access control can be supported with the
# auth_plugin option. This is a path to a loadable plugin. See also the
# auth_opt_* options described below.
#
# The auth_plugin option can be specified multiple times to load multiple
# plugins. The plugins will be processed in the order that they are specified
# here. If the auth_plugin option is specified alongside either of
# password_file or acl_file then the plugin checks will be made first.
#
#auth_plugin
auth_plugin /tmp/tmp.sCfaoIoQvu/cmake-build-debug/libauth_plug.so

2）启动 mosquitto 进程。

命令启动：

$ /tmp/tmp.rcJYQzXv2I/cmake-build-debug/src/mosquitto -c /tmp/tmp.rcJYQzXv2I/mosquitto.conf

或者，在 CLion 中添加 【Program arguments】的形式启动：

控制台输出：

/tmp/tmp.rcJYQzXv2I/cmake-build-debug/src/mosquitto -c /tmp/tmp.rcJYQzXv2I/mosquitto.conf
1625234625: mosquitto version 2.0.11 starting
1625234625: Config loaded from /tmp/tmp.rcJYQzXv2I/mosquitto.conf.
1625234625: Loading plugin: /tmp/tmp.sCfaoIoQvu/cmake-build-debug/libauth_plug.so
supported_version_count=4
supported_versions[i]=5
supported_versions[i]=4
supported_versions[i]=3
supported_versions[i]=2
1625234625:  ├── Username/password checking enabled.
1625234625:  ├── TLS-PSK checking not enabled.
1625234625:  └── Extended authentication not enabled.
mosquitto_auth_plugin_init is called.
mosquitto_auth_security_init is called.
1625234625: Starting in local only mode. Connections will only be possible from clients running on this machine.
1625234625: Create a configuration file which defines a listener to allow remote access.
1625234625: For more details see https://mosquitto.org/documentation/authentication-methods/
1625234625: Opening ipv4 listen socket on port 1883.
1625234625: Opening ipv6 listen socket on port 1883.
1625234625: Error: Cannot assign requested address
1625234625: mosquitto version 2.0.11 running

3）通过 mosquitto_sub 命令连接到 mosquitto 进程。

# 连接失败
$ /tmp/tmp.rcJYQzXv2I/cmake-build-debug/client/mosquitto_sub -t tt
Connection error: Connection Refused: not authorised.

# 连接成功
$ /tmp/tmp.rcJYQzXv2I/cmake-build-debug/client/mosquitto_sub -t test -u root -P root

至此，简单的 mosquitto 自定义 auth_plugin 插件就完成了。

参考

• Linux 下cmake生成SO库的使用实例
• https://github.com/jpmens/mosquitto-auth-plug