bd9f138b5a
mosquitto can be configured to use password files. Those have a very trivial layout, with one "username:password" tuple per line, not unlike Apache's htpasswd file format, but unlike htpasswd files, the password can be either in clear (boo!), or encrypted (by calling into openssl's libcrypto). Encryption of passwords is done with an ad-hoc tool, mosquitto_passwd, again very like Apache's htpasswd, but the encrypted form is different (of course). This encryption is handled by mosquitto_passwd, which can create, update, or delete users, all while storing their encrypted password, or it can also convert a password file with clear-text passwords into a password file with encrypted passwords, e.g. it turns each "foo:bar" entry to their corresponding encrypted form, like "foo:$7$101$yLPgk5fn46d....==". It can be very interesting to maintain a clear-text DB of users:passwords in configuration management [0], and only convert it to encrypted passwords when embedded on the target. Add a host variant for mosquitto, which only installs mosquitto_passwd. [0] ensuring safety, confidentiality, and integrity of that DB is left as an exercise to the user, and is clearly out of scope for Buildroot, like storing the root password in the .config is. Signed-off-by: Yann E. MORIN <yann.morin@orange.com> Cc: Peter Korsgaard <peter@korsgaard.com> Cc: Titouan Christophe <titouanchristophe@gmail.com> Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 lines
117 B
Plaintext
5 lines
117 B
Plaintext
config BR2_PACKAGE_HOST_MOSQUITTO
|
|
bool "host mosquitto (mosquitto_passwd)"
|
|
help
|
|
Only installs mosquitto_passwd.
|