Support Mosquitto's sha512-pbkdf2 password file format

halfgaar / FlashMQ

FlashMQ is a fast light-weight MQTT broker/server, designed to take good advantage of multi-CPU environments

https://www.flashmq.org/

Open Software License 3.0

174 stars 24 forks source link

Support Mosquitto's sha512-pbkdf2 password file format #17

Closed halfgaar closed 1 year ago

halfgaar commented 1 year ago

TODO:

Implement.
Add warning in man page that with thousands or millions of clients, purposefully slow hashing algorithms can be a problem, because it may require hours for all clients to connect.

Example:

wiebe:$7$101$oW4vum9VREb/0aH6K3ge7kY9u26JboPDpF+9SKjd0fdz6SXidJ9n+TtBbg5n0ImfM/LkIEn6BZxT78Wn6Uzgvw==$Sc31amckhadG9Sd7/qTR8L+ROxljBLCMTrFj/Isb0rikvolsWnucdfDDY3bcIk03Nm/ymzfenE7LuTtgbz3wkA==

halfgaar commented 1 year ago

Add warning in man page that with thousands or millions of clients, purposefully slow hashing algorithms can be a problem, because it may require hours for all clients to connect.

That point is actually not (that) relevant in this case. Contrary to bcrypt, which can take 100 ms, a quick test showed 10000 calls with Mosquitto's 101 iterations took 0.7 s.

Fix merged in master, pending new version release.

halfgaar commented 1 year ago

Fixed with release 0.13.1.