1.6.12 - 2020-08-19
===================

Security:
- In some circumstances, Mosquitto could leak memory when handling PUBLISH
  messages. This is limited to incoming QoS 2 messages, and is related
  to the combination of the broker having persistence enabled, a clean
  session=false client, which was connected prior to the broker restarting,
  then has reconnected and has now sent messages at a sufficiently high rate
  that the incoming queue at the broker has filled up and hence messages are
  being dropped. This is more likely to have an effect where
  max_queued_messages is a small value. This has now been fixed. Closes #1793.

Broker:
- Build warning fixes when building with WITH_BRIDGE=no and WITH_TLS=no.

Clients:
- All clients exit with an error exit code on CONNACK failure. Closes #1778.
- Don't busy loop with `mosquitto_pub -l` on a slow connection.


1.6.11 - 2020-08-11
===================

Security:
- On Windows the Mosquitto service was being installed without appropriate
  path quoting, this has been fixed.

Broker:
- Fix usage message only mentioning v3.1.1. Closes #1713.
- Fix broker refusing to start if only websockets listeners were defined.
  Closes #1740.
- Change systemd unit files to create /var/log/mosquitto before starting.
  Closes #821.
- Don't quit with an error if opening the log file isn't possible.
  Closes #821.
- Fix bridge topic remapping when using "" as the topic. Closes #1749.
- Fix messages being queued for disconnected bridges when clean start was
  set to true. Closes #1729.
- Fix `autosave_interval` not being triggered by messages being delivered.
  Closes #1726.
- Fix websockets clients sometimes not being disconnected promptly.
  Closes #1718.
- Fix "slow" file based logging by switching to line based buffering.
  Closes #1689. Closes #1741.
- Log protocol error message where appropriate from a bad UNSUBSCRIBE, rather
  than the generic "socket error".
- Don't try to start DLT logging if DLT unavailable, to avoid a long delay
  when shutting down the broker. Closes #1735.
- Fix potential memory leaks. Closes #1773. Closes #1774.
- Fix clients not receiving messages after a previous client with the same
  client ID and positive will delay interval quit. Closes #1752.
- Fix overly broad HAVE_PTHREAD_CANCEL compile guard. Closes #1547.

Client library:
- Improved documentation around connect callback return codes. Close #1730.
- Fix `mosquitto_publish*()` no longer returning `MOSQ_ERR_NO_CONN` when not
  connected. Closes #1725.
- `mosquitto_loop_start()` now sets a thread name on Linux, FreeBSD, NetBSD,
  and OpenBSD. Closes #1777.
- Fix `mosquitto_loop_stop()` not stopping on Windows. Closes #1748. Closes #117.


1.6.10 - 2020-05-25
===================

Broker:
- Report invalid bridge prefix+pattern combinations at config parsing time
  rather than letting the bridge fail later. Issue #1635.
- Fix `mosquitto_passwd -b` not updating passwords for existing users
  correctly. Creating a new user with `-b` worked without problem.
  Closes #1664.
- Fix memory leak when connecting clients rejected.
- Don't disconnect clients that are already disconnected. This prevents the
  session expiry being extended on SIGHUP. Closes #1521.
- Fix support for openssl 3.0.
- Fix check when loading persistence file of a different version than the
  native version. Closes #1684.
- Fix possible assert crash associated with bridge reconnecting when compiled
  without epoll support. Closes #1700.
 
Client library:
- Don't treat an unexpected PUBACK, PUBREL, or PUBCOMP as a fatal error.
  Issue #1629.
- Fix support for openssl 3.0.
- Fix memory leaks from multiple calls to
  `mosquitto_lib_init()`/`mosquitto_lib_cleanup()`. Closes #1691.
- Fix documentation on return code of `mosquitto_lib_init()` for Windows.
  Closes #1690.

Clients:
- Fix mosquitto_sub %j or %J not working on Windows. Closes #1674.

Build:
- Various fixes for building with <C99 support. Closes #1622.
- Fix use of sed on BSD. Closes #1614.


1.6.9 - 20200227
================

Broker:
- Fix session expiry with very large expiry intervals. Closes #1525.
- Check ACL patterns for validity when loading. Closes #1539.
- Use presence of password file as indicator for whether username checks
  should take place, not whether usernames are defined in the password file.
  Closes #1545.
- Strip whitespace from end of config file string options. Closes #1566.
- Satisfy valgrind when exiting on error due to not being able to open a
  listening socket, by calling freeaddrinfo. Closes #1565.
- Fix config->user not being freed on exit. Closes #1564.
- Fix trailing whitespace not being trimmed on acl users. Closes #1539.
- Fix `bind_interface` not working for the default listener. Closes #1533.
- Improve password file parsing in the broker and mosqitto_passwd. Closes #1584.
- Print OpenSSL errors in more situations, like when loading certificates
  fails. Closes #1552.
- Fix `mosquitto_client_protocol() returning incorrect values.

Client library:
- Set minimum keepalive argument to `mosquitto_connect*()` to be 5 seconds.
  Closes #1550.
- Fix `mosquitto_topic_matches_sub()` not returning MOSQ_ERR_INVAL if the
  topic contains a wildcard. Closes #1589.

Clients:
- Fix `--remove-retained` not obeying the `-T` option for filtering out
  topics. Closes #1585.
- Default behaviour for v5 clients using `-c` is now to use infinite length
  sessions, as with v3 clients. Closes #1546.


1.6.8 - 20191128
================

Broker:
- Various fixes for `allow_zero_length_clientid` config, where this option was
  not being set correctly. Closes #1429.
- Fix incorrect memory tracking causing problems with memory_limit option.
  Closes #1437.
- Fix subscription topics being limited to 200 characters instead of 200
  hierarchy levels. Closes #1441.
- Only a single CRL could be loaded at once. This has been fixed.
  Closes #1442.
- Fix problems with reloading config when `per_listener_settings` was true.
  Closes #1459.
- Fix retained messages with an expiry interval not being expired after being
  restored from persistence. Closes #1464.
- Fix messages with an expiry interval being sent without an expiry interval
  property just before they were expired. Closes #1464.
- Fix TLS Websockets clients not receiving messages after taking over a
  previous connection. Closes #1489.
- Fix MQTT 3.1.1 clients using clean session false, or MQTT 5.0 clients using
  session-expiry-interval set to infinity never expiring, even when the global
  `persistent_client_expiration` option was set. Closes #1494.

Client library:
- Fix publish properties not being passed to on_message_v5 callback for QoS 2
  messages. Closes #1432.
- Fix documentation issues in mosquitto.h. Closes #1478.
- Document `mosquitto_connect_srv()`. Closes #1499.

Clients:
- Fix duplicate cfg definition in rr_client. Closes #1453.
- Fix `mosquitto_pub -l` hang when stdin stream ends. Closes #1448.
- Fix `mosquitto_pub -l` not sending the final line of stdin if it does not
  end with a new line. Closes #1473.
- Make documentation for `mosquitto_pub -l` match reality - blank lines are
  sent as empty messages. Closes #1474.
- Free memory in `mosquitto_sub` when quiting without having made a successful
  connection. Closes #1513.

Build:
- Added `CLIENT_STATIC_LDADD` to makefile builds to allow more libraries to be
  linked when compiling the clients with a static libmosquitto, as required
  for e.g. openssl on some systems.

Installer:
- Fix mosquitto_rr.exe not being included in Windows installers. Closes #1463.

1.6.7 - 20190925
================

Broker:
- Add workaround for working with libwebsockets 3.2.0.
- Fix potential crash when reloading config. Closes #1424, #1425.

Client library:
- Don't use `/` in autogenerated client ids, to avoid confusing with topics.
- Fix `mosquitto_max_inflight_messages_set()` and `mosquitto_int_option(...,
  MOSQ_OPT_*_MAX, ...)` behaviour. Closes #1417.
- Fix regression on use of `mosquitto_connect_async()` not working.
  Closes #1415 and #1422.

Clients:
- mosquitto_sub: Fix `-E` incorrectly not working unless `-d` was also
  specified. Closes #1418.
- Updated documentation around automatic client ids.


1.6.6 - 20190917
================

Security:
- Restrict topic hierarchy to 200 levels to prevent possible stack overflow.
  Closes #1412.

Broker:
- Restrict topic hierarchy to 200 levels to prevent possible stack overflow.
  Closes #1412.
- mosquitto_passwd now returns 1 when attempting to update a user that does
  not exist. Closes #1414.


1.6.5 - 20190912
================

Broker:
- Fix v5 DISCONNECT packets with remaining length == 2 being treated as a
  protocol error. Closes #1367.
- Fix support for libwebsockets 3.x.
- Fix slow websockets performance when sending large messages. Closes #1390.
- Fix bridges potentially not connecting on Windows. Closes #478.
- Fix clients authorised using `use_identity_as_username` or
  `use_subject_as_username` being disconnected on SIGHUP. Closes #1402.
- Improve error messages in some situations when clients disconnect. Reduces
  the number of "Socket error on client X, disconnecting" messages.
- Fix Will for v5 clients not being sent if will delay interval was greater
  than the session expiry interval. Closes #1401.
- Fix CRL file not being reloaded on HUP. Closes #35.
- Fix repeated "Error in poll" messages on Windows when only websockets
  listeners are defined. Closes #1391.

Client library:
- Fix reconnect backoff for the situation where connections are dropped rather
  than refused. Closes #737.
- Fix missing locks on `mosq->state`. Closes #1374.

Documentation:
- Improve details on global/per listener options in the mosquitto.conf man page.
  Closes #274.
- Clarify behaviour when clients exceed the `message_size_limit`. Closes #448.
- Improve documentation for `max_inflight_bytes`, `max_inflight_messages`,
  and `max_queued_messages`.

Build:
- Fix missing function warnings on NetBSD.
- Fix WITH_STATIC_LIBRARIES using CMake on Windows. Closes #1369.
- Guard ssize_t definition on Windows. Closes #522.


1.6.4 - 20190801
================

Broker:
- Fix persistent clients being incorrectly expired on Raspberry Pis.
  Closes #1272.
- Windows: Allow other applications access to the log file when running.
  Closes #515.
- Fix incoming QoS 2 messages being blocked when `max_inflight_messages` was
  set to 1. Closes #1332.
- Fix incoming messages not being removed for a client if the topic being
  published to does not have any subscribers. Closes #1322.

Client library:
- Fix MQTT v5 subscription options being incorrectly set for MQTT v3
  subscriptions. Closes #1353.
- Make behaviour of `mosquitto_connect_async()` consistent with
  `mosquitto_connect()` when connecting to a non-existent server.
  Closes #1345.
- `mosquitto_string_option(mosq, MOSQ_OPT_TLS_KEYFORM, ...)` was incorrectly
  returning `MOSQ_ERR_INVAL` with valid input. This has been fixed.
  Closes #1360.
- on_connect callback is now called with the correct v5 reason code if a v5
  client connects to a v3.x broker and is sent a CONNACK with the
  "unacceptable protocol version" connack reason code.
- Fix memory leak when setting v5 properties in mosquitto_connect_v5().
- Fix properties not being sent on QoS>0 PUBLISH messages.

Clients:
- mosquitto_pub: fix error codes not being returned when mosquitto_pub exits.
  Closes #1354.
- All clients: improve error messages when connecting to a v3.x broker when in
  v5 mode. Closes #1344.

Other:
- Various documentation fixes.


1.6.3 - 20190618
================

Broker:
- Fix detection of incoming v3.1/v3.1.1 bridges. Closes #1263.
- Fix default max_topic_alias listener config not being copied to the in-use
  listener when compiled without TLS support.
- Fix random number generation if compiling using `WITH_TLS=no` and on Linux
  with glibc >= 2.25. Without this fix, no random numbers would be generated
  for e.g. on broker client id generation, and so clients connecting expecting
  this feature would be unable to connect.
- Fix compilation problem related to `getrandom()` on non-glibc systems.
- Fix Will message for a persistent client incorrectly being sent when the
  client reconnects after a clean disconnect. Closes #1273.
- Fix Will message for a persistent client not being sent on disconnect.
  Closes #1273.
- Improve documentation around the upgrading of persistence files. Closes
  #1276.
- Add 'extern "C"' on mosquitto_broker.h and mosquitto_plugin.h for C++ plugin
  writing. Closes #1290.
- Fix persistent Websockets clients not receiving messages after they
  reconnect, having sent DISCONNECT on a previous session. Closes #1227.
- Disable TLS renegotiation. Client initiated renegotiation is considered to
  be a potential attack vector against servers. Closes #1257.
- Fix incorrect shared subscription topic '$shared'.
- Fix zero length client ids being rejected for MQTT v5 clients with clean
  start set to true.
- Fix MQTT v5 overlapping subscription behaviour. Clients now receive message
  from all matching subscriptions rather than the first one encountered, which
  ensures the maximum QoS requirement is met.
- Fix incoming/outgoing quota problems for QoS>0.
- Remove obsolete `store_clean_interval` from documentation.
- Fix v4 authentication plugin never calling psk_key_get.

Client library:
- Fix typo causing build error on Windows when building without TLS support.
  Closes #1264.

Clients:
- Fix -L url parsing when `/topic` part is missing.
- Stop some error messages being printed even when `--quiet` was used.
  Closes #1284.
- Fix mosquitto_pub exiting with error code 0 when an error occurred.
  Closes #1285.
- Fix mosquitto_pub not using the `-c` option. Closes #1273.
- Fix MQTT v5 clients not being able to specify a password without a username.
  Closes #1274.
- Fix `mosquitto_pub -l` not handling network failures. Closes #1152.
- Fix `mosquitto_pub -l` not handling zero length input. Closes #1302.
- Fix double free on exit in mosquitto_pub. Closes #1280.

Documentation:
- Remove references to Python binding and C++ wrapper in libmosquitto man
  page. Closes #1266.

Build:
- CLIENT_LDFLAGS now uses LDFLAGS. Closes #1294.


1.6.2 - 20190430
================

Broker:
- Fix memory access after free, leading to possible crash, when v5 client with
  Will message disconnects, where the Will message has as its first property
  one of `content-type`, `correlation-data`, `payload-format-indicator`, or
  `response-topic`.  Closes #1244.
- Fix build for WITH_TLS=no. Closes #1250.
- Fix Will message not allowing user-property properties.
- Fix broker originated messages (e.g. $SYS/broker/version) not being
  published when `check_retain_source` set to true. Closes #1245.
- Fix $SYS/broker/version being incorrectly expired after 60 seconds.
  Closes #1245.

Library:
- Fix crash after client has been unable to connect to a broker. This occurs
  when the client is exiting and is part of the final library cleanup routine.
  Closes #1246.

Clients:
- Fix -L url parsing. Closes #1248.


1.6.1 - 20190426
================

Broker:
- Document `memory_limit` option.

Clients:
- Fix compilation on non glibc systems due to missing sys/time.h header.

Build:
- Add `make check` target and document testing procedure. Closes #1230.
- Document bundled dependencies and how to disable. Closes #1231.
- Split CFLAGS and CPPFLAGS, and LDFLAGS and LDADD/LIBADD.
- test/unit now respects CPPFLAGS and LDFLAGS. Closes #1232.
- Don't call ldconfig in CMake scripts. Closes #1048.
- Use CMAKE_INSTALL_* variables when installing in CMake. Closes #1049.


1.6 - 20190417
==============

Broker features:
- Add support for MQTT v5
- Add support for OCSP stapling.
- Add support for ALPN on bridge TLS connections. Closes #924.
- Add support for Automotive DLT logging.
- Add TLS Engine support.
- Persistence file read/write performance improvements.
- General performance improvements.
- Add max_keepalive option, to allow a maximum keepalive value to be set for
  MQTT v5 clients only.
- Add `bind_interface` option which allows a listener to be bound to a
  specific network interface, in a similar fashion to the `bind_address` option.
  Linux only.
- Add improved bridge restart interval based on Decorrelated Jitter.
- Add `dhparamfile` option, to allow DH parameters to be loaded for Ephemeral
  DH support
- Disallow writing to $ topics where appropriate.
- Fix mosquitto_passwd crashing on corrupt password file. Closes #1207.
- Add explicit support for TLS v1.3.
- Drop support for TLS v1.0.
- Improved general support for broker generated client ids. Removed libuuid
  dependency.
- auto_id_prefix now defaults to 'auto-'.
- QoS 1 and 2 flow control improvements.

Client library features:
- Add support for MQTT v5
- Add mosquitto_subscribe_multiple() for sending subscriptions to multiple
  topics in one command.
- Add TLS Engine support.
- Add explicit support for TLS v1.3.
- Drop support for TLS v1.0.
- QoS 1 and 2 flow control improvements.

Client features:
- Add support for MQTT v5
- Add mosquitto_rr client, which can be used for "request-response" messaging,
  by sending a request message and awaiting a response.
- Add TLS Engine support.
- Add support for ALPN on TLS connections. Closes #924.
- Add -D option for all clients to specify MQTT v5 properties.
- Add -E to mosquitto_sub, which causes it to exit immediately after having
  its subscriptions acknowledged. Use with -c to create a durable client
  session without requiring a message to be received.
- Add --remove-retained to mosquitto_sub, which can be used to clear retained
  messages on a broker.
- Add --repeat and --repeat-delay to mosquitto_pub, which can be used to
  repeat single message publishes at a regular interval.
- -V now accepts `5, `311`, `31`, as well as `mqttv5` etc.
- Add explicit support for TLS v1.3.
- Drop support for TLS v1.0.

Broker fixes:
- Improve error reporting when creating listeners.
- Fix build on SmartOS due to missing IPV6_V6ONLY. Closes #1212.

Client library fixes
- Add missing `mosquitto_userdata()` function.

Client fixes:
- mosquitto_pub wouldn't always publish all messages when using `-l` and
  QoS>0. This has been fixed.
- mosquitto_sub was incorrectly encoding special characters when using %j
  output format. Closes #1220.


1.5.8 - 20190228
================

Broker:
- Fix clients being disconnected when ACLs are in use. This only affects the
  case where a client connects using a username, and the anonymous ACL list is
  defined but specific user ACLs are not defined. Closes #1162.
- Make error messages for missing config file clearer.
- Fix some Coverity Scan reported errors that could occur when the broker was
  already failing to start.
- Fix broken mosquitto_passwd on FreeBSD. Closes #1032.
- Fix delayed bridge local subscriptions causing missing messages.
  Closes #1174.

Library:
- Use higher resolution timer for random initialisation of client id
  generation. Closes #1177.
- Fix some Coverity Scan reported errors that could occur when the library was
  already quitting.


1.5.7 - 20190213
================

Broker:
- Fix build failure when using WITH_ADNS=yes
- Ensure that an error occurs if `per_listener_settings true` is given after
  other security options. Closes #1149.
- Fix include_dir not sorting config files before loading. This was partially
  fixed in 1.5 previously.
- Improve documentation around the `include_dir` option. Closes #1154.
- Fix case where old unreferenced msg_store messages were being saved to the
  persistence file, bloating its size unnecessarily. Closes #389.

Library:
- Fix `mosquitto_topic_matches_sub()` not returning MOSQ_ERR_INVAL for
  invalid subscriptions like `topic/#abc`. This only affects the return value,
  not the match/no match result, which was already correct.

Build:
- Don't require C99 compiler.
- Add rewritten build test script and remove some build warnings.


1.5.6 - 20190206
================

Security:
- CVE-2018-12551: If Mosquitto is configured to use a password file for
  authentication, any malformed data in the password file will be treated as
  valid. This typically means that the malformed data becomes a username and no
  password. If this occurs, clients can circumvent authentication and get access
  to the broker by using the malformed username. In particular, a blank line
  will be treated as a valid empty username. Other security measures are
  unaffected. Users who have only used the mosquitto_passwd utility to create
  and modify their password files are unaffected by this vulnerability.
  Affects version 1.0 to 1.5.5 inclusive.
- CVE-2018-12550: If an ACL file is empty, or has only blank lines or
  comments, then mosquitto treats the ACL file as not being defined, which
  means that no topic access is denied. Although denying access to all topics
  is not a useful configuration, this behaviour is unexpected and could lead
  to access being incorrectly granted in some circumstances. This is now
  fixed. Affects versions 1.0 to 1.5.5 inclusive.
- CVE-2018-12546. If a client publishes a retained message to a topic that
  they have access to, and then their access to that topic is revoked, the
  retained message will still be delivered to future subscribers. This
  behaviour may be undesirable in some applications, so a configuration option
  `check_retain_source` has been introduced to enforce checking of the
  retained message source on publish.

Broker:
- Fixed comment handling for config options that have optional arguments.
- Improved documentation around bridge topic remapping.
- Handle mismatched handshakes (e.g. QoS1 PUBLISH with QoS2 reply) properly.
- Fix spaces not being allowed in the bridge remote_username option. Closes
  #1131.
- Allow broker to always restart on Windows when using `log_dest file`. Closes
  #1080.
- Fix Will not being sent for Websockets clients. Closes #1143.
- Windows: Fix possible crash when client disconnects. Closes #1137.
- Fixed durable clients being unable to receive messages when offline, when
  per_listener_settings was set to true. Closes #1081.
- Add log message for the case where a client is disconnected for sending a
  topic with invalid UTF-8. Closes #1144.

Library:
- Fix TLS connections not working over SOCKS.
- Don't clear SSL context when TLS connection is closed, meaning if a user
  provided an external SSL_CTX they have less chance of leaking references.

Build:
- Fix comparison of boolean values in CMake build. Closes #1101.
- Fix compilation when openssl deprecated APIs are not available.
  Closes #1094.
- Man pages can now be built on any system. Closes #1139.


1.5.5 - 20181211
================

Security:
- If `per_listener_settings` is set to true, then the `acl_file` setting was
  ignored for the "default listener" only. This has been fixed. This does not
  affect any listeners defined with the `listener` option. Closes #1073.
  This is now tracked as CVE-2018-20145.

Broker:
- Add `socket_domain` option to allow listeners to disable IPv6 support.
  This is required to work around a problem in libwebsockets that means
  sockets only listen on IPv6 by default if IPv6 support is compiled in.
  Closes #1004.
- When using ADNS, don't ask for all network protocols when connecting,
  because this can lead to confusing "Protocol not supported" errors if the
  network is down. Closes #1062.
- Fix outgoing retained messages not being sent by bridges on initial
  connection. Closes #1040.
- Don't reload auth_opt_ options on reload, to match the behaviour of the
  other plugin options. Closes #1068.
- Print message on error when installing/uninstalling as a Windows service.
- All non-error connect/disconnect messages are controlled by the
  `connection_messages` option. Closes #772. Closes #613. Closes #537.

Library:
- Fix reconnect delay backoff behaviour. Closes #1027.
- Don't call on_disconnect() twice if keepalive tests fail. Closes #1067.

Client:
- Always print leading zeros in mosquitto_sub when output format is hex.
  Closes #1066.

Build:
- Fix building where TLS-PSK is not available. Closes #68.


1.5.4 - 20181108
================

Security:
- When using a TLS enabled websockets listener with "require_certificate"
  enabled, the mosquitto broker does not correctly verify client certificates.
  This is now fixed. All other security measures operate as expected, and in
  particular non-websockets listeners are not affected by this. Closes #996.

Broker:
- Process all pending messages even when a client has disconnected. This means
  a client that send a PUBLISH then DISCONNECT quickly, then disconnects will
  have its DISCONNECT message processed properly and so no Will will be sent.
  Closes #7.
- $SYS/broker/clients/disconnected should never be negative. Closes #287.
- Give better error message if a client sends a password without a username.
  Closes #1015.
- Fix bridge not honoring restart_timeout. Closes #1019.
- Don't disconnect a client if an auth plugin denies access to SUBSCRIBE.
  Closes #1016.

Library:
- Fix memory leak that occurred if mosquitto_reconnect() was used when TLS
  errors were present. Closes #592.
- Fix TLS connections when using an external event loop with
  mosquitto_loop_read() and mosquitto_write(). Closes #990.

Build:
- Fix clients not being compiled with threading support when using CMake.
  Closes #983.
- Header fixes for FreeBSD. Closes #977.
- Use _GNU_SOURCE to fix build errors in websockets and getaddrinfo usage.
  Closes #862 and #933.
- Fix builds on QNX 7.0.0. Closes #1018.


1.5.3 - 20180925
================

Security:
- Fix CVE-2018-12543. If a message is sent to Mosquitto with a topic that
  begins with $, but is not $SYS, then an assert that should be unreachable is
  triggered and Mosquitto will exit.

Broker:
- Elevate log level to warning for situation when socket limit is hit.
- Remove requirement to use `user root` in snap package config files.
- Fix retained messages not sent by bridges on outgoing topics at the first
  connection. Closes #701.
- Documentation fixes. Closes #520, #600.
- Fix duplicate clients being added to by_id hash before the old client was
  removed. Closes #645.
- Fix Windows version not starting if include_dir did not contain any files.
  Closes #566.
- When an authentication plugin denied access to a SUBSCRIBE, the client would
  be disconnected incorrectly. This has been fixed. Closes #1016.

Build:
- Various fixes to ease building.


1.5.2 - 20180919
================

Broker:
- Fix build when using WITH_ADNS=yes.
- Fix incorrect call to setsockopt() for TCP_NODELAY. Closes #941.
- Fix excessive CPU usage when the number of sockets exceeds the system limit.
  Closes #948.
- Fix for bridge connections when using WITH_ADNS=yes.
- Fix round_robin false behaviour. Closes #481.
- Fix segfault on HUP when bridges and security options are configured.
  Closes #965.

Library:
- Fix situation where username and password is used with SOCKS5 proxy. Closes
  #927.
- Fix SOCKS5 behaviour when passing IP addresses. Closes #927.

Build:
- Make it easier to build without bundled uthash.h using "WITH_BUNDLED_DEPS=no".
- Fix build with OPENSSL_NO_ENGINE. Closes #932.


1.5.1 - 20180816
================

Broker:
- Fix plugin cleanup function not being called on exit of the broker.
  Closes #900.
- Print more OpenSSL errors when loading certificates/keys fail.
- Use AF_UNSPEC etc. instead of PF_UNSPEC to comply with POSIX. Closes #863.
- Remove use of AI_ADDRCONFIG, which means the broker can be used on systems
  where only the loopback interface is defined. Closes #869, Closes #901.
- Fix IPv6 addresses not being able to be used as bridge addresses.
  Closes #886.
- All clients now time out if they exceed their keepalive*1.5, rather than
  just reach it. This was inconsistent in two places.
- Fix segfault on startup if bridge CA certificates could not be read.
  Closes #851.
- Fix problem opening listeners on Pi caused by unsigned char being default.
  Found via #849.
- ACL patterns that do not contain either %c or %u now produce a warning in
  the log. Closes #209.
- Fix bridge publishing failing when per_listener_settings was true. Closes
  #860.
- Fix `use_identity_as_username true` not working. Closes #833.
- Fix UNSUBACK messages not being logged. Closes #903.
- Fix possible endian issue when reading the `memory_limit` option.
- Fix building for libwebsockets < 1.6.
- Fix accessor functions for username and client id when used in plugin auth
  check.

Library:
- Fix some places where return codes were incorrect, including to the
  on_disconnect() callback. This has resulted in two new error codes,
  MOSQ_ERR_KEEPALIVE and MOSQ_ERR_LOOKUP.
- Fix connection problems when mosquitto_loop_start() was called before
  mosquitto_connect_async(). Closes #848.

Clients:
- When compiled using WITH_TLS=no, the default port was incorrectly being set
  to -1. This has been fixed.
- Fix compiling on Mac OS X <10.12. Closes #813 and #240.

Build:
- Fixes for building on NetBSD. Closes #258.
- Fixes for building on FreeBSD.
- Add support for compiling with static libwebsockets library.


1.5 - 20180502
==============

Security:
- Fix memory leak that could be caused by a malicious CONNECT packet. This
  does not yet have a CVE assigned. Closes #533493 (on Eclipse bugtracker)

Broker features:
- Add per_listener_settings to allow authentication and access control to be
  per listener.
- Add limited support for reloading listener settings. This allows settings
  for an already defined listener to be reloaded, but port numbers must not be
  changed.
- Add ability to deny access to SUBSCRIBE messages as well as the current
  read/write accesses. Currently for auth plugins only.
- Reduce calls to malloc through the use of UHPA.
- Outgoing messages with QoS>1 are no longer retried after a timeout period.
  Messages will be retried when a client reconnects.  This change in behaviour
  can be justified by considering when the timeout may have occurred.
  * If a connection is unreliable and has dropped, but without one end
    noticing, the messages will be retried on reconnection. Sending
    additional PUBLISH or PUBREL would not have changed anything.
  * If a client is overloaded/unable to respond/has a slow connection then
    sending additional PUBLISH or PUBREL would not help the client catch
    up. Once the backlog has cleared the client will respond. If it is not
    able to catch up, sending additional duplicates would not help either.
- Add use_subject_as_username option for certificate based client
  authentication to use the entire certificate subject as a username, rather
  than just the CN. Closes #469467.
- Change sys tree printing output. This format shouldn't be relied upon and
  may change at any time. Closes #470246.
- Minimum supported libwebsockets version is now 1.3.
- Add systemd startup notification and services. Closes #471053.
- Reduce unnecessary malloc and memcpy when receiving a message and storing
  it. Closes #470258.
- Support for Windows XP has been dropped.
- Bridge connections now default to using MQTT v3.1.1.
- mosquitto_db_dump tool can now output some stats on clients.
- Perform utf-8 validation on incoming will, subscription and unsubscription
  topics.
- new $SYS/broker/store/messages/count (deprecates $SYS/broker/messages/stored)
- new $SYS/broker/store/messages/bytes
- max_queued_bytes feature to limit queues by real size rather than
  than just message count. Closes Eclipse #452919 or Github #100
- Add support for bridges to be configured to only send notifications to the
  local broker.
- Add set_tcp_nodelay option to allow Nagle's algorithm to be disabled on
  client sockets. Closes #433.
- The behaviour of allow_anonymous has changed. In the old behaviour, the
  default if not set was to allow anonymous access. The new behaviour is to
  default is to allow anonymous access unless another security option is set.
  For example, if password_file is set and allow_anonymous is not set, then
  anonymous access will be denied. It is still possible to allow anonymous
  access by setting it explicitly.

Broker fixes:
- Fix UNSUBSCRIBE with no topic is accepted on MQTT 3.1.1. Closes #665.
- Produce an error if two bridges share the same local_clientid.
- Miscellaneous fixes on Windows.
- queue_qos0_messages was not observing max_queued_** limits
- When using the include_dir configuration option sort the files
  alphabetically before loading them.  Closes #17.
- IPv6 is no longer disabled for websockets listeners.
- Remove all build timestamp information including $SYS/broker/timestamp.
  Close #651.
- Correctly handle incoming strings that contain a NULL byte. Closes #693.
- Use constant time memcmp for password comparisons.
- Fix incorrect PSK key being used if it had leading zeroes.
- Fix memory leak if a client provided a username/password for a listener with
  use_identity_as_username configured.
- Fix use_identity_as_username not working on websockets clients.
- Don't crash if an auth plugin returns MOSQ_ERR_AUTH for a username check on
  a websockets client. Closes #490.
- Fix 08-ssl-bridge.py test when using async dns lookups. Closes #507.
- Lines in the config file are no longer limited to 1024 characters long.
  Closes #652.
- Fix $SYS counters of messages and bytes sent when message is sent over
  a Websockets. Closes #250.
- Fix upgrade_outgoing_qos for retained message. Closes #534.
- Fix CONNACK message not being sent for unauthorised connect on websockets.
  Closes #8.
- Maximum connections on Windows increased to 2048.
- When a client with an in-use client-id connects, if the old client has a
  will, send the will message. Closes #26.
- Fix parsing of configuration options that end with a space. Closes #804.

Client library features:
- Outgoing messages with QoS>1 are no longer retried after a timeout period.
  Messages will be retried when a client reconnects.
- DNS-SRV support is now disabled by default.
- Add mosquitto_subscribe_simple() This is a helper function to make
  retrieving messages from a broker very straightforward. Examples of its use
  are in examples/subscribe_simple.
- Add mosquitto_subscribe_callback() This is a helper function to make
  processing messages from a broker very straightforward. An example of its use
  is in examples/subscribe_simple.
- Connections now default to using MQTT v3.1.1.
- Add mosquitto_validate_utf8() to check whether a string is valid UTF-8
  according to the UTF-8 spec and to the additional restrictions imposed by
  the MQTT spec.
- Topic inputs are checked for UTF-8 validity.
- Add mosquitto_userdata function to allow retrieving the client userdata
  member variable. Closes #111.
- Add mosquitto_pub_topic_check2(), mosquitto_sub_topic_check2(), and
  mosquitto_topic_matches_sub2() which are identical to the similarly named
  functions but also take length arguments.
- Add mosquitto_connect_with_flags_callback_set(), which allows a second
  connect callback to be used which also exposes the connect flags parameter.
  Closes #738 and #128.
- Add MOSQ_OPT_SSL_CTX option to allow a user specified SSL_CTX to be used
  instead of the one generated by libmosquitto. This allows greater control
  over what options can be set. Closes #715.
- Add MOSQ_OPT_SSL_CTX_WITH_DEFAULTS to work with MOSQ_OPT_SSL_CTX and have
  the default libmosquitto SSL_CTX configuration applied to the user provided
  SSL_CTX. Closes #567.

Client library fixes:
- Fix incorrect PSK key being used if it had leading zeroes.
- Initialise "result" variable as soon as possible in
  mosquitto_topic_matches_sub. Closes #654.
- No need to close socket again if setting non-blocking failed. Closes #649.
- Fix mosquitto_topic_matches_sub() not correctly matching foo/bar against
  foo/+/#. Closes #670.
- SNI host support added.

Client features:
- Add -F to mosquitto_sub to allow the user to choose the output format.
- Add -U to mosquitto_sub for unsubscribing from topics.
- Add -c (clean session) to mosquitto_pub.
- Add --retained-only to mosquitto_sub to exit after receiving all retained
  messages.
- Add -W to allow mosquitto_sub to stop processing incoming messages after a
  timeout.
- Connections now default to using MQTT v3.1.1.
- Default to using port 8883 when using TLS.
- mosquitto_sub doesn't continue to keep connecting if CONNACK tells it the
  connection was refused.

Client fixes:
- Correctly handle empty files with "mosquitto_pub -l". Closes #676.

Build:
- Add WITH_STRIP option (defaulting to "no") that when set to "yes" will strip
  executables and shared libraries when installing.
- Add WITH_STATIC_LIBRARIES (defaulting to "no") that when set to "yes" will
  build and install static versions of the client libraries.
- Don't run TLS-PSK tests if TLS-PSK disabled at compile time. Closes #636.
- Support for openssl versions 1.0.0 and 1.0.1 has been removed as these are
  no longer supported by openssl.

Documentation:
- Replace mentions of deprecated 'c_rehash' with 'openssl rehash'.

1.4.15 - 20180228
=================

Security:
- Fix CVE-2017-7652. If a SIGHUP is sent to the broker when there are no more
  file descriptors, then opening the configuration file will fail and security
  settings will be set back to their default values.
- Fix CVE-2017-7651. Unauthenticated clients can cause excessive memory use by
  setting "remaining length" to be a large value. This is now mitigated by
  limiting the size of remaining length to valid values. A "memory_limit"
  configuration option has also been added to allow the overall memory used by
  the broker to be limited.

Broker:
- Use constant time memcmp for password comparisons.
- Fix incorrect PSK key being used if it had leading zeroes.
- Fix memory leak if a client provided a username/password for a listener with
  use_identity_as_username configured.
- Fix use_identity_as_username not working on websockets clients.
- Don't crash if an auth plugin returns MOSQ_ERR_AUTH for a username check on
  a websockets client. Closes #490.
- Fix 08-ssl-bridge.py test when using async dns lookups. Closes #507.
- Lines in the config file are no longer limited to 1024 characters long.
  Closes #652.
- Fix $SYS counters of messages and bytes sent when message is sent over
  a Websockets. Closes #250.
- Fix upgrade_outgoing_qos for retained message. Closes #534.
- Fix CONNACK message not being sent for unauthorised connect on websockets.
  Closes #8.

Client library:
- Fix incorrect PSK key being used if it had leading zeroes.
- Initialise "result" variable as soon as possible in
  mosquitto_topic_matches_sub. Closes #654.
- No need to close socket again if setting non-blocking failed. Closes #649.
- Fix mosquitto_topic_matches_sub() not correctly matching foo/bar against
  foo/+/#. Closes #670.

Clients:
- Correctly handle empty files with "mosquitto_pub -l". Closes #676.

Build:
- Don't run TLS-PSK tests if TLS-PSK disabled at compile time. Closes #636.


1.4.14 - 20170710
=================

Broker:
- Fix regression from 1.4.13 where persistence data was not being saved.


1.4.13 - 20170627
=================

Security:
- Fix CVE-2017-9868. The persistence file was readable by all local users,
  potentially allowing sensitive information to be leaked.
  This can also be fixed administratively, by restricting access to the
  directory in which the persistence file is stored.

Broker:
- Fix for poor websockets performance.
- Fix lazy bridges not timing out for idle_timeout. Closes #417.
- Fix problems with large retained messages over websockets. Closes #427.
- Set persistence file to only be readable by owner, except on Windows. Closes
  #468.
- Fix CONNECT check for reserved=0, as per MQTT v3.1.1 check MQTT-3.1.2-3.
- When the broker stop, wills for any connected clients are now "sent". Closes
  #477.
- Auth plugins can be configured to disable the check for +# in
  usernames/client ids with the auth_plugin_deny_special_chars option.
  Partially closes #462.
- Restrictions for CVE-2017-7650 have been relaxed - '/' is allowed in
  usernames/client ids. Remainder of fix for #462.

Clients:
- Don't use / in auto-generated client ids.


1.4.12 - 20170528
=================

Security:
- Fix CVE-2017-7650, which allows clients with username or client id set to
  '#' or '+' to bypass pattern based ACLs or third party plugins. The fix
  denies message sending or receiving of messages for clients with a '#' or
  '+' in their username or client id and if the message is subject to a
  pattern ACL check or plugin check.
  Patches for other versions are available at
  https://mosquitto.org/files/cve/2017-7650/

Broker:
- Fix mosquitto.db from becoming corrupted due to client messages being
  persisted with no stored message. Closes #424.
- Fix bridge not restarting properly. Closes #428.
- Fix unitialized memory in gets_quiet on Windows. Closes #426.
- Fix building with WITH_ADNS=no for systems that don't use glibc. Closes
  #415.
- Fixes to readme.md.
- Fix deprecation warning for OpenSSL 1.1. PR #416.
- Don't segfault on duplicate bridge names. Closes #446.
- Fix CVE-2017-7650.


1.4.11 - 20170220
=================

Broker:
- Fix crash when "lazy" type bridge attempts to reconnect. Closes #259.
- maximum_connections now applies to websockets listeners. Closes #271.
- Allow bridges to use TLS with IPv6.
- Don't error on zero length persistence files. Closes #316.
- For http only websockets clients, close files served over http in all cases
  when the client disconnects. Closes #354.
- Fix error message when websockets http_dir directory does not exist.
- Improve password utility error message. Closes #379.

Clients:
- Use of --ciphers no longer requires you to also pass --tls-version.
  Closes #380.

Client library:
- Clients can now use TLS with IPv6.
- Fix potential socket leakage when reconnecting. Closes #304.
- Fix potential negative timeout being passed to pselect. Closes #329.


1.4.10 - 20160816
=================

Broker:
- Fix TLS operation with websockets listeners and libwebsockts 2.x. Closes
  #186.
- Don't disconnect client on HUP before reading the pending data. Closes #7.
- Fix some $SYS messages being incorrectly persisted. Closes #191.
- Support OpenSSL 1.1.0.
- Call fsync after persisting data to ensure it is correctly written. Closes
  #189.
- Fix persistence saving of subscription QoS on big-endian machines.
- Fix will retained flag handling on Windows. Closes #222.
- Broker now displays an error if it is unable to open the log file. Closes
  #234.

Client library:
- Support OpenSSL 1.1.0.
- Fixed the C++ library not allowing SOCKS support to be used. Closes #198.
- Fix memory leak when verifying a server certificate with a subjectAltName
  section. Closes #237.

Build:
- Don't attempt to install docs when WITH_DOCS=no. Closes #184.


1.4.9 - 20160603
================

Broker:
- Ensure websockets clients that previously connected with clean session set
  to false have their queued messages delivered immediately on reconnecting.
  Closes #476314.
- Reconnecting client with clean session set to false doesn't start with mid=1
  again.
- Will topic isn't truncated by one byte when using a mount_point any more.
- Network errors are printed correctly on Windows.
- Fix incorrect $SYS heap memory reporting when using ACLs.
- Bridge config parameters couldn't contain a space, this has been fixed.
  Closes #150.
- Fix saving of persistence messages that start with a '/'. Closes #151.
- Fix reconnecting for bridges that use TLS on Windows. Closes #154.
- Broker and bridges can now cope with unknown incoming PUBACK, PUBREC,
  PUBREL, PUBCOMP without disconnecting. Closes #57.
- Fix websockets listeners not being able to bind to an IP address. Closes
  #170.
- mosquitto_passwd utility now correctly deals with unknown command line
  arguments in all cases. Closes #169.
- Fix publishing of $SYS/broker/clients/maximum
- Fix order of #includes in lib/send_mosq.c to ensure struct mosquitto doesn't
  differ between source files when websockets is being used. Closes #180.
- Fix possible rare crash when writing out persistence file and a client has
  incomplete messages inflight that it has been denied the right to publish.

Client library:
- Fix the case where a message received just before the keepalive timer
  expired would cause the client to miss the keepalive timer.
- Return value of pthread_create is now checked.
- _mosquitto_destroy should not cancel threads that weren't created by
  libmosquitto. Closes #166.
- Clients can now cope with unknown incoming PUBACK, PUBREC, PUBREL, PUBCOMP
  without disconnecting. Closes #57.
- Fix mosquitto_topic_matches_sub() reporting matches on some invalid
   subscriptions.

Clients:
- Handle some unchecked malloc() calls. Closes #1.

Build:
- Fix string quoting in CMakeLists.txt. Closes #4.
- Fix building on Visual Studio 2015. Closes #136.


1.4.8 - 20160214
================

Broker:
- Wills published by clients connected to a listener with mount_point defined
  now correctly obey the mount point. This was a potential security risk
  because it allowed clients to publish messages outside of their restricted
  mount point. This is only affects brokers where the mount_point option is in
  use. Closes #487178.
- Fix detection of broken connections on Windows. Closes #485143.
- Close stdin etc. when daemonised. Closes #485589.
- Fix incorrect detection of FreeBSD and OpenBSD. Closes #485131.

Client library:
- mosq->want_write should be cleared immediately before a call to SSL_write,
  to allow clients using mosquitto_want_write() to get accurate results.


1.4.7 - 20151221
================

Broker:
- Fix support for libwebsockets 1.22.


1.4.6 - 20151220
================

Broker:
- Add support for libwebsockets 1.6.

Client library:
- Fix _mosquitto_socketpair() on Windows, reducing the chance of delays when
  publishing. Closes #483979.

Clients:
- Fix "mosquitto_pub -l" stripping the final character on a line. Closes
  #483981.


1.4.5 - 20151108
================

Broker:
- Fix possible memory leak if bridge using SSL attempts to connect to a
  host that is not up.
- Free unused topic tree elements (fix in 1.4.3 was incomplete). Closes
  #468987.

Clients:
- "mosquitto_pub -l" now no longer limited to 1024 byte lines. Closes #478917.


1.4.4 - 20150916
================

Broker:
- Don't leak sockets when outgoing bridge with multiple addresses cannot
  connect. Closes #477571.
- Fix cross compiling of websockets. Closes #475807.
- Fix memory free related crashes on openwrt. Closes #475707.
- Fix excessive calls to message retry check.


1.4.3 - 20150818
================

Broker:
- Fix incorrect bridge notification on initial connection. Closes #467096.
- Build fixes for OpenBSD.
- Fix incorrect behaviour for autosave_interval, most noticable for
  autosave_interval=1. Closes #465438.
- Fix handling of outgoing QoS>0 messages for bridges that could not be sent
  because the bridge connection was down.
- Free unused topic tree elements. Closes #468987.
- Fix some potential memory leaks. Closes #470253.
- Fix potential crash on libwebsockets error.

Client library:
- Add missing error strings to mosquitto_strerror.
- Handle fragmented TLS packets without a delay. Closes #470660.
- Fix incorrect loop timeout being chosen when using threaded interface and
  keepalive = 0. Closes #471334.
- Increment inflight messages count correctly. Closes #474935.

Clients:
- Report error string on connection failure rather than error code.


1.4.2 - 20150507
================

Broker:
- Fix bridge prefixes only working for the first outgoing message. Closes
  #464437.
- Fix incorrect bridge connection notifications on local broker.
- Fix persistent db writing on Windows. Closes #464779.
- ACLs are now checked before sending a will message.
- Fix possible crash when using bridges on Windows. Closes #465384.
- Fix parsing of auth_opt_ arguments with extra spaces/tabs.
- Broker will return CONNACK rc=5 when a username/password is not authorised.
  This was being incorrectly set as rc=4.
- Fix handling of payload lengths>4096 with websockets.

Client library:
- Inflight message count wasn't being decreased for outgoing messages using
  QoS 2, meaning that only up to 20 QoS 2 messages could be sent. This has
  been fixed. Closes #464436.
- Fix CMake dependencies for C++ wrapper building. Closes #463884.
- Fix possibility of select() being called with a socket that is >FD_SETSIZE.
  This is a fix for #464632 that will be followed up by removing the select()
  call in a future version.
- Fix calls to mosquitto_connect*_async() not completing.


1.4.1 - 20150403
================

Broker:
- Fix possible crash under heavy network load. Closes #463241.
- Fix possible crash when using pattern ACLs.
- Fix problems parsing config strings with multiple leading spaces. Closes
  #462154.
- Websockets clients are now periodically disconnected if they have not
  maintained their keepalive timer. Closes #461619.
- Fix possible minor memory leak on acl parsing.

Client library:
- Inflight limits should only apply to outgoing messages. Closes #461620.
- Fix reconnect bug on Windows. Closes #463000.
- Return -1 on error from mosquitto_socket(). Closes #461705.
- Fix crash on multiple calls to mosquitto_lib_init/mosquitto_lib_cleanup.
  Closes #462780.
- Allow longer paths on Windows. Closes #462781.
- Make _mosquitto_mid_generate() thread safe. Closes #463479.


1.4 - 20150218
==============

Important changes:
- Websockets support in the broker.
- Bridge behaviour on the local broker has changed due to the introduction of
  the local_* options. This may affect you if you are using authentication
  and/or ACLs with bridges.
- The default TLS behaviour has changed to accept all of TLS v1.2, v1.1 and
  v1.0, rather than only only one version of the protocol. It is still
  possible to restrict a listener to a single version of TLS.
- The Python client has been removed now that the Eclipse Paho Python client
  has had a release.
- When a durable client reconnects, its queued messages are now checked
  against ACLs in case of a change in username/ACL state since it last
  connected.
- New use_username_as_clientid option on the broker, for preventing hijacking
  of a client id.
- The client library and clients now have experimental SOCKS5 support.
- Wildcard TLS certificates are now supported for bridges and clients.
- The clients have support for config files with default options.
- Client and client libraries have support for MQTT v3.1.1.
- Bridge support for MQTT v3.1.1.


Broker:
- Websockets support in the broker.
- Add local_clientid, local_username, local_password for bridge connections to
  authenticate to the local broker.
- Default TLS mode now accepts TLS v1.2, v1.1 and v1.0.
- Support for ECDHE-ECDSA family ciphers.
- Fix bug #1324411, which could have had unexpected consequences for delayed
  messages in rare circumstances.
- Add support for "session present" in CONNACK messages for MQTT v3.1.1.
- Remove strict protocol #ifdefs.
- Change $SYS/broker/clients/active -> $SYS/broker/clients/connected
- Change $SYS/broker/clients/inactive -> $SYS/broker/clients/disconnected
- When a durable client reconnects, its queued messages are now checked
  against ACLs in case of a change in username/ACL state since it last
  connected.
- libuuid is used to generate client ids, where it is available, when an MQTT
  v3.1.1 client connects with a zero length client id.
- Anonymous clients are no longer accidently disconnected from the broker
  after a SIGHUP.
- mosquitto_passwd now supports -b (batch mode) to allow the password to be
  provided at the command line.
- Removed $SYS/broker/changeset. This was intended for use with debugging, but
  in practice is of no use.
- Add support for use_username_as_clientid which can be used with
  authentication to restrict ownership of client ids and hence prevent one
  client disconnecting another by using the same client id.
- When "require_certificate" was false, the broker was incorrectly asking for
  a certificate (but not checking it). This caused problems with some clients
  and has been fixed so the broker no longer asks.
- When using syslog logging on non-Windows OSs, it is now possible to specify
  the logging facility to one of local0-7 instead of the default "daemon".
- The bridge_attempt_unsubscribe option has been added, to allow the sending
  of UNSUBSCRIBE requests to be disabled for topics with "out" direction.
  Closes bug #456899.
- Wildcard TLS certificates are now supported for bridges.
- Support for "hour" client expiration lengths for the
  persistent_client_expiration option. Closes bug #425835.
- Bridge support for MQTT v3.1.1.
- Root privileges are now dropped after starting listeners and loading
  certificates/private keys, to allow private keys to have their permissions
  restricted to the root user only. Closes bug #452914.
- Usernames and topics given in ACL files can now include a space. Closes bug
  #431780.
- Fix hang if pattern acl contains a %u but an anonymous client connect.
  Closes bug #455402.
- Fix man page installation with cmake. Closes bug #458843.
- When using "log_dest file" the output file is now flushed periodically.

Clients:
- Both clients can now load default configuration options from a file.
- Add -C option to mosquitto_sub to allow the client to quit after receiving a
  certain count of messages. Closes bug #453850.
- Add --proxy SOCKS5 support for both clients.
- Pub client supports setting its keepalive. Closes bug #454852.
- Add support for config files with default options.
- Add support for MQTT v3.1.1.

Client library:
- Add experimental SOCKS5 support.
- mosquitto_loop_forever now quits after a fatal error, rather than blindly
  retrying.
- SRV support is now not compiled in by default.
- Wildcard TLS certificates are now supported.
- mosquittopp now has a virtual destructor. Closes bug #452915.
- Add support for MQTT v3.1.1.
- Don't quit mosquitto_loop_forever() if broker not available on first
  connect. Closes bug #453293, but requires more work.


1.3.5 - 20141008
================

Broker:
- Fix possible memory leak when using a topic that has a leading slash. Fixes
  bug #1360985.
- Fix saving persistent database on Windows.
- Temporarily disable ACL checks on subscriptions when using MQTT v3.1.1. This
  is due to the complexity of checking wildcard ACLs against wildcard
  subscriptions. This does not have a negative impact on security because
  checks are still made before a message is sent to a client.
  Fixes bug #1374291.
- When using -v and the broker receives a SIGHUP, verbose logging was being
  disabled. This has been fixed.

Client library:
- Fix mutex being incorrectly passed by value. Fixes bug #1373785.

1.3.4 - 20140806
================

Broker:
- Don't ask client for certificate when require_certificate is false.
- Backout incomplete functionality that was incorrectly included in 1.3.2.

1.3.3 - 20140801
================

Broker:
- Fix incorrect handling of anonymous bridges on the local broker.

1.3.2 - 20140713
================

Broker:
- Don't allow access to clients when authenticating if a security plugin
  returns an application error. Fixes bug #1340782.
- Ensure that bridges verify certificates by default when using TLS.
- Fix possible crash when using pattern ACLs that do not include a %u and
  clients that connect without a username.
- Fix subscriptions being deleted when clients subscribed to a topic beginning
  with a $ but that is not $SYS.
- When a durable client reconnects, its queued messages are now checked
  against ACLs in case of a change in username/ACL state since it last
  connected.
- Fix bug #1324411, which could have had unexpected consequences for delayed
  messages in rare circumstances.
- Anonymous clients are no longer accidently disconnected from the broker
  after a SIGHUP.

Client library:
- Fix topic matching edge case.
- Fix callback deadlocks after calling mosquitto_disconnect(), when using the
  threaded interfaces. Closes bug #1313725.
- Fix SRV support when building with CMake.
- Remove strict protocol #ifdefs.

General:
- Use $(STRIP) for stripping binaries when installing, to allow easier cross
  compilation.

1.3.1 - 20140324
================

Broker:
- Prevent possible crash on client reconnect. Closes bug #1294108.
- Don't accept zero length unsubscription strings (MQTT v3.1.1 fix)
- Don't accept QoS 3 (MQTT v3.1.1 fix)
- Don't disconnect clients immediately on HUP to give chance for all data to
  be read.
- Reject invalid un/subscriptions e.g. foo/+bar #/bar.
- Take more care not to disconnect clients that are sending large messages.

Client library:
- Fix socketpair code on the Mac.
- Fix compilation for WITH_THREADING=no.
- Break out of select() when calling mosquitto_loop_stop().
- Reject invalid un/subscriptions e.g. foo/+bar #/bar.
- Add mosquitto_threaded_set().

Clients:
- Fix keepalive value on mosquitto_pub.
- Fix possibility of mosquitto_pub not exiting after sending messages when
  using -l.

1.3 - 20140316
==============

Broker:
- The broker no longer ignores the auth_plugin_init() return value.
- Accept SSLv2/SSLv3 HELLOs when using TLSv1, whilst keeping SSLv2 and SSLv3
  disabled. This increases client compatibility without sacrificing security.
- The $SYS tree can now be disabled at runtime as well as at compile time.
- When remapping bridged topics, only check for matches when the message
  direction is correct. This allows two identical topics to be remapped
  differently for both in and out.
- Change "$SYS/broker/heap/current size" to "$SYS/broker/heap/current" for
  easier parsing.
- Change "$SYS/broker/heap/maximum size" to "$SYS/broker/heap/maximum" for
  easier parsing.
- Topics are no longer normalised from e.g a///topic to a/topic. This matches
  the behaviour as clarified by the Oasis MQTT spec. This will lead to
  unexpected behaviour if you were using topics of this form.
- Log when outgoing messages for a client begin to drop off the end of the
  queue.
- Bridge clients are recognised as bridges even after reloading from
  persistence.
- Basic support for MQTT v3.1.1. This does not include being able to bridge to
  an MQTT v3.1.1 broker.
- Username is displayed in log if present when a client connects.
- Support for 0 length client ids (v3.1.1 only) that result in automatically
  generated client ids on the broker (see option allow_zero_length_clientid).
- Ability to set the prefix of automatically generated client ids (see option
  auto_id_prefix).
- Add support for TLS session resumption.
- When using TLS, the server now chooses the cipher to use when negotiating
  with the client.
- Weak TLS ciphers are now disabled by default.

Client library:
- Fix support for Python 2.6, 3.0, 3.1.
- Add support for un/subscribing to multiple topics at once in un/subscribe().
- Clients now close their socket after sending DISCONNECT.
- Python client now contains its version number.
- C library mosquitto_want_write() now supports TLS clients.
- Fix possible memory leak in C/C++ library when communicating with
  a broker that doesn't follow the spec.
- Return strerror() through mosquitto_strerror() to make error printing
  easier.
- Topics are no longer normalised from e.g a///topic to a/topic. This matches
  the behaviour as clarified by the Oasis MQTT spec. This will lead to
  unexpected behaviour if you were using topics of this form.
- Add support for SRV lookups.
- Break out of select() on publish(), subscribe() etc. when using the threaded
  interface. Fixes bug #1270062.
- Handle incoming and outgoing messages separately. Fixes bug #1263172.
- Don't terminate threads on mosquitto_destroy() when a client is not using
  the threaded interface but does use their own thread. Fixes bug #1291473.

Clients:
- Add --ciphers to allow specifying which TLS ciphers to support.
- Add support for SRV lookups.
- Add -N to sub client to suppress printing of EOL after the payload.
- Add -T to sub client to suppress printing of a topic hierarchy.

1.2.3 - 20131202
================

Broker:
- Don't always attempt to call read() for SSL clients, irrespective of whether
  they were ready to read or not. Reduces syscalls significantly.
- Possible memory leak fixes.
- Further fix for bug #1226040: multiple retained messages being delivered for
  subscriptions ending in #.
- Fix bridge reconnections when using multiple bridge addresses.

Client library:
- Fix possible memory leak in C/C++ library when communicating with
  a broker that doesn't follow the spec.
- Block in Python loop_stop() until all messages are sent, as the
  documentation states should happen.
- Fix for asynchronous connections on Windows. Closes bug #1249202.
- Module version is now available in mosquitto.py.

Clients:
- mosquitto_sub now uses fwrite() instead of printf() to output messages, so
  messages with NULL characters aren't truncated.

1.2.2 - 20131021
================

Broker:
- Fix compliance with max_inflight_messages when a non-clean session client
  reconnects. Closes one of the issues on bug #1237389.

Client library:
- Fix incorrect inflight message accounting, which caused messages to go
  unsent. Partial fix for bug #1237351.
- Fix potential memory corruption when sending QoS>0 messages at a high rate
  using the threaded interface. Further fix for #1237351.
- Fix incorrect delay scaling when exponential_backoff=true in
  mosquitto_reconnect_delay_set().
- Some pep8 fixes for Python.

1.2.1 - 20130918
================

Broker:
- The broker no longer ignores the auth_plugin_init() return value. Closes
  bug #1215084.
- Use RTLD_GLOBAL when opening authentication plugins on posix systems. Fixes
  resolving of symbols in libraries used by authentication plugins.
- Add/fix some config documentation.
- Fix ACLs for topics with $SYS.
- Clients loaded from the persistence file on startup were not being added to
  the client hash, causing subtle problems when the client reconnected,
  including ACLs failing. This has been fixed.
- Add note to mosquitto-tls man page stating that certificates need to be
  unique. Closes bug #1221285.
- Fix incorrect retained message delivery when using wildcard subs in some
  circumstances. Fixes bug #1226040.

Client library:
- Fix support for Python 2.6, 3.0, 3.1.
- Fix TLS subjectAltName verification and segfaults.
- Handle EAGAIN in Python on Windows. Closes bug #1220004.
- Fix compilation when using WITH_TLS=no.
- Don't fail reconnecting in Python when broker is temporarily unavailable.

1.2 - 20130708
==============

Broker:
- Replace O(n) username lookup on CONNECT with a roughly O(1) hashtable version.
- It is now possible to disable $SYS at compile time.
- Add dropped publish messages to load tree in $SYS. Closes bug #1183318.
- Add support for logging SUBSCRIBE/UNSUBSCRIBE events.
- Add "log_dest file" logging support.
- Auth plugin ACL check function now passes the client id as well as username
  and password.
- The queue_qos0_messages option wasn't working correctly, this has now been
  fixed. Closes bug #1125200.
- Don't drop all messages for disconnected durable clients when
  max_queued_messages=0.
- Add support for "log_type all".
- Add support for "-v" option on the command line to provide the equivalent of
  "log_type all" without needing a config file.
- Add the "upgrade_outgoing_qos" option, a non-standard feature.
- Persistence data is now written to a temporary file which is atomically
  renamed on completion, so a crash during writing will not produce a corrupt
  file.
- mosquitto.conf is now installed as mosquitto.conf.example
- Configuration file errors are now reported with filename and line number.
- The broker now uses a monotonic clock if available, to avoid changes in time
  causing client disconnections or message retries.
- Clean session and keepalive status are now display the log when a client
  connects.
- Add support for TLSv1.2 and TLSv1.1.
- Clients that connect with zero length will topics are now rejected.
- Add the ability to set a maximum allowed PUBLISH payload size.
- Fix an ACL with topic "#" incorrectly granting access to $SYS.
- Fix retained messages incorrectly being set on wildcard topics, leading to
  duplicate retained messages being sent on subscription. Closes bug #1116233.
- Don't discard listener values when no "port" option given. Closes bug
  #1131406.
- Client password check was always failing when security was being reapplied
  after a config reload. This meant that all clients were being disconnected.
  This has been fixed.
- Fix build when WITH_TLS=no. Closes bug #1174971.
- Fix single outgoing packets not being sent in a timely fashion if they were
  not sent in one call to write(). Closes bug #1176796.
- Fix remapping of messages for clients connected to a listener with
  mount_point set. Closes bug #1180765.
- Fix duplicate retained messages being sent for some wildcard patterns.
- If a client connects with a will topic to which they do not have write
  access, they are now disconnected with CONNACK "not authorised".
- Fix retained messages on topic foo being incorrectly delivered to
  subscriptions of /#
- Fix handling of SSL errors on SSL_accept().
- Fix handling of QoS 2 messages on client reconnect.
- Drop privileges now sets supplementary groups correctly.
- Fix load reporting interval (is now 60s).
- Be strict with malformed PUBLISH packets - clients are now disconnected
  rather than the packet discarded. This goes inline with future OASIS spec
  changes and makes other changes more straightforward.
- Process incoming messages denied by ACL properly so that clients don't keep
  resending them.

- Add support for round_robin bridge option.
- Add bridge support for verifying remote server certificate subject against
  the remote hostname.
- Fix problem with out of order calls to free() when restarting a lazy bridge.
- The broker now attempts to resolve bind_address and bridge addresses
  immediately when parsing the config file in order to detect invalid hosts.
- Bridges now set their notification state before attempting to connect, so if
  they fail to connect the state can still be seen.
- Fix bridge notification payload length - no need to send a null byte.

- mosquitto_passwd utility now reports errors more clearly.
- Fix "mosquitto_passwd -U".

Client library:
- Add support for TLSv1.2 and TLSv1.1, except for on the Python module.
- Add support for verifying remote server certificate subject against the
  remote hostname.
- Add mosquitto_reconnect_async() support and make asynchronous connections
  truely asynchronous rather than simply deferred. DNS lookups are still
  blocking, so asynchronous connections require an IP address instead of
  hostname.
- Allow control of reconnection timeouts in mosquitto_loop_forever() and after
  mosquitto_loop_start() by using mosquitto_reconnect_delay_set().
- Fix building on Android NDK.
- Re-raise unhandled errors in Python so as not to provide confusing error
  messages later on.
- Python module supports IPv6 connections.
- mosquitto_sub_topic_tokenise() was behaving incorrectly if the last topic
  hierarchy had only a single character. This has been fixed. Closes bug
  #1163348.
- Fix possible crash after disconnects when using the threaded interface with
  TLS.
- Allow build/install without Python. Closes bug #1174972.
- Add support for binding connection to a local interface.
- Implement maximum inflight messages handling.
- Fix Python client not handling will_payload==None.
- Fix potential memory leak when setting username/password.
- Fix handling of QoS 2 messages on reconnect.
- Improve handling of mosquitto_disconnect() with threaded mode.


Clients:
- Add support for TLSv1.2 and TLSv1.1.
- Sub client can now suppress printing of messages with the retain bit set.
- Add support for binding connection to a local interface.
- Implement maximum inflight messages handling for the pub client.

1.1.3 - 20130211
================

Broker:
- mosquitto_passwd utility now uses tmpfile() to generate its temporary data
  storage file. It also creates a backup file that can be used to recover data
  if an errors occur.

Other:
- Build script fixes to help packaging on Debian.

1.1.2 - 20130130
================

Client library:
- Fix tls_cert_reqs not being set to SSL_VERIFY_PEER by default. This meant
  that clients were not verifying the server certificate when connecting over
  TLS. This affects the C, C++ and Python libraries.

1.1.1 - 20130116
================

Broker:
- Fix crash on reload if using acl patterns.

Client library:
- Fix static C++ functions not being exported on Windows. Fixes bug #1098256.

1.1 - 20121219
==============

Broker:
- Add $SYS/broker/messages/dropped
- Add $SYS/broker/clients/expired
- Replace $SYS/broker/+/per second/+ with moving average versions published at
  $SYS/broker/load/#
- Add $SYS/broker/load/sockets/+ and $SYS/broker/load/connections/+
- Documentation on password file format has been fixed.
- Disable SSL compression. This reduces memory usage significantly and removes
  the possibility of CRIME type attacks.
- Enable SSL_MODE_RELEASE_BUFFERS mode to reduce SSL memory usage further.
- Add allow_duplicate_messages option.
- ACL files can now have comment lines with # as the first character.
- Display message on startup about which config is being loaded.
- Fix max_inflight_messages and max_queued_messages not being applied.
- Fix documentation error in mosquitto.conf.
- Ensure that QoS 2 queued messages are sent out in a timely manner.
- Local bridges now act on clean_session correctly.
- Local bridges with clean_session==false now remove unused subscriptions on
  broker restart.
- The $SYS/broker/heap/# messages now no longer include "bytes" as part of the
  string for ease of use.

Client library:
- Free memory used by OpenSSL in mosquitto_lib_cleanup() where possible.
- Change WebSocket subprotocol name to mqttv3.1 to make future changes easier
  and for compatibility with other implementations.
- mosquitto_loop_read() and mosquitto_loop_write() now handle errors
  themselves rather than having mosquitto_loop() handle their errors. This
  makes using them in a separate event loop more straightforward.
- Add mosquitto_loop_forever() / loop_forever() function call to make simple
  clients easier.
- Disable SSL compression. This reduces memory usage significantly and removes
  the possibility of CRIME type attacks.
- Enable SSL_MODE_RELEASE_BUFFERS mode to reduce SSL memory usage further.
- mosquitto_tls_set() will now return an error or raise an exception
  immediately if the CA certificate or client certificate/key cannot be
  accessed.
- Fix potential memory leaks on connection failures.
- Don't produce return error from mosquitto_loop() if a system call is
  interrupted. This prevents disconnects/reconnects in threaded mode and
  simplifies non-threaded client handling.
- Ignore SIGPIPE to prevent unnecessary client quits in threaded mode.
- Fix document error for mosquitto_message_retry_set().
- Fix mosquitto_topic_matches_sub() for subscriptions with + as the final
  character. Fixes bug #1085797.
- Rename all "obj" parameters to "userdata" for consistency with other
  libraries.
- Reset errno before network read/write to ensure EAGAIN isn't mistakenly
  returned.
- The message queue length is now tracked and used to determine the maximum
  number of packets to process at once. This removes the need for the
  max_packets parameter which is now unused.
- Fix incorrect error value in Python error_string() function. Fixes bug
  #1086777.
- Reset last message in/out timer in Python module when we send a PINGREQ.
  Fixes too-early disconnects.

Clients:
- Clients now display their own version number and library version number in
  their help messages.
- Fix "mosquitto_pub -l -q 2" disconnecting before all messages were
  transmitted.
- Fix potential out-of-bounds array access with client ids. Fixes bug
  #1083182.

Other:
- mosquitto_passwd can now convert password files with plain text files to
  hashed versions.

1.0.5 - 20121103
================

Broker:
- Fix crash when the broker has use_identity_as_username set to true but a
  client connects without a certificate.
- mosquitto_passwd should only be installed if WITH_TLS=yes.

Library:
- Use symbolic errno values rather than numbers in Python module to avoid
  cross platform issues (incorrect errno on Mac OS).

Other:
- Build script fixes for FreeBSD.

1.0.4 - 20121017
================

Broker:
- Deal with poll() POLLIN/POLLOUT before POLL[RD]HUP to correctly handle the
  case where a client sends data and immediately closes its socket.

Library:
- Fix memory leak with messages of QoS=2. Fixes bug #1064981.
- Fix potential thread synchronisation problem with outgoing packets in the
  Python module. Fixes bug #1064977.

Clients:
- Fix "mosquitto_sub -l" incorrectly only sending one message per second.

1.0.3 - 20120927
================

Broker:
- Fix loading of psk files.
- Don't return an error when reloading config if an ACL file isn't defined.
  This was preventing psk files being reloaded.
- Clarify meaning of $SYS/broker/clients/total in mosquitto(8) man page.
- Clarify meaning of $SYS/broker/messages/stored in mosquitto(8) man page.
- Fix non-retained message delivery when subscribing to #.
- Fix retained message delivery for subs to foo/# with retained messages at
  foo.
- Include the filename in password/acl file loading errors.

Library:
- Fix possible AttributeError when self._sock == None in Python module.
- Fix reconnecting after a timeout in Python module.
- Fix reconnecting when there were outgoing packets in the queue in the Python
  module.
- Fix problem with mutex initialisation causing crashes on some Windows
  installations.

1.0.2 - 20120919
================

Broker:
- If the broker was configured for persistence, a durable client had a
  subscription to topics in $SYS/# and had messages in its queue when the
  broker restarted, then the persistent database would have messages missing
  and so the broker would not restart properly. This has been fixed.

Library:
- Fix threading problem on some systems.

Tests:
- Close socket after 08-ssl-connect-no-auth-wrong-ca.py test to prevent
  subsequent tests having problems.

Build scripts:
- Install pskfile.example in CMake. Fixes bug #1037504.

Other:
- Fix db_dump parameter printing message store and sub chunks.

1.0.1 - 20120815
================

Broker:
- Fix default log_dest when running as a Windows service.

Client library:
- Fix incorrect parameters in Python on_log() callback call. Fixes bug
  #1036818.

Clients:
- Clients now don't display TLS/TLS-PSK usage help if they don't support it.

Build scripts:
- Fix TLS-PSK support in the CMake build files.
- Fix man page installation in the CMake build files.
- Fix SYSCONFDIR in cmake on *nix when installing to /usr. Fixes bug #1036908.

Documentation:
- Fix mqtt/MQTT capitalisation in man pages.
- Update compiling.txt.
- Fix incorrect callback docs in mosquitto.py. Fixes bug #1036607.
- Fix various doc typos and remove obsolete script. Fixes bug #1037088.

1.0 - 20120814
==============

Broker:

- Add SSL/TLS support.
- Add TLS-PSK support, providing a simpler encryption method for constrained
  devices.
- Passwords are now salted+hashed if compiled with WITH_TLS (recommended).
- Add mosquitto_passwd for handling password files.
- Add $SYS/broker/publish/messages/{sent|received} to show the number of
  PUBLISH messages sent/received.
- Add $SYS/broker/publish/bytes/{sent|received} to show the number of
  PUBLISH bytes sent/received.
- Add reload parameter for security init/cleanup functions.
- Add option for expiring disconnected persistent clients.
- Add option for queueing of QoS 0 messages when persistent clients are
  disconnected.
- Enforce client id limits in the broker (only when WITH_STRICT_PROTOCOL is
  defined).
- Fix reloading of log configuration.
- Add support for try_private config option for bridge connections.
- Add support for autosave_on_changes config option.
- Add support for include_dir config option.
- Add support for topic remapping.
- Usernames were being lost when a non clean-session client reconnected,
  potentially causing problems with ACLs. This has been fixed.
- Significant improvement to memory handling on Windows.
- Bridges with outgoing topics will now set the retain flag correctly so that
  messages will be retained on the remote broker.
- Incoming bridge connections are now detected by checking if bit 8 of the
  protocol version number is set. This requires support from the remote broker.
- Add support for notification_topic option.
- Add $SYS/broker/subscriptions/count and $SYS/broker/retained messages/count.
- Add restart_timeout to control the amount of time an automatic bridge will
  wait before reconnecting.
- Overlapping subscriptions are now handled properly. Fixes bug #928538.
- Fix reloading of persistence_file and persistence_location.
- Fix broker crash on incorrect protocol number.
- Fix missing COMPAT_ECONNRESET define on Windows.
- Clients that had disconnected were not always being detected immediately on
  Linux. This has been fixed.
- Don't save $SYS messages to the on-disk persistent db. All $SYS messages
  should be reconstructed on a restart. This means bridge connection
  notifications will now be correct on a restart.
- Fix reloading of bridge clients from the persistent db. This means that
  outgoing bridged topics should always work.
- Local bridges are now no longer restricted by local ACLs.
- Discard publish messages with zero length topics.
- Drop to "mosquitto" user even if no config file specified.
- Don't incorrectly allow topic access if ACL patterns but no normal ACL rules
  are defined.

Client library:

- Add SSL/TLS support.
- Add TLS-PSK support, providing a simpler encryption method for constrained
  devices.
- Add javascript/websockets client library.
- Add "struct mosquitto *mosq" parameter for all callbacks in the client
  library. This is a binary incompatible change so the soversion of the
  libraries has been incremented. The new parameter should make it easier to
  use callbacks in practice.
- Add mosquitto_want_write() for use when using own select() loop with
  mosquitto_socket().
- Add mosquitto_connect_async() to provide a non-blocking connect client call.
- Add mosquitto_user_data_set() to allow user data pointer to be updated.
- Add "int rc" parameter to disconnect callback to indicate whether disconnect
  was unexpected or the result of calling mosquitto_disconnect().
- Add mosquitto_strerror() for obtaining a string description of error numbers.
- Add mosquitto_connack_string() for obtaining a string description of MQTT
  connection results.
- Add mosquitto_will_clear() and change mosquitto_will_set() to only set the
  will.
- Add mosquitto_sub_topic_tokenise() and mosquitto_sub_topic_tokens_free()
  utility functions to tokenise a subscription/topic string into a string
  array.
- Add mosquitto_topic_matches_sub() to check whether a topic matches a
  subscription.
- Replaced mosquitto_log_init() with mosquitto_log_callback_set() to allow
  clients to decide what to do with log messages.
- Client will now disconnect itself from the broker if it doesn't receive a
  PINGRESP in the keepalive period after sending a PINGREQ.
- Client will now send a PINGREQ if it has not received a message from the
  broker in keepalive seconds.
- mosquitto_new() will now generate a random client id if the id parameter is
  NULL.
- Added max_packets to mosquitto_loop(), mosquitto_loop_read() and
  mosquitto_loop_write() to control the maximum number of packets that are
  handled per call.
- Payload parameters are now void * instead of uint8_t *.
- The clean_session parameter has been moved from mosquitto_connect() to
  mosquitto_new() because it is a client parameter rather than a connection
  parameter.
- Functions now use int instead of uint*_t where possible.
- mosquitto_new() now sets errno to indicate failure type.
- Return MOSQ_ERR_INVAL on zero length topic.
- Fix automatic client id generation on Windows.
- mosquitto_loop_misq() can now return MOSQ_ERR_NO_CONN.
- Compile static library as well as dynamic library with default makefiles.
- Rename C++ namespace from mosquittopp to mosqpp to remove ambiguity.
- C++ lib_init(), lib_version() and lib_cleanup() are now in the mosqpp
  namespace directly, not mosquittopp class members.
- The Python library is now written in pure Python and so no longer depends on
  libmosquitto.
- The Python library includes SSL/TLS support.
- The Python library should now be compatible with Python 3.

Other:

- Fix db_dump reading of retained messages.
- Add example of logging all messages to mysql.
- Add C++ client example.
- Fix potential buffer overflow in pub/sub clients.
- Add "make binary" target that doesn't make documents.
- Add "--help" arguments to pub/sub clients.
- Fix building on Solaris.

0.15 - 20120205
===============

- Add support for $SYS/broker/clients/maximum and $SYS/broker/clients/active
  topics.
- Add support for $SYS messages/byte per second received/sent topics.
- Updated mosquitto man page - $SYS hierarchy and signal support were out of
  date.
- Auto generated pub/sub client ids now include the hostname.
- Tool for dumping persistent DB contents is available in src/db_dump. It isn't
  installed by default.
- Enforce topic length checks in client library.
- Implement "once" and "lazy" bridge start types.
- Add new return type MOSQ_ERR_ERRNO to indicate that the errno variable should
  be checked for the real error code.
- Add support for connection_messages config option.
- mosquitto_sub will now refuse to run if the -c option (disable clean session)
  is given and no client id is provided.
- mosquitto_pub now gives more useful error messages on invalid input or other
  error conditions.
- Fix Python will_set() true/True typo.
- Fix messages to topic "a/b" incorrectly matching on a subscription "a" if
  another subscription "a/#" exists.

0.14.4 - 20120106
=================

- Fix local bridge notification messages.
- Fix return values for more internal library calls.
- Fix incorrect out of memory checks in library and broker.
- Never time out local bridge connections.

0.14.3 - 20111210
=================

- Fix potential crash when client connects with an invalid CONNECT packet.
- Fix incorrect invalid socket comparison on Windows.
- Server shouldn't crash when a message is published to foo/ when a
  subscription to foo/# exists (bug #901697).
- SO_REUSEADDR doesn't work the same on Windows, so don't use it.
- Cygwin builds now support Windows service features.
- Fix $SYS/broker/bytes/sent reporting.

0.14.2 - 20111123
=================

- Add uninstall target for libs.
- Don't try to write packet whilst in a callback.

0.14.1 - 20111117
=================

- Fix Python sytax errors (bug #891673).

0.14 - 20111116
===============

- Add support for matching ACLs based on client id and username.
- Add a Windows installer file (NSIS based).
- Add native support for running the broker as a Windows service. This is the
  default when installed using the new installer.
- Fix client count for listeners. When clients disconnect, decrement the
  count. Allow max_connections to work again.
- Attempt to send all packets immediately upon being queued. This will result
  in more immediate network communication in many cases.
- Log IP address when reporting CONNACK packets if the client id isn't yet
  known.
- Fix payload length calculation in python will_set function.
- Fix Python publish and will_set functions for payload=None.
- Fix keepalive value being lost when reconnecting a client (bug #880863).
- Persistence file writing now uses portable file functions, so the Cygwin
  broker build should no longer be necessary.
- Duplicate code between the client and broker side has been reduced.
- Queued messages for clients reconnecting with clean_session=false set were
  not being sent until the next message for that client was received. This has
  been fixed (bug #890724).
- Fix subscriptions to # incorrectly matching against topics beginning with /

0.13 - 20110920
===============

- Implement bridge state notification messages.
- Save client last used mid in persistent database (DB version number bumped).
- Expose message id in Python MosquittoMessage.
- It is now possible to set the topic QoS level for bridges.
- Python MosquittoMessage payload parameter is now a Python string, not a
  ctypes object which makes it much easier to use.
- Fix queueing of messages for disconnected clients. The max_queued_messages
  option is now obeyed.
- C++ library is now in its own namespace, mosquittopp.
- Add support for adding log message timestamps in the broker.
- Fix missing mosquitto_username_pw_set() python binding.
- Fix keepalive timeout for reconnecting non clean-session clients. Prevents
  immediate disconnection on reconnection.
- Fix subscription wildcard matching - a subscription of +/+ will now match
  against /foo
- Fix subscription wildcard matching - a subscription of foo/# will now match
  against foo
- When restoring persistent database, clients should be set to non
  clean-session or their subscriptions will be immediately removed.
- Fix SUBACK payload for multiple topic subscriptions.
- Don't send retained messages when a client subscribes to a topic it is
  already subscribed to.

0.12 - 20110725
===============

- Reload (most) configuration on SIGHUP.
- Memory tracking is no longer compiled in the client library.
- Add --help option to mosquitto to display usage.
- Add --id-prefix option to clients to allow easier use with brokers that are
  using the clientid_prefix option.
- Fix compilation on QNX.
- Add -P as a synonym argument for --pw in the clients.
- Fix python MosquittoMessage payload parameter. This is now returned as a
  pointer to an array of c_uint8 values so binary data is handled correctly.
  If a string is needed, use msg.payload_str
- Fix memory leaks on client authentication.
- If password_file is not defined then clients can now connect even if they
  use a username/password.
- Add mosquitto_reconnect() to the client library.
- Add option for compiling with liberal protocol compliance support (enabled
  by default).
- Fix problems with clients reconnecting and old messages remaining in the
  message store.
- Display both ip and client id in the log message when a client connects.
  Change the socket connection message to make it more obvious that it is just
  a socket connection being made (bug #801135).
- Fix retained message delivery where a subscription contains a +.
- Be more lenient when reloading persistent database to reduce errors with
  empty retained messages.

0.11.3 - 20110707
=================

- Don't complain and quit if persistence_file option is given (bug #802423).
- Initialise listeners correctly when clients with duplicate client ids
  connect. Bug #801678.
- Memory tracking is now disabled for Symbian builds due to lack of malloc.h.
- Fix memory tracking compilation for kFreeBSD.
- Python callbacks can now be used with class member functions.
- Fix persistent database writing of client message chunks which caused
  errors when restoring (bug #798164).

0.11.2 - 20110626
=================

- Don't free contexts in mqtt3_context_disconnect() (bug #799688 / #801678).
- Only free will if present when freeing a client context.

0.11.1 - 20110620
=================

- Fix buffer overrun when checking for + and # in topics (bug #799688).
- Pub client now quits if publish fails.

0.11 - 20110619
===============

- Removed all old sqlite code.
- Remove client id limit in clients.
- Implemented $SYS/broker/heap/maximum size
- Implemented $SYS/broker/clients/inactive to show the number of disconnected
  non-clean session clients.
- $SYS/broker/heap/current size and maximum size messages now include "bytes"
  to match rsmb message format.
- Implemented the retained_persistence config file option - a synonym of the
  "persistence" option.
- Added security_external.c to broker source to make it easier for third
  parties to add support for their existing username/password and ACL database
  for security checks. See external_security_checks.txt.
- $SYS messages are now only republished when their value changes.
- Windows native broker now responds to command line arguments.
- Simplify client disconnecting so wills gets sent in all cases (bug #792468).
- Clients now have a --quiet option.
- The on_disconnect() callback will always be called now, even if the client
  has disconnected unexpectedly.
- Always close persistent DB file after restoring.
- Return error code when exiting the clients.
- mosquitto_publish() now returns MOSQ_ERR_INVAL if the topic contains + or #
- mosquitto now silently rejects published messages with + or # in the topic.
- max_connections is now a per-listener setting instead of global.
- Connection count is now reduced when clients disconnect (bug #797983).

0.10.2 - 20110106
=================

- Don't abort when connecting if the first connection fails. This is important
  on e.g. Windows 7, where IPV6 is offered as the first choice but may not be
  available.
- Deal with long logging messages properly (bug #785882).
- Fix library compilation on Symbian - no pselect() available.
- Don't stop processing subscriptions on received messages after a
  subscription with # matches. (bug #791206).

0.10.1 - 20110512
=================

- Fix Windows compilation.
- Fix mosquitto.py on Windows - call lib init/cleanup.
- Don't abort when connecting if given an unknown address type (assuming an
  IPv4 or IPv6 address is given).

0.10 - 20110429
===============

- Implement support for the password_file option and accompanying
  authentication requirements in the broker.
- Implement topic Access Control Lists.
- mosquitto_will_set() and mosquitto_publish() now return
  MOSQ_ERR_PAYLOAD_SIZE if the payload is too large (>268,435,455 bytes).
- Bridge support can now be disabled at compile time.
- Group together network writes for outgoing packets - don't send single byte
  writes!
- Add support for clientid_prefixes variable.
- Add support for the clientid config variable for controlling bridge client
  ids.
- Remove 32-bit database ID support because htobe64() no longer used.
- Multiple client subscriptions to the same topic result in only a single
  subscription. Bug #744077.

0.9.3 - 20110310
================

- Set retained message status for QoS 2 messages (bug #726535).
- Only abort with an error when opening listening sockets if no address family
  is available, rather than aborting when any address family is not available.
- Don't clean queued messages when a non clean session client reconnects.
- Make mosquitto.py compatible with Python <2.6.
- Fix mosquitto.h header includes for Windows.

0.9.2 - 20110208
================

- Only send a single DISCONNECT command when using -l in the pub client.
- Set QoS=1 on PUBREL commands to meet protocol spec.
- Don't leak sockets on connection failure in the library.
- Install man pages when building under cmake.
- Fix crash bug on malformed CONNECT message.
- Clients are now rejected if their socket peer name cannot be obtained on
  connection.
- Fix a number of potential problems caused when a client with a duplicate id
  connects.
- Install mosquitto.conf under cmake.

0.9.1 - 20101203
================

- Add missing code for parsing the "bind_address" configuration option.
- Fix missing include when compiling with tcp-wrappers support.
- Add linker version script for C library to control exported functions.

0.9 - 20101114
==============

- Client and message data is now stored in memory with custom routines rather
  than a sqlite database. This removes the dependencies on sqlite, pcre and
  sqlite3-pcre. It also means that the persistent database format has had to
  be reimplemented in a custom format. Optional support for importing old
  sqlite databases is provided.
- Added IPv6 support for mosquitto and the clients.
- Provide username and password support for the clients and client libraries.
  This is part of the new MQTT v3.1 spec.
- The broker supports the username and password connection flags, but will not
  do anything with the username and password.
- Python callback functions now optionally take an extra argument which will
  return the user object passed to the Mosquitto() constructor, or the calling
  python object itself if nothing was given to Mosquitto().
- Remove the mosquitto command line option "-i interface".
- Remove the mosquitto.conf "interface" variable.
- Add support for the listener config variable (replaces the interface
  variable)
- Add support for the bind_address config variable.
- Change the port config variable behaviour to match that of rsmb (applies to
  the default listener only, can be given just once).
- Fix QoS 2 protocol compliance - stop sending duplicate messages and handle
  timeouts correctly. Fixes bug #598290.
- Set retain flag correctly for outgoing messages. It should only be set for
  messages sent in response to a subscribe command (ie. stale data).
- Fix bug in returning correct CONNACK result to on_connect client callback.
- Don't send client will if it is disconnected for exceeding its keepalive
  timer.
- Fix client library unsubscribe function incorrectly sending a SUBSCRIBE
  command when it should be UNSUBSCRIBE.
- Fix max_inflight_messages and max_queued_messages operation. These
  parameters now apply only to QoS 1 and 2 messages and are used regardless of
  the client connection state.
- mosquitto.conf now installed to /etc/mosquitto/mosquitto.conf instead of
  /etc/mosquitto.conf. The /etc/mosquitto/ directory will be used for password
  and access control files in the future.
- Give the compile time option of using 32-bit integers for the database IDs
  instead of 64-bit integers. This is useful where htobe64()/be64toh() are not
  available or for embedded systems for example.
- The DUP bit is now set correctly when resending PUBREL messages.
- A port to Windows native has been partially completed. This currently drops a
  number of features, including the ability to change configuration parameters
  and persistent storage.

0.8.3 - 20101004
================

- Fix QoS 2 protocol compliance - stop sending duplicate messages and handle
  timeouts correctly. Fixes bug #598290. (backported from future 0.9 code)

0.8.2 - 20100815
================

- Fix default loop() timeout value in mosquitto.py. Previous value was 0,
  causing high cpu load.
- Fix message handling problem in client library when more than one message was
  in the client queue.
- Fix the logic used to determine whether a QoS>0 message needs to be retried.
- Fix the Python sub.py example so that it quits on error.

0.8.1 - 20100812
================

- Improve python interface
- Fix incorrect return value from message delete function
- Use logging function to print error messages in clients.
- Fix python installation script DESTDIR.
- Fix library destination path for 64-bit machines.

0.8 - 20100807
==============

- Topics starting with a / are treated as distinct to those not starting with
  a /. For example, /topic/path is different to topic/path. This matches the
  behaviour of rsmb.
- Correctly calculate the will QoS on a new client connection (bug #597451).
- Add "addresses" configuration file variable as an alias of "address", for
  better rsmb compatibility.
- Bridge clean_session setting is now false, to give more sensible behaviour
  and be more compatible with rsmb.
- Add cleansession variable for configuring bridges.
- Add keepalive_interval variable for bridges.
- Remove default topic subscription for mosquitto_sub because the old
  behaviour was too confusing.
- Added a C client library, which the pub and sub clients now use.
- Added a C++ client library (bound to the C library).
- Added a Python client library (bound to the C library).
- Added CMake build scripts to allow the library and clients (not the broker)
  to be compiled natively on Windows.

0.7 - 20100615
==============

- mosquitto_pub can now send null (zero length) messages.
- Don't store QoS=0 messages for disconnected clients with subscriptions of
  QoS>0.
- accept() all available sockets when new clients are connecting, rather than
  just one.
- Add option to print debug messages in pub and sub clients.
- hg revision is now exported via $SYS/broker/changeset
- Send Will when client exceeds keepalive timer and is disconnected.
- Check to see if a client has a will before sending it.
- Correctly deal with clients connecting with the same id multiple times.
- Add compile time option to disable heap memory tracking.
- Use poll() instead of select() to allow >1024 clients.
- Implement max_connections.
- Run VACUUM on in-memory database on receiving SIGUSR2.
- Fix bridge keepalive timeouts and reconnects.
- Don't attempt to drop root privileges when running on Windows as this isn't
  well supported (bug #586231).

0.6.1 - 20100506
================

- Fix DB auto upgrade for messages table.

0.6 - 20100505
==============

- Basic support for connecting multiple MQTT brokers together (bridging).
- mosquitto_sub can now subscribe to multiple topics (limited to a global QoS).
- mosquitto_pub can now send a file as a message.
- mosquitto_pub can now read all of stdin and send it as a message.
- mosquitto_pub can now read stdin and send each line as a message.
- mosquitto will now correctly run VACUUM on the persistent database on exit.
- Implement a more efficient database design, so that only one copy of each
  message is held in the database, rather than one per subscribed client.
- Add the store_cleanup_interval config option for dealing with the internal
  message store.
- Add support for disabling "clean session" for the sub client.
- Add support for automatic upgrading of the mosquitto DB from v1 to v2.
- Add persistence_file config option to allow changing the filename of the
  persistence database. This allows multiple mosquitto DBs to be stored in the
  same location whilst keeping persistence_location compatible with rsmb.
- Don't store QoS=0 messages for disconnected clients. Fixes bug #572608. This
  wasn't correctly fixed in version 0.5.
- Don't disconnect clients if they send a PUBLISH with zero length payload
  (bug #573610).
- If a retained message is received with a zero length payload, the retained
  message for that topic is deleted.
- Send through zero length messages.
- Produce a warning on unsupported rsmb options instead of quitting.
- Describe clean session flag in the mqtt man page.
- Implement the max_inflight_messages and max_queued_messages features in the
  broker.

0.5.4 - 20100311
================

- Fix memory allocation in mqtt3_fix_sub_topic() (bug #531861).
- Remove accidental limit of 100 client connections.
- Fix mosquitto_pub handling of messages with QoS>0 (bug #537061).

0.5.3 - 20100303
================

- Will messages are now only sent when a client disconnects unexpectedly.
- Fix all incoming topics/subscriptions that start with a / or contain
  multiple / in a row (//).
- Do actually disconnect client when it sends an empty subscription/topic string.
- Add missing $SYS/broker/clients/total to man page.

0.5.2 - 20100302
================

- Always update last backup time, so that the backup doesn't run every time
  through the main loop once autosave_interval has been reached.
- Report $SYS/broker/uptime in the same format as rsmb.
- Make mandatory options obvious in usage output and man page of mosquitto_pub.
  Fixes bug #529990.
- Treat subscriptions with a trailing slash correctly. This should fix bugs
  #530369 and #530099.

0.5.1 - 20100227
================

- Must daemonise before pid file is written.

0.5 - 20100227
==============

- No longer store QoS=0 messages for disconnected clients that do not have
  clean start set.
- Rename msg_timeout option to retry_interval for better rsmb compatibility.
- Change persistence behaviour. The database is now stored in memory even if
  persistence is enabled. It is written to disk when mosquitto exits and also at
  periodic intervals as defined by the new autosave_interval option.
- The writing of the persistence database may be forced by sending mosquitto
  the SIGUSR1 signal.
- Clients that do not send CONNECT as their first command are now
  disconnected.
- Boolean configuration values may now be specified with true/false as well as
  1/0.
- Log message on CONNECT with invalid protocol or protocol version.
- Default sqlite3-pcre path on Linux is now /usr/lib/sqlite3/pcre.so to match
  future sqlite3-pcre packages.
- Add mosquitto_sub and mosquitto_pub, simple clients for subscribe/publish.
- Add man pages for clients.
- Add general man page on mqtt.
- Root privileges are now dropped only after attempting to write a pid file
  (if configured). This means that the pid file can be written to /var/run/
  directly and should fix bug #523183.

0.4.2 - 20100203
================

- Fix segfault on client connect with invalid protocol name/version.

0.4.1 - 20100112
===============

- Fix regex used for finding retained messages to send on new subscription.

0.4 - 20100105
==============

- Added support for wildcard subscriptions using + and #.
- All network operations are now non-blocking and can cope with partial
  packets, meaning that networking should be a lot more reliable.
- Total messsages/bytes sent/received are now available in $SYS.
- Improved logging information - use client ip address and id instead of
  socket number.
- Broker build timestamp is available in $SYS.
- Keepalive==0 is now correctly treated as "never disconnect".
- Fixed manpage installation.
- Fixed incorrect $SYS hierarchy locations in documentation and code.
- Debug type log messages are no longer sent to "topics".
- Default logging destination no longer includes "topics" to prevent possible
  error logging to the db before it is initialised.
- Periodic $SYS messages can now be disabled.
- stdout and stderr are flushed when logging to them to give more timely
  updates.
- dup is now set correctly when resending messages.
- Database format bumped due to topic column naming fix.

0.3 - 20091217
==============

- The port option in the configuration file and --port command line argument
  may now be given any number of times to make mosquitto listen on multiple
  sockets.
- Add new config file and command line option "interface" to specify an
  interface to listen on, rather than all interfaces.
- Added host access control through tcp-wrappers support.
- Set SO_REUSEADDR on the listening socket so restart is much quicker.
- Added support for tracking current heap memory usage - this is published on
  the topic "$SYS/broker/heap/current size"
- Added code for logging to stderr, stdout, syslog and topics.
- Added logging to numerous places - still plenty of scope for more.

0.2 - 20091204
==============

- Replaced the command line option --foreground with --daemon, swapping the
  default behaviour.
- Added the command line option --config-file, to specify a config file to
  load.  If this is not given, no config file is load and the default options
  are used.
- Added the command line option --port for specifying the port to listen on.
  This overrides values in the config file.
- Don't use persistence by default.
- Default behaviour is now more sane when run by a normal user with no command
  line options (combination of above changes).
- Added option user to config file, defaulting to a value of mosquitto. If
  this value isn't blank and mosquitto is started by root, then it will drop
  privileges by changing to the user and its primary group. This replaces the
  current behaviour of refusing to start if run by root.
- Fix non-persistent mode, which would never work in the previous release.
- Added information on default values of msg_timeout and sys_interval to the
  mosquitto.conf man page. (closes bug #492045).