We will never stop improving Mosquitto. Stay up to date with our release notes.
= enterprise feature
- New plugin interface which is more flexible, easier to develop for and easier to extend.
- New dynamic security plugin, which allows clients, groups, and roles to be defined and updated as the broker is running.
- Performance improvements, particularly for higher numbers of clients.
- When running as root, if dropping privileges to the "mosquitto" user fails, then try "nobody" instead. This reduces the burden on users installing Mosquitto themselves.
- Add support for Unix domain socket listeners.
- Add bridge_outgoing_retain option, to allow outgoing messages from a bridge to have the retain bit completely disabled, which is useful when bridging to e.g. Amazon or Google.
- Add support for MQTT v5 bridges to handle the "retain-available" property being false.
- Allow MQTT v5.0 outgoing bridges to fall back to MQTT v3.1.1 if connecting to a v3.x only broker.
- DLT logging is now configurable at runtime with log_dest dlt. Closes #1735.
- Add mosquitto_plugin_publish() function, which can be used by plugins to publish messages.
- Add mosquitto_client_protocol_version() function which can be used by plugins to determine which version of MQTT a client has connected with.
- Add mosquitto_kick_client_by_clientid() and mosquitto_kick_client_by_username() functions, which can be used by plugins to disconnect clients.
- Add support for handling $CONTROL/ topics in plugins.
- Add support for PBKDF2-SHA512 password hashing.
- Enabling certificate based TLS encryption is now through certfile and keyfile, not capath or cafile.
- Added support for controlling UNSUBSCRIBE calls in v5 plugin ACL checks.
- Add "deny" acl type. Closes #1611.
- The broker now sends the receive-maximum property for MQTT v5 CONNACKs.
- Add the bridge_max_packet_size option. Closes #265.
- Add the bridge_bind_address option. Closes #1311.
- TLS certificates for the server are now reloaded on SIGHUP.
- Default for max_queued_messages has been changed to 1000.
- Add ciphers_tls1.3 option, to allow setting TLS v1.3 ciphersuites. Closes #1825.
- Bridges now obey MQTT v5 server-keepalive.
- Add bridge support for the MQTT v5 maximum-qos property.
- Log client port on new connections. Closes #1911.
- Added the Cedalo Stream Processing (CSP) plugin, which allows the creation of topic streams in the Mosquitto broker.
- Send DISCONNECT with malformed-packet reason code on invalid PUBLISH, SUBSCRIBE, and UNSUBSCRIBE packets.
- Document that X509_free() must be called after using mosquitto_client_certificate(). Closes #1842.
- Fix listener not being reassociated with client when reloading a persistence file and per_listener_settings true is set and the client did not set a username. Closes #1891.
- Fix bridge sock not being removed from sock hash on error. Closes #1897. mosquitto_password now forbids the : character. Closes #1833.
- Fix log_timestamp_format not applying to log_dest topic. Closes #1862.
- Fix crash on Windows if loading a plugin fails. Closes #1866.
- Fix file logging on Windows. Closes #1880.
- Report an error if the config file is set to a directory. Closes #1814.
- Fix bridges incorrectly setting Wills to manage remote notifications when notifications_local_only was set true. Closes #1902.