Skip to main content
Version: Mosquitto 2.5

Release Notes

We will never stop improving Eclipse Mosquitto. Stay up to date with our release notes.

If you have found any bugs or have feature requests, please submit these here.

Mosquitto MQTT Broker 2.0

Broker features:

  • New plugin interface which is more flexible, easier to develop for and easier to extend.

  • New dynamic security plugin, which allows clients, groups, and roles to be defined and updated as the broker is running.

  • Performance improvements, particularly for higher numbers of clients.

  • When running as root, if dropping privileges to the "mosquitto" user fails, then try "nobody" instead. This reduces the burden on users installing Mosquitto themselves.

  • Add support for Unix domain socket listeners.

  • Add bridge_outgoing_retain option, to allow outgoing messages from a bridge to have the retain bit completely disabled, which is useful when bridging to e.g. Amazon or Google.

  • Add support for MQTT v5 bridges to handle the "retain-available" property being false.

  • Allow MQTT v5.0 outgoing bridges to fall back to MQTT v3.1.1 if connecting to a v3.x only broker.

  • DLT logging is now configurable at runtime with log_dest dlt. Closes #1735.

  • Add mosquitto_plugin_publish() function, which can be used by plugins to publish messages.

  • Add mosquitto_client_protocol_version() function which can be used by plugins to determine which version of MQTT a client has connected with.

  • Add mosquitto_kick_client_by_clientid() and mosquitto_kick_client_by_username() functions, which can be used by plugins to disconnect clients.

  • Add support for handling $CONTROL/ topics in plugins.

  • Add support for PBKDF2-SHA512 password hashing.

  • Enabling certificate based TLS encryption is now through certfile and keyfile, not capath or cafile.

  • Added support for controlling UNSUBSCRIBE calls in v5 plugin ACL checks.

  • Add "deny" acl type. Closes #1611.

  • The broker now sends the receive-maximum property for MQTT v5 CONNACKs.

  • Add the bridge_max_packet_size option. Closes #265.

  • Add the bridge_bind_address option. Closes #1311.

  • TLS certificates for the server are now reloaded on SIGHUP.

  • Default for max_queued_messages has been changed to 1000.

  • Add ciphers_tls1.3 option, to allow setting TLS v1.3 ciphersuites. Closes #1825.

  • Bridges now obey MQTT v5 server-keepalive.

  • Add bridge support for the MQTT v5 maximum-qos property.

  • Log client port on new connections. Closes #1911.

Broker fixes:

  • Send DISCONNECT with malformed-packet reason code on invalid PUBLISH, SUBSCRIBE, and UNSUBSCRIBE packets.

  • Document that X509_free() must be called after using mosquitto_client_certificate(). Closes #1842.

  • Fix listener not being reassociated with client when reloading a persistence file and per_listener_settings true is set and the client did not set a username. Closes #1891.

  • Fix bridge sock not being removed from sock hash on error. Closes #1897. mosquitto_password now forbids the : character. Closes #1833.

  • Fix log_timestamp_format not applying to log_dest topic. Closes #1862.

  • Fix crash on Windows if loading a plugin fails. Closes #1866.

  • Fix file logging on Windows. Closes #1880.

  • Report an error if the config file is set to a directory. Closes #1814.

  • Fix bridges incorrectly setting Wills to manage remote notifications when notifications_local_only was set true. Closes #1902.