Releases: wolfSSL/wolfMQTT
Release list
wolfMQTT v2.1.0 (02JUL2026)
v2.1.0 (07/02/2026)
Release 2.1.0 has been developed according to wolfSSL's development and QA
process (see link below) and successfully passed the quality criteria.
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
-
New Features
- wolfMQTT Broker session persistence: pluggable persistence hooks via
MqttBroker_SetPersistHookswith a POSIX backend
(MqttBrokerNet_PersistPosix_Init/MqttBrokerNet_PersistPosix_Free),
message ordering, an offline message queue, and AES-GCM encryption of
persisted state at rest (#538) - New packet-validation helpers:
MqttPacket_TopicNameValid,
MqttPacket_TopicFilterValid,MqttPacket_TopicFilterIsWildcard,
MqttPacket_FixedHeaderFlagsValid, andMqttPacket_SubAckReturnCodeValid
(#552) WOLFMQTT_MAX_QOSbuild cap to compile out the QoS 2 state machine and
advertise v5MAX_QOSin CONNACK (#537)
- wolfMQTT Broker session persistence: pluggable persistence hooks via
-
Security Hardening
- Reject ill-formed UTF-8 in MQTT UTF-8 string fields per [MQTT-1.5.3-1].
MqttDecode_Stringnow validates each decoded string against RFC 3629
and rejects encodings of surrogate code points (U+D800..U+DFFF) with
MQTT_CODE_ERROR_MALFORMED_DATA. Receivers MUST close the network
connection on malformed packets, which the broker's existing decode-
error path enforces. The check covers ClientId, Will Topic, Topic Name,
Topic Filter, Username, and v5 STRING/STRING_PAIR property values. - The broker now requires
auth_userandauth_passto be configured as
a pair. Previously, setting only one (e.g. the-uCLI flag without
-P) silently enabled single-factor authentication: the unconfigured
side was never checked, so any password authenticated against a matching
username (or any username against a matching password).MqttBroker_Start
now rejects a partial credential configuration with
MQTT_CODE_ERROR_BAD_ARG, and the connect-time gate fails closed as a
defense in depth if only one credential is set. Leaving both NULL still
disables authentication.
- Reject ill-formed UTF-8 in MQTT UTF-8 string fields per [MQTT-1.5.3-1].
-
API / Behavior Changes
MqttDecode_Stringmay now returnMQTT_CODE_ERROR_MALFORMED_DATA
on ill-formed UTF-8. This applies to client builds as well as broker
builds — [MQTT-1.5.3-1] is normative for both. wolfMQTT clients that
previously accepted PUBLISH messages with non-UTF-8 topics from
misbehaving brokers will now error on those messages. There is no
opt-out: the spec is a MUST.MqttDecode_Publishnow propagates the underlying error from
MqttDecode_String(e.g.MALFORMED_DATA) instead of always
returningMQTT_CODE_ERROR_OUT_OF_BUFFERon topic decode failure.MqttDecode_Propssimilarly now propagates the underlying error from
MqttDecode_Stringfor v5 STRING and STRING_PAIR property types
(Reason String, Content Type, User Property, etc.) instead of masking
it asMQTT_CODE_ERROR_PROPERTY.- The CONNECT Password decode no longer goes through
MqttDecode_String
because [MQTT-3.1.3.5] defines Password as Binary Data, not a UTF-8
string. A binary password containing bytes that are not valid UTF-8
(e.g.,0xC0,0xFF) would otherwise be incorrectly rejected. MqttClient_Publish/MqttClient_Publish_exnow return the new
MQTT_CODE_ERROR_PUBLISH_REJECTED(-21) when a v5 broker rejects a
QoS>0 PUBLISH via a PUBACK (QoS 1), PUBREC, or PUBCOMP (QoS 2) reason
code >= 0x80 (e.g. Not authorized, Quota exceeded, Topic Name invalid,
Payload format invalid). Previously these were reported as
MQTT_CODE_SUCCESS, so the application proceeded as if the broker had
accepted the message. The specific reason is available in
MqttPublish.resp.reason_code. For QoS 2, a PUBREC reason code >= 0x80
now ends the exchange without sending PUBREL per [MQTT-4.3.3] instead of
timing out. v3.1.1 publishes are unaffected, as is the return value of
the fire-and-forgetMqttClient_Publish_WriteOnlycall itself. Callers
that treat any non-success return as fatal may need to handle this code.
InWOLFMQTT_MULTITHREADbuilds where a dedicated thread drives reads,
that reading thread now returnsMQTT_CODE_ERROR_PUBLISH_REJECTEDwhen it
processes a QoS 2 PUBREC rejection (instead of advancing the handshake
with an illegal PUBREL); the originating write-only publish's pending
response is not auto-completed in that case, so it blocks until
cmd_timeout_ms. A QoS 1 PUBACK or QoS 2 PUBCOMP rejection is NOT
detected on the write-only path (the publish appears successful), matching
prior behavior; useMqttClient_Publish/_exfor reliable detection.- An incoming PUBLISH received by a client with no message callback
registered (msg_cb == NULL) now returnsMQTT_CODE_ERROR_CALLBACK
(-13) instead ofMQTT_CODE_SUCCESS. Previously the payload was silently
read and discarded, and for QoS 1/2 a PUBACK/PUBREC was still sent,
falsely telling the broker the message was delivered while the application
never saw it.MqttClient_HandlePacketno longer populates an ACK in this
case, so no false acknowledgement is sent. This affects standard MQTT
(MqttClient_Publish_ReadPayload) and MQTT-SN (SN_Client_HandlePacket).
A registeredmsg_cbis now required to receive a PUBLISH; this includes
the receive-into-object pattern viaMqttClient_WaitMessage_ex/
SN_Client_WaitMessage_ex, which previously returned success after
decoding into the caller-supplied object without a callback. A NULL
callback is still valid for a publish-only client that never receives
messages; the error surfaces only if such a client is actually pushed a
PUBLISH. The built-in broker is unaffected (it handles incoming PUBLISH
through its own path, not this one).
-
Fixes
SN_Client_Unsubscribenow registers its pending UNSUBACK response under
the real Packet Identifier instead of a hard-coded0. In
WOLFMQTT_MULTITHREADbuilds where a dedicated reader thread processes the
UNSUBACK first,MqttClient_RespList_Findmatches on the decoded packet
id, so the id-0 entry never matched and the response was consumed into the
generic object, leaving the unsubscribing thread blocked until
cmd_timeout_ms. The registration now matchesSN_Client_Subscribe,
SN_Client_Register, andSN_Client_Publish.
-
What's Changed
- Fix BrokerHandle_Connect null check (#477)
- Fenrir fixes (#478)
- Add testing validation and fixes for wolfMQTT (#480)
- Replace deprecated VeriSign CA with Amazon Root CA 1 + Starfield G2 (#481)
- Update testing with a more flexible framework (#482)
- Fix new Fenrir reports (#483)
- Always check MqttDecode_Num's return code (#479)
- Add Fenrir suggested test cases (#484)
- Reject null chars in strings (#503)
- Fix various spec compliance gaps (#504)
- Fix MQTTv5 QoS 2 CONNACK interop and add WOLFMQTT_MAX_QOS build cap (#537)
- Fix Coverity nightly: inline action, drop broken md5 hash lookup (#547)
- Harden param checks in MqttDecode_FixedHeader and MqttDecode_ConnectAck (#546)
- Harden Coverity tool download: curl -L --fail + gzip sanity check (#549)
- Fix broker disconnect to better handle SIGPIPE (#548)
- wolfMQTT broker: ordering, persistence, offline queue, AES-GCM at rest (#538)
- Speed up CI and stabilize aws-ca-regression (#551)
- MQTT-SN fixes (#550)
- Broker, client, and MQTT v5 packet validation and reliability fixes (#552)
- Fenrir fixes (#554)
-
New Contributors
- @night1rider made their first contribution (#481)
wolfMQTT v2.0.0 (20MAR2026)
v2.0.0 (03/20/2026)
Release 2.0.0 has been developed according to wolfSSL's development and QA
process (see link below) and successfully passed the quality criteria.
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
-
New Features
- Lightweight MQTT Broker — New built-in MQTT broker implementation (#457)
- MQTT v3.1.1 spec compliance checks (#462)
- Secure and non-secure port listening support (#465)
- WebSocket transport support (#466)
- wolfIP (embedded TCP/IP stack) support (#463)
- Retained messages, session persistence, graceful disconnect, QoS subscription updates (#465)
- libFuzzer-based broker fuzzing infrastructure (#474)
- wolfIP Integration — Added wolfIP support for both MQTT client and broker (#463)
- lastError Field — Preserve TLS error code via new lastError in the network context (#458)
-
Bug Fixes
- Fix race condition in wm_SemLock (#475)
- Fix wildcard topic matching (#472)
- Fix LWT (Last Will and Testament) length checks and payload free issues (#472, #473)
- Fix subAck buffer size check and topic count validation (#472)
- Fix MqttPacket_Write failure return handling (#473)
- Fix MQTT-SN: null pointer dereference, non-blocking read, encode/decode issues (#473)
- Fix MqttDecode_Auth reason code issue (#473)
- Fix broker client connect status check (#472)
- Fix SN_Client_WaitType issues (#456)
- Fix curl transport: use internal loops for partial read/write handling (#459)
-
Security Hardening
- Add overflow checks in network and socket IO (#467)
- Add checks for negative return values in MqttDecode_String calls (#467)
- Add encoding error checks (#467)
- Add remain_len validation check (#471)
- Static analysis fixes for MqttClient_Auth, MqttProps_Add, MqttDecode_SubscribeAck, MqttDecode_Props (#469)
- Static analysis fixes for SN_Decode_Register, SN_Decode_GWInfo, SN_Client_WillTopicUpdate, SN_Encode_Publish, SN_Encode_RegAck, SN_Client_Connect (#468)
- Add debug warning when using VERIFY_NONE (#475)
-
CI / Testing
-
Other
wolfMQTT v1.21.0 (03DEC2025)
Release 1.21.0 has been developed according to wolfSSL's development and QA
process (see link below) and successfully passed the quality criteria.
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
What's Changed
- Add port for NETX use by @JacobBarthelmeh in #427
- Fix heap buffer overflow in MqttDecode_Num with bounds checking by @devin-ai-integration[bot] in #430
- Restore instructions for testing against OQS mosquitto integration. by @anhu in #432
- initial threadx test by @JacobBarthelmeh in #429
- Rename ML-KEM hybrids to match IETF Draft. by @anhu in #435
- Update expired test certs by @lealem47 in #441
- Pin to ESP-IDF v5.5, limit workflow push branches, line endings by @gojimmypi in #444
- Fix: MQTT v5 Property-Packet Protocol Validation and Decode Safety by @kaabia in #440
- Fix: Correct state transition check in MqttClient_Auth by @kaabia in #439
- fix: correct variable in MQTT property decode error checks by @kaabia in #445
- Add fflush to mqtt-sub example by @embhorn in #447
- Update license to GPLv3 by @embhorn in #448
wolfMQTT v1.20.0 (02MAY2025)
v1.20.0 (05/02/2025)
Release 1.20.0 has been developed according to wolfSSL's development and QA
process (see link below) and successfully passed the quality criteria.
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
- OQS's Mosquitto is out of date. by @anhu in #417
- Add support for websocket by @embhorn in #418
- Add support for secure websockets by @embhorn in #419
- Add secure ws CI test by @embhorn in #421
- Update examples for latest Managed Components by @gojimmypi in #420
- Improve cmake duplicate component check by @gojimmypi in #422
wolfMQTT v1.19.2 (31JAN2025)
v1.19.2 (01/31/2025)
Release 1.19.2 has been developed according to wolfSSL's development and QA
process (see link below) and successfully passed the quality criteria.
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
wolfMQTT v1.19.1 (06NOV2024)
v1.19.1 (11/06/2024)
Release 1.19.1 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
- wolfssl 5.7.2 time_helper type adjustments for Espressif example by @gojimmypi in #404
- Fix Doxygen issues by @embhorn in #403
wolfMQTT v1.19.0 (22MAR2024)
v1.19.0 (3/22/2024)
Release 1.19.0 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
- Add stress test. by @philljj in #387
- Add cmake CI test and fix pthread detection by @embhorn in #389
- Initial wolfMQTT Espressif ESP32 template and AWS IoT examples by @gojimmypi in #388
- Add curl test dependencies by @lealem47 in #392
- Improving and fixing typos for STM32CUBE build by @lealem47 in #391
- Fix string prop OOB read by @embhorn in #394
- Fix some Helgrind thread errors with enable-tls, and enable-curl. by @philljj in #396
- Initial Espressif CI; limit Zepher CI by @gojimmypi in #390
- Fix double unlock and double lock in multithread example. by @philljj in #397
- Fix double lock of lockRecv. by @philljj in #398
wolfMQTT v1.18.0 (22DEC2023)
v1.18.0 (12/22/2023)
Release 1.18.0 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
- Add curl easy socket backend. by @philljj in #380
- WOLFMQTT_EXAMPLE_CERT allowing static or extern cert assignment by @gojimmypi in #354
- Tiny readme cleanup. by @philljj in #381
- Fix high coverity issues by @embhorn in #379
- Add broker check to scripts by @embhorn in #385
- Cmake build fixes by @embhorn in #384
wolfMQTT v1.17.1 (29NOV2023)
v1.17.1 (11/29/2023)
Release 1.17.1 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
- Include stdint.h in userio_template.h by @lealem47 in #371
- Improvements to multithread locking and tests. by @dgarske in #369
- Cleanup executable status on src files. by @philljj in #372
- Close socket on error in NetConnect by @embhorn in #375
- Fixes for non-blocking with larger payload and improvements to the test and examples by @dgarske in #373
- Add MQTT-SN CI tests by @embhorn in #376
- Fix Wild read in MqttProps_Free by @embhorn in #377
- Fix fuzzer issues in MqttDecode_Props by @embhorn in #378
wolfMQTT v1.17.0 (02NOV2023)
v1.17.0 (11/2/2023)
Release 1.17.0 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
- Fix for declaration after executable block by @lealem47 in #341
- Add QNX IDE, Makefile, and remove source code exec bit by @JacobBarthelmeh
in #317 - update for cmake after wolfssl added NAMESPACE by @JacobBarthelmeh in #343
- Add mutex protection to MqttClient_NetDisconnect by @embhorn in #342
- Add DTLS support to MQTT-SN client by @embhorn in #348
- Tie zephyr tests to a release by @julek-wolfssl in #350
- add documentation link to README by @gojimmypi in #355
- Possible patch for POSIX conditional wait issue by @dgarske in #356
- Fix publish with topic ID >=127 by @embhorn in #351
- Adding publish and subscribe atomic client examples by @embhorn in #347
- Allow disabling the posix conditional signal by @dgarske in #360
- Exclude CI tests with external brokers by @embhorn in #362
- Improvements for client property stack by @dgarske in #361
- Add mosquitto to CI tests by @embhorn in #365
- Fixes for non-blocking edge cases by @dgarske in #363
- Refactor MQTT-SN code by @embhorn in #366