dohertj2/natsdotnet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: implement full MQTT Go parity across 5 phases — binary protocol, auth/TLS, cross-protocol bridging, monitoring, and JetStream persistence

Browse Source 
Phase 1: Binary MQTT 3.1.1 wire protocol with PipeReader-based parsing,
full packet type dispatch, and MQTT 3.1.1 compliance checks.

Phase 2: Auth pipeline routing MQTT CONNECT through AuthService,
TLS transport with SslStream wrapping, pinned cert validation.

Phase 3: IMessageRouter refactor (NatsClient → INatsClient),
MqttNatsClientAdapter for cross-protocol bridging, MqttTopicMapper
with full Go-parity topic/subject translation.

Phase 4: /connz mqtt_client field population, /varz actual MQTT port.

Phase 5: JetStream persistence — MqttStreamInitializer creates 5
internal streams, MqttConsumerManager for QoS 1/2 consumers,
subject-keyed session/retained lookups replacing linear scans.

All 503 MQTT tests and 1589 Core tests pass.
This commit is contained in:
Joseph Doherty
2026-03-13 10:09:40 -04:00
parent 0be321fa53
commit 845441b32c
34 changed files with 3194 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/NATS.Server/Monitoring/ConnzHandler.cs
View File

@@ -184,6 +184,7 @@ public sealed class ConnzHandler(NatsServer server)
Tags = tags,
Proxy = string.IsNullOrEmpty(proxyKey) ? null : new ProxyInfo { Key = proxyKey },
Rtt = FormatRtt(client.Rtt),
MqttClient = client.MqttClientId ?? "",
};
if (opts.Subscriptions)

2
src/NATS.Server/Monitoring/VarzHandler.cs
View File

@@ -196,7 +196,7 @@ public sealed class VarzHandler : IDisposable
return new MqttOptsVarz
{
Host = mqtt.Host,
Port = mqtt.Port,
Port = _server.MqttListenerPort ?? mqtt.Port,
NoAuthUser = mqtt.NoAuthUser ?? "",
AuthTimeout = mqtt.AuthTimeout,
TlsMap = mqtt.TlsMap,

40
src/NATS.Server/Mqtt/MqttBinaryDecoder.cs
View File

@@ -222,6 +222,46 @@ public static class MqttBinaryDecoder
return new MqttSubscribeInfo(packetId, filters);
}
// -------------------------------------------------------------------------
// UNSUBSCRIBE parsing
// Go reference: server/mqtt.go mqttParseUnsub ~line 1500
// -------------------------------------------------------------------------
/// <summary>
/// Decoded fields from an MQTT UNSUBSCRIBE packet body.
/// </summary>
public readonly record struct MqttUnsubscribeInfo(
ushort PacketId,
IReadOnlyList<string> Filters);
/// <summary>
/// Parses the payload bytes of an MQTT UNSUBSCRIBE packet.
/// </summary>
/// <param name="payload">The payload bytes from <see cref="MqttControlPacket.Payload"/>.</param>
/// <param name="flags">
/// Optional fixed-header flags nibble. When provided, must be 0x02 per MQTT 3.1.1 spec.
/// </param>
public static MqttUnsubscribeInfo ParseUnsubscribe(ReadOnlySpan<byte> payload, byte? flags = null)
{
if (flags.HasValue && flags.Value != 0x02)
throw new FormatException("MQTT UNSUBSCRIBE packet has invalid fixed-header flags.");
var pos = 0;
var packetId = ReadUInt16BigEndian(payload, ref pos);
var filters = new List<string>();
while (pos < payload.Length)
{
var topicFilter = ReadUtf8String(payload, ref pos);
filters.Add(topicFilter);
}
if (filters.Count == 0)
throw new FormatException("MQTT UNSUBSCRIBE packet must contain at least one topic filter.");
return new MqttUnsubscribeInfo(packetId, filters);
}
// -------------------------------------------------------------------------
// MQTT wildcard → NATS subject translation
// Go reference: server/mqtt.go mqttToNATSSubjectConversion ~line 2200

466
src/NATS.Server/Mqtt/MqttConnection.cs
View File

@@ -1,20 +1,467 @@
using System.Buffers;
using System.IO.Pipelines;
using System.Net.Sockets;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using NATS.Server.Auth;
using static NATS.Server.Mqtt.MqttBinaryDecoder;
namespace NATS.Server.Mqtt;
public sealed class MqttConnection(TcpClient client, MqttListener listener) : IAsyncDisposable
public sealed class MqttConnection : IAsyncDisposable
{
private readonly TcpClient _client = client;
private readonly NetworkStream _stream = client.GetStream();
private readonly MqttListener _listener = listener;
private readonly TcpClient? _tcpClient;
private readonly Stream _stream;
private readonly MqttListener _listener;
private readonly MqttProtocolParser _parser = new();
private readonly SemaphoreSlim _writeGate = new(1, 1);
private readonly bool _useBinaryProtocol;
private readonly X509Certificate2? _clientCert;
private string _clientId = string.Empty;
private bool _cleanSession = true;
private TimeSpan _idleTimeout = Timeout.InfiniteTimeSpan;
private bool _connected;
private bool _willCleared;
private MqttConnectInfo _connectInfo;
/// <summary>Auth result after successful CONNECT (populated for AuthService path).</summary>
public AuthResult? AuthResult { get; private set; }
public string ClientId => _clientId;
/// <summary>
/// Creates a connection from a TcpClient (standard accept path).
/// </summary>
public MqttConnection(TcpClient client, MqttListener listener, bool useBinaryProtocol = true)
{
_tcpClient = client;
_stream = client.GetStream();
_listener = listener;
_useBinaryProtocol = useBinaryProtocol;
}
/// <summary>
/// Creates a connection from an arbitrary Stream (for TLS wrapping or testing).
/// </summary>
public MqttConnection(Stream stream, MqttListener listener, bool useBinaryProtocol = true)
{
_stream = stream;
_listener = listener;
_useBinaryProtocol = useBinaryProtocol;
}
/// <summary>
/// Creates a connection from a Stream with a TLS client certificate.
/// Used by the accept loop after TLS handshake completes.
/// </summary>
public MqttConnection(Stream stream, MqttListener listener, bool useBinaryProtocol, X509Certificate2? clientCert)
{
_stream = stream;
_listener = listener;
_useBinaryProtocol = useBinaryProtocol;
_clientCert = clientCert;
}
public async Task RunAsync(CancellationToken ct)
{
if (_useBinaryProtocol)
await RunBinaryAsync(ct);
else
await RunTextAsync(ct);
}
private async Task RunBinaryAsync(CancellationToken ct)
{
var pipeReader = PipeReader.Create(_stream, new StreamPipeReaderOptions(leaveOpen: true));
try
{
while (!ct.IsCancellationRequested)
{
ReadResult readResult;
try
{
// Apply idle timeout for keepalive
if (_idleTimeout != Timeout.InfiniteTimeSpan && _idleTimeout > TimeSpan.Zero)
{
using var timeoutCts = CancellationTokenSource.CreateLinkedTokenSource(ct);
timeoutCts.CancelAfter(_idleTimeout);
readResult = await pipeReader.ReadAsync(timeoutCts.Token);
}
else
{
readResult = await pipeReader.ReadAsync(ct);
}
}
catch (OperationCanceledException) when (!ct.IsCancellationRequested)
{
// Keepalive timeout
break;
}
catch
{
break;
}
var buffer = readResult.Buffer;
if (buffer.IsEmpty && readResult.IsCompleted)
break;
while (MqttPacketReader.TryRead(buffer, out var packet, out var consumed))
{
buffer = buffer.Slice(consumed);
try
{
var shouldContinue = await ProcessBinaryPacketAsync(packet!, ct);
if (!shouldContinue)
{
pipeReader.AdvanceTo(consumed);
return;
}
}
catch (FormatException)
{
// Protocol violation — disconnect
pipeReader.AdvanceTo(consumed);
return;
}
}
pipeReader.AdvanceTo(buffer.Start, buffer.End);
if (readResult.IsCompleted)
break;
}
}
finally
{
await pipeReader.CompleteAsync();
// Publish will message if not cleanly disconnected
if (_connected && !_willCleared && _connectInfo.WillTopic != null)
{
await _listener.PublishAsync(
_connectInfo.WillTopic,
Encoding.UTF8.GetString(_connectInfo.WillMessage ?? []),
this,
CancellationToken.None);
}
}
}
/// <summary>
/// Processes a single binary MQTT control packet.
/// Returns false if the connection should be closed.
/// </summary>
private async Task<bool> ProcessBinaryPacketAsync(MqttControlPacket packet, CancellationToken ct)
{
// MQTT 3.1.1: First packet MUST be CONNECT
if (!_connected && packet.Type != MqttControlPacketType.Connect)
return false;
switch (packet.Type)
{
case MqttControlPacketType.Connect:
return await HandleConnectAsync(packet, ct);
case MqttControlPacketType.Publish:
return await HandlePublishAsync(packet, ct);
case MqttControlPacketType.PubAck:
HandlePubAck(packet);
return true;
case MqttControlPacketType.PubRec:
await HandlePubRecAsync(packet, ct);
return true;
case MqttControlPacketType.PubRel:
// Fixed-header flags must be 0x02 for PUBREL
if (packet.Flags != 0x02)
return false;
await HandlePubRelAsync(packet, ct);
return true;
case MqttControlPacketType.PubComp:
HandlePubComp(packet);
return true;
case MqttControlPacketType.Subscribe:
// Fixed-header flags must be 0x02 for SUBSCRIBE
if (packet.Flags != MqttProtocolConstants.SubscribeFlags)
return false;
await HandleSubscribeAsync(packet, ct);
return true;
case MqttControlPacketType.Unsubscribe:
// Fixed-header flags must be 0x02 for UNSUBSCRIBE
if (packet.Flags != 0x02)
return false;
await HandleUnsubscribeAsync(packet, ct);
return true;
case MqttControlPacketType.PingReq:
await WriteBinaryAsync(MqttPacketWriter.WritePingResp(), ct);
return true;
case MqttControlPacketType.Disconnect:
// Clean disconnect — clear will message
_willCleared = true;
return false;
default:
// Unknown packet type — disconnect
return false;
}
}
private async Task<bool> HandleConnectAsync(MqttControlPacket packet, CancellationToken ct)
{
if (_connected)
return false; // Second CONNECT is a protocol violation
var connectInfo = MqttBinaryDecoder.ParseConnect(packet.Payload.Span);
_connectInfo = connectInfo;
// MQTT 3.1.1: Reserved bit (bit 0 of connect flags) must be 0
// This is implicitly validated because we parse individual flag bits
// Protocol level must be 4 for MQTT 3.1.1
if (connectInfo.ProtocolLevel != 4)
{
await WriteBinaryAsync(
MqttPacketWriter.WriteConnAck(0x00, MqttProtocolConstants.ConnAckUnacceptableProtocolVersion), ct);
return false;
}
// Will QoS range check (0-2)
if (connectInfo.WillQoS > 2)
{
await WriteBinaryAsync(
MqttPacketWriter.WriteConnAck(0x00, MqttProtocolConstants.ConnAckIdentifierRejected), ct);
return false;
}
// Empty client-id handling
if (string.IsNullOrEmpty(connectInfo.ClientId))
{
if (connectInfo.CleanSession)
{
// Generate a unique client ID
_clientId = $"auto-{Guid.NewGuid():N}";
}
else
{
// Empty client-id with persistent session is not allowed
await WriteBinaryAsync(
MqttPacketWriter.WriteConnAck(0x00, MqttProtocolConstants.ConnAckIdentifierRejected), ct);
return false;
}
}
else
{
_clientId = connectInfo.ClientId;
}
// Auth check via AuthService (passes TLS client cert for cert-mapping auth)
var authResult = _listener.AuthenticateMqtt(connectInfo.Username, connectInfo.Password, _clientCert);
if (authResult == null)
{
await WriteBinaryAsync(
MqttPacketWriter.WriteConnAck(0x00, MqttProtocolConstants.ConnAckNotAuthorized), ct);
return false;
}
AuthResult = authResult;
// Duplicate client-id takeover
_listener.TakeoverExistingConnection(_clientId, this);
_cleanSession = connectInfo.CleanSession;
_idleTimeout = _listener.ResolveKeepAliveTimeout(connectInfo.KeepAlive);
// Session-present bit: 1 if resuming existing session, 0 otherwise
var pending = _listener.OpenSession(_clientId, _cleanSession);
byte sessionPresent = (byte)(!_cleanSession && pending.Count > 0 ? 0x01 : 0x00);
_connected = true;
await WriteBinaryAsync(
MqttPacketWriter.WriteConnAck(sessionPresent, MqttProtocolConstants.ConnAckAccepted), ct);
// Redeliver pending QoS 1 messages
foreach (var redelivery in pending)
{
var payloadBytes = Encoding.UTF8.GetBytes(redelivery.Payload);
await WriteBinaryAsync(
MqttPacketWriter.WritePublish(redelivery.Topic, payloadBytes, qos: 1, dup: true,
packetId: (ushort)redelivery.PacketId), ct);
}
return true;
}
private async Task<bool> HandlePublishAsync(MqttControlPacket packet, CancellationToken ct)
{
var publishInfo = MqttBinaryDecoder.ParsePublish(packet.Payload.Span, packet.Flags);
// Non-zero packet identifier required for QoS > 0
if (publishInfo.QoS > 0 && publishInfo.PacketId == 0)
return false;
switch (publishInfo.QoS)
{
case 0:
await _listener.PublishAsync(publishInfo.Topic,
Encoding.UTF8.GetString(publishInfo.Payload.Span), this, ct);
break;
case 1:
_listener.RecordPendingPublish(_clientId, publishInfo.PacketId, publishInfo.Topic,
Encoding.UTF8.GetString(publishInfo.Payload.Span));
await WriteBinaryAsync(MqttPacketWriter.WritePubAck(publishInfo.PacketId), ct);
await _listener.PublishAsync(publishInfo.Topic,
Encoding.UTF8.GetString(publishInfo.Payload.Span), this, ct);
break;
case 2:
// QoS 2 step 1: store and send PUBREC
_listener.RecordPendingPublish(_clientId, publishInfo.PacketId, publishInfo.Topic,
Encoding.UTF8.GetString(publishInfo.Payload.Span));
await WriteBinaryAsync(MqttPacketWriter.WritePubRec(publishInfo.PacketId), ct);
break;
}
// Handle retained messages
if (publishInfo.Retain)
{
_listener.SetRetainedMessage(publishInfo.Topic,
publishInfo.Payload.Length == 0 ? null : Encoding.UTF8.GetString(publishInfo.Payload.Span));
}
return true;
}
private void HandlePubAck(MqttControlPacket packet)
{
if (packet.Payload.Length < 2) return;
var packetId = (ushort)((packet.Payload.Span[0] << 8) | packet.Payload.Span[1]);
_listener.AckPendingPublish(_clientId, packetId);
}
private async Task HandlePubRecAsync(MqttControlPacket packet, CancellationToken ct)
{
if (packet.Payload.Length < 2) return;
var packetId = (ushort)((packet.Payload.Span[0] << 8) | packet.Payload.Span[1]);
await WriteBinaryAsync(MqttPacketWriter.WritePubRel(packetId), ct);
}
private async Task HandlePubRelAsync(MqttControlPacket packet, CancellationToken ct)
{
if (packet.Payload.Length < 2) return;
var packetId = (ushort)((packet.Payload.Span[0] << 8) | packet.Payload.Span[1]);
// QoS 2 step 2: deliver the stored message and send PUBCOMP
_listener.AckPendingPublish(_clientId, packetId);
await WriteBinaryAsync(MqttPacketWriter.WritePubComp(packetId), ct);
}
private void HandlePubComp(MqttControlPacket packet)
{
if (packet.Payload.Length < 2) return;
var packetId = (ushort)((packet.Payload.Span[0] << 8) | packet.Payload.Span[1]);
_listener.AckPendingPublish(_clientId, packetId);
}
private async Task HandleSubscribeAsync(MqttControlPacket packet, CancellationToken ct)
{
var subscribeInfo = MqttBinaryDecoder.ParseSubscribe(packet.Payload.Span, packet.Flags);
// Grant QoS (cap at 2)
var grantedQoS = new byte[subscribeInfo.Filters.Count];
for (var i = 0; i < subscribeInfo.Filters.Count; i++)
{
var (topicFilter, requestedQoS) = subscribeInfo.Filters[i];
_listener.RegisterSubscription(this, topicFilter);
grantedQoS[i] = Math.Min(requestedQoS, (byte)2);
}
await WriteBinaryAsync(MqttPacketWriter.WriteSubAck(subscribeInfo.PacketId, grantedQoS), ct);
}
private async Task HandleUnsubscribeAsync(MqttControlPacket packet, CancellationToken ct)
{
var unsubInfo = MqttBinaryDecoder.ParseUnsubscribe(packet.Payload.Span, packet.Flags);
foreach (var filter in unsubInfo.Filters)
_listener.UnregisterSubscription(this, filter);
await WriteBinaryAsync(MqttPacketWriter.WriteUnsubAck(unsubInfo.PacketId), ct);
}
/// <summary>
/// Sends a binary MQTT PUBLISH packet to this connection (for message delivery).
/// </summary>
public async Task SendBinaryPublishAsync(string topic, ReadOnlyMemory<byte> payload, byte qos,
bool retain, ushort packetId, CancellationToken ct)
{
var packet = MqttPacketWriter.WritePublish(topic, payload.Span, qos, retain, packetId: packetId);
await WriteBinaryAsync(packet, ct);
}
/// <summary>
/// Sends a message to the connection. Used by the listener for fan-out delivery.
/// In binary mode, sends a PUBLISH packet; in text mode, sends a text line.
/// </summary>
public Task SendMessageAsync(string topic, string payload, CancellationToken ct)
{
if (_useBinaryProtocol)
{
var payloadBytes = Encoding.UTF8.GetBytes(payload);
return SendBinaryPublishAsync(topic, payloadBytes, qos: 0, retain: false, packetId: 0, ct);
}
return WriteLineAsync($"MSG {topic} {payload}", ct);
}
public async ValueTask DisposeAsync()
{
_listener.Unregister(this);
_writeGate.Dispose();
await _stream.DisposeAsync();
_tcpClient?.Dispose();
}
/// <summary>
/// Forces this connection to close (used for duplicate client-id takeover).
/// </summary>
internal void ForceClose()
{
try { _stream.Close(); }
catch { /* best effort */ }
try { _tcpClient?.Close(); }
catch { /* best effort */ }
}
private async Task WriteBinaryAsync(byte[] data, CancellationToken ct)
{
await _writeGate.WaitAsync(ct);
try
{
await _stream.WriteAsync(data, ct);
await _stream.FlushAsync(ct);
}
finally
{
_writeGate.Release();
}
}
// --- Text protocol methods (for backward compatibility during test migration) ---
// TODO: Remove after test migration — deadline: Phase 3 completion
private async Task RunTextAsync(CancellationToken ct)
{
while (!ct.IsCancellationRequested)
{
@@ -65,17 +512,6 @@ public sealed class MqttConnection(TcpClient client, MqttListener listener) : IA
}
}
public Task SendMessageAsync(string topic, string payload, CancellationToken ct)
=> WriteLineAsync($"MSG {topic} {payload}", ct);
public async ValueTask DisposeAsync()
{
_listener.Unregister(this);
_writeGate.Dispose();
await _stream.DisposeAsync();
_client.Dispose();
}
private async Task WriteLineAsync(string line, CancellationToken ct)
{
await _writeGate.WaitAsync(ct);

199
src/NATS.Server/Mqtt/MqttConsumerManager.cs Normal file
View File

@@ -0,0 +1,199 @@
// Manages per-subscription JetStream consumers for MQTT QoS 1/2 delivery.
// Go reference: golang/nats-server/server/mqtt.go mqttAccountSessionManager ~line 600
// Consumer creation per subscription, ack tracking, session resume.
using System.Collections.Concurrent;
using NATS.Server.JetStream;
using NATS.Server.JetStream.Models;
using NATS.Server.JetStream.Storage;
namespace NATS.Server.Mqtt;
/// <summary>
/// Tracks the mapping between an MQTT subscription and its JetStream consumer.
/// </summary>
public sealed record MqttConsumerBinding(string Stream, string DurableName, string FilterSubject);
/// <summary>
/// Manages per-subscription JetStream consumers for MQTT QoS 1/2 message delivery.
/// Each QoS > 0 subscription gets a durable consumer on $MQTT_msgs.
/// Go reference: server/mqtt.go — mqttAccountSessionManager consumer management.
/// </summary>
public sealed class MqttConsumerManager
{
private readonly StreamManager _streamManager;
private readonly ConsumerManager _consumerManager;
private readonly ConcurrentDictionary<string, MqttConsumerBinding> _bindings = new(StringComparer.Ordinal);
public MqttConsumerManager(StreamManager streamManager, ConsumerManager consumerManager)
{
_streamManager = streamManager;
_consumerManager = consumerManager;
}
/// <summary>
/// Creates a durable JetStream consumer for a QoS > 0 MQTT subscription.
/// The consumer filters $MQTT_msgs by the translated NATS subject.
/// Returns the binding, or null if creation failed.
/// Go reference: server/mqtt.go mqttProcessSub consumer creation.
/// </summary>
public MqttConsumerBinding? CreateSubscriptionConsumer(string clientId, string natsSubject, int qos, int maxAckPending)
{
var durableName = $"$MQTT_{clientId}_{natsSubject.Replace('.', '_').Replace('*', 'W').Replace('>', 'G')}";
var filterSubject = $"{MqttProtocolConstants.StreamSubjectPrefix}{natsSubject}";
var response = _consumerManager.CreateOrUpdate(MqttProtocolConstants.StreamName, new ConsumerConfig
{
DurableName = durableName,
FilterSubject = filterSubject,
AckPolicy = AckPolicy.Explicit,
DeliverPolicy = DeliverPolicy.All,
MaxAckPending = maxAckPending,
AckWaitMs = (int)MqttProtocolConstants.DefaultAckWait.TotalMilliseconds,
MaxDeliver = -1,
});
if (response.Error != null)
return null;
var binding = new MqttConsumerBinding(MqttProtocolConstants.StreamName, durableName, filterSubject);
_bindings[$"{clientId}:{natsSubject}"] = binding;
return binding;
}
/// <summary>
/// Removes the JetStream consumer for an MQTT subscription.
/// Called on UNSUBSCRIBE or clean session disconnect.
/// </summary>
public void RemoveSubscriptionConsumer(string clientId, string natsSubject)
{
var key = $"{clientId}:{natsSubject}";
if (_bindings.TryRemove(key, out var binding))
{
_consumerManager.Delete(binding.Stream, binding.DurableName);
}
}
/// <summary>
/// Removes all consumers for a client. Called on clean session disconnect.
/// </summary>
public void RemoveAllConsumers(string clientId)
{
var prefix = $"{clientId}:";
var keysToRemove = _bindings.Keys.Where(k => k.StartsWith(prefix, StringComparison.Ordinal)).ToList();
foreach (var key in keysToRemove)
{
if (_bindings.TryRemove(key, out var binding))
{
_consumerManager.Delete(binding.Stream, binding.DurableName);
}
}
}
/// <summary>
/// Gets the binding for a subscription, or null if none exists.
/// </summary>
public MqttConsumerBinding? GetBinding(string clientId, string natsSubject)
{
return _bindings.TryGetValue($"{clientId}:{natsSubject}", out var binding) ? binding : null;
}
/// <summary>
/// Gets all bindings for a client (for session persistence).
/// </summary>
public IReadOnlyDictionary<string, MqttConsumerBinding> GetClientBindings(string clientId)
{
var prefix = $"{clientId}:";
return _bindings
.Where(kvp => kvp.Key.StartsWith(prefix, StringComparison.Ordinal))
.ToDictionary(kvp => kvp.Key[prefix.Length..], kvp => kvp.Value);
}
/// <summary>
/// Publishes a message to the $MQTT_msgs stream for QoS delivery.
/// Returns the sequence number, or 0 if publish failed.
/// </summary>
public ulong PublishToStream(string natsSubject, ReadOnlyMemory<byte> payload)
{
var subject = $"{MqttProtocolConstants.StreamSubjectPrefix}{natsSubject}";
if (_streamManager.TryGet(MqttProtocolConstants.StreamName, out var handle))
{
var seq = handle.Store.AppendAsync(subject, payload, default).GetAwaiter().GetResult();
return seq;
}
return 0;
}
/// <summary>
/// Acknowledges a message in the stream by removing it (for interest-based retention).
/// Called when PUBACK is received for QoS 1.
/// </summary>
public bool AcknowledgeMessage(ulong sequence)
{
if (_streamManager.TryGet(MqttProtocolConstants.StreamName, out var handle))
{
return handle.Store.RemoveAsync(sequence, default).GetAwaiter().GetResult();
}
return false;
}
/// <summary>
/// Loads a message from the $MQTT_msgs stream by sequence.
/// </summary>
public async ValueTask<StoredMessage?> LoadMessageAsync(ulong sequence, CancellationToken ct = default)
{
if (_streamManager.TryGet(MqttProtocolConstants.StreamName, out var handle))
{
return await handle.Store.LoadAsync(sequence, ct);
}
return null;
}
/// <summary>
/// Stores a QoS 2 incoming message for deduplication.
/// Returns the sequence number, or 0 if failed.
/// </summary>
public ulong StoreQoS2Incoming(string clientId, ushort packetId, ReadOnlyMemory<byte> payload)
{
var subject = $"{MqttProtocolConstants.QoS2IncomingMsgsStreamSubjectPrefix}{clientId}.{packetId}";
if (_streamManager.TryGet(MqttProtocolConstants.QoS2IncomingMsgsStreamName, out var handle))
{
return handle.Store.AppendAsync(subject, payload, default).GetAwaiter().GetResult();
}
return 0;
}
/// <summary>
/// Loads a QoS 2 incoming message for delivery on PUBREL.
/// </summary>
public async ValueTask<StoredMessage?> LoadQoS2IncomingAsync(string clientId, ushort packetId, CancellationToken ct = default)
{
var subject = $"{MqttProtocolConstants.QoS2IncomingMsgsStreamSubjectPrefix}{clientId}.{packetId}";
if (_streamManager.TryGet(MqttProtocolConstants.QoS2IncomingMsgsStreamName, out var handle))
{
return await handle.Store.LoadLastBySubjectAsync(subject, ct);
}
return null;
}
/// <summary>
/// Removes a QoS 2 incoming message after PUBCOMP.
/// </summary>
public async ValueTask<bool> RemoveQoS2IncomingAsync(string clientId, ushort packetId, CancellationToken ct = default)
{
var subject = $"{MqttProtocolConstants.QoS2IncomingMsgsStreamSubjectPrefix}{clientId}.{packetId}";
if (_streamManager.TryGet(MqttProtocolConstants.QoS2IncomingMsgsStreamName, out var handle))
{
var msg = await handle.Store.LoadLastBySubjectAsync(subject, ct);
if (msg != null)
return await handle.Store.RemoveAsync(msg.Sequence, ct);
}
return false;
}
}

14
src/NATS.Server/Mqtt/MqttFlowController.cs
View File

@@ -66,12 +66,22 @@ public sealed class MqttFlowController : IDisposable
/// <summary>
/// Updates the MaxAckPending limit (e.g., on config reload).
/// Creates a new semaphore with the updated limit.
/// </summary>
public void UpdateLimit(int newLimit)
{
_defaultMaxAckPending = newLimit;
// Note: existing subscriptions keep their old limit until re-created
}
/// <summary>
/// Returns whether the subscription has reached its MaxAckPending limit.
/// Used to pause JetStream consumer delivery when the limit is reached.
/// Go reference: server/mqtt.go mqttMaxAckPending flow control.
/// </summary>
public bool IsAtCapacity(string subscriptionId)
{
if (!_subscriptions.TryGetValue(subscriptionId, out var state))
return false;
return state.Semaphore.CurrentCount == 0;
}
/// <summary>

248
src/NATS.Server/Mqtt/MqttListener.cs
View File

@@ -1,29 +1,96 @@
using System.Collections.Concurrent;
using System.Net;
using System.Net.Security;
using System.Net.Sockets;
using System.Security.Cryptography.X509Certificates;
using NATS.Server.Auth;
using NATS.Server.Auth.Jwt;
using NATS.Server.Protocol;
using NATS.Server.Tls;
namespace NATS.Server.Mqtt;
public sealed class MqttListener(
string host,
int port,
string? requiredUsername = null,
string? requiredPassword = null) : IAsyncDisposable
public sealed class MqttListener : IAsyncDisposable
{
private readonly string _host = host;
private int _port = port;
private readonly string? _requiredUsername = requiredUsername;
private readonly string? _requiredPassword = requiredPassword;
private readonly string _host;
private int _port;
private readonly string? _requiredUsername;
private readonly string? _requiredPassword;
private readonly AuthService? _authService;
private readonly MqttOptions? _mqttOptions;
private readonly SslServerAuthenticationOptions? _sslOptions;
private readonly ConcurrentDictionary<MqttConnection, byte> _connections = new();
private readonly ConcurrentDictionary<string, ConcurrentDictionary<MqttConnection, byte>> _subscriptions = new(StringComparer.Ordinal);
private readonly ConcurrentDictionary<string, MqttSessionState> _sessions = new(StringComparer.Ordinal);
private readonly ConcurrentDictionary<string, MqttConnection> _clientIdMap = new(StringComparer.Ordinal);
private readonly ConcurrentDictionary<string, string> _retainedMessages = new(StringComparer.Ordinal);
private MqttStreamInitializer? _streamInitializer;
private MqttConsumerManager? _mqttConsumerManager;
private TcpListener? _listener;
private Task? _acceptLoop;
private readonly CancellationTokenSource _cts = new();
/// <summary>
/// When false, connections use the legacy text-line protocol for backward compatibility
/// with existing tests. Default is true (binary MQTT 3.1.1).
/// TODO: Remove after test migration — deadline: Phase 3 completion.
/// </summary>
internal bool UseBinaryProtocol { get; set; } = true;
public int Port => _port;
/// <summary>
/// Simple constructor for tests using static username/password auth (no TLS).
/// </summary>
public MqttListener(
string host,
int port,
string? requiredUsername = null,
string? requiredPassword = null)
{
_host = host;
_port = port;
_requiredUsername = requiredUsername;
_requiredPassword = requiredPassword;
}
/// <summary>
/// Full constructor for production use with AuthService, TLS, and optional JetStream support.
/// </summary>
public MqttListener(
string host,
int port,
AuthService? authService,
MqttOptions mqttOptions,
MqttStreamInitializer? streamInitializer = null,
MqttConsumerManager? mqttConsumerManager = null)
{
_host = host;
_port = port;
_authService = authService;
_mqttOptions = mqttOptions;
_requiredUsername = mqttOptions.Username;
_requiredPassword = mqttOptions.Password;
_streamInitializer = streamInitializer;
_mqttConsumerManager = mqttConsumerManager;
// Build TLS options if configured
if (mqttOptions.HasTls)
{
_sslOptions = BuildMqttSslOptions(mqttOptions);
}
}
/// <summary>
/// The MQTT stream initializer for JetStream persistence, or null if JetStream is not enabled.
/// </summary>
internal MqttStreamInitializer? StreamInitializer => _streamInitializer;
/// <summary>
/// The MQTT consumer manager for QoS 1/2 JetStream consumers, or null if JetStream is not enabled.
/// </summary>
internal MqttConsumerManager? ConsumerManager => _mqttConsumerManager;
public Task StartAsync(CancellationToken ct)
{
var linked = CancellationTokenSource.CreateLinkedTokenSource(ct, _cts.Token);
@@ -43,6 +110,12 @@ public sealed class MqttListener(
set[connection] = 0;
}
internal void UnregisterSubscription(MqttConnection connection, string topic)
{
if (_subscriptions.TryGetValue(topic, out var set))
set.TryRemove(connection, out _);
}
internal async Task PublishAsync(string topic, string payload, MqttConnection sender, CancellationToken ct)
{
if (!_subscriptions.TryGetValue(topic, out var subscribers))
@@ -92,8 +165,47 @@ public sealed class MqttListener(
session.Pending.TryRemove(packetId, out _);
}
/// <summary>
/// Authenticates MQTT CONNECT credentials. Uses AuthService when available,
/// falls back to static username/password validation.
/// </summary>
internal AuthResult? AuthenticateMqtt(string? username, string? password, X509Certificate2? clientCert = null)
{
if (_authService != null)
{
var context = new ClientAuthContext
{
Opts = new ClientOptions
{
Username = username,
Password = password,
},
Nonce = [],
ClientCertificate = clientCert,
ConnectionType = JwtConnectionTypes.Mqtt,
};
if (!_authService.IsAuthRequired)
return new AuthResult { Identity = username ?? string.Empty };
var result = _authService.Authenticate(context);
return result;
}
// Fallback: static credential check
if (AuthService.ValidateMqttCredentials(_requiredUsername, _requiredPassword, username, password))
return new AuthResult { Identity = username ?? string.Empty };
return null;
}
/// <summary>
/// Backward-compatible simple auth check for text-protocol mode.
/// </summary>
internal bool TryAuthenticate(string? username, string? password)
=> AuthService.ValidateMqttCredentials(_requiredUsername, _requiredPassword, username, password);
{
return AuthenticateMqtt(username, password) != null;
}
internal TimeSpan ResolveKeepAliveTimeout(int keepAliveSeconds)
{
@@ -103,11 +215,53 @@ public sealed class MqttListener(
return TimeSpan.FromSeconds(Math.Max(keepAliveSeconds * 1.5, 1));
}
/// <summary>
/// Disconnects an existing connection with the same client-id (takeover).
/// Go reference: mqtt.go mqttHandleConnect ~line 850 duplicate client handling.
/// </summary>
internal void TakeoverExistingConnection(string clientId, MqttConnection newConnection)
{
if (_clientIdMap.TryGetValue(clientId, out var existing) && existing != newConnection)
{
existing.ForceClose();
_connections.TryRemove(existing, out _);
}
_clientIdMap[clientId] = newConnection;
}
/// <summary>
/// Stores or deletes a retained message. Null payload = tombstone (delete).
/// </summary>
internal void SetRetainedMessage(string topic, string? payload)
{
if (payload == null)
_retainedMessages.TryRemove(topic, out _);
else
_retainedMessages[topic] = payload;
}
/// <summary>
/// Gets the retained message for a topic, or null if none.
/// </summary>
internal string? GetRetainedMessage(string topic)
{
_retainedMessages.TryGetValue(topic, out var payload);
return payload;
}
internal void Unregister(MqttConnection connection)
{
_connections.TryRemove(connection, out _);
foreach (var set in _subscriptions.Values)
set.TryRemove(connection, out _);
// Remove from client-id map if this connection is the current one
var clientId = connection.ClientId;
if (!string.IsNullOrEmpty(clientId))
{
_clientIdMap.TryRemove(new KeyValuePair<string, MqttConnection>(clientId, connection));
}
}
public async ValueTask DisposeAsync()
@@ -124,6 +278,8 @@ public sealed class MqttListener(
_connections.Clear();
_subscriptions.Clear();
_sessions.Clear();
_clientIdMap.Clear();
_retainedMessages.Clear();
_cts.Dispose();
}
@@ -141,10 +297,50 @@ public sealed class MqttListener(
break;
}
var connection = new MqttConnection(client, this);
_connections[connection] = 0;
_ = Task.Run(async () =>
{
Stream stream = client.GetStream();
X509Certificate2? clientCert = null;
// TLS wrapping for MQTT (TLS-first, no INFO negotiation)
if (_sslOptions != null)
{
try
{
var sslStream = new SslStream(stream, leaveInnerStreamOpen: false);
using var handshakeCts = CancellationTokenSource.CreateLinkedTokenSource(ct);
handshakeCts.CancelAfter(TimeSpan.FromSeconds(
_mqttOptions?.TlsTimeout ?? 2.0));
await sslStream.AuthenticateAsServerAsync(_sslOptions, handshakeCts.Token);
clientCert = sslStream.RemoteCertificate as X509Certificate2;
// Validate pinned certs
if (_mqttOptions?.TlsPinnedCerts != null && clientCert != null)
{
if (!TlsHelper.MatchesPinnedCert(clientCert, _mqttOptions.TlsPinnedCerts))
{
sslStream.Dispose();
client.Dispose();
return;
}
}
stream = sslStream;
}
catch
{
client.Dispose();
return;
}
}
// Lazily initialize MQTT JetStream streams on first connection
_streamInitializer?.EnsureStreams();
var connection = new MqttConnection(stream, this, UseBinaryProtocol, clientCert);
_connections[connection] = 0;
try
{
await connection.RunAsync(ct);
@@ -157,6 +353,34 @@ public sealed class MqttListener(
}
}
private static SslServerAuthenticationOptions BuildMqttSslOptions(MqttOptions mqttOptions)
{
var cert = TlsHelper.LoadCertificate(mqttOptions.TlsCert!, mqttOptions.TlsKey);
var authOpts = new SslServerAuthenticationOptions
{
ServerCertificate = cert,
ClientCertificateRequired = mqttOptions.TlsVerify,
};
if (mqttOptions.TlsVerify && mqttOptions.TlsCaCert != null)
{
var caCerts = TlsHelper.LoadCaCertificates(mqttOptions.TlsCaCert);
authOpts.RemoteCertificateValidationCallback = (_, cert, chain, errors) =>
{
if (cert == null) return false;
using var chain2 = new X509Chain();
chain2.ChainPolicy.TrustMode = X509ChainTrustMode.CustomRootTrust;
foreach (var ca in caCerts)
chain2.ChainPolicy.CustomTrustStore.Add(ca);
chain2.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
var cert2 = cert as X509Certificate2 ?? X509CertificateLoader.LoadCertificate(cert.GetRawCertData());
return chain2.Build(cert2);
};
}
return authOpts;
}
private sealed class MqttSessionState
{
public ConcurrentDictionary<int, MqttPendingPublish> Pending { get; } = new();

111
src/NATS.Server/Mqtt/MqttNatsClientAdapter.cs Normal file
View File

@@ -0,0 +1,111 @@
// MqttNatsClientAdapter wraps an MqttConnection to implement INatsClient,
// enabling MQTT connections to participate in the standard NATS message routing.
// Go reference: mqtt.go — each MQTT connection behaves as a NATS client internally.
using NATS.Server.Auth;
using NATS.Server.Protocol;
using NATS.Server.Subscriptions;
using System.Text;
namespace NATS.Server.Mqtt;
/// <summary>
/// Adapts an <see cref="MqttConnection"/> to the <see cref="INatsClient"/> interface
/// so MQTT clients can be registered in the server's SubList and receive messages
/// through the standard NATS delivery path.
/// </summary>
public sealed class MqttNatsClientAdapter : INatsClient
{
private readonly MqttConnection _connection;
private readonly Dictionary<string, Subscription> _subs = new(StringComparer.Ordinal);
public ulong Id { get; }
public ClientKind Kind => ClientKind.Client;
public Account? Account { get; set; }
public ClientOptions? ClientOpts => null;
public ClientPermissions? Permissions { get; set; }
public string MqttClientId => _connection.ClientId;
public MqttNatsClientAdapter(MqttConnection connection, ulong id)
{
_connection = connection;
Id = id;
}
/// <summary>
/// Delivers a NATS message to this MQTT client by translating the NATS subject
/// to an MQTT topic and writing a binary PUBLISH packet.
/// </summary>
public void SendMessage(string subject, string sid, string? replyTo,
ReadOnlyMemory<byte> headers, ReadOnlyMemory<byte> payload)
{
var mqttTopic = MqttTopicMapper.NatsToMqtt(subject);
// Fire-and-forget async send; MQTT delivery is best-effort for QoS 0
_ = _connection.SendBinaryPublishAsync(mqttTopic, payload, qos: 0,
retain: false, packetId: 0, CancellationToken.None);
}
public void SendMessageNoFlush(string subject, string sid, string? replyTo,
ReadOnlyMemory<byte> headers, ReadOnlyMemory<byte> payload)
{
// MQTT has no concept of deferred flush — deliver immediately
SendMessage(subject, sid, replyTo, headers, payload);
}
public void SignalFlush()
{
// No-op for MQTT — each packet is written and flushed immediately
}
public bool QueueOutbound(ReadOnlyMemory<byte> data)
{
// No-op for MQTT — binary framing, not raw NATS protocol bytes
return true;
}
public void RemoveSubscription(string sid)
{
if (_subs.Remove(sid, out var sub))
{
Account?.SubList.Remove(sub);
Account?.DecrementSubscriptions();
}
}
/// <summary>
/// Creates a NATS subscription for an MQTT topic filter and inserts it into
/// the account's SubList so NATS messages are delivered to this MQTT client.
/// </summary>
public Subscription AddSubscription(string natsSubject, string sid, string? queue = null)
{
var sub = new Subscription
{
Client = this,
Subject = natsSubject,
Sid = sid,
Queue = queue,
};
_subs[sid] = sub;
Account?.SubList.Insert(sub);
Account?.IncrementSubscriptions();
return sub;
}
/// <summary>
/// Removes all subscriptions for this adapter from the SubList.
/// Called during connection cleanup.
/// </summary>
public void RemoveAllSubscriptions()
{
foreach (var sub in _subs.Values)
{
Account?.SubList.Remove(sub);
}
_subs.Clear();
}
public IReadOnlyDictionary<string, Subscription> Subscriptions => _subs;
}

78
src/NATS.Server/Mqtt/MqttPacketReader.cs
View File

@@ -1,3 +1,5 @@
using System.Buffers;
namespace NATS.Server.Mqtt;
public enum MqttControlPacketType : byte
@@ -7,8 +9,13 @@ public enum MqttControlPacketType : byte
ConnAck = 2,
Publish = 3,
PubAck = 4,
PubRec = 5,
PubRel = 6,
PubComp = 7,
Subscribe = 8,
SubAck = 9,
Unsubscribe = 10,
UnsubAck = 11,
PingReq = 12,
PingResp = 13,
Disconnect = 14,
@@ -22,6 +29,9 @@ public sealed record MqttControlPacket(
public static class MqttPacketReader
{
/// <summary>
/// Parses a complete MQTT control packet from a contiguous span.
/// </summary>
public static MqttControlPacket Read(ReadOnlySpan<byte> buffer)
{
if (buffer.Length < 2)
@@ -42,6 +52,74 @@ public static class MqttPacketReader
return new MqttControlPacket(type, flags, remainingLength, payload);
}
/// <summary>
/// Attempts to read a complete MQTT control packet from a <see cref="ReadOnlySequence{T}"/>.
/// Returns false if more data is needed (partial read). Advances <paramref name="consumed"/>
/// past the packet bytes on success.
/// Used with <see cref="System.IO.Pipelines.PipeReader"/> for incremental parsing.
/// </summary>
public static bool TryRead(ReadOnlySequence<byte> buffer, out MqttControlPacket? packet, out SequencePosition consumed)
{
packet = null;
consumed = buffer.Start;
if (buffer.Length < 2)
return false;
// Read the fixed header byte
var reader = new SequenceReader<byte>(buffer);
reader.TryRead(out var firstByte);
var type = (MqttControlPacketType)(firstByte >> 4);
var flags = (byte)(firstByte & 0x0F);
// Decode remaining length (variable 1-4 bytes)
var multiplier = 1;
var remainingLength = 0;
var lengthBytesConsumed = 0;
while (lengthBytesConsumed < 4)
{
if (!reader.TryRead(out var digit))
return false; // need more data
lengthBytesConsumed++;
remainingLength += (digit & 0x7F) * multiplier;
if ((digit & 0x80) == 0)
break;
multiplier *= 128;
if (lengthBytesConsumed == 4)
throw new FormatException("Invalid MQTT remaining length encoding.");
}
if (remainingLength > MqttProtocolConstants.MaxPayloadSize)
throw new FormatException("MQTT packet remaining length exceeds protocol maximum.");
// Check if we have the full payload
var headerSize = 1 + lengthBytesConsumed;
var totalPacketSize = headerSize + remainingLength;
if (buffer.Length < totalPacketSize)
return false; // need more data
// Extract payload
byte[] payload;
if (remainingLength == 0)
{
payload = [];
}
else
{
payload = new byte[remainingLength];
buffer.Slice(headerSize, remainingLength).CopyTo(payload);
}
packet = new MqttControlPacket(type, flags, remainingLength, payload);
consumed = buffer.GetPosition(totalPacketSize);
return true;
}
internal static int DecodeRemainingLength(ReadOnlySpan<byte> encoded, out int consumed)
{
var multiplier = 1;

113
src/NATS.Server/Mqtt/MqttPacketWriter.cs
View File

@@ -33,6 +33,119 @@ public static class MqttPacketWriter
return buffer;
}
/// <summary>
/// Writes a CONNACK packet. Go reference: mqtt.go mqttConnAck.
/// </summary>
/// <param name="sessionPresent">0x01 if resuming existing session, 0x00 otherwise.</param>
/// <param name="returnCode">CONNACK return code (0x00 = accepted).</param>
public static byte[] WriteConnAck(byte sessionPresent, byte returnCode)
{
ReadOnlySpan<byte> payload = [sessionPresent, returnCode];
return Write(MqttControlPacketType.ConnAck, payload);
}
/// <summary>
/// Writes a PUBACK packet (QoS 1 acknowledgment).
/// </summary>
public static byte[] WritePubAck(ushort packetId)
{
Span<byte> payload = stackalloc byte[2];
BinaryPrimitives.WriteUInt16BigEndian(payload, packetId);
return Write(MqttControlPacketType.PubAck, payload);
}
/// <summary>
/// Writes a SUBACK packet with granted QoS values per subscription filter.
/// </summary>
public static byte[] WriteSubAck(ushort packetId, ReadOnlySpan<byte> grantedQoS)
{
var payload = new byte[2 + grantedQoS.Length];
BinaryPrimitives.WriteUInt16BigEndian(payload.AsSpan(0, 2), packetId);
grantedQoS.CopyTo(payload.AsSpan(2));
return Write(MqttControlPacketType.SubAck, payload);
}
/// <summary>
/// Writes an UNSUBACK packet.
/// </summary>
public static byte[] WriteUnsubAck(ushort packetId)
{
Span<byte> payload = stackalloc byte[2];
BinaryPrimitives.WriteUInt16BigEndian(payload, packetId);
return Write(MqttControlPacketType.UnsubAck, payload);
}
/// <summary>
/// Writes a PINGRESP packet (no payload).
/// </summary>
public static byte[] WritePingResp()
=> Write(MqttControlPacketType.PingResp, []);
/// <summary>
/// Writes a PUBREC packet (QoS 2 step 1 response).
/// </summary>
public static byte[] WritePubRec(ushort packetId)
{
Span<byte> payload = stackalloc byte[2];
BinaryPrimitives.WriteUInt16BigEndian(payload, packetId);
return Write(MqttControlPacketType.PubRec, payload);
}
/// <summary>
/// Writes a PUBREL packet (QoS 2 step 2). Fixed-header flags must be 0x02 per MQTT spec.
/// </summary>
public static byte[] WritePubRel(ushort packetId)
{
Span<byte> payload = stackalloc byte[2];
BinaryPrimitives.WriteUInt16BigEndian(payload, packetId);
return Write(MqttControlPacketType.PubRel, payload, flags: 0x02);
}
/// <summary>
/// Writes a PUBCOMP packet (QoS 2 step 3 response).
/// </summary>
public static byte[] WritePubComp(ushort packetId)
{
Span<byte> payload = stackalloc byte[2];
BinaryPrimitives.WriteUInt16BigEndian(payload, packetId);
return Write(MqttControlPacketType.PubComp, payload);
}
/// <summary>
/// Writes an MQTT PUBLISH packet for delivery to a client.
/// </summary>
public static byte[] WritePublish(string topic, ReadOnlySpan<byte> payload, byte qos = 0,
bool retain = false, bool dup = false, ushort packetId = 0)
{
var topicBytes = Encoding.UTF8.GetBytes(topic);
var variableHeaderLen = 2 + topicBytes.Length + (qos > 0 ? 2 : 0);
var totalPayload = new byte[variableHeaderLen + payload.Length];
var pos = 0;
// Topic name (length-prefixed)
BinaryPrimitives.WriteUInt16BigEndian(totalPayload.AsSpan(pos, 2), (ushort)topicBytes.Length);
pos += 2;
topicBytes.CopyTo(totalPayload.AsSpan(pos));
pos += topicBytes.Length;
// Packet ID (only for QoS > 0)
if (qos > 0)
{
BinaryPrimitives.WriteUInt16BigEndian(totalPayload.AsSpan(pos, 2), packetId);
pos += 2;
}
// Application payload
payload.CopyTo(totalPayload.AsSpan(pos));
byte flags = 0;
if (dup) flags |= 0x08;
flags |= (byte)((qos & 0x03) << 1);
if (retain) flags |= 0x01;
return Write(MqttControlPacketType.Publish, totalPayload, flags);
}
internal static byte[] EncodeRemainingLength(int value)
{
if (value < 0 || value > MqttProtocolConstants.MaxPayloadSize)

23
src/NATS.Server/Mqtt/MqttQoS1Tracker.cs
View File

@@ -1,6 +1,7 @@
// QoS 1 outgoing message tracker for MQTT.
// QoS 1 outgoing message tracker for MQTT with JetStream ack integration.
// Go reference: golang/nats-server/server/mqtt.go
// QoS 1 outbound tracking — mqttProcessPub (~line 1200)
// trackPublish — maps packet IDs to stream sequences for ack tracking.
using System.Collections.Concurrent;
@@ -8,8 +9,8 @@ namespace NATS.Server.Mqtt;
/// <summary>
/// Tracks outgoing QoS 1 messages pending PUBACK from the client.
/// Messages are stored with their packet ID and can be redelivered on reconnect.
/// Go reference: server/mqtt.go — mqttProcessPub (QoS 1 outbound tracking).
/// Maps packet IDs to JetStream stream sequences for ack-based cleanup.
/// Go reference: server/mqtt.go — mqttProcessPub, trackPublish.
/// </summary>
public sealed class MqttQoS1Tracker
{
@@ -24,7 +25,7 @@ public sealed class MqttQoS1Tracker
/// Registers an outgoing QoS 1 message and assigns a packet ID.
/// Returns the assigned packet ID.
/// </summary>
public ushort Register(string topic, byte[] payload)
public ushort Register(string topic, byte[] payload, ulong streamSequence = 0)
{
var id = GetNextPacketId();
_pending[id] = new QoS1PendingMessage
@@ -34,17 +35,18 @@ public sealed class MqttQoS1Tracker
Payload = payload,
SentAtUtc = DateTime.UtcNow,
DeliveryCount = 1,
StreamSequence = streamSequence,
};
return id;
}
/// <summary>
/// Acknowledges receipt of a PUBACK for the given packet ID.
/// Returns true if the message was found and removed.
/// Returns the pending message if found, or null.
/// </summary>
public bool Acknowledge(ushort packetId)
public QoS1PendingMessage? Acknowledge(ushort packetId)
{
return _pending.TryRemove(packetId, out _);
return _pending.TryRemove(packetId, out var msg) ? msg : null;
}
/// <summary>
@@ -93,4 +95,11 @@ public sealed class QoS1PendingMessage
public byte[] Payload { get; init; } = [];
public DateTime SentAtUtc { get; set; }
public int DeliveryCount { get; set; } = 1;
/// <summary>
/// JetStream stream sequence for this message. 0 if not backed by JetStream.
/// Used to ack the message in the stream on PUBACK.
/// Go reference: server/mqtt.go trackPublish — maps packet ID → stream sequence.
/// </summary>
public ulong StreamSequence { get; init; }
}

22
src/NATS.Server/Mqtt/MqttRetainedStore.cs
View File

@@ -110,6 +110,8 @@ public sealed class MqttRetainedStore
/// <summary>
/// Sets (or clears) the retained message and persists to backing store.
/// Uses the $MQTT_rmsgs stream with MaxMsgsPer=1 for per-subject latest-wins.
/// Empty payload = tombstone (delete retained).
/// Go reference: server/mqtt.go mqttHandleRetainedMsg with JetStream.
/// </summary>
public async Task SetRetainedAsync(string topic, ReadOnlyMemory<byte> payload, CancellationToken ct = default)
@@ -118,13 +120,17 @@ public sealed class MqttRetainedStore
if (_backingStore is not null)
{
var subject = $"{MqttProtocolConstants.RetainedMsgsStreamSubject}{topic}";
if (payload.IsEmpty)
{
// Clear — the in-memory clear above is sufficient for this implementation.
// A full implementation would publish a tombstone to JetStream.
// Tombstone: remove from stream
var msg = await _backingStore.LoadLastBySubjectAsync(subject, ct);
if (msg is not null)
await _backingStore.RemoveAsync(msg.Sequence, ct);
return;
}
await _backingStore.AppendAsync($"$MQTT.rmsgs.{topic}", payload, ct);
await _backingStore.AppendAsync(subject, payload, ct);
}
}
@@ -144,12 +150,10 @@ public sealed class MqttRetainedStore
if (_backingStore is not null)
{
var messages = await _backingStore.ListAsync(ct);
foreach (var msg in messages)
{
if (msg.Subject == $"$MQTT.rmsgs.{topic}")
return msg.Payload.ToArray();
}
var subject = $"{MqttProtocolConstants.RetainedMsgsStreamSubject}{topic}";
var msg = await _backingStore.LoadLastBySubjectAsync(subject, ct);
if (msg is not null)
return msg.Payload.ToArray();
}
return null;

32
src/NATS.Server/Mqtt/MqttSessionStore.cs
View File

@@ -372,25 +372,30 @@ public sealed class MqttSessionStore
if (cleanSession)
{
DeleteSession(clientId);
// For now the in-memory delete is sufficient; a full implementation would
// publish a tombstone or use sequence lookup to remove from JetStream.
// Remove from JetStream backing store
if (_backingStore is not null)
{
var subject = $"{MqttProtocolConstants.SessStreamSubjectPrefix}{clientId}";
var msg = await _backingStore.LoadLastBySubjectAsync(subject, ct);
if (msg is not null)
await _backingStore.RemoveAsync(msg.Sequence, ct);
}
return;
}
// Try to load from backing store
// Try to load from backing store using subject-keyed lookup
if (_backingStore is not null)
{
var messages = await _backingStore.ListAsync(ct);
foreach (var msg in messages)
var subject = $"{MqttProtocolConstants.SessStreamSubjectPrefix}{clientId}";
var msg = await _backingStore.LoadLastBySubjectAsync(subject, ct);
if (msg is not null)
{
if (msg.Subject == $"$MQTT.sess.{clientId}")
var data = System.Text.Json.JsonSerializer.Deserialize<MqttSessionData>(msg.Payload.Span);
if (data is not null)
{
var data = System.Text.Json.JsonSerializer.Deserialize<MqttSessionData>(msg.Payload.Span);
if (data is not null)
{
SaveSession(data);
}
break;
SaveSession(data);
}
}
}
@@ -412,6 +417,7 @@ public sealed class MqttSessionStore
/// <summary>
/// Saves the session to the backing JetStream store if available.
/// Uses the $MQTT_sess stream with MaxMsgsPer=1 for idempotent per-subject writes.
/// Go reference: server/mqtt.go mqttStoreSession.
/// </summary>
public async Task SaveSessionAsync(string clientId, CancellationToken ct = default)
@@ -421,7 +427,7 @@ public sealed class MqttSessionStore
return;
var json = System.Text.Json.JsonSerializer.SerializeToUtf8Bytes(session);
await _backingStore.AppendAsync($"$MQTT.sess.{clientId}", json, ct);
await _backingStore.AppendAsync($"{MqttProtocolConstants.SessStreamSubjectPrefix}{clientId}", json, ct);
}
/// <summary>

70
src/NATS.Server/Mqtt/MqttStreamInitializer.cs Normal file
View File

@@ -0,0 +1,70 @@
// Initializes the 5 internal MQTT JetStream streams per account.
// Go reference: golang/nats-server/server/mqtt.go mqttCreateAccountSessionManager ~line 600
// Stream creation for $MQTT_msgs, $MQTT_sess, $MQTT_rmsgs, $MQTT_qos2in, $MQTT_out.
using NATS.Server.JetStream;
using NATS.Server.JetStream.Models;
namespace NATS.Server.Mqtt;
/// <summary>
/// Lazily creates the 5 internal MQTT JetStream streams required for MQTT persistence.
/// Called on first MQTT connection per account.
/// Go reference: server/mqtt.go mqttCreateAccountSessionManager ~line 600.
/// </summary>
public sealed class MqttStreamInitializer
{
private readonly StreamManager _streamManager;
private volatile bool _initialized;
private readonly Lock _initLock = new();
public MqttStreamInitializer(StreamManager streamManager)
{
_streamManager = streamManager;
}
/// <summary>
/// Whether the MQTT streams have been initialized.
/// </summary>
public bool IsInitialized => _initialized;
/// <summary>
/// Ensures the 5 internal MQTT streams exist. Idempotent — safe to call multiple times.
/// Go reference: server/mqtt.go mqttCreateAccountSessionManager.
/// </summary>
public void EnsureStreams()
{
if (_initialized)
return;
lock (_initLock)
{
if (_initialized)
return;
CreateStream(MqttProtocolConstants.SessStreamName, [$"{MqttProtocolConstants.SessStreamSubjectPrefix}>"], maxMsgsPer: 1);
CreateStream(MqttProtocolConstants.StreamName, [$"{MqttProtocolConstants.StreamSubjectPrefix}>"], retention: RetentionPolicy.Interest);
CreateStream(MqttProtocolConstants.RetainedMsgsStreamName, [$"{MqttProtocolConstants.RetainedMsgsStreamSubject}>"], maxMsgsPer: 1);
CreateStream(MqttProtocolConstants.QoS2IncomingMsgsStreamName, [$"{MqttProtocolConstants.QoS2IncomingMsgsStreamSubjectPrefix}>"], maxMsgsPer: 1);
CreateStream(MqttProtocolConstants.OutStreamName, [$"{MqttProtocolConstants.OutSubjectPrefix}>"], retention: RetentionPolicy.Interest);
_initialized = true;
}
}
private void CreateStream(string name, List<string> subjects, RetentionPolicy retention = RetentionPolicy.Limits, int maxMsgsPer = 0)
{
if (_streamManager.Exists(name))
return;
_streamManager.CreateOrUpdate(new StreamConfig
{
Name = name,
Subjects = subjects,
Storage = StorageType.Memory,
Retention = retention,
MaxMsgsPer = maxMsgsPer,
Replicas = 1,
});
}
}

136
src/NATS.Server/Mqtt/MqttTopicMapper.cs Normal file
View File

@@ -0,0 +1,136 @@
// Full Go-parity MQTT topic ↔ NATS subject translation.
// Go reference: golang/nats-server/server/mqtt.go mqttToNATSSubjectConversion ~line 2200
//
// Rules:
// MQTT → NATS:
// '/' → '.' (separator)
// '+' → '*' (single-level wildcard)
// '#' → '>' (multi-level wildcard)
// '.' in MQTT topics must be escaped (replaced with a placeholder)
// Empty levels (leading/trailing/consecutive slashes) produce empty tokens
// '$' prefix topics are protected from wildcard matching per MQTT spec [MQTT-4.7.2-1]
//
// NATS → MQTT (reverse):
// '.' → '/'
// '*' → '+'
// '>' → '#'
using System.Text;
namespace NATS.Server.Mqtt;
/// <summary>
/// Translates MQTT topics/filters to NATS subjects and vice versa with full Go parity.
/// Go reference: mqtt.go mqttToNATSSubjectConversion, mqttNATSToMQTTSubjectConversion.
/// </summary>
public static class MqttTopicMapper
{
// Escape sequence for dots that appear in MQTT topic names.
// Go uses _DOT_ internally to represent a literal dot in the NATS subject.
private const string DotEscape = "_DOT_";
private const string DotEscapeReverse = ".";
/// <summary>
/// Translates an MQTT topic or filter to a NATS subject.
/// Handles wildcards, dot escaping, empty levels, and '$' prefix protection.
/// </summary>
public static string MqttToNats(string mqttTopic)
{
if (mqttTopic.Length == 0)
return string.Empty;
var sb = new StringBuilder(mqttTopic.Length);
for (var i = 0; i < mqttTopic.Length; i++)
{
switch (mqttTopic[i])
{
case '/':
sb.Append('.');
break;
case '+':
sb.Append('*');
break;
case '#':
sb.Append('>');
break;
case '.':
// Dots in MQTT topic names must be escaped for NATS
sb.Append(DotEscape);
break;
default:
sb.Append(mqttTopic[i]);
break;
}
}
return sb.ToString();
}
/// <summary>
/// Translates a NATS subject back to an MQTT topic.
/// Reverses the mapping: '.' → '/', '*' → '+', '>' → '#', '_DOT_' → '.'.
/// </summary>
public static string NatsToMqtt(string natsSubject)
{
if (natsSubject.Length == 0)
return string.Empty;
// First, replace _DOT_ escape sequences back to dots
var working = natsSubject.Replace(DotEscape, "\x00");
var sb = new StringBuilder(working.Length);
for (var i = 0; i < working.Length; i++)
{
switch (working[i])
{
case '.':
sb.Append('/');
break;
case '*':
sb.Append('+');
break;
case '>':
sb.Append('#');
break;
case '\x00':
sb.Append('.');
break;
default:
sb.Append(working[i]);
break;
}
}
return sb.ToString();
}
/// <summary>
/// Returns true if an MQTT topic starts with '$', which means it should
/// NOT be matched by wildcard subscriptions (MQTT spec [MQTT-4.7.2-1]).
/// Topics starting with '$' are reserved for system/server use.
/// </summary>
public static bool IsDollarTopic(string mqttTopic)
=> mqttTopic.Length > 0 && mqttTopic[0] == '$';
/// <summary>
/// Returns true if an MQTT topic filter starts with '$', indicating
/// it explicitly targets system topics.
/// </summary>
public static bool IsDollarFilter(string mqttFilter)
=> mqttFilter.Length > 0 && mqttFilter[0] == '$';
/// <summary>
/// Checks if a wildcard filter would match a '$' topic.
/// Per MQTT spec, wildcard filters (starting with '#' or '+') must NOT
/// match topics beginning with '$'. Only explicit '$' filters match '$' topics.
/// </summary>
public static bool WildcardMatchesDollarTopic(string mqttFilter, string mqttTopic)
{
if (!IsDollarTopic(mqttTopic))
return true; // non-$ topics are always matchable
// $ topics only matched by filters that also start with $
return IsDollarFilter(mqttFilter);
}
}

14
src/NATS.Server/NatsClient.cs
View File

@@ -21,10 +21,10 @@ namespace NATS.Server;
public interface IMessageRouter
{
void ProcessMessage(string subject, string? replyTo, ReadOnlyMemory<byte> headers,
ReadOnlyMemory<byte> payload, NatsClient sender);
void RemoveClient(NatsClient client);
void PublishConnectEvent(NatsClient client);
void PublishDisconnectEvent(NatsClient client);
ReadOnlyMemory<byte> payload, INatsClient sender);
void RemoveClient(INatsClient client);
void PublishConnectEvent(INatsClient client);
void PublishDisconnectEvent(INatsClient client);
}
public interface ISubListAccess
@@ -98,6 +98,12 @@ public sealed class NatsClient : INatsClient, IDisposable
public Account? Account { get; private set; }
public ClientPermissions? Permissions => _permissions;
/// <summary>
/// MQTT client-id for monitoring (/connz mqtt_client field).
/// Set when this NatsClient proxies an MQTT connection via MqttNatsClientAdapter.
/// </summary>
public string? MqttClientId { get; set; }
private readonly ClientFlagHolder _flags = new();
public bool ConnectReceived => _flags.HasFlag(ClientFlags.ConnectReceived);
public ClientClosedReason CloseReason { get; private set; }

169
src/NATS.Server/NatsServer.cs
View File

@@ -115,6 +115,13 @@ public sealed class NatsServer : IMessageRouter, ISubListAccess, IDisposable
public string ServerName => _serverInfo.ServerName;
public int ClientCount => _clients.Count;
public int Port => _options.Port;
/// <summary>
/// Returns the actual bound port of the MQTT listener, or null if MQTT is not enabled.
/// Used by VarzHandler for monitoring.
/// </summary>
public int? MqttListenerPort => _mqttListener?.Port;
public Account SystemAccount => _systemAccount;
public string ServerNKey { get; }
public InternalEventSystem? EventSystem => _eventSystem;
@@ -914,11 +921,23 @@ public sealed class NatsServer : IMessageRouter, ISubListAccess, IDisposable
if (_options.Mqtt is { Port: > 0 } mqttOptions)
{
var mqttHost = string.IsNullOrWhiteSpace(mqttOptions.Host) ? _options.Host : mqttOptions.Host;
// Create MQTT JetStream components if JetStream is enabled
MqttStreamInitializer? mqttStreamInit = null;
MqttConsumerManager? mqttConsumerMgr = null;
if (_jetStreamStreamManager != null && _jetStreamConsumerManager != null)
{
mqttStreamInit = new Mqtt.MqttStreamInitializer(_jetStreamStreamManager);
mqttConsumerMgr = new Mqtt.MqttConsumerManager(_jetStreamStreamManager, _jetStreamConsumerManager);
}
_mqttListener = new MqttListener(
mqttHost,
mqttOptions.Port,
mqttOptions.Username,
mqttOptions.Password);
_authService,
mqttOptions,
mqttStreamInit,
mqttConsumerMgr);
await _mqttListener.StartAsync(linked.Token);
}
if (_jetStreamService != null)
@@ -1316,8 +1335,12 @@ public sealed class NatsServer : IMessageRouter, ISubListAccess, IDisposable
}
public void ProcessMessage(string subject, string? replyTo, ReadOnlyMemory<byte> headers,
ReadOnlyMemory<byte> payload, NatsClient sender)
ReadOnlyMemory<byte> payload, INatsClient sender)
{
// Cast to NatsClient for operations that require it (JetStream pub-ack, stats).
// Non-NatsClient senders (e.g. MqttNatsClientAdapter) skip those code paths.
var natsClient = sender as NatsClient;
if (replyTo != null
&& subject.StartsWith("$JS.API", StringComparison.Ordinal)
&& _jetStreamApiRouter != null)
@@ -1327,10 +1350,11 @@ public sealed class NatsServer : IMessageRouter, ISubListAccess, IDisposable
// Go reference: consumer.go:4276 processNextMsgRequest
if (subject.StartsWith(JetStream.Api.JetStreamApiSubjects.ConsumerNext, StringComparison.Ordinal)
&& _jetStreamConsumerManager != null
&& _jetStreamStreamManager != null)
&& _jetStreamStreamManager != null
&& natsClient != null)
{
Interlocked.Increment(ref _stats.JetStreamApiTotal);
DeliverPullFetchMessages(subject, replyTo, payload, sender);
DeliverPullFetchMessages(subject, replyTo, payload, natsClient);
return;
}
@@ -1353,7 +1377,7 @@ public sealed class NatsServer : IMessageRouter, ISubListAccess, IDisposable
if (TryCaptureJetStreamPublish(subject, payload, out var pubAck))
{
sender.RecordJetStreamPubAck(pubAck);
natsClient?.RecordJetStreamPubAck(pubAck);
// Replicate data messages to cluster peers so their JetStream stores also capture them.
// Route forwarding below is gated on subscriber interest, which JetStream streams don't
@@ -1426,18 +1450,34 @@ public sealed class NatsServer : IMessageRouter, ISubListAccess, IDisposable
if (queueGroup.Length == 0) continue;
// Simple round-robin -- pick based on total delivered across group
var idx = Math.Abs((int)Interlocked.Increment(ref sender.OutMsgs)) % queueGroup.Length;
// Undo the OutMsgs increment -- it will be incremented properly in SendMessageNoFlush
Interlocked.Decrement(ref sender.OutMsgs);
for (int attempt = 0; attempt < queueGroup.Length; attempt++)
if (natsClient != null)
{
var sub = queueGroup[(idx + attempt) % queueGroup.Length];
if (sub.Client != null && (sub.Client != sender || (sender.ClientOpts?.Echo ?? true)))
var idx = Math.Abs((int)Interlocked.Increment(ref natsClient.OutMsgs)) % queueGroup.Length;
// Undo the OutMsgs increment -- it will be incremented properly in SendMessageNoFlush
Interlocked.Decrement(ref natsClient.OutMsgs);
for (int attempt = 0; attempt < queueGroup.Length; attempt++)
{
DeliverMessage(sub, subject, replyTo, headers, payload, pcd);
delivered = true;
break;
var sub = queueGroup[(idx + attempt) % queueGroup.Length];
if (sub.Client != null && (sub.Client != sender || (sender.ClientOpts?.Echo ?? true)))
{
DeliverMessage(sub, subject, replyTo, headers, payload, pcd);
delivered = true;
break;
}
}
}
else
{
// Non-NatsClient sender: simple first-match
foreach (var sub in queueGroup)
{
if (sub.Client != null && sub.Client != sender)
{
DeliverMessage(sub, subject, replyTo, headers, payload, pcd);
delivered = true;
break;
}
}
}
}
@@ -1471,9 +1511,9 @@ public sealed class NatsServer : IMessageRouter, ISubListAccess, IDisposable
// No-responders: if nobody received the message and the publisher
// opted in, send back a 503 status HMSG on the reply subject.
if (!delivered && replyTo != null && sender.ClientOpts?.NoResponders == true)
if (!delivered && replyTo != null && sender.ClientOpts?.NoResponders == true && natsClient != null)
{
SendNoResponders(sender, replyTo);
SendNoResponders(natsClient, replyTo);
}
}
@@ -2267,9 +2307,9 @@ public sealed class NatsServer : IMessageRouter, ISubListAccess, IDisposable
/// Publishes a $SYS.ACCOUNT.{account}.CONNECT advisory when a client
/// completes authentication. Maps to Go's sendConnectEvent in events.go.
/// </summary>
public void PublishConnectEvent(NatsClient client)
public void PublishConnectEvent(INatsClient client)
{
if (_eventSystem == null) return;
if (_eventSystem == null || client is not NatsClient natsClient) return;
var accountName = client.Account?.Name ?? Account.GlobalAccountName;
var subject = string.Format(EventSubjects.ConnectEvent, accountName);
var evt = new ConnectEventMsg
@@ -2277,7 +2317,7 @@ public sealed class NatsServer : IMessageRouter, ISubListAccess, IDisposable
Id = Guid.NewGuid().ToString("N"),
Time = DateTime.UtcNow,
Server = BuildEventServerInfo(),
Client = BuildEventClientInfo(client),
Client = BuildEventClientInfo(natsClient),
};
SendInternalMsg(subject, null, evt);
}
@@ -2286,9 +2326,9 @@ public sealed class NatsServer : IMessageRouter, ISubListAccess, IDisposable
/// Publishes a $SYS.ACCOUNT.{account}.DISCONNECT advisory when a client
/// disconnects. Maps to Go's sendDisconnectEvent in events.go.
/// </summary>
public void PublishDisconnectEvent(NatsClient client)
public void PublishDisconnectEvent(INatsClient client)
{
if (_eventSystem == null) return;
if (_eventSystem == null || client is not NatsClient natsClient) return;
var accountName = client.Account?.Name ?? Account.GlobalAccountName;
var subject = string.Format(EventSubjects.DisconnectEvent, accountName);
var evt = new DisconnectEventMsg
@@ -2296,62 +2336,71 @@ public sealed class NatsServer : IMessageRouter, ISubListAccess, IDisposable
Id = Guid.NewGuid().ToString("N"),
Time = DateTime.UtcNow,
Server = BuildEventServerInfo(),
Client = BuildEventClientInfo(client),
Client = BuildEventClientInfo(natsClient),
Sent = new DataStats
{
Msgs = Interlocked.Read(ref client.OutMsgs),
Bytes = Interlocked.Read(ref client.OutBytes),
Msgs = Interlocked.Read(ref natsClient.OutMsgs),
Bytes = Interlocked.Read(ref natsClient.OutBytes),
},
Received = new DataStats
{
Msgs = Interlocked.Read(ref client.InMsgs),
Bytes = Interlocked.Read(ref client.InBytes),
Msgs = Interlocked.Read(ref natsClient.InMsgs),
Bytes = Interlocked.Read(ref natsClient.InBytes),
},
Reason = client.CloseReason.ToReasonString(),
Reason = natsClient.CloseReason.ToReasonString(),
};
SendInternalMsg(subject, null, evt);
}
public void RemoveClient(NatsClient client)
public void RemoveClient(INatsClient client)
{
// Publish disconnect advisory before removing client state
if (client.ConnectReceived)
PublishDisconnectEvent(client);
if (client is not NatsClient natsClient)
{
// Non-NatsClient (e.g. MqttNatsClientAdapter) — basic cleanup
_clients.TryRemove(client.Id, out _);
var subList = client.Account?.SubList ?? _globalAccount.SubList;
client.Account?.RemoveClient(client.Id);
return;
}
_clients.TryRemove(client.Id, out _);
_logger.LogDebug("Removed client {ClientId}", client.Id);
// Publish disconnect advisory before removing client state
if (natsClient.ConnectReceived)
PublishDisconnectEvent(natsClient);
_clients.TryRemove(natsClient.Id, out _);
_logger.LogDebug("Removed client {ClientId}", natsClient.Id);
var (tlsPeerCertSubject, tlsPeerCertSubjectPkSha256, tlsPeerCertSha256) =
TlsPeerCertMapper.ToClosedFields(client.TlsState?.PeerCert);
var (jwt, issuerKey, tags) = ExtractJwtMetadata(client.ClientOpts?.JWT);
var proxyKey = ExtractProxyKey(client.ClientOpts?.Username);
TlsPeerCertMapper.ToClosedFields(natsClient.TlsState?.PeerCert);
var (jwt, issuerKey, tags) = ExtractJwtMetadata(natsClient.ClientOpts?.JWT);
var proxyKey = ExtractProxyKey(natsClient.ClientOpts?.Username);
// Snapshot for closed-connections tracking (ring buffer auto-overwrites oldest when full)
_closedClients.Add(new ClosedClient
{
Cid = client.Id,
Ip = client.RemoteIp ?? "",
Port = client.RemotePort,
Start = client.StartTime,
Cid = natsClient.Id,
Ip = natsClient.RemoteIp ?? "",
Port = natsClient.RemotePort,
Start = natsClient.StartTime,
Stop = DateTime.UtcNow,
Reason = client.CloseReason.ToReasonString(),
Name = client.ClientOpts?.Name ?? "",
Lang = client.ClientOpts?.Lang ?? "",
Version = client.ClientOpts?.Version ?? "",
AuthorizedUser = client.ClientOpts?.Username ?? "",
Account = client.Account?.Name ?? "",
InMsgs = Interlocked.Read(ref client.InMsgs),
OutMsgs = Interlocked.Read(ref client.OutMsgs),
InBytes = Interlocked.Read(ref client.InBytes),
OutBytes = Interlocked.Read(ref client.OutBytes),
NumSubs = (uint)client.Subscriptions.Count,
Rtt = client.Rtt,
TlsVersion = client.TlsState?.TlsVersion ?? "",
TlsCipherSuite = client.TlsState?.CipherSuite ?? "",
Reason = natsClient.CloseReason.ToReasonString(),
Name = natsClient.ClientOpts?.Name ?? "",
Lang = natsClient.ClientOpts?.Lang ?? "",
Version = natsClient.ClientOpts?.Version ?? "",
AuthorizedUser = natsClient.ClientOpts?.Username ?? "",
Account = natsClient.Account?.Name ?? "",
InMsgs = Interlocked.Read(ref natsClient.InMsgs),
OutMsgs = Interlocked.Read(ref natsClient.OutMsgs),
InBytes = Interlocked.Read(ref natsClient.InBytes),
OutBytes = Interlocked.Read(ref natsClient.OutBytes),
NumSubs = (uint)natsClient.Subscriptions.Count,
Rtt = natsClient.Rtt,
TlsVersion = natsClient.TlsState?.TlsVersion ?? "",
TlsCipherSuite = natsClient.TlsState?.CipherSuite ?? "",
TlsPeerCertSubject = tlsPeerCertSubject,
TlsPeerCertSubjectPkSha256 = tlsPeerCertSubjectPkSha256,
TlsPeerCertSha256 = tlsPeerCertSha256,
MqttClient = "", // populated when MQTT transport is implemented
MqttClient = natsClient.MqttClientId ?? "",
Stalls = 0,
Jwt = jwt,
IssuerKey = issuerKey,
@@ -2360,9 +2409,9 @@ public sealed class NatsServer : IMessageRouter, ISubListAccess, IDisposable
ProxyKey = proxyKey,
});
var subList = client.Account?.SubList ?? _globalAccount.SubList;
client.RemoveAllSubscriptions(subList);
client.Account?.RemoveClient(client.Id);
var ncSubList = natsClient.Account?.SubList ?? _globalAccount.SubList;
natsClient.RemoveAllSubscriptions(ncSubList);
natsClient.Account?.RemoveClient(natsClient.Id);
}
private void TrackEarlyClosedClient(Socket socket, ulong clientId, ClientClosedReason reason)