Fix various spec compliance gaps

[embhorn]

Thanks to @LiD0209 for the excellent issue reports

• Fix SUBSCRIBE / UNSUBSCIRIBE / PUBREL Fixed-Header Flags Do Not Trigger Malformed Close
  • Fixes Invalid SUBSCRIBE Fixed-Header Flags Do Not Trigger Malformed Close #486
  • Fixes Invalid UNSUBSCRIBE Fixed-Header Flags Do Not Trigger Malformed Close #487
  • Fixes PUBREL Fixed Header Reserved Bits Are Not Validated #488
  • Fixes SUBSCRIBE / UNSUBSCRIBE Fixed-Header Reserved Bits #492
  • Fixes PUBLISH QoS Bits 11 Are Accepted Instead of Rejected #502
• Fix Zero-Length ClientId Unique Assignment
  • Fixes Zero-Length ClientId Unique Assignment Is Incomplete #491
  • Fixes Zero-Length ClientId Is Not Bound to CleanSession #493
• Fix UTF-8 Well-Formed Validation
  • Fixes UTF-8 Well-Formed Validation Is Missing #495 (requires rebase after Reject null chars in strings #503)
• Fix Unsupported Protocol Level Is Not Rejected with CONNACK 0x01
  • Fixes Unsupported Protocol Level Is Not Rejected with CONNACK 0x01 #496
• Fix CONNACK Flags Receive-Side Validation
  • Fixes CONNACK Flags Receive-Side Validation Is Insufficient #497
• Fix PUBLISH DUP Initial-Send and QoS0 Constraint Is Not Enforced by the Generic Encoder
  • Fixes PUBLISH DUP Initial-Send and QoS0 Constraint Is Not Enforced by the Generic Encoder #498
• Handle QoS2 Duplicate PUBLISH Forwarded Before PUBREL
  • Fixes wolfMQTT QoS2 Duplicate PUBLISH Forwarded Before PUBREL #506
• Fix Packet Identifier In-Use Collision Is Not Rejected
  • Fixes Packet Identifier In-Use Collision Is Not Rejected #507
• Fix Packet Identifier Zero Acceptance on Receive Paths
• Fixes Packet Identifier Zero Acceptance on Receive Paths #509
• Fix Packet Identifier Reuse State Is Not Centrally Modeled
  • Fixes Packet Identifier Reuse State Is Not Centrally Modeled #510
• Fix Password Flag 0 Extra Payload Is Accepted
  • Fixes Password Flag 0 Extra Payload Is Accepted #511
• Fix Password Flag Without User Name Flag Is Accepted
  • Fixes Password Flag Without User Name Flag Is Accepted #512
• Fix CONNECT Flags Cross-Constraint Violations Are Accepted
  • Fixes CONNECT Flags Cross-Constraint Violations Are Accepted #513
• Fix Empty SUBSCRIBE and UNSUBSCRIBE Payloads Are Accepted
  • Fixes Empty SUBSCRIBE and UNSUBSCRIBE Payloads Are Accepted #514
• Fix PINGREQ, PINGRESP, and DISCONNECT Nonzero Remaining Length Is Accepted
  • Fixes PINGREQ, PINGRESP, and DISCONNECT Nonzero Remaining Length Is Accepted #515
• Fix PUBACK, PUBREC, PUBREL, and PUBCOMP Accept Extra Payload in MQTT 3.x
  • Fixes PUBREL and PUBCOMP Accept Extra Payload in MQTT 3.x #516
  • Fixes PUBACK and PUBREC Accept Extra Payload in MQTT 3.x #517
• Fix SUBSCRIBE Requested QoS Options Are Accepted Without Strict Validation
  • Fixes SUBSCRIBE Requested QoS Options Are Accepted Without Strict Validation #518
• Test DISCONNECT Fixed Header Reserved Bits Are Not Validated
  • Fixes DISCONNECT Fixed Header Reserved Bits Are Not Validated #519
• Fix Retained Message QoS Is Not Stored
  • Fixes Retained Message QoS Is Not Stored #520
• Fix SUBACK Return Code issues
  • Fixes SUBACK Return Code Receive Validation Is Missing #521
  • Fixes SUBACK Return Code Helper Guard Is Incomplete #522
• Fix CONNACK Session Present Is Not Set When a Persistent Session Is Resumed
  • Fixes CONNACK Session Present Is Not Set When a Persistent Session Is Resumed #523
• Fix topic filtering issues
  • Fixes Topic Filter Multi-Level Wildcard Validation Is Missing #524
  • Fixes Empty Topic Filters Are Accepted #525
  • Fixes Wildcard Subscription Rejection Is Missing When Wildcards Are Disabled #526
  • Fixes Topic Filter Single-Level Wildcard Validation Is Missing #527
• Fix PUBLISH Topic Names validation
  • Fixes Empty PUBLISH Topic Names Are Accepted #528
  • Fixes PUBLISH Topic Name Wildcard Validation Is Missing on Encode Path #529
• Fix CONNECT User Name Validation
  • Fixes User Name Flag 0 Extra Payload Is Accepted #530
  • Fixes CONNECT User Name UTF-8 Validation Is Missing #531
• Fix LWT Validation Issues
  • Fixes Will Flag 0 Extra Will Payload Is Accepted #532
  • Fixes Reserved Will QoS Value 3 Is Accepted #533
  • Fixes Will Topic UTF-8 Validation Is Missing #534
  • Fixes Will Topic U+0000 Rejection Is Missing #535

[Copilot]

Pull request overview

This PR targets MQTT v3.1.1 compliance for fixed-header reserved flags (notably SUBSCRIBE) by validating the first-byte flag nibble during decode/dispatch and ensuring malformed packets lead to connection close in the broker.

Changes:

• Add a public helper to validate fixed-header reserved flags (MqttPacket_FixedHeaderFlagsValid) and use it from MqttDecode_FixedHeader.
• Update broker dispatch to (a) pre-validate fixed-header flags for packet types not run through decoders and (b) close connections when handlers report malformed/protocol errors.
• Add unit tests covering canonical/invalid fixed-header flag permutations and end-to-end decode rejection for SUBSCRIBE/UNSUBSCRIBE/PUBREL and malformed PUBLISH flags.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 4 comments.

File	Description
wolfmqtt/mqtt_packet.h	Exposes new fixed-header flag validation helper as public API.
src/mqtt_packet.c	Implements reserved-flag validation and enforces it in MqttDecode_FixedHeader.
src/mqtt_broker.c	Closes connections on malformed packets by validating flags pre-dispatch and honoring handler error returns.
tests/test_mqtt_packet.c	Adds coverage for valid/invalid reserved-flag nibbles and malformed PUBLISH QoS/DUP combinations.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

This check only validates the low-nibble fixed-header flags; it does not ensure the packet type itself is supported in the current session. As a result, packet types that the broker does not handle (e.g., AUTH, or RESERVED/unknown types) can pass this validation and then hit the switch default: (no-op), keeping the connection open and updating last_rx. Consider explicitly treating unsupported/unknown packet types as malformed here (and closing the connection), and additionally rejecting AUTH when bc->protocol_level < MQTT_CONNECT_PROTOCOL_LEVEL_5.

[Copilot]

The new fixed-header flag validator tests don’t cover reserved/unknown packet types (e.g., first byte 0x00 / packet type 0). Since the broker uses this helper as a gate before dispatch, it’s worth adding an assertion that reserved/unknown packet types are treated as invalid (or, if that’s intentionally out of scope for this helper, adding a separate broker-level test that reserved types trigger disconnect).

[Copilot]

The comment tag references [MQTT-2.2.2-1], but the reserved fixed-header flag requirement being implemented here is [MQTT-2.2.2-2] (as also referenced elsewhere in this PR). Please correct the spec reference to avoid confusion when auditing compliance behavior.

Suggested change

	/* [MQTT-2.2.2-1] Required fixed-header reserved-flag values per packet type.
	/* [MQTT-2.2.2-2] Required fixed-header reserved-flag values per packet type.

[Copilot]

MqttPacket_FixedHeaderFlagsValid currently returns 1 for unknown/reserved packet types (including type=0). That makes it unsafe to use as a protocol-level malformed check (e.g., in the broker), because reserved/unknown types will pass this validation and can be silently ignored downstream. Consider returning 0 for MQTT_PACKET_TYPE_RESERVED and for any unrecognized packet type, or otherwise making callers explicitly reject reserved/unknown types before treating a packet as valid.

Suggested change

	/* Unknown/reserved type: this helper validates the flag nibble only.
	* Callers are responsible for rejecting unknown packet types. */
	return 1;
	/* Reject reserved/unknown packet types so this helper is safe to use
	* as a protocol-level malformed packet check. */
	return 0;