0
0
mirror of https://github.com/zeromq/libzmq.git synced 2024-12-27 07:31:03 +08:00

Shortened ZMQ_IPC_ACCEPT_FILTER_[UGP]ID to ZMQ_IPC_FILTER_[UGP]ID.

This commit is contained in:
Brandon Carpenter 2013-12-06 09:58:10 -08:00
parent 0a9a4fa904
commit dc9b1309b9
4 changed files with 26 additions and 26 deletions

View File

@ -601,15 +601,15 @@ Default value:: no filters (allow from all)
Applicable socket types:: all listening sockets, when using TCP transports.
ZMQ_IPC_ACCEPT_FILTER_UID: Assign user ID filters to allow new IPC connections
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ZMQ_IPC_FILTER_UID: Assign user ID filters to allow new IPC connections
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Assign an arbitrary number of filters that will be applied for each new IPC
transport connection on a listening socket. If no IPC filters are applied, then
the IPC transport allows connections from any process. If at least one UID,
GID, or PID filter is applied then new connection credentials should be
matched. To clear all UID filters call zmq_setsockopt(socket,
ZMQ_IPC_ACCEPT_FILTER_UID, NULL, 0).
ZMQ_IPC_FILTER_UID, NULL, 0).
NOTE: UID filters are only available on platforms supporting SO_PEERCRED or
LOCAL_PEERCRED socket options (currently only Linux and later versions of
@ -622,15 +622,15 @@ Default value:: no filters (allow from all)
Applicable socket types:: all listening sockets, when using IPC transports.
ZMQ_IPC_ACCEPT_FILTER_GID: Assign group ID filters to allow new IPC connections
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ZMQ_IPC_FILTER_GID: Assign group ID filters to allow new IPC connections
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Assign an arbitrary number of filters that will be applied for each new IPC
transport connection on a listening socket. If no IPC filters are applied, then
the IPC transport allows connections from any process. If at least one UID,
GID, or PID filter is applied then new connection credentials should be
matched. To clear all GID filters call zmq_setsockopt(socket,
ZMQ_IPC_ACCEPT_FILTER_GID, NULL, 0).
ZMQ_IPC_FILTER_GID, NULL, 0).
NOTE: GID filters are only available on platforms supporting SO_PEERCRED or
LOCAL_PEERCRED socket options (currently only Linux and later versions of
@ -643,15 +643,15 @@ Default value:: no filters (allow from all)
Applicable socket types:: all listening sockets, when using IPC transports.
ZMQ_IPC_ACCEPT_FILTER_PID: Assign process ID filters to new IPC connections
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ZMQ_IPC_FILTER_PID: Assign process ID filters to allow new IPC connections
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Assign an arbitrary number of filters that will be applied for each new IPC
transport connection on a listening socket. If no IPC filters are applied, then
the IPC transport allows connections from any process. If at least one UID,
GID, or PID filter is applied then new connection credentials should be
matched. To clear all PID filters call zmq_setsockopt(socket,
ZMQ_IPC_ACCEPT_FILTER_PID, NULL, 0).
ZMQ_IPC_FILTER_PID, NULL, 0).
NOTE: PID filters are only available on platforms supporting the SO_PEERCRED
socket option (currently only Linux).

View File

@ -290,9 +290,9 @@ ZMQ_EXPORT int zmq_msg_set (zmq_msg_t *msg, int option, int optval);
#define ZMQ_ZAP_DOMAIN 55
#define ZMQ_ROUTER_HANDOVER 56
#define ZMQ_TOS 57
#define ZMQ_IPC_ACCEPT_FILTER_PID 58
#define ZMQ_IPC_ACCEPT_FILTER_UID 59
#define ZMQ_IPC_ACCEPT_FILTER_GID 60
#define ZMQ_IPC_FILTER_PID 58
#define ZMQ_IPC_FILTER_UID 59
#define ZMQ_IPC_FILTER_GID 60
/* Message options */
#define ZMQ_MORE 1

View File

@ -258,7 +258,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
break;
# if defined ZMQ_HAVE_SO_PEERCRED || defined ZMQ_HAVE_LOCAL_PEERCRED
case ZMQ_IPC_ACCEPT_FILTER_UID:
case ZMQ_IPC_FILTER_UID:
if (optvallen_ == 0 && optval_ == NULL) {
ipc_uid_accept_filters.clear ();
return 0;
@ -270,7 +270,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
}
break;
case ZMQ_IPC_ACCEPT_FILTER_GID:
case ZMQ_IPC_FILTER_GID:
if (optvallen_ == 0 && optval_ == NULL) {
ipc_gid_accept_filters.clear ();
return 0;
@ -284,7 +284,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
# endif
# if defined ZMQ_HAVE_SO_PEERCRED
case ZMQ_IPC_ACCEPT_FILTER_PID:
case ZMQ_IPC_FILTER_PID:
if (optvallen_ == 0 && optval_ == NULL) {
ipc_pid_accept_filters.clear ();
return 0;

View File

@ -131,28 +131,28 @@ int main (void)
}
// Test filter with UID of process owner
run_test<uid_t> (ZMQ_IPC_ACCEPT_FILTER_UID, getuid(), 0, 1);
run_test<uid_t> (ZMQ_IPC_FILTER_UID, getuid(), 0, 1);
// Test filter with UID of another (possibly non-existent) user
run_test<uid_t> (ZMQ_IPC_ACCEPT_FILTER_UID, getuid() + 1, 0, -1);
run_test<uid_t> (ZMQ_IPC_FILTER_UID, getuid() + 1, 0, -1);
// Test filter with GID of process owner
run_test<gid_t> (ZMQ_IPC_ACCEPT_FILTER_GID, group, 0, 1);
run_test<gid_t> (ZMQ_IPC_FILTER_GID, group, 0, 1);
// Test filter with supplimental group of process owner
run_test<gid_t> (ZMQ_IPC_ACCEPT_FILTER_GID, supgroup, 0, 1);
run_test<gid_t> (ZMQ_IPC_FILTER_GID, supgroup, 0, 1);
// Test filter with GID of another (possibly non-existent) group
run_test<gid_t> (ZMQ_IPC_ACCEPT_FILTER_GID, notgroup, 0, -1);
run_test<gid_t> (ZMQ_IPC_FILTER_GID, notgroup, 0, -1);
# if defined ZMQ_HAVE_SO_PEERCRED
// Test filter with PID of current process
run_test<pid_t> (ZMQ_IPC_ACCEPT_FILTER_PID, getpid(), 0, 1);
run_test<pid_t> (ZMQ_IPC_FILTER_PID, getpid(), 0, 1);
// Test filter with PID of another (possibly non-existent) process
run_test<pid_t> (ZMQ_IPC_ACCEPT_FILTER_PID, getpid() + 1, 0, -1);
run_test<pid_t> (ZMQ_IPC_FILTER_PID, getpid() + 1, 0, -1);
# else
// Setup of PID filter should fail with operation not supported error
run_test<pid_t> (ZMQ_IPC_ACCEPT_FILTER_PID, getpid(), EINVAL, 0);
run_test<pid_t> (ZMQ_IPC_FILTER_PID, getpid(), EINVAL, 0);
# endif
#else
run_test<uid_t> (ZMQ_IPC_ACCEPT_FILTER_UID, 0, EINVAL, 0);
run_test<gid_t> (ZMQ_IPC_ACCEPT_FILTER_GID, 0, EINVAL, 0);
run_test<pid_t> (ZMQ_IPC_ACCEPT_FILTER_PID, 0, EINVAL, 0);
run_test<uid_t> (ZMQ_IPC_FILTER_UID, 0, EINVAL, 0);
run_test<gid_t> (ZMQ_IPC_FILTER_GID, 0, EINVAL, 0);
run_test<pid_t> (ZMQ_IPC_FILTER_PID, 0, EINVAL, 0);
#endif // defined ZMQ_HAVE_SO_PEERCRED || defined ZMQ_HAVE_LOCAL_PEERCRED
return 0 ;