mirror of
https://github.com/zeromq/libzmq.git
synced 2024-12-27 07:31:03 +08:00
Shortened ZMQ_IPC_ACCEPT_FILTER_[UGP]ID to ZMQ_IPC_FILTER_[UGP]ID.
This commit is contained in:
parent
0a9a4fa904
commit
dc9b1309b9
@ -601,15 +601,15 @@ Default value:: no filters (allow from all)
|
||||
Applicable socket types:: all listening sockets, when using TCP transports.
|
||||
|
||||
|
||||
ZMQ_IPC_ACCEPT_FILTER_UID: Assign user ID filters to allow new IPC connections
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
ZMQ_IPC_FILTER_UID: Assign user ID filters to allow new IPC connections
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Assign an arbitrary number of filters that will be applied for each new IPC
|
||||
transport connection on a listening socket. If no IPC filters are applied, then
|
||||
the IPC transport allows connections from any process. If at least one UID,
|
||||
GID, or PID filter is applied then new connection credentials should be
|
||||
matched. To clear all UID filters call zmq_setsockopt(socket,
|
||||
ZMQ_IPC_ACCEPT_FILTER_UID, NULL, 0).
|
||||
ZMQ_IPC_FILTER_UID, NULL, 0).
|
||||
|
||||
NOTE: UID filters are only available on platforms supporting SO_PEERCRED or
|
||||
LOCAL_PEERCRED socket options (currently only Linux and later versions of
|
||||
@ -622,15 +622,15 @@ Default value:: no filters (allow from all)
|
||||
Applicable socket types:: all listening sockets, when using IPC transports.
|
||||
|
||||
|
||||
ZMQ_IPC_ACCEPT_FILTER_GID: Assign group ID filters to allow new IPC connections
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
ZMQ_IPC_FILTER_GID: Assign group ID filters to allow new IPC connections
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Assign an arbitrary number of filters that will be applied for each new IPC
|
||||
transport connection on a listening socket. If no IPC filters are applied, then
|
||||
the IPC transport allows connections from any process. If at least one UID,
|
||||
GID, or PID filter is applied then new connection credentials should be
|
||||
matched. To clear all GID filters call zmq_setsockopt(socket,
|
||||
ZMQ_IPC_ACCEPT_FILTER_GID, NULL, 0).
|
||||
ZMQ_IPC_FILTER_GID, NULL, 0).
|
||||
|
||||
NOTE: GID filters are only available on platforms supporting SO_PEERCRED or
|
||||
LOCAL_PEERCRED socket options (currently only Linux and later versions of
|
||||
@ -643,15 +643,15 @@ Default value:: no filters (allow from all)
|
||||
Applicable socket types:: all listening sockets, when using IPC transports.
|
||||
|
||||
|
||||
ZMQ_IPC_ACCEPT_FILTER_PID: Assign process ID filters to new IPC connections
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
ZMQ_IPC_FILTER_PID: Assign process ID filters to allow new IPC connections
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Assign an arbitrary number of filters that will be applied for each new IPC
|
||||
transport connection on a listening socket. If no IPC filters are applied, then
|
||||
the IPC transport allows connections from any process. If at least one UID,
|
||||
GID, or PID filter is applied then new connection credentials should be
|
||||
matched. To clear all PID filters call zmq_setsockopt(socket,
|
||||
ZMQ_IPC_ACCEPT_FILTER_PID, NULL, 0).
|
||||
ZMQ_IPC_FILTER_PID, NULL, 0).
|
||||
|
||||
NOTE: PID filters are only available on platforms supporting the SO_PEERCRED
|
||||
socket option (currently only Linux).
|
||||
|
@ -290,9 +290,9 @@ ZMQ_EXPORT int zmq_msg_set (zmq_msg_t *msg, int option, int optval);
|
||||
#define ZMQ_ZAP_DOMAIN 55
|
||||
#define ZMQ_ROUTER_HANDOVER 56
|
||||
#define ZMQ_TOS 57
|
||||
#define ZMQ_IPC_ACCEPT_FILTER_PID 58
|
||||
#define ZMQ_IPC_ACCEPT_FILTER_UID 59
|
||||
#define ZMQ_IPC_ACCEPT_FILTER_GID 60
|
||||
#define ZMQ_IPC_FILTER_PID 58
|
||||
#define ZMQ_IPC_FILTER_UID 59
|
||||
#define ZMQ_IPC_FILTER_GID 60
|
||||
|
||||
/* Message options */
|
||||
#define ZMQ_MORE 1
|
||||
|
@ -258,7 +258,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
|
||||
break;
|
||||
|
||||
# if defined ZMQ_HAVE_SO_PEERCRED || defined ZMQ_HAVE_LOCAL_PEERCRED
|
||||
case ZMQ_IPC_ACCEPT_FILTER_UID:
|
||||
case ZMQ_IPC_FILTER_UID:
|
||||
if (optvallen_ == 0 && optval_ == NULL) {
|
||||
ipc_uid_accept_filters.clear ();
|
||||
return 0;
|
||||
@ -270,7 +270,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
|
||||
}
|
||||
break;
|
||||
|
||||
case ZMQ_IPC_ACCEPT_FILTER_GID:
|
||||
case ZMQ_IPC_FILTER_GID:
|
||||
if (optvallen_ == 0 && optval_ == NULL) {
|
||||
ipc_gid_accept_filters.clear ();
|
||||
return 0;
|
||||
@ -284,7 +284,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
|
||||
# endif
|
||||
|
||||
# if defined ZMQ_HAVE_SO_PEERCRED
|
||||
case ZMQ_IPC_ACCEPT_FILTER_PID:
|
||||
case ZMQ_IPC_FILTER_PID:
|
||||
if (optvallen_ == 0 && optval_ == NULL) {
|
||||
ipc_pid_accept_filters.clear ();
|
||||
return 0;
|
||||
|
@ -131,28 +131,28 @@ int main (void)
|
||||
}
|
||||
|
||||
// Test filter with UID of process owner
|
||||
run_test<uid_t> (ZMQ_IPC_ACCEPT_FILTER_UID, getuid(), 0, 1);
|
||||
run_test<uid_t> (ZMQ_IPC_FILTER_UID, getuid(), 0, 1);
|
||||
// Test filter with UID of another (possibly non-existent) user
|
||||
run_test<uid_t> (ZMQ_IPC_ACCEPT_FILTER_UID, getuid() + 1, 0, -1);
|
||||
run_test<uid_t> (ZMQ_IPC_FILTER_UID, getuid() + 1, 0, -1);
|
||||
// Test filter with GID of process owner
|
||||
run_test<gid_t> (ZMQ_IPC_ACCEPT_FILTER_GID, group, 0, 1);
|
||||
run_test<gid_t> (ZMQ_IPC_FILTER_GID, group, 0, 1);
|
||||
// Test filter with supplimental group of process owner
|
||||
run_test<gid_t> (ZMQ_IPC_ACCEPT_FILTER_GID, supgroup, 0, 1);
|
||||
run_test<gid_t> (ZMQ_IPC_FILTER_GID, supgroup, 0, 1);
|
||||
// Test filter with GID of another (possibly non-existent) group
|
||||
run_test<gid_t> (ZMQ_IPC_ACCEPT_FILTER_GID, notgroup, 0, -1);
|
||||
run_test<gid_t> (ZMQ_IPC_FILTER_GID, notgroup, 0, -1);
|
||||
# if defined ZMQ_HAVE_SO_PEERCRED
|
||||
// Test filter with PID of current process
|
||||
run_test<pid_t> (ZMQ_IPC_ACCEPT_FILTER_PID, getpid(), 0, 1);
|
||||
run_test<pid_t> (ZMQ_IPC_FILTER_PID, getpid(), 0, 1);
|
||||
// Test filter with PID of another (possibly non-existent) process
|
||||
run_test<pid_t> (ZMQ_IPC_ACCEPT_FILTER_PID, getpid() + 1, 0, -1);
|
||||
run_test<pid_t> (ZMQ_IPC_FILTER_PID, getpid() + 1, 0, -1);
|
||||
# else
|
||||
// Setup of PID filter should fail with operation not supported error
|
||||
run_test<pid_t> (ZMQ_IPC_ACCEPT_FILTER_PID, getpid(), EINVAL, 0);
|
||||
run_test<pid_t> (ZMQ_IPC_FILTER_PID, getpid(), EINVAL, 0);
|
||||
# endif
|
||||
#else
|
||||
run_test<uid_t> (ZMQ_IPC_ACCEPT_FILTER_UID, 0, EINVAL, 0);
|
||||
run_test<gid_t> (ZMQ_IPC_ACCEPT_FILTER_GID, 0, EINVAL, 0);
|
||||
run_test<pid_t> (ZMQ_IPC_ACCEPT_FILTER_PID, 0, EINVAL, 0);
|
||||
run_test<uid_t> (ZMQ_IPC_FILTER_UID, 0, EINVAL, 0);
|
||||
run_test<gid_t> (ZMQ_IPC_FILTER_GID, 0, EINVAL, 0);
|
||||
run_test<pid_t> (ZMQ_IPC_FILTER_PID, 0, EINVAL, 0);
|
||||
#endif // defined ZMQ_HAVE_SO_PEERCRED || defined ZMQ_HAVE_LOCAL_PEERCRED
|
||||
|
||||
return 0 ;
|
||||
|
Loading…
x
Reference in New Issue
Block a user