0
0
mirror of https://github.com/zeromq/libzmq.git synced 2025-01-22 07:29:31 +08:00

1869 Commits

Author SHA1 Message Date
Pieter Hintjens
79d578ef0b Merge pull request #1100 from hurtonm/master
Add support for SOCKS proxies
2014-06-22 23:42:23 +02:00
Martin Hurton
f06ca69ae9 Add support for SOCKS proxies
This is still raw and experimental.
To connect through a SOCKS proxy, set ZMQ_SOCKS_PROXY socket option on
socket before issuing a connect call, e.g.:

    zmq_setsockopt (s, ZMQ_SOCKS_PROXY,
        "127.0.0.1:22222", strlen ("127.0.0.1:22222"));
    zmq_connect (s, "tcp://127.0.0.1:5555");

Known limitations:
- only SOCKS version 5 supported
- authentication not supported
- new option is still undocumented
2014-06-22 23:19:33 +02:00
chrox
bdf6427a00 Fixed build with arm-linux-androideabi toolchain 2014-06-22 18:13:05 +08:00
Pieter Hintjens
f11d673ba9 Problem: need way to probe library capabilities
As libzmq is compiled with optional transports and security mechanisms,
there is no clean way for applications to determine what capabilities
are actually available in a given libzmq instance.

Solution: provide an API specifically for capability reporting. The
zmq_has () method is meant to be open ended. It accepts a string so
that we can add arbitrary capabilities without breaking existing
applications.

zmq.h also defines ZMQ_HAS_CAPABILITIES when this method is provided.
2014-06-18 15:19:07 +02:00
Pieter Hintjens
27547bc9bc Problem: when libgssapi isn't available, GSSAPI options 'seem' to work
Solution: use same approach as for libsodium/CURVE, i.e. return EINVAL
if the library isn't present when libzmq builds, and the application
still tries to use these options in zmq_getsockopt/setsockopt.
2014-06-17 16:32:47 +02:00
Pieter Hintjens
1beb54cef0 Added militant API checking on zmq_getsockopt 2014-06-17 16:24:56 +02:00
Pieter Hintjens
d0667461f0 Fixed build: malformed only defined when needed. 2014-06-17 16:14:19 +02:00
Pieter Hintjens
b4ed3f5506 Problem: API violations are treated as recoverable errors
The example is applications passing invalid arguments to a socket option
and then failing to check the return code. The results can be very hard
to diagnose. Here are some threads that show the pain this causes:

* https://github.com/zeromq/zyre/issues/179
* http://lists.zeromq.org/pipermail/zeromq-dev/2014-June/026388.html

One common argument is that a library should never assert, and should
pass errors back to the calling application. The counter argument is
that when an application is broken enough to pass garbage to libzmq,
it cannot be trusted to handle the resulting errors properly. Empirical
evidence from CZMQ, where we systematically assert on bad arguments, is
that this militant approach makes applications more, not less, robust.

I don't see any valid use cases for returning errors on bad arguments,
with one exception: zmq_setsockopt can be used to probe whether libzmq
was e.g. built with CURVE security. I'd argue that it's nasty to use a
side effect like this. If apps need to probe how libzmq was built, this
should be done explicitly, and for ALL build options, not just CURVE.

There are/were no libzmq test cases that check the return code for an
invalid option.

For now I've enabled militant assertions using --with-militant at
configure time. However I'd like to make this the default setting.
2014-06-17 16:00:55 +02:00
Richard Newton
1d236d81c8 Merge pull request #1090 from hintjens/master
Problem: zmq_ctx_get (ZMQ_MAX_SOCKETS) returns gibberish
2014-06-16 08:45:37 +01:00
Martin Hurton
b62d1c7d5f Code cleanup 2014-06-15 19:45:09 +02:00
Pieter Hintjens
39455c2114 Problem: zmq_ctx_get (ZMQ_MAX_SOCKETS) returns gibberish
Well, not gibberish, but 2^31 on Linux, which is useless. The code
should probably use getrlimit on Linux and other calls depending on
the system. For now I've set the ceiling at 64K.
2014-06-11 18:24:39 +02:00
Jan Kryl
cc4c37dc62 program dumps core when getpeername() returns EINVAL (#1085) 2014-06-10 16:11:00 -04:00
Olaf Mandel
ab5775fb00 Fix failed assertion for WSAENOTSOCK
In de9eef306, the error number assigned to WSAENOTSOCK was EFAULT, but
zmq.cpp:919 expects an ENOTSOCK in this case.
2014-06-10 14:45:04 +02:00
Martin Hurton
706eb4da8d Code cleanup 2014-06-07 23:05:45 +02:00
Matthias Kluwe
fa95d0b5e8 removed whitespace
(accidentially used my preferred style)
2014-06-05 19:39:15 +02:00
Matthias Kluwe
5154c544ff handle WSAEADDRINUSE in tcp_connecter_t::connect
As mentioned on the mailing list, Windows may return WSAEADDRINUSE when binding
(reconnecting) to a port. Added this to the handled error codes as Pieter
suggested.
2014-06-05 19:29:42 +02:00
Olaf Mandel
de9eef3063 Extend zmq::wsa_error_to_errno()
The list of error codes is taken from zmq::wsa_error_no(). Most of the
new WSA error codes result in EFAULT, but some return a more specific
value (even EAGAIN).

Fixes #1071
2014-06-04 17:28:01 +02:00
Richard Newton
c9e86acf61 Set up hwm's before we connect the other end of the pipe in ctx_t::connect_inproc_sockets 2014-06-04 12:13:15 +01:00
Martin Hurton
f447386936 Style fixes 2014-06-03 10:42:29 +02:00
Martin Hurton
dd2be381ad Add const qualifier to register_endpoint param 2014-05-23 12:27:01 +02:00
Martin Hurton
3901d94b27 Fix race condition in connecting inproc sockets 2014-05-22 09:09:45 +02:00
Martin Hurton
414fc86b22 Code cleanup
- limit visibility of pending_connection_t
- add const qualifiers
2014-05-21 13:08:15 +02:00
Martin Hurton
5f4145e7cb Small code cleanup
- add const modifier to address parameter of event generating functions
2014-05-20 21:48:59 +02:00
Martin Hurton
32b3daad7e PLAIN: Small simplification 2014-05-19 20:45:42 +02:00
Pieter Hintjens
77f5f7adae Merge pull request #1043 from hurtonm/dont_reconnect_on_protocol_errors
Don't reconnect on protocol errors
2014-05-18 10:53:32 +02:00
Pieter Hintjens
de639c34ae Merge pull request #1042 from hurtonm/master
Fix bug in reporting protocol errors
2014-05-18 10:09:38 +02:00
Martin Hurton
045dab91a5 Merge pull request #1037 from hintjens/master
Problem: artificial restriction on binary identities
2014-05-18 09:14:06 +02:00
Martin Hurton
9a53f334d2 Don't reconnect on protocol errors 2014-05-18 08:49:29 +02:00
Martin Hurton
ed076d4620 Fix bug in reporting protocol errors 2014-05-18 08:30:40 +02:00
Martin Hurton
7d3fa3afcb Tell the session why the engine has stopped 2014-05-17 21:04:38 +02:00
Pieter Hintjens
aad54b2a8b Whitespace fixes 2014-05-16 16:00:37 +02:00
Pieter Hintjens
a178097f95 Problem: artificial restriction on binary identities
Applications that use ZMQ_IDENTITY can be trapped by the artificial
restriction on not using a binary zero as first byte. It's specially
nasty on random generated identities, e.g. UUIDs, as the chance of a
binary zero is low, so it will pass 255 out of 256 times.

Solution: remove the restriction.
2014-05-16 16:00:37 +02:00
Martin Hurton
bd73119e2b CURVE: Implement server-side ERROR handling 2014-05-16 07:25:29 +02:00
Martin Hurton
0750303bfe CURVE: Implement client-side ERROR handling 2014-05-15 06:39:45 +02:00
Martin Hurton
410f891599 Prefix error-reason with length in ERROR command 2014-05-14 14:13:13 +02:00
Martin Hurton
dd6a4fe806 NULL: Correct ERROR command format 2014-05-14 06:52:55 +02:00
Martin Hurton
164ff4be6b Remove debugging output 2014-05-14 06:35:08 +02:00
Martin Hurton
57546f4ecb PLAIN: Implement ERROR handling in server 2014-05-14 06:23:47 +02:00
Martin Hurton
8651b55797 PLAIN: Fix parsing of ERROR command 2014-05-14 06:23:47 +02:00
Martin Hurton
6b8513744c PLAIN: Implement ERROR handling in client 2014-05-13 18:34:48 +02:00
Stoian Ivanov
8fcefed43f patch cleanup 2014-05-12 10:40:24 +03:00
Stoian Ivanov
d5991d6728 merge to upstream 2014-05-12 10:24:31 +03:00
Martin Hurton
22d6a97403 Split plain_mechanism into client and server part 2014-05-12 06:10:56 +02:00
Stoian Ivanov
acb71e0096 store also here! 2014-05-10 14:06:37 +03:00
Will Strang
afe5fd87e9 Issue #1017: add ZMQ_HANDSHAKE_IVL time limit on connection handshake 2014-05-09 13:54:24 +00:00
Frank
b846f3075c ws 2014-05-09 00:07:02 +02:00
Frank
8962b7de45 removed return code check for now, got -1 in test_security_curve. 2014-05-09 00:04:20 +02:00
Frank
05ab9a848f find libsodium with cmake 2014-05-09 00:04:19 +02:00
Frank
2cdfa1fff3 initialize libsodium and tweetnacl 2014-05-09 00:04:19 +02:00
Martin Hurton
934560b559 NULL: Implement ERROR handling
NULL mechanism sends ERROR command rather than READY command when ZAP
handler rejects the ZAP request (status code != "200"). The body of
ERROR command contains the status code as returned by ZAP handler.
2014-05-07 16:49:56 +02:00
Martin Hurton
43d8252446 Update gssapi mechanism 2014-05-06 17:49:26 +02:00
Martin Hurton
0be8144176 Update mechanism API so we can check for ERROR status 2014-05-06 17:08:56 +02:00
Franco Fichtner
fff29a4a0c ipc: fail harder for abstract ipc on non-Linux
Using 'ipc://@abstract-socket' on non-Linux platforms yields inconsistent
behaviour.  Abstract sockets don't exist, so the literal file is created.
The test previously failed, but for a different reason: this is not the
directory you are looking for.  Now, zmq_bind() will fail for the right
reason: the socket can't be created.  Put the XFAIL back.
2014-05-05 23:26:06 +02:00
Franco Fichtner
8c09ae6e49 gssapi: RFC 2744 mandates GSS_C_NT_HOSTBASED_SERVICE
Tested on FreeBSD 10.
2014-05-05 22:03:53 +02:00
Martin Hurton
dcd1f2038e Minor renaming 2014-05-05 19:52:53 +02:00
Martin Hurton
f2807d11a0 Remove i_properties interface
We use metadata_t directly. No need for generic interface now.
2014-05-03 21:03:49 +02:00
Richard Newton
2f08477292 Initialise _has_src_addr variable, fixes hang on Windows. 2014-05-03 13:59:37 +01:00
Pieter Hintjens
b06474312d ZAP vs. ZMTP metadata priority fixed 2014-05-02 23:14:27 +02:00
Pieter Hintjens
bd4a76cc2a Problem: GSSAPI server doesn't parse ZAP user id
Solution: add this to ZAP reply processing.
2014-05-02 23:12:53 +02:00
Pieter Hintjens
84ed81c014 Added test_metadata
- also prioritize ZAP metadata over ZMTP metadata in case application
  uses same names.
2014-05-02 22:21:50 +02:00
Pieter Hintjens
ded00177b3 Revert "Add code to investigate data race"
This reverts commit 5e0facda17b986943f0fe40a2dc6c98611655c35.
2014-05-02 16:50:16 +02:00
Pieter Hintjens
0bc669b106 Merge pull request #1000 from daveab/feature/divide_by_zero_investigation
Feature/divide by zero investigation
2014-05-02 16:31:48 +02:00
dave b
5e0facda17 Add code to investigate data race
Provides control of race windows and logging for some of the interesting transitions.
2014-05-02 14:27:33 +01:00
Martin Hurton
8d82cc2a0b Include ZMTP properties in message metadata
Metadata are built in stream_engine now.
This makes it easy to extend metadata with user-defined properties.
2014-05-02 12:45:14 +02:00
Martin Hurton
e95b477a87 Don't add empty metadata to received messages 2014-05-02 09:02:41 +02:00
Frank
e5a294ec02 tweetnacl integration 2014-05-01 21:30:02 +02:00
Martin Hurton
b9c2748146 Add metadata to received messages 2014-05-01 17:30:51 +02:00
Stoian Ivanov
fe3e8c5c70 linking fd to pipe identity via socket option 2014-04-30 16:34:55 +03:00
Pieter Hintjens
408dea796f Merge pull request #993 from klnikita/src_addr_connect
Allow to set up a source address and port for outgoing tcp connections in zmq_connect
2014-04-30 14:57:08 +02:00
nikita kozlov
acb6807041 Allow to set up a source address and port for outgoing tcp connections in zmq_connect()
Few examples:
tcp:://192.168.0.4:55555;192.168.0.254:1234
tcp:://192.168.0.4:0;192.168.0.254:1234
tcp:://eth2:55555;192.168.0.254:1234
2014-04-30 14:43:37 +02:00
Martin Hurton
19c62b93fc Define i_properties interface
- copy and move message operations are updated to maintain proper
  reference count of properties object
- zmq_msg_gets updated to use i_properties interface to fetch property
  value
- setter/getter added to msg_t class
2014-04-30 14:20:29 +02:00
Martin Hurton
f81a1304ff Update function prototype for zmq_msg_gets ()
Added modifiers reflect the following properties:
- zmq_msg_gets () does not mutate property parameter
- zmq_msg_gets () returns a pointer to memory the caller should not
  modify
2014-04-30 13:27:06 +02:00
Martin Hurton
724b2bb844 Add pointer to properties into message structure 2014-04-29 22:37:31 +02:00
Pieter Hintjens
39ccfea036 Added more scaffolding for security
- additional messages to help people debugging security errors
2014-04-29 22:21:58 +02:00
Pieter Hintjens
9753de8566 Problem: zmq_socket_monitor code is dirty
Specifically:

* zmq_event_t should not be used internally in libzmq, it was
  meant to be an outward facing structure.

* In 4.x, zmq_event_t does not correspond to monitor events, so
  I removed the structure entirely.

* man page for zmq_socket_monitor is incomplete and the example
  code was particularly nasty.

* test_monitor.cpp needed rewriting, it was not clean.
2014-04-28 11:30:49 +02:00
Richard Newton
bbaa85e7dd Fix windows non-unicode build 2014-04-27 13:29:20 +01:00
evoskuil
ca29709f38 Change TCHAR to Unicode, use safe swprintf to remove warning. 2014-04-25 00:43:47 -07:00
Chris Laws
7abf2564f8 fixes for gssapi build issue 2014-04-25 13:48:39 +09:30
Chris Laws
09647fa916 src/gssapi_client.cpp 2014-04-25 13:47:07 +09:30
Chris Busbey
d1334d9df8 using latest copyright header 2014-04-24 14:39:29 -07:00
Chris Busbey
634c8abe29 encrypt option on gss ready 2014-04-24 14:21:33 -07:00
Chris Busbey
27591d2da6 ZMQ_GSSAPI_PLAINTEXT option for disabling encryption 2014-04-24 14:21:33 -07:00
Chris Busbey
18da8a7402 encode and decode ready message 2014-04-24 14:20:54 -07:00
Chris Busbey
2e1645a519 principle->principal 2014-04-24 14:20:53 -07:00
Chris Busbey
87834dd63f fixed up comments from pr 2014-04-24 14:18:58 -07:00
Chris Busbey
5441db3d7d configurable principle and service principle (for client) 2014-04-24 14:18:58 -07:00
Chris Busbey
4e6880ec95 gss mech sends principle as part of zap request 2014-04-24 14:17:36 -07:00
Chris Busbey
be62be0fa4 gss encode/decode 'more' flag 2014-04-24 14:17:36 -07:00
Chris Busbey
778c72b9ed :fixed client state transition bug 2014-04-24 14:17:36 -07:00
Chris Busbey
04db842dcc added ready for meta data exchange at end of gss handshake 2014-04-24 14:17:36 -07:00
Mike Gatny
761508bf4b Added comments to methods. 2014-04-24 14:17:36 -07:00
Mike Gatny
3c414c4aac GSSAPI mechanism now fully working with encryption 2014-04-24 14:17:36 -07:00
Mike Gatny
eb2862525b Methods to send/recv gssapi-wrapped messages 2014-04-24 14:17:36 -07:00
Mike Gatny
1445516c41 Establishing GSSAPI sec context is working now 2014-04-24 14:17:36 -07:00
Mike Gatny
6290ba168f Added gss produce/process routines.
For exchanging tokens.
2014-04-24 14:17:05 -07:00
Mike Gatny
c00b8c347b Refactored common impl into gssapi_mechanism_base.
E.g., both client and server need to produce and process GSSAPI tokens.
2014-04-24 14:17:05 -07:00
Mike Gatny
a4a0dc6644 Split up gssapi mechanism into client and server. 2014-04-24 14:17:05 -07:00
Mike Gatny
abcb224318 stubbed in TOKEN command 2014-04-24 14:17:05 -07:00
Mike Gatny
4b1c851db4 Stubbed in gssapi security mechanism. 2014-04-24 14:17:05 -07:00
Maarten Ditzel
802d1bcb03 Fix issue #971 2014-04-14 13:56:01 +02:00