Adds sets of process (Linux only), user, and group IDs for filtering
connections from peer processes over IPC transport. If all of the
filter sets are empty, every connection is accepted. Otherwise,
credentials for a connecting process are checked against the filter sets
and the connection is only accepted if a match is found.
This commit is part of LIBZMQ-568 and only adds the filter sets and
implements the filter in the IPC accept method. The interface for
adding IDs to filter sets are included in a separate commit.
IPC accept filtering is supported only on Linux and OS X.
- we need to switch to PLAIN according to options.mechanism
- we need to catch case when both peers are as-server (or neither is)
- and to use username/password from options, for client
This implements protocol handshake.
We still need to design and implement 1) API changes so a user
can set username and password, and 2) a mechanism for engine
to authenticate users.
Copyrights had become ads for Sustrik's corporate sponsors, going against the original
agreement to share copyrights with the community (that agreement was: one line stating
iMatix copyright + one reference to AUTHORS file). The proliferation of corporate ads
is also unfair to the many individual authors. I've removed ALL corporate title from
the source files so the copyright statements can now be centralized in AUTHORS and
source files can be properly updated on an annual basis.
When closing an ipc listener, the library may try to unlink
the associated file. When this fails, the underlying
socket is not marked as retired and this triggers
assertion failure.
Fixes issue #397
This also fixes a bug in tcp_connecter and tcp_listener, which
generated the event not when they failed to close the socket but
when the succeed to close it.
Once the object has been terminated, it is unsafe for this object
to refer to its parent.
The bug was responsible for occasional
test_shutdown_stress failures.
The socket length variable for getsockname and accept must be an
(int *) instead of a (socklen_t *) on HPUX.
Signed-off-by: AJ Lewis <aj.lewis@quantum.com>
1. when we call zmq_bind()/zmq_connect() to create endpoint
we send ourselfs(through launch_child()) command to process_own(endpoint)
(and add it to own_t::owned)
in the application thread we could call zmq_unbind() / zmq_disconnect() _BEFORE_
we run process_own() in ZMQ thread and in this situation we will be unable to find it in
own_t::owned. in other words own_t::owned.find(endpoint) will not be deleted but it will be deleted from
socket_base_t::endpoints.
2. when you zmq_unbind() the lisnening TCP/IPC socket was terminated only in destructor...
so the whole ZMQ_LINGER time listening TCP/IPC socket was able to accept() new connections
but unable to handle them.
this all geting even worse since unfortunately zmq has a bug and '*_listener_t' object not terminated
untill the socket's zmq_close().
AT LEAST FOR PUSH SOCKETS.
Everything is ok for SUB sockets.
Easy to reproduce without my fix:
zmq_socket(PUSH)
zmq_bind(tcp);
// connect to it from PULL socket
zmq_unbind(tcp);
sleep(forever)
// netstat -anp | grep 'tcp listening socket'
With my fix you could see that after zmq_unbind(tcp) all previously connected tcp sessions
will not be finished untill the zmq_close(socket) regardless of ZMQ_LINGER value.
(*_listener_t terminates all owned session_base_t(connect=false) and they call pipe_t::terminate()
which in turn should call session_base_t::terminated() but this never happens)
This allows us to actually report an error to the caller on resolve
failure, rather than asserting later on in the io thread.
Signed-off-by: Staffan Gimåker <staffan@spotify.com>
This is a preliminary patch allowing for socket-type-specific
functionality in the I/O thread. For example, message format
can be checked asynchronously and misbehaved connections dropped
straight away.
Signed-off-by: Martin Sustrik <sustrik@250bpm.com>
When exec is executed to start a different process image old
0MQ file descriptors could stay open, thus blocking TCP ports
and alike. This patch should solve the problem.
Signed-off-by: Martin Sustrik <sustrik@250bpm.com>
The engine was not used exclusively for TCP connections.
Rather it was used to handle any socket with SOCK_STREAM
semantics. The class was renamed to reflect its true function.
Signed-off-by: Martin Sustrik <sustrik@250bpm.com>