Another take on LIBZMQ-568 to allow filtering IPC connections, this time
using ZAP. This change is backward compatible. If the
ZMQ_ZAP_IPC_CREDS option is set, the user, group, and process IDs of the
peer process are appended to the address (separated by colons) of a ZAP
request; otherwise, nothing changes. See LIBZMQ-568 and zmq_setsockopt
documentation for more information.
Adds sets of process (Linux only), user, and group IDs for filtering
connections from peer processes over IPC transport. If all of the
filter sets are empty, every connection is accepted. Otherwise,
credentials for a connecting process are checked against the filter sets
and the connection is only accepted if a match is found.
This commit is part of LIBZMQ-568 and only adds the filter sets and
implements the filter in the IPC accept method. The interface for
adding IDs to filter sets are included in a separate commit.
IPC accept filtering is supported only on Linux and OS X.
By default, TIPC uses a closest first approach to find
a publication that can satisfy your connection request.
Any publication on the local node will automatically
be chosen for all requests, even if you're trying to
spread it out over multiple machines.
We fix this by widening the default lookup scope.
Signed-off-by: Erik Hugne <erik.hugne@ericsson.com>
As TIPC transport for 0MQ will only work on post 3.8
Linux kernels where nonblocking connect was added,
we add AC_RUN test to check for this functionality.
Should the test fail, tipc is excluded from build/test.
Signed-off-by: Erik Hugne <erik.hugne@ericsson.com>
A ZeroMQ application can opt for TIPC based sockets
using the TIPC port name format:
zmq_bind(sb, "tipc://{type,lower,upper}");
zmq_connect(sc, "tipc://{type,inst}");
'type' is the service ID, and 'lower/upper' can be
used for service partitioning or basic load
balancing.
ZeroMQ TIPC transport requires a kernel >= 3.8
(nonblocking connect support for TIPC).
Signed-off-by: Erik Hugne <erik.hugne@ericsson.com>
