0
0
mirror of https://github.com/zeromq/libzmq.git synced 2024-12-31 01:43:02 +08:00

5871 Commits

Author SHA1 Message Date
Luca Boccassi
9387897674 Problem: multi-part able sockets deprecated in favour of non-multi-part
Solution: as discussed, remove the deprecation notices, as many users
expressed the need for multi-part support.
Fixes #2699
2017-08-19 11:23:18 +01:00
Luca Boccassi
5b1c0cd0ac Problem: test_security_gssapi fails to build
Solution: monitor new events only if DRAFT APIs are enabled, and
convert to new event types. Same for DRAFT socket options.
2017-08-18 16:56:36 +01:00
Luca Boccassi
330856daec Problem: double definition in test_security_gssapi
Solution: remove the second one to fix build failure
2017-08-18 16:28:03 +01:00
Luca Boccassi
b7346f8e00 Problem: gssapi search in autoconf does not use pkgconfig
Solution: use it before falling back to headers checks
2017-08-18 16:24:53 +01:00
Luca Boccassi
7be3efc936 Problem: TODO in gssapi mechanism
Solution: remove it.
Looking at the code:

https://github.com/krb5/krb5/blob/master/src/lib/gssapi/mechglue/g_unseal.c#L55

gss_unwrap as the very first thing checks that plaintext is not a
null pointer, which in our case it's true given it's on the stack,
and then initialises its members to 0 length and null ptr.

https://github.com/krb5/krb5/blob/master/src/lib/gssapi/mechglue/g_rel_buffer.c#L36

So it should be safe to release it in all cases, and the release API
seems to check again if it's not a null pointer and then if the
members are 0 length and null pointer it's a no-op.
2017-08-18 15:58:35 +01:00
Luca Boccassi
77444e206c Problem: free on stack variable in GSSAPI mechanism
Solution: free wrapper.value instead of wrapper.
2017-08-18 15:57:51 +01:00
Doron Somech
80f4a87fb9 Merge pull request #2697 from bluca/vs2008
Problem: missing files from VS2008 solution
2017-08-18 16:49:20 +03:00
Luca Boccassi
f0554e7f16 Merge pull request #2696 from sigiesec/gssapi-dont-abort-on-bad-data
Problem: gssapi_mechanism_base_t aborts the application when it receives a message it cannot decode
2017-08-18 12:50:28 +01:00
Luca Boccassi
8ecfee475c Problem: missing files from VS2008 solution
Solution: generate list of sources and headers with:

 ls -1 src/*cpp | sort | sed 's|src/\(.*\)|      <File RelativePath="..\\..\\..\\..\\src\\\1" />|g'
 ls -1 src/*hpp | sort | sed 's|src/\(.*\)|      <File RelativePath="..\\..\\..\\..\\src\\\1" />|g'

and add them.
2017-08-18 12:45:12 +01:00
sigiesec
898691e2eb Problem: gssapi_mechanism_base_t aborts the application when it receives a message it cannot decode
Solution: emit an ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL event instead of using zmq_assert
2017-08-18 12:29:37 +02:00
Luca Boccassi
31c72e22ab Merge pull request #2695 from sigiesec/fine-grained-handshake-error-codes
Problem: Values in ZMQ_EVENT_HANDSHAKE_FAILED_* are not helpful
2017-08-18 11:21:48 +01:00
sigiesec
301f3c70c2 Problem: code duplication between curve_client_t and curve_server_t decode and encode
Solution: extracted common base class curve_mechanism_base_t
2017-08-18 11:34:22 +02:00
sigiesec
44f6aa3de6 Problem: gssapi_* do not emit ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL events
Solution: emit appropriate events
2017-08-18 10:30:48 +02:00
sigiesec
ca7eee357e Problem: no ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL events emitted in plain_client_t
Solution: emit events at appropriate places
2017-08-18 10:15:44 +02:00
sigiesec
c66ae4656f Problem: curve_client_t may emit misleading event on bad data processed by curve_client_t::decode
Solution: use check_basic_command_structure in curve_client_t::decode, also prepare other client mechanisms to use that method by rearranging inheritance hierarchy
2017-08-18 10:04:58 +02:00
sigiesec
bdd0f3b18b Problem: documentation on zmq_socket_monitor out-of-sync with current
state of ZMQ_EVENT_HANDSHAKE_FAILED_* events

Solution: update documentation
2017-08-18 09:35:13 +02:00
sigiesec
e22ca065d6 Problem: curve_client_t does not emit handshake failure events
Solution: add handshake failure events to curve_client_t
2017-08-18 09:18:06 +02:00
sigiesec
9bec68354c Problem: console output for NULL protocol errors
Solution: emit socket monitor events for NULL protocol errors (like CURVE)
2017-08-18 09:18:06 +02:00
sigiesec
11b3c93852 Problem: console output for PLAIN protocol errors
Solution: emit socket monitor events for PLAIN protocol errors (like CURVE)
2017-08-18 09:18:06 +02:00
sigiesec
e2d3ba9c62 Problem: classification ZMQ_HANDSHAKE_FAILED_* events is coarse-grained and partially misleading
Solution: redesign ZMQ_HANDSHAKE_FAILED_* events, introduce new class of ZMQ_HANDSHAKE_FAILED_AUTH events
2017-08-18 09:17:59 +02:00
Constantin Rack
f252f02b01 Merge pull request #2693 from bluca/verbose_check
Problem: coverage CI job does not print test errors
2017-08-17 18:53:53 +02:00
Luca Boccassi
9ac244a67c Problem: coverage CI job does not print test errors
Solution: run make check with VERBOSE=1
2017-08-17 17:20:56 +01:00
Luca Boccassi
2d2b51579b Merge pull request #2692 from minrk/utf8-groups
specify that groups shall be UTF8
2017-08-17 15:33:29 +01:00
Min RK
3130b913fc specify that groups shall be UTF8
group being a `char *` is logically a text type, which needs an encoding.

Declare in the API that groups shall be UTF8-encoded,
matching the `zmq_msg_gets` API, which is the other user-facing `char *` API,
which has the same definition.

This allows bindings to provide text-type APIs,
which they cannot do if arbitrary bytes are allowed
2017-08-17 16:12:53 +02:00
Luca Boccassi
1e393586c7 Merge pull request #2691 from sigiesec/relicense
Problem: no relicense agreement by sigiesec
2017-08-17 14:27:52 +01:00
sigiesec
fecbd42dbe Problem: no relicense agreement by sigiesec
Solution: added relicense agreement
2017-08-17 15:20:12 +02:00
Luca Boccassi
d52197d84f Merge pull request #2689 from sigiesec/remove-zap-client-duplication
Problem: ZAP client code duplicated across mechanisms with behaviour deviations
2017-08-17 13:24:36 +01:00
Jim Klimov
77aa5f4b3e Merge pull request #2688 from bluca/unwind_test_curve
Problem: missing flags break build of test_security_curve
2017-08-17 13:57:58 +02:00
sigiesec
f9985708b7 Problem: unreachable code in zap_client_t
Solution: replaced unreachable code by assertions and adapted uses
2017-08-17 12:54:05 +02:00
sigiesec
7f15e6c868 Problem: make-based builds broken
Solution: add testutil_security.hpp to Makefile.am
2017-08-17 12:34:49 +02:00
sigiesec
863a02b4a1 Problem: no ZAP tests for PLAIN mechanism
Solution: added ZAP tests for PLAIN
2017-08-17 12:22:26 +02:00
sigiesec
00816875b8 Problem: no ZAP tests for NULL mechanism
Solution: added ZAP tests for NULL
2017-08-17 12:11:14 +02:00
sigiesec
f107b53768 Problem: deviating behavior regarding monitoring events between mechanisms
Solution: move relevant behavior to zap_client_t
2017-08-17 12:10:00 +02:00
sigiesec
406af1ef67 Problem: ZAP tests are now generic but placed in test_security_curve.cpp
Solution: Move ZAP tests to own file test_security_zap.cpp, move common code to testutil_security.hpp
2017-08-17 11:45:18 +02:00
sigiesec
59d8060165 Problem: ZAP tests are only run with CURVE security
Solution: as a first step, parametrize mechanism configuration in CURVE tests
2017-08-17 11:10:11 +02:00
sigiesec
8dce0396fb Problem: inconsistent handling of ZAP replies
Solution: unification, pulled up common behaviour to zap_client_t/zap_client_common_handshake_t
2017-08-17 09:44:05 +02:00
sigiesec
8c58ef7f5c Problem: zap_msg_available duplicated between curve_server_t and plain_server_t (with deviating behaviour)
Solution: pull up into zap_client_common_handshake_t, along with handle_zap_status_code and error_detail/current_error_detail
2017-08-16 18:05:36 +02:00
sigiesec
314a3acfa9 Problem: status method duplicated between curve_server_t and plain_server_t
Solution: extract into new intermediate base class zap_client_common_handshake_t
2017-08-16 18:05:36 +02:00
sigiesec
ebba815a4d Problem: duplicate but equivalent state enums in curve_server_t and plain_server_t
Solution: pull state enum up to zap_client_t and unify names of enum values
2017-08-16 18:05:35 +02:00
sigiesec
414c6f45b8 Problem: receive_and_process_zap_reply is duplicated in all mechanisms
Solution: extract receive_and_process_zap_reply into zap_client_t and convert zap_client_t into base class of the server mechanism classes
2017-08-16 18:05:35 +02:00
sigiesec
d7a3778387 Problem: plain_server_t duplicates zap_client_t::send_zap_request
Solution: Use zap_client_t::send_zap_request
2017-08-16 18:05:35 +02:00
sigiesec
014b201d3e Problem: ZAP message without credentials is not terminated
Solution: Set more flag depending on presence of credentials
2017-08-16 18:05:35 +02:00
sigiesec
b324c66b6f Problem: null_mechanism duplicates zap_client_t::send_zap_request\nSolution: use zap_client_t::send_zap_request 2017-08-16 18:05:34 +02:00
sigiesec
f3884f3380 Problem: gssapi_server_t duplicates zap_client_t::send_zap_request
Solution: Use zap_client_t::send_zap_request
2017-08-16 18:04:31 +02:00
sigiesec
6e8a0b31be Problem: ZAP client code is duplicated in all mechanisms
Solution: created a zap_client_t class, extracted first function send_zap_request from curve_server_t
2017-08-16 18:04:30 +02:00
Luca Boccassi
97e532e7db Problem: missing flags break build of test_security_curve
Solution: add all the required compiler flags since the test includes
source code from the library directly
2017-08-16 15:19:09 +01:00
Luca Boccassi
e2df328d17 Merge pull request #2685 from minrk/uint32_t
add missing uint32_t typedef on msvc
2017-08-16 09:41:37 +01:00
Min RK
e0271087f0 add missing uint32_t typedef on msvc
uint32_t is used in the draft APIs
and undefined on MSC 1500
preventing compilation
2017-08-16 09:40:20 +02:00
Simon Giesecke
4a18f6204c Problem: Possible buffer overruns related to metadata in various mechanisms (#2683)
* Problem: no test case with CURVE encryption and large identity

Solution: added test case (currently crashing)

* Problem: possible buffer overflow in mechanism_t::add_property

Solution: add target buffer length parameter and check the buffer is sufficiently large

* Problem: test cases accidentally excluded from build

Solution: remove #if/#endif

* Problem: possible buffer overruns related to metadata at various locations

Solution: allocate buffer large enough for actual metadata, reduce code duplication

* Problem: syntax error related to pointer type conversion

Solution: change argument type of make_command_with_basic_properties to const char *

* Problem: large metadata may cause an assertion in produce_initiate

Solution: Allow metadata of arbitrary size in produce_initiate
2017-08-15 18:42:31 +01:00
Simon Giesecke
d5e4319edc [WIP, do not merge] Problem: insufficient tests for ZMTP-CURVE protocol errors (#2680)
* Extracted connect_vanilla_socket function

* Problem: no tests for ZMTP-CURVE protocol errors

Solution: added two test cases with erroneous HELLO commands

* Problem: insufficient tests for ZMTP-CURVE protocol errors

Solution: added two test cases with erroneous HELLO command version

* Problem: test HELLO message is invalid apart from deliberate errors

Solution: create cryptographically correct HELLO message
add tweetnacl.c to test_security_curve

* Problem: nonce is incorrect, build fails with GCC

Solution: use correct non prefix

* Problem: make builds are failing

Solution: transfer CMake changes to (auto)make files

* Problem: nonce is incorrect, build fails with GCC

Solution: use correct non prefix

* Problem: make builds are failing

Solution: transfer CMake changes to (auto)make files

* Problem: no test with INITIATE command with invalid length

Solution: added test case

* Problem: code duplication between test_security_curve.cpp and curve_client.cpp

Solution: extracted parts of zmq::curve_client_t::produce_hello into reusable function

* Problem: code duplication between test_security_curve.cpp and curve_client.cpp

Solution: extracted further parts of zmq::curve_client_t into reusable functions
added missing file

* Problem: mechanism_t::add_property can be declared static

Solution: declare mechanism_t::add_property static

* Problem: intermediate crypto data needs to be passed between static function calls to curve_client_tools_t

Solution: add non-static member functions

* Problem: msg_t instance may be closed twice

Solution: remove offending close

* Problem: prepare_hello uses static curve_client_tools_t::produce_hello

Solution: Use non-static curve_client_tools_t::produce_hello

* Problem: no test with invalid command name where INITIATE command is expected

Solution: added test case

* Problem: make builds are failing due to curve_client_tools.hpp not being found

Solution: add curve_client_tools.hpp to list of source files

* Problem: wrong initializer order in zmq::curve_client_t

Solution: reorder

* Problem: under non-Windows systems, test fails because random_open was not called

Solution: call random_open/random_close within test

* Problem: conflict between custom function htonll and macro definition on Darwin

Solution: define htonll function only if not defined as a macro

* Problem: nullptr not defined on all platforms

Solution: replace nullptr by NULL

* Problem: libsodium builds not working

Solution: adapt compile and link file sets for libsodium builds

* Problem: Makefile.am broken

Solution: Fix syntax

* Problem: no tests for garbage encrypted cookie or content in INITIATE

Solution: added test cases

* Problem: test cases accidentally excluded from build

Solution: remove #if/#endif

* Solution: some error cases are unreachable

Problem: for the time being, added some comments without changing the code

* Added comments on hard-to-test cases
2017-08-15 15:28:24 +01:00