Another take on LIBZMQ-568 to allow filtering IPC connections, this time
using ZAP. This change is backward compatible. If the
ZMQ_ZAP_IPC_CREDS option is set, the user, group, and process IDs of the
peer process are appended to the address (separated by colons) of a ZAP
request; otherwise, nothing changes. See LIBZMQ-568 and zmq_setsockopt
documentation for more information.
Adds sets of process (Linux only), user, and group IDs for filtering
connections from peer processes over IPC transport. If all of the
filter sets are empty, every connection is accepted. Otherwise,
credentials for a connecting process are checked against the filter sets
and the connection is only accepted if a match is found.
This commit is part of LIBZMQ-568 and only adds the filter sets and
implements the filter in the IPC accept method. The interface for
adding IDs to filter sets are included in a separate commit.
IPC accept filtering is supported only on Linux and OS X.
By default, TIPC uses a closest first approach to find
a publication that can satisfy your connection request.
Any publication on the local node will automatically
be chosen for all requests, even if you're trying to
spread it out over multiple machines.
We fix this by widening the default lookup scope.
Signed-off-by: Erik Hugne <erik.hugne@ericsson.com>
As TIPC transport for 0MQ will only work on post 3.8
Linux kernels where nonblocking connect was added,
we add AC_RUN test to check for this functionality.
Should the test fail, tipc is excluded from build/test.
Signed-off-by: Erik Hugne <erik.hugne@ericsson.com>
A ZeroMQ application can opt for TIPC based sockets
using the TIPC port name format:
zmq_bind(sb, "tipc://{type,lower,upper}");
zmq_connect(sc, "tipc://{type,inst}");
'type' is the service ID, and 'lower/upper' can be
used for service partitioning or basic load
balancing.
ZeroMQ TIPC transport requires a kernel >= 3.8
(nonblocking connect support for TIPC).
Signed-off-by: Erik Hugne <erik.hugne@ericsson.com>
- removed unnecessary malloc
- spaces, not tabs to indent
- renamed control states to be more logical
- renamed SUSPEND to PAUSE, feels more accurate
- fixed indentation, which was off in places
Abstract socket pathnames must have a NULL character in the first
position, but the second character must also be checked to differentiate
an abstract name from the empty string. The address length must also
indicate the length of the pathname because the kernel uses the entire
address as the name, including NULL characters. ZMQ uses
NULL-terminated strings for the address, so the abstract address length
is the length of the string following the initial NULL byte plus 3; two
bytes for the address family and one for the initial NULL character.
Converts an initial strudel or "at sign" (@) in the Unix socket path to
a NULL character ('\0') indicating that the socket uses the abstract
namespace instead of the filesystem namespace. For instance, binding a
socket to 'ipc://@/tmp/tester' will not create a file associated with
the socket whereas binding to 'ipc:///tmp/tester' will create the file
/tmp/tester. See issue 567 for more information.
* The INITIATE command vouch box is Box[C',S](C->S') instead of Box[C'](C->S),
as recommended by https://codesinchaos.wordpress.com/2012/09/09/curvecp-1/,
to reduce the risk of client impersonation.
* Mirrors the change in libcurve and CurveZMQ specifications.
* ZMQ_REQ_STRICT was negative option (default 1) which goes against
the standard, where defaults are zero. I renamed this to
ZMQ_REQ_RELAXED.
* ZMQ_REQ_REQUEST_IDS felt clumsy and describes the technical solution
rather than the problem/requirement. I changed to ZMQ_REQ_CORRELATE
which seems more explicit.
* Removed redundant Z85 code and include files from project
* Simplified use of headers in test cases (now they all just use testutil.hpp)
* Export zmq_z85_encode() and zmq_z85_decode() in API
* Added man pages for these two functions
On ZMQ_CURVE_xxxKEY fetches, would return 41 bytes into caller's 40-byte
buffer. Now these fetches only return 41 bytes if the caller explicitly
provides a 41-byte buffer (i.e. the option size is 41).
* This is passed to the ZAP handler in the 'domain' field
* If not set, or empty, then NULL security does not call the ZAP handler
* This resolves the phantom ZAP request syndrome seen with sockets where
security was never intended (e.g. in test cases)
* This means if you install a ZAP handler, it will not get any requests
for new connections until you take some explicit action, which can be
setting a username/password for PLAIN, a key for CURVE, or the domain
for NULL.
* Command names changed from null terminated to length-specified
* Command frames use the correct flag (bit 2)
* test_stream acts as test case for command frames
* Some code cleanups
- if ZAP server returns anything except 200, connection is closed
- all security tests now pass correctly
- test_security_curve now does proper client key authentication using test key
- test_security_plain now does proper password authentication
- Split off NULL security check from PLAIN
- Cleaned up test_linger code a little
- Got all tests to pass, added TODOs for outstanding issues
- Added ZAP authentication for NULL test case
- NULL mechanism was not passing server identity - fixed
- cleaned up test_security_plain and removed option double-checks (made code ugly)
- lowered timeout on expect_bounce_fail to 150 msec to speed up checks
- removed all sleeps from test_fork and simplified code (it still passes :-)
