Added ZMQ_ZAP_DOMAIN socket option

* This is passed to the ZAP handler in the 'domain' field * If not set, or empty, then NULL security does not call the ZAP handler * This resolves the phantom ZAP request syndrome seen with sockets where security was never intended (e.g. in test cases) * This means if you install a ZAP handler, it will not get any requests for new connections until you take some explicit action, which can be setting a username/password for PLAIN, a key for CURVE, or the domain for NULL.
2025-10-30 21:50:49 +01:00 · 2013-09-09 20:40:34 +02:00
parent c45d91a106
commit 6725c4644f
11 changed files with 171 additions and 112 deletions
--- a/src/options.cpp
+++ b/src/options.cpp
@@ -62,7 +62,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
 {
    bool is_int = (optvallen_ == sizeof (int));
    int value = is_int? *((int *) optval_): 0;
-    
+
    switch (option_) {
        case ZMQ_SNDHWM:
            if (is_int && value >= 0) {
@@ -70,7 +70,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
                return 0;
            }
            break;
-        
+
        case ZMQ_RCVHWM:
            if (is_int && value >= 0) {
                rcvhwm = value;
@@ -224,7 +224,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
                return 0;
            }
            break;
-            
+
        case ZMQ_IMMEDIATE:
            if (is_int && (value == 0 || value == 1)) {
                immediate = value;
@@ -248,7 +248,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
                }
            }
            break;
-            
+
        case ZMQ_PLAIN_SERVER:
            if (is_int && (value == 0 || value == 1)) {
                as_server = value;
@@ -256,7 +256,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
                return 0;
            }
            break;
-            
+
        case ZMQ_PLAIN_USERNAME:
            if (optvallen_ == 0 && optval_ == NULL) {
                mechanism = ZMQ_NULL;
@@ -270,7 +270,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
                return 0;
            }
            break;
-            
+
        case ZMQ_PLAIN_PASSWORD:
            if (optvallen_ == 0 && optval_ == NULL) {
                mechanism = ZMQ_NULL;
@@ -284,7 +284,14 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
                return 0;
            }
            break;
-        
+
+        case ZMQ_ZAP_DOMAIN:
+            if (optvallen_ >= 0 && optvallen_ < 256) {
+                zap_domain.assign ((const char *) optval_, optvallen_);
+                return 0;
+            }
+            break;
+
        //  If libsodium isn't installed, these options provoke EINVAL
 #       ifdef HAVE_LIBSODIUM
        case ZMQ_CURVE_SERVER:
@@ -294,7 +301,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
                return 0;
            }
            break;
-            
+
        case ZMQ_CURVE_PUBLICKEY:
            if (optvallen_ == CURVE_KEYSIZE) {
                memcpy (curve_public_key, optval_, CURVE_KEYSIZE);
@@ -308,7 +315,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
                return 0;
            }
            break;
-            
+
        case ZMQ_CURVE_SECRETKEY:
            if (optvallen_ == CURVE_KEYSIZE) {
                memcpy (curve_secret_key, optval_, CURVE_KEYSIZE);
@@ -322,7 +329,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
                return 0;
            }
            break;
-            
+
        case ZMQ_CURVE_SERVERKEY:
            if (optvallen_ == CURVE_KEYSIZE) {
                memcpy (curve_server_key, optval_, CURVE_KEYSIZE);
@@ -358,7 +365,7 @@ int zmq::options_t::getsockopt (int option_, void *optval_, size_t *optvallen_)
 {
    bool is_int = (*optvallen_ == sizeof (int));
    int *value = (int *) optval_;
-    
+
    switch (option_) {
        case ZMQ_SNDHWM:
            if (is_int) {
@@ -487,7 +494,7 @@ int zmq::options_t::getsockopt (int option_, void *optval_, size_t *optvallen_)
                return 0;
            }
            break;
-            
+
        case ZMQ_IPV6:
            if (is_int) {
                *value = ipv6;
@@ -536,14 +543,14 @@ int zmq::options_t::getsockopt (int option_, void *optval_, size_t *optvallen_)
                return 0;
            }
            break;
-        
+
        case ZMQ_PLAIN_SERVER:
            if (is_int) {
                *value = as_server && mechanism == ZMQ_PLAIN;
                return 0;
            }
            break;
-            
+
        case ZMQ_PLAIN_USERNAME:
            if (*optvallen_ >= plain_username.size () + 1) {
                memcpy (optval_, plain_username.c_str (), plain_username.size () + 1);
@@ -551,7 +558,7 @@ int zmq::options_t::getsockopt (int option_, void *optval_, size_t *optvallen_)
                return 0;
            }
            break;
-                
+
        case ZMQ_PLAIN_PASSWORD:
            if (*optvallen_ >= plain_password.size () + 1) {
                memcpy (optval_, plain_password.c_str (), plain_password.size () + 1);
@@ -559,7 +566,15 @@ int zmq::options_t::getsockopt (int option_, void *optval_, size_t *optvallen_)
                return 0;
            }
            break;
-            
+
+        case ZMQ_ZAP_DOMAIN:
+            if (*optvallen_ >= zap_domain.size () + 1) {
+                memcpy (optval_, zap_domain.c_str (), zap_domain.size () + 1);
+                *optvallen_ = zap_domain.size () + 1;
+                return 0;
+            }
+            break;
+
        //  If libsodium isn't installed, these options provoke EINVAL
 #       ifdef HAVE_LIBSODIUM
        case ZMQ_CURVE_SERVER:
@@ -568,7 +583,7 @@ int zmq::options_t::getsockopt (int option_, void *optval_, size_t *optvallen_)
                return 0;
            }
            break;
-            
+
        case ZMQ_CURVE_PUBLICKEY:
            if (*optvallen_ == CURVE_KEYSIZE) {
                memcpy (optval_, curve_public_key, CURVE_KEYSIZE);
@@ -580,7 +595,7 @@ int zmq::options_t::getsockopt (int option_, void *optval_, size_t *optvallen_)
                return 0;
            }
            break;
-            
+
        case ZMQ_CURVE_SECRETKEY:
            if (*optvallen_ == CURVE_KEYSIZE) {
                memcpy (optval_, curve_secret_key, CURVE_KEYSIZE);
@@ -592,7 +607,7 @@ int zmq::options_t::getsockopt (int option_, void *optval_, size_t *optvallen_)
                return 0;
            }
            break;
-            
+
        case ZMQ_CURVE_SERVERKEY:
            if (*optvallen_ == CURVE_KEYSIZE) {
                memcpy (optval_, curve_server_key, CURVE_KEYSIZE);