mirror of
				https://github.com/zeromq/libzmq.git
				synced 2025-10-26 10:32:58 +01:00 
			
		
		
		
	reject old ZMTP connections if auth enabled
auth mechanisms were only enabled when ZMTP handshake is latest version, meaning that connections from old sockets would skip authentication altogether
This commit is contained in:
		| @@ -534,6 +534,12 @@ bool zmq::stream_engine_t::handshake () | ||||
|     //  Is the peer using ZMTP/1.0 with no revision number? | ||||
|     //  If so, we send and receive rest of identity message | ||||
|     if (greeting_recv [0] != 0xff || !(greeting_recv [9] & 0x01)) { | ||||
|         if (session->zap_connect () == 0) { | ||||
|            // reject ZMTP 1.0 connections if ZAP is enabled | ||||
|            error (protocol_error); | ||||
|            return false; | ||||
|         } | ||||
|  | ||||
|         encoder = new (std::nothrow) v1_encoder_t (out_batch_size); | ||||
|         alloc_assert (encoder); | ||||
|  | ||||
| @@ -575,6 +581,12 @@ bool zmq::stream_engine_t::handshake () | ||||
|     } | ||||
|     else | ||||
|     if (greeting_recv [revision_pos] == ZMTP_1_0) { | ||||
|         if (session->zap_connect () == 0) { | ||||
|            // reject ZMTP 1.0 connections if ZAP is enabled | ||||
|            error (protocol_error); | ||||
|            return false; | ||||
|         } | ||||
|  | ||||
|         encoder = new (std::nothrow) v1_encoder_t ( | ||||
|             out_batch_size); | ||||
|         alloc_assert (encoder); | ||||
| @@ -585,6 +597,12 @@ bool zmq::stream_engine_t::handshake () | ||||
|     } | ||||
|     else | ||||
|     if (greeting_recv [revision_pos] == ZMTP_2_0) { | ||||
|         if (session->zap_connect () == 0) { | ||||
|            // reject ZMTP 2.0 connections if ZAP is enabled | ||||
|            error (protocol_error); | ||||
|            return false; | ||||
|         } | ||||
|  | ||||
|         encoder = new (std::nothrow) v2_encoder_t (out_batch_size); | ||||
|         alloc_assert (encoder); | ||||
|  | ||||
|   | ||||
		Reference in New Issue
	
	Block a user
	 Min RK
					Min RK