generic-library/libzmq
1
0
Fork 0
mirror of https://github.com/zeromq/libzmq.git synced 2025-10-24 17:30:47 +02:00
Code Issues Projects Releases Wiki Activity

Updated security mechanisms to use variable-length commands

Browse Source 
RFC23, RFC24, RFC26 now use variable-length command names that
end in null octet (valid C strings) instead of fixed-length
space padded strings.
This commit is contained in:
Pieter Hintjens
2013-06-28 11:42:54 +02:00
parent dd14d4e01b
commit 7832addd20
11 changed files with 150 additions and 239 deletions
Download Patch File Download Diff File Expand all files Collapse all files

122
tests/test_security.cpp
View File

@@ -19,106 +19,44 @@
#include <pthread.h>
#include <string.h>
#include <stdlib.h>
#include "testutil.hpp"
static void *
zap_handler (void *zap)
{
int rc, more;
size_t optlen;
zmq_msg_t version, seqno, domain, mechanism, username, password;
zmq_msg_t status_code, status_text, user_id;
// Version
rc = zmq_msg_init (&version);
assert (rc == 0);
rc = zmq_msg_recv (&version, zap, 0);
assert (rc == 3 && memcmp (zmq_msg_data (&version), "1.0", 3) == 0);
optlen = sizeof more;
rc = zmq_getsockopt (zap, ZMQ_RCVMORE, &more, &optlen);
assert (rc == 0 && more == 1);
// Sequence number
rc = zmq_msg_init (&seqno);
assert (rc == 0);
rc = zmq_msg_recv (&seqno, zap, 0);
assert (rc != -1);
optlen = sizeof more;
rc = zmq_getsockopt (zap, ZMQ_RCVMORE, &more, &optlen);
assert (rc == 0 && more == 1);
// Domain
rc = zmq_msg_init (&domain);
assert (rc == 0);
rc = zmq_msg_recv (&domain, zap, 0);
assert (rc != -1);
optlen = sizeof more;
rc = zmq_getsockopt (zap, ZMQ_RCVMORE, &more, &optlen);
assert (rc == 0 && more == 1);
// Mechanism
rc = zmq_msg_init (&mechanism);
assert (rc == 0);
rc = zmq_msg_recv (&mechanism, zap, 0);
assert (rc == 5 && memcmp (zmq_msg_data (&mechanism), "PLAIN", 5) == 0);
optlen = sizeof more;
rc = zmq_getsockopt (zap, ZMQ_RCVMORE, &more, &optlen);
assert (rc == 0 && more == 1);
// Username
rc = zmq_msg_init (&username);
assert (rc == 0);
rc = zmq_msg_recv (&username, zap, 0);
bool username_ok = (rc == 5 && memcmp (zmq_msg_data (&username), "admin", 5) == 0);
optlen = sizeof more;
rc = zmq_getsockopt (zap, ZMQ_RCVMORE, &more, &optlen);
assert (rc == 0 && more == 1);
char *version = s_recv (zap);
char *sequence = s_recv (zap);
char *domain = s_recv (zap);
char *mechanism = s_recv (zap);
char *username = s_recv (zap);
char *password = s_recv (zap);
// Password
rc = zmq_msg_init (&password);
assert (rc == 0);
rc = zmq_msg_recv (&password, zap, 0);
optlen = sizeof more;
rc = zmq_getsockopt (zap, ZMQ_RCVMORE, &more, &optlen);
assert (rc == 0 && more == 0);
assert (streq (version, "1.0"));
assert (streq (mechanism, "PLAIN"));
s_sendmore (zap, version);
s_sendmore (zap, sequence);
if (streq (username, "admin")
&& streq (password, "password")) {
s_sendmore (zap, "200");
s_sendmore (zap, "OK");
s_send (zap, "anonymous");
}
else {
s_sendmore (zap, "400");
s_sendmore (zap, "Invalid username or password");
s_send (zap, "");
}
bool password_ok = (rc == 8 && memcmp (zmq_msg_data (&password), "password", 8) == 0);
rc = zmq_msg_send (&version, zap, ZMQ_SNDMORE);
assert (rc == 3);
rc = zmq_msg_send (&seqno, zap, ZMQ_SNDMORE);
assert (rc != -1);
rc = zmq_msg_init_size (&status_code, 3);
assert (rc == 0);
memcpy (zmq_msg_data (&status_code), username_ok && password_ok? "200": "400", 3);
rc = zmq_msg_send (&status_code, zap, ZMQ_SNDMORE);
assert (rc == 3);
rc = zmq_msg_init (&status_text);
assert (rc == 0);
rc = zmq_msg_send (&status_text, zap, ZMQ_SNDMORE);
assert (rc == 0);
rc = zmq_msg_init (&user_id);
assert (rc == 0);
rc = zmq_msg_send (&user_id, zap, 0);
assert (rc == 0);
rc = zmq_msg_close (&domain);
assert (rc == 0);
rc = zmq_msg_close (&mechanism);
assert (rc == 0);
rc = zmq_msg_close (&username);
assert (rc == 0);
rc = zmq_msg_close (&password);
assert (rc == 0);
free (version);
free (sequence);
free (domain);
free (mechanism);
free (username);
free (password);
rc = zmq_close (zap);
int rc = zmq_close (zap);
assert (rc == 0);
return NULL;