generic-library/libzmq
1
0
Fork 0
mirror of https://github.com/zeromq/libzmq.git synced 2025-10-06 03:01:54 +02:00
Code Issues Projects Releases Wiki Activity

Problem: classification ZMQ_HANDSHAKE_FAILED_* events is coarse-grained and partially misleading

Browse Source 
Solution: redesign ZMQ_HANDSHAKE_FAILED_* events, introduce new class of ZMQ_HANDSHAKE_FAILED_AUTH events
This commit is contained in:
sigiesec
2017-08-17 17:54:07 +02:00
parent f252f02b01
commit e2d3ba9c62
13 changed files with 253 additions and 163 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
include/zmq.h
View File

@@ -568,11 +568,37 @@ ZMQ_EXPORT void zmq_threadclose (void* thread);
#define ZMQ_BINDTODEVICE 90 #define ZMQ_BINDTODEVICE 90
/* DRAFT 0MQ socket events and monitoring */ /* DRAFT 0MQ socket events and monitoring */
/* Unspecified system errors during handshake. Event value is an errno. */
#define ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL 0x0800 #define ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL 0x0800
/* Handshake complete successfully with successful authentication (if *
* enabled). Event value is unused. */
#define ZMQ_EVENT_HANDSHAKE_SUCCEEDED 0x1000 #define ZMQ_EVENT_HANDSHAKE_SUCCEEDED 0x1000
#define ZMQ_EVENT_HANDSHAKE_FAILED_ENCRYPTION 0x2000 /* Protocol errors between ZMTP peers or between server and ZAP handler. *
#define ZMQ_EVENT_HANDSHAKE_FAILED_ZMTP 0x4000 * Event value is one of ZMQ_PROTOCOL_ERROR_* */
#define ZMQ_EVENT_HANDSHAKE_FAILED_ZAP 0x8000 #define ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL 0x2000
/* Failed authentication requests. Event value is the numeric ZAP status *
* code, i.e. 300, 400 or 500. */
#define ZMQ_EVENT_HANDSHAKE_FAILED_AUTH 0x4000
#define ZMQ_PROTOCOL_ERROR_ZMTP_UNSPECIFIED 0x10000000
#define ZMQ_PROTOCOL_ERROR_ZMTP_UNEXPECTED_COMMAND 0x10000001
#define ZMQ_PROTOCOL_ERROR_ZMTP_INVALID_SEQUENCE 0x10000002
#define ZMQ_PROTOCOL_ERROR_ZMTP_KEY_EXCHANGE 0x10000003
#define ZMQ_PROTOCOL_ERROR_ZMTP_MALFORMED_COMMAND_UNSPECIFIED 0x10000011
#define ZMQ_PROTOCOL_ERROR_ZMTP_MALFORMED_COMMAND_MESSAGE 0x10000012
#define ZMQ_PROTOCOL_ERROR_ZMTP_MALFORMED_COMMAND_HELLO 0x10000013
#define ZMQ_PROTOCOL_ERROR_ZMTP_MALFORMED_COMMAND_INITIATE 0x10000014
// the following two may be due to erroneous configuration of a peer
#define ZMQ_PROTOCOL_ERROR_ZMTP_CRYPTOGRAPHIC 0x11000001
#define ZMQ_PROTOCOL_ERROR_ZMTP_MECHANISM_MISMATCH 0x11000002
#define ZMQ_PROTOCOL_ERROR_ZAP_UNSPECIFIED 0x20000000
#define ZMQ_PROTOCOL_ERROR_ZAP_MALFORMED_REPLY 0x20000001
#define ZMQ_PROTOCOL_ERROR_ZAP_BAD_REQUEST_ID 0x20000002
#define ZMQ_PROTOCOL_ERROR_ZAP_BAD_VERSION 0x20000003
#define ZMQ_PROTOCOL_ERROR_ZAP_INVALID_STATUS_CODE 0x20000004
#define ZMQ_PROTOCOL_ERROR_ZAP_INVALID_METADATA 0x20000005
/* DRAFT Context options */ /* DRAFT Context options */
#define ZMQ_MSG_T_SIZE 6 #define ZMQ_MSG_T_SIZE 6

111
src/curve_server.cpp
View File

@@ -107,7 +107,8 @@ int zmq::curve_server_t::process_handshake_command (msg_t *msg_)
// Therefore, it should be changed to zmq_assert (false); // Therefore, it should be changed to zmq_assert (false);
// CURVE I: invalid handshake command // CURVE I: invalid handshake command
current_error_detail = zmtp; session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZMTP_UNSPECIFIED);
errno = EPROTO; errno = EPROTO;
rc = -1; rc = -1;
break; break;
@@ -177,17 +178,22 @@ int zmq::curve_server_t::decode (msg_t *msg_)
{ {
zmq_assert (state == ready); zmq_assert (state == ready);
if (msg_->size () < 33) { int rc = check_basic_command_structure (msg_);
// CURVE I : invalid CURVE client, sent malformed command if (rc == -1)
current_error_detail = zmtp; return -1;
const uint8_t *message = static_cast <uint8_t *> (msg_->data ());
if (memcmp (message, "\x07MESSAGE", 8)) {
session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZMTP_UNEXPECTED_COMMAND);
errno = EPROTO; errno = EPROTO;
return -1; return -1;
} }
const uint8_t *message = static_cast <uint8_t *> (msg_->data ()); if (msg_->size () < 33) {
if (memcmp (message, "\x07MESSAGE", 8)) { session->get_socket ()->event_handshake_failed_protocol (
// CURVE I: invalid CURVE client, did not send MESSAGE session->get_endpoint (),
current_error_detail = zmtp; ZMQ_PROTOCOL_ERROR_ZMTP_MALFORMED_COMMAND_MESSAGE);
errno = EPROTO; errno = EPROTO;
return -1; return -1;
} }
@@ -197,6 +203,8 @@ int zmq::curve_server_t::decode (msg_t *msg_)
memcpy (message_nonce + 16, message + 8, 8); memcpy (message_nonce + 16, message + 8, 8);
uint64_t nonce = get_uint64(message + 8); uint64_t nonce = get_uint64(message + 8);
if (nonce <= cn_peer_nonce) { if (nonce <= cn_peer_nonce) {
session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZMTP_INVALID_SEQUENCE);
errno = EPROTO; errno = EPROTO;
return -1; return -1;
} }
@@ -214,8 +222,8 @@ int zmq::curve_server_t::decode (msg_t *msg_)
memcpy (message_box + crypto_box_BOXZEROBYTES, memcpy (message_box + crypto_box_BOXZEROBYTES,
message + 16, msg_->size () - 16); message + 16, msg_->size () - 16);
int rc = crypto_box_open_afternm (message_plaintext, message_box, rc = crypto_box_open_afternm (message_plaintext, message_box, clen,
clen, message_nonce, cn_precom); message_nonce, cn_precom);
if (rc == 0) { if (rc == 0) {
rc = msg_->close (); rc = msg_->close ();
zmq_assert (rc == 0); zmq_assert (rc == 0);
@@ -235,7 +243,8 @@ int zmq::curve_server_t::decode (msg_t *msg_)
} }
else { else {
// CURVE I : connection key used for MESSAGE is wrong // CURVE I : connection key used for MESSAGE is wrong
current_error_detail = encryption; session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZMTP_CRYPTOGRAPHIC);
errno = EPROTO; errno = EPROTO;
} }
free (message_plaintext); free (message_plaintext);
@@ -246,17 +255,21 @@ int zmq::curve_server_t::decode (msg_t *msg_)
int zmq::curve_server_t::process_hello (msg_t *msg_) int zmq::curve_server_t::process_hello (msg_t *msg_)
{ {
if (msg_->size () != 200) { int rc = check_basic_command_structure (msg_);
// CURVE I: client HELLO is not correct size if (rc == -1)
current_error_detail = zmtp; return -1;
const uint8_t * const hello = static_cast <uint8_t *> (msg_->data ());
if (memcmp (hello, "\x05HELLO", 6)) {
session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZMTP_UNEXPECTED_COMMAND);
errno = EPROTO; errno = EPROTO;
return -1; return -1;
} }
const uint8_t * const hello = static_cast <uint8_t *> (msg_->data ()); if (msg_->size () != 200) {
if (memcmp (hello, "\x05HELLO", 6)) { session->get_socket ()->event_handshake_failed_protocol (
// CURVE I: client HELLO has invalid command name session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZMTP_MALFORMED_COMMAND_HELLO);
current_error_detail = zmtp;
errno = EPROTO; errno = EPROTO;
return -1; return -1;
} }
@@ -266,7 +279,8 @@ int zmq::curve_server_t::process_hello (msg_t *msg_)
if (major != 1 || minor != 0) { if (major != 1 || minor != 0) {
// CURVE I: client HELLO has unknown version number // CURVE I: client HELLO has unknown version number
current_error_detail = zmtp; session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZMTP_MALFORMED_COMMAND_HELLO);
errno = EPROTO; errno = EPROTO;
return -1; return -1;
} }
@@ -286,12 +300,12 @@ int zmq::curve_server_t::process_hello (msg_t *msg_)
memcpy (hello_box + crypto_box_BOXZEROBYTES, hello + 120, 80); memcpy (hello_box + crypto_box_BOXZEROBYTES, hello + 120, 80);
// Open Box [64 * %x0](C'->S) // Open Box [64 * %x0](C'->S)
int rc = crypto_box_open (hello_plaintext, hello_box, rc = crypto_box_open (hello_plaintext, hello_box, sizeof hello_box,
sizeof hello_box,
hello_nonce, cn_client, secret_key); hello_nonce, cn_client, secret_key);
if (rc != 0) { if (rc != 0) {
// CURVE I: cannot open client HELLO -- wrong server key? // CURVE I: cannot open client HELLO -- wrong server key?
current_error_detail = encryption; session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZMTP_CRYPTOGRAPHIC);
errno = EPROTO; errno = EPROTO;
return -1; return -1;
} }
@@ -345,8 +359,8 @@ int zmq::curve_server_t::produce_welcome (msg_t *msg_)
cookie_ciphertext + crypto_secretbox_BOXZEROBYTES, 80); cookie_ciphertext + crypto_secretbox_BOXZEROBYTES, 80);
rc = crypto_box (welcome_ciphertext, welcome_plaintext, rc = crypto_box (welcome_ciphertext, welcome_plaintext,
sizeof welcome_plaintext, sizeof welcome_plaintext, welcome_nonce, cn_client,
welcome_nonce, cn_client, secret_key); secret_key);
// TODO I think we should change this back to zmq_assert (rc == 0); // TODO I think we should change this back to zmq_assert (rc == 0);
// as it was before https://github.com/zeromq/libzmq/pull/1832 // as it was before https://github.com/zeromq/libzmq/pull/1832
@@ -370,17 +384,22 @@ int zmq::curve_server_t::produce_welcome (msg_t *msg_)
int zmq::curve_server_t::process_initiate (msg_t *msg_) int zmq::curve_server_t::process_initiate (msg_t *msg_)
{ {
if (msg_->size () < 257) { int rc = check_basic_command_structure (msg_);
// CURVE I: client INITIATE is not correct size if (rc == -1)
current_error_detail = zmtp; return -1;
const uint8_t *initiate = static_cast <uint8_t *> (msg_->data ());
if (memcmp (initiate, "\x08INITIATE", 9)) {
session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZMTP_UNEXPECTED_COMMAND);
errno = EPROTO; errno = EPROTO;
return -1; return -1;
} }
const uint8_t *initiate = static_cast <uint8_t *> (msg_->data ()); if (msg_->size () < 257) {
if (memcmp (initiate, "\x08INITIATE", 9)) { session->get_socket ()->event_handshake_failed_protocol (
// CURVE I: client INITIATE has invalid command name session->get_endpoint (),
current_error_detail = zmtp; ZMQ_PROTOCOL_ERROR_ZMTP_MALFORMED_COMMAND_INITIATE);
errno = EPROTO; errno = EPROTO;
return -1; return -1;
} }
@@ -396,12 +415,12 @@ int zmq::curve_server_t::process_initiate (msg_t *msg_)
memcpy (cookie_nonce, "COOKIE--", 8); memcpy (cookie_nonce, "COOKIE--", 8);
memcpy (cookie_nonce + 8, initiate + 9, 16); memcpy (cookie_nonce + 8, initiate + 9, 16);
int rc = crypto_secretbox_open (cookie_plaintext, cookie_box, rc = crypto_secretbox_open (cookie_plaintext, cookie_box, sizeof cookie_box,
sizeof cookie_box,
cookie_nonce, cookie_key); cookie_nonce, cookie_key);
if (rc != 0) { if (rc != 0) {
// CURVE I: cannot open client INITIATE cookie // CURVE I: cannot open client INITIATE cookie
current_error_detail = encryption; session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZMTP_CRYPTOGRAPHIC);
errno = EPROTO; errno = EPROTO;
return -1; return -1;
} }
@@ -413,7 +432,8 @@ int zmq::curve_server_t::process_initiate (msg_t *msg_)
// client that knows the server's secret temporary cookie key // client that knows the server's secret temporary cookie key
// CURVE I: client INITIATE cookie is not valid // CURVE I: client INITIATE cookie is not valid
current_error_detail = encryption; session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZMTP_CRYPTOGRAPHIC);
errno = EPROTO; errno = EPROTO;
return -1; return -1;
} }
@@ -437,7 +457,8 @@ int zmq::curve_server_t::process_initiate (msg_t *msg_)
clen, initiate_nonce, cn_client, cn_secret); clen, initiate_nonce, cn_client, cn_secret);
if (rc != 0) { if (rc != 0) {
// CURVE I: cannot open client INITIATE // CURVE I: cannot open client INITIATE
current_error_detail = encryption; session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZMTP_CRYPTOGRAPHIC);
errno = EPROTO; errno = EPROTO;
return -1; return -1;
} }
@@ -462,7 +483,8 @@ int zmq::curve_server_t::process_initiate (msg_t *msg_)
vouch_nonce, client_key, cn_secret); vouch_nonce, client_key, cn_secret);
if (rc != 0) { if (rc != 0) {
// CURVE I: cannot open client INITIATE vouch // CURVE I: cannot open client INITIATE vouch
current_error_detail = encryption; session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZMTP_CRYPTOGRAPHIC);
errno = EPROTO; errno = EPROTO;
return -1; return -1;
} }
@@ -473,7 +495,8 @@ int zmq::curve_server_t::process_initiate (msg_t *msg_)
// client that knows the server's secret short-term key // client that knows the server's secret short-term key
// CURVE I: invalid handshake from client (public key) // CURVE I: invalid handshake from client (public key)
current_error_detail = encryption; session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZMTP_KEY_EXCHANGE);
errno = EPROTO; errno = EPROTO;
return -1; return -1;
} }
@@ -564,4 +587,16 @@ void zmq::curve_server_t::send_zap_request (const uint8_t *key)
zap_client_t::send_zap_request ("CURVE", 5, key, crypto_box_PUBLICKEYBYTES); zap_client_t::send_zap_request ("CURVE", 5, key, crypto_box_PUBLICKEYBYTES);
} }
int zmq::curve_server_t::check_basic_command_structure (msg_t *msg_)
{
if (msg_->size () <= 1 || msg_->size () <= ((uint8_t *) msg_->data ())[0]) {
session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (),
ZMQ_PROTOCOL_ERROR_ZMTP_MALFORMED_COMMAND_UNSPECIFIED);
errno = EPROTO;
return -1;
}
return 0;
}
#endif #endif

1
src/curve_server.hpp
View File

@@ -104,6 +104,7 @@ namespace zmq
int produce_error (msg_t *msg_) const; int produce_error (msg_t *msg_) const;
void send_zap_request (const uint8_t *key); void send_zap_request (const uint8_t *key);
int check_basic_command_structure (msg_t *msg_);
}; };
} }

12
src/mechanism.hpp
View File

@@ -53,14 +53,6 @@ namespace zmq
error error
}; };
// Provides more details when in status_t::error
enum error_detail_t {
no_detail,
zmtp,
zap,
encryption
};
mechanism_t (const options_t &options_); mechanism_t (const options_t &options_);
virtual ~mechanism_t (); virtual ~mechanism_t ();
@@ -81,10 +73,6 @@ namespace zmq
// Returns the status of this mechanism. // Returns the status of this mechanism.
virtual status_t status () const = 0; virtual status_t status () const = 0;
// Returns details about of the current error of the mechanism.
// Returned value does not makes sense if the current status is not error.
virtual error_detail_t error_detail () const { return no_detail; }
void set_peer_identity (const void *id_ptr, size_t id_size); void set_peer_identity (const void *id_ptr, size_t id_size);
void peer_identity (msg_t *msg_); void peer_identity (msg_t *msg_);

22
src/socket_base.cpp
View File

@@ -1692,22 +1692,16 @@ void zmq::socket_base_t::event_handshake_failed_no_detail (
event (addr_, err_, ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL); event (addr_, err_, ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL);
} }
void zmq::socket_base_t::event_handshake_failed_zmtp (const std::string &addr_, void zmq::socket_base_t::event_handshake_failed_protocol (
int err_)
{
event (addr_, err_, ZMQ_EVENT_HANDSHAKE_FAILED_ZMTP);
}
void zmq::socket_base_t::event_handshake_failed_zap (const std::string &addr_,
int err_)
{
event (addr_, err_, ZMQ_EVENT_HANDSHAKE_FAILED_ZAP);
}
void zmq::socket_base_t::event_handshake_failed_encryption (
const std::string &addr_, int err_) const std::string &addr_, int err_)
{ {
event (addr_, err_, ZMQ_EVENT_HANDSHAKE_FAILED_ENCRYPTION); event (addr_, err_, ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL);
}
void zmq::socket_base_t::event_handshake_failed_auth (const std::string &addr_,
int err_)
{
event (addr_, err_, ZMQ_EVENT_HANDSHAKE_FAILED_AUTH);
} }
void zmq::socket_base_t::event_handshake_succeeded (const std::string &addr_, void zmq::socket_base_t::event_handshake_succeeded (const std::string &addr_,

5
src/socket_base.hpp
View File

@@ -134,9 +134,8 @@ namespace zmq
void event_close_failed (const std::string &addr_, int err_); void event_close_failed (const std::string &addr_, int err_);
void event_disconnected (const std::string &addr_, zmq::fd_t fd_); void event_disconnected (const std::string &addr_, zmq::fd_t fd_);
void event_handshake_failed_no_detail(const std::string &addr_, int err_); void event_handshake_failed_no_detail(const std::string &addr_, int err_);
void event_handshake_failed_zmtp(const std::string &addr_, int err_); void event_handshake_failed_protocol(const std::string &addr_, int err_);
void event_handshake_failed_zap(const std::string &addr_, int err_); void event_handshake_failed_auth(const std::string &addr_, int err_);
void event_handshake_failed_encryption(const std::string &addr_, int err_);
void event_handshake_succeeded(const std::string &addr_, int err_); void event_handshake_succeeded(const std::string &addr_, int err_);
protected: protected:

19
src/stream_engine.cpp
View File

@@ -702,6 +702,8 @@ bool zmq::stream_engine_t::handshake ()
} }
#endif #endif
else { else {
session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZMTP_MECHANISM_MISMATCH);
error (protocol_error); error (protocol_error);
return false; return false;
} }
@@ -979,20 +981,11 @@ void zmq::stream_engine_t::error (error_reason_t reason)
} }
zmq_assert (session); zmq_assert (session);
#ifdef ZMQ_BUILD_DRAFT_API #ifdef ZMQ_BUILD_DRAFT_API
// protocol errors have been signaled already at the point where they occurred
if (reason != protocol_error
&& (mechanism == NULL
|| mechanism->status () == mechanism_t::handshaking)) {
int err = errno; int err = errno;
if (mechanism == NULL) {
if (reason == protocol_error)
socket->event_handshake_failed_zmtp (endpoint, err);
else
socket->event_handshake_failed_no_detail (endpoint, err);
} else if (mechanism->status () == mechanism_t::handshaking) {
if (mechanism->error_detail () == mechanism_t::zmtp)
socket->event_handshake_failed_zmtp (endpoint, err);
else if (mechanism->error_detail () == mechanism_t::zap)
socket->event_handshake_failed_zap (endpoint, err);
else if (mechanism->error_detail () == mechanism_t::encryption)
socket->event_handshake_failed_encryption (endpoint, err);
else
socket->event_handshake_failed_no_detail (endpoint, err); socket->event_handshake_failed_no_detail (endpoint, err);
} }
#endif #endif

46
src/zap_client.cpp
View File

@@ -40,8 +40,7 @@ zap_client_t::zap_client_t (session_base_t *const session_,
const options_t &options_) : const options_t &options_) :
mechanism_t (options_), mechanism_t (options_),
session (session_), session (session_),
peer_address (peer_address_), peer_address (peer_address_)
current_error_detail (no_detail)
{ {
} }
@@ -155,34 +154,35 @@ int zap_client_t::receive_and_process_zap_reply ()
return close_and_return (msg, -1); return close_and_return (msg, -1);
} }
if ((msg[i].flags () & msg_t::more) == (i < 6 ? 0 : msg_t::more)) { if ((msg[i].flags () & msg_t::more) == (i < 6 ? 0 : msg_t::more)) {
// CURVE I : ZAP handler sent incomplete reply message session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZAP_MALFORMED_REPLY);
errno = EPROTO; errno = EPROTO;
current_error_detail = mechanism_t::zap;
return close_and_return (msg, -1); return close_and_return (msg, -1);
} }
} }
// Address delimiter frame // Address delimiter frame
if (msg[0].size () > 0) { if (msg[0].size () > 0) {
// CURVE I: ZAP handler sent malformed reply message // TODO can a ZAP handler produce such a message at all?
session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZAP_UNSPECIFIED);
errno = EPROTO; errno = EPROTO;
current_error_detail = mechanism_t::zap;
return close_and_return (msg, -1); return close_and_return (msg, -1);
} }
// Version frame // Version frame
if (msg[1].size () != 3 || memcmp (msg[1].data (), "1.0", 3)) { if (msg[1].size () != 3 || memcmp (msg[1].data (), "1.0", 3)) {
// CURVE I: ZAP handler sent bad version number session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZAP_BAD_VERSION);
errno = EPROTO; errno = EPROTO;
current_error_detail = mechanism_t::zap;
return close_and_return (msg, -1); return close_and_return (msg, -1);
} }
// Request id frame // Request id frame
if (msg[2].size () != 1 || memcmp (msg[2].data (), "1", 1)) { if (msg[2].size () != 1 || memcmp (msg[2].data (), "1", 1)) {
// CURVE I: ZAP handler sent bad request ID session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZAP_BAD_REQUEST_ID);
errno = EPROTO; errno = EPROTO;
current_error_detail = mechanism_t::zap;
return close_and_return (msg, -1); return close_and_return (msg, -1);
} }
@@ -191,9 +191,9 @@ int zap_client_t::receive_and_process_zap_reply ()
if (msg[3].size () != 3 || status_code_data[0] < '2' if (msg[3].size () != 3 || status_code_data[0] < '2'
|| status_code_data[0] > '5' || status_code_data[1] != '0' || status_code_data[0] > '5' || status_code_data[1] != '0'
|| status_code_data[2] != '0') { || status_code_data[2] != '0') {
// CURVE I: ZAP handler sent invalid status code session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZAP_INVALID_STATUS_CODE);
errno = EPROTO; errno = EPROTO;
current_error_detail = mechanism_t::zap;
return close_and_return (msg, -1); return close_and_return (msg, -1);
} }
@@ -208,6 +208,9 @@ int zap_client_t::receive_and_process_zap_reply ()
msg[6].size (), true); msg[6].size (), true);
if (rc != 0) { if (rc != 0) {
session->get_socket ()->event_handshake_failed_protocol (
session->get_endpoint (), ZMQ_PROTOCOL_ERROR_ZAP_INVALID_METADATA);
errno = EPROTO;
return close_and_return (msg, -1); return close_and_return (msg, -1);
} }
@@ -226,30 +229,23 @@ void zap_client_t::handle_zap_status_code ()
{ {
// we can assume here that status_code is a valid ZAP status code, // we can assume here that status_code is a valid ZAP status code,
// i.e. 200, 300, 400 or 500 // i.e. 200, 300, 400 or 500
int err = 0; int status_code_numeric = 0;
switch (status_code[0]) { switch (status_code[0]) {
case '2': case '2':
return; return;
case '3': case '3':
err = EAGAIN; status_code_numeric = 300;
break; break;
case '4': case '4':
err = EACCES; status_code_numeric = 400;
break; break;
case '5': case '5':
err = EFAULT; status_code_numeric = 500;
break; break;
} }
// TODO use event_handshake_failed_zap here? but this is not a ZAP
// protocol error
session->get_socket ()->event_handshake_failed_no_detail ( session->get_socket ()->event_handshake_failed_auth (
session->get_endpoint (), err); session->get_endpoint (), status_code_numeric);
}
mechanism_t::error_detail_t zap_client_t::error_detail () const
{
return current_error_detail;
} }
zap_client_common_handshake_t::zap_client_common_handshake_t ( zap_client_common_handshake_t::zap_client_common_handshake_t (

7
src/zap_client.hpp
View File

@@ -57,19 +57,12 @@ class zap_client_t : public virtual mechanism_t
virtual int receive_and_process_zap_reply (); virtual int receive_and_process_zap_reply ();
virtual void handle_zap_status_code (); virtual void handle_zap_status_code ();
// methods from mechanism_t
error_detail_t error_detail () const;
protected: protected:
session_base_t *const session; session_base_t *const session;
const std::string peer_address; const std::string peer_address;
// Status code as received from ZAP handler // Status code as received from ZAP handler
std::string status_code; std::string status_code;
// Details about the current error state
// TODO remove this
error_detail_t current_error_detail;
}; };
class zap_client_common_handshake_t : public zap_client_t class zap_client_common_handshake_t : public zap_client_t

32
src/zmq_draft.h
View File

@@ -50,11 +50,37 @@
#define ZMQ_BINDTODEVICE 90 #define ZMQ_BINDTODEVICE 90
/* DRAFT 0MQ socket events and monitoring */ /* DRAFT 0MQ socket events and monitoring */
/* Unspecified system errors during handshake. Event value is an errno. */
#define ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL 0x0800 #define ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL 0x0800
/* Handshake complete successfully with successful authentication (if *
* enabled). Event value is unused. */
#define ZMQ_EVENT_HANDSHAKE_SUCCEEDED 0x1000 #define ZMQ_EVENT_HANDSHAKE_SUCCEEDED 0x1000
#define ZMQ_EVENT_HANDSHAKE_FAILED_ENCRYPTION 0x2000 /* Protocol errors between ZMTP peers or between server and ZAP handler. *
#define ZMQ_EVENT_HANDSHAKE_FAILED_ZMTP 0x4000 * Event value is one of ZMQ_PROTOCOL_ERROR_* */
#define ZMQ_EVENT_HANDSHAKE_FAILED_ZAP 0x8000 #define ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL 0x2000
/* Failed authentication requests. Event value is the numeric ZAP status *
* code, i.e. 300, 400 or 500. */
#define ZMQ_EVENT_HANDSHAKE_FAILED_AUTH 0x4000
#define ZMQ_PROTOCOL_ERROR_ZMTP_UNSPECIFIED 0x10000000
#define ZMQ_PROTOCOL_ERROR_ZMTP_UNEXPECTED_COMMAND 0x10000001
#define ZMQ_PROTOCOL_ERROR_ZMTP_INVALID_SEQUENCE 0x10000002
#define ZMQ_PROTOCOL_ERROR_ZMTP_KEY_EXCHANGE 0x10000003
#define ZMQ_PROTOCOL_ERROR_ZMTP_MALFORMED_COMMAND_UNSPECIFIED 0x10000011
#define ZMQ_PROTOCOL_ERROR_ZMTP_MALFORMED_COMMAND_MESSAGE 0x10000012
#define ZMQ_PROTOCOL_ERROR_ZMTP_MALFORMED_COMMAND_HELLO 0x10000013
#define ZMQ_PROTOCOL_ERROR_ZMTP_MALFORMED_COMMAND_INITIATE 0x10000014
// the following two may be due to erroneous configuration of a peer
#define ZMQ_PROTOCOL_ERROR_ZMTP_CRYPTOGRAPHIC 0x11000001
#define ZMQ_PROTOCOL_ERROR_ZMTP_MECHANISM_MISMATCH 0x11000002
#define ZMQ_PROTOCOL_ERROR_ZAP_UNSPECIFIED 0x20000000
#define ZMQ_PROTOCOL_ERROR_ZAP_MALFORMED_REPLY 0x20000001
#define ZMQ_PROTOCOL_ERROR_ZAP_BAD_REQUEST_ID 0x20000002
#define ZMQ_PROTOCOL_ERROR_ZAP_BAD_VERSION 0x20000003
#define ZMQ_PROTOCOL_ERROR_ZAP_INVALID_STATUS_CODE 0x20000004
#define ZMQ_PROTOCOL_ERROR_ZAP_INVALID_METADATA 0x20000005
/* DRAFT Context options */ /* DRAFT Context options */
#define ZMQ_MSG_T_SIZE 6 #define ZMQ_MSG_T_SIZE 6

60
tests/test_security_curve.cpp
View File

@@ -103,7 +103,8 @@ void test_garbage_key(void *ctx,
#ifdef ZMQ_BUILD_DRAFT_API #ifdef ZMQ_BUILD_DRAFT_API
int handshake_failed_encryption_event_count = int handshake_failed_encryption_event_count =
expect_monitor_event_multiple (server_mon, expect_monitor_event_multiple (server_mon,
ZMQ_EVENT_HANDSHAKE_FAILED_ENCRYPTION); ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL,
ZMQ_PROTOCOL_ERROR_ZMTP_CRYPTOGRAPHIC);
// handshake_failed_encryption_event_count should be at least two because // handshake_failed_encryption_event_count should be at least two because
// expect_bounce_fail involves two exchanges // expect_bounce_fail involves two exchanges
@@ -149,9 +150,8 @@ void test_curve_security_with_bogus_client_credentials (
int event_count = 0; int event_count = 0;
#ifdef ZMQ_BUILD_DRAFT_API #ifdef ZMQ_BUILD_DRAFT_API
// TODO add another event type ZMQ_EVENT_HANDSHAKE_FAILED_AUTH for this case?
event_count = expect_monitor_event_multiple ( event_count = expect_monitor_event_multiple (
server_mon, ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL, EACCES); server_mon, ZMQ_EVENT_HANDSHAKE_FAILED_AUTH, 400);
assert (event_count <= 1); assert (event_count <= 1);
#endif #endif
@@ -160,7 +160,10 @@ void test_curve_security_with_bogus_client_credentials (
|| 1 <= zmq_atomic_counter_value (zap_requests_handled)); || 1 <= zmq_atomic_counter_value (zap_requests_handled));
} }
void expect_zmtp_failure (void *client, char *my_endpoint, void *server, void *server_mon) void expect_zmtp_mechanism_mismatch (void *client,
char *my_endpoint,
void *server,
void *server_mon)
{ {
// This must be caught by the curve_server class, not passed to ZAP // This must be caught by the curve_server class, not passed to ZAP
int rc = zmq_connect (client, my_endpoint); int rc = zmq_connect (client, my_endpoint);
@@ -169,7 +172,9 @@ void expect_zmtp_failure (void *client, char *my_endpoint, void *server, void *s
close_zero_linger (client); close_zero_linger (client);
#ifdef ZMQ_BUILD_DRAFT_API #ifdef ZMQ_BUILD_DRAFT_API
expect_monitor_event_multiple (server_mon, ZMQ_EVENT_HANDSHAKE_FAILED_ZMTP); expect_monitor_event_multiple (server_mon,
ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL,
ZMQ_PROTOCOL_ERROR_ZMTP_MECHANISM_MISMATCH);
#endif #endif
assert (0 == zmq_atomic_counter_value (zap_requests_handled)); assert (0 == zmq_atomic_counter_value (zap_requests_handled));
@@ -183,7 +188,7 @@ void test_curve_security_with_null_client_credentials (void *ctx,
void *client = zmq_socket (ctx, ZMQ_DEALER); void *client = zmq_socket (ctx, ZMQ_DEALER);
assert (client); assert (client);
expect_zmtp_failure (client, my_endpoint, server, server_mon); expect_zmtp_mechanism_mismatch (client, my_endpoint, server, server_mon);
} }
void test_curve_security_with_plain_client_credentials (void *ctx, void test_curve_security_with_plain_client_credentials (void *ctx,
@@ -198,7 +203,7 @@ void test_curve_security_with_plain_client_credentials (void *ctx,
rc = zmq_setsockopt (client, ZMQ_PLAIN_PASSWORD, "password", 8); rc = zmq_setsockopt (client, ZMQ_PLAIN_PASSWORD, "password", 8);
assert (rc == 0); assert (rc == 0);
expect_zmtp_failure (client, my_endpoint, server, server_mon); expect_zmtp_mechanism_mismatch (client, my_endpoint, server, server_mon);
} }
int connect_vanilla_socket (char *my_endpoint) int connect_vanilla_socket (char *my_endpoint)
@@ -279,11 +284,12 @@ void test_curve_security_invalid_hello_wrong_length (char *my_endpoint,
send_greeting (s); send_greeting (s);
// send CURVE HELLO of wrong size // send CURVE HELLO of wrong size
send(s, "\x04\x05HELLO"); send(s, "\x04\x06\x05HELLO");
#ifdef ZMQ_BUILD_DRAFT_API #ifdef ZMQ_BUILD_DRAFT_API
expect_monitor_event_multiple (server_mon, ZMQ_EVENT_HANDSHAKE_FAILED_ZMTP, expect_monitor_event_multiple (
EPROTO); server_mon, ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL,
ZMQ_PROTOCOL_ERROR_ZMTP_MALFORMED_COMMAND_HELLO);
#endif #endif
close (s); close (s);
@@ -361,8 +367,9 @@ void test_curve_security_invalid_hello_command_name (char *my_endpoint,
send_command(s, hello); send_command(s, hello);
#ifdef ZMQ_BUILD_DRAFT_API #ifdef ZMQ_BUILD_DRAFT_API
expect_monitor_event_multiple (server_mon, ZMQ_EVENT_HANDSHAKE_FAILED_ZMTP, expect_monitor_event_multiple (server_mon,
EPROTO); ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL,
ZMQ_PROTOCOL_ERROR_ZMTP_UNEXPECTED_COMMAND);
#endif #endif
close (s); close (s);
@@ -388,8 +395,9 @@ void test_curve_security_invalid_hello_version (char *my_endpoint,
send_command (s, hello); send_command (s, hello);
#ifdef ZMQ_BUILD_DRAFT_API #ifdef ZMQ_BUILD_DRAFT_API
expect_monitor_event_multiple (server_mon, ZMQ_EVENT_HANDSHAKE_FAILED_ZMTP, expect_monitor_event_multiple (
EPROTO); server_mon, ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL,
ZMQ_PROTOCOL_ERROR_ZMTP_MALFORMED_COMMAND_HELLO);
#endif #endif
close (s); close (s);
@@ -459,11 +467,12 @@ void test_curve_security_invalid_initiate_length (char *my_endpoint,
assert (res == -1); assert (res == -1);
#endif #endif
send(s, "\x04\x08INITIATE"); send(s, "\x04\x09\x08INITIATE");
#ifdef ZMQ_BUILD_DRAFT_API #ifdef ZMQ_BUILD_DRAFT_API
expect_monitor_event_multiple (server_mon, ZMQ_EVENT_HANDSHAKE_FAILED_ZMTP, expect_monitor_event_multiple (
EPROTO); server_mon, ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL,
ZMQ_PROTOCOL_ERROR_ZMTP_MALFORMED_COMMAND_INITIATE);
#endif #endif
close (s); close (s);
@@ -510,8 +519,9 @@ void test_curve_security_invalid_initiate_command_name (char *my_endpoint,
send_command (s, initiate); send_command (s, initiate);
#ifdef ZMQ_BUILD_DRAFT_API #ifdef ZMQ_BUILD_DRAFT_API
expect_monitor_event_multiple (server_mon, ZMQ_EVENT_HANDSHAKE_FAILED_ZMTP, expect_monitor_event_multiple (server_mon,
EPROTO); ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL,
ZMQ_PROTOCOL_ERROR_ZMTP_UNEXPECTED_COMMAND);
#endif #endif
close (s); close (s);
@@ -532,8 +542,9 @@ void test_curve_security_invalid_initiate_command_encrypted_cookie (
send_command (s, initiate); send_command (s, initiate);
#ifdef ZMQ_BUILD_DRAFT_API #ifdef ZMQ_BUILD_DRAFT_API
expect_monitor_event_multiple ( expect_monitor_event_multiple (server_mon,
server_mon, ZMQ_EVENT_HANDSHAKE_FAILED_ENCRYPTION, EPROTO); ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL,
ZMQ_PROTOCOL_ERROR_ZMTP_CRYPTOGRAPHIC);
#endif #endif
close (s); close (s);
@@ -554,8 +565,9 @@ void test_curve_security_invalid_initiate_command_encrypted_content (
send_command (s, initiate); send_command (s, initiate);
#ifdef ZMQ_BUILD_DRAFT_API #ifdef ZMQ_BUILD_DRAFT_API
expect_monitor_event_multiple ( expect_monitor_event_multiple (server_mon,
server_mon, ZMQ_EVENT_HANDSHAKE_FAILED_ENCRYPTION, EPROTO); ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL,
ZMQ_PROTOCOL_ERROR_ZMTP_CRYPTOGRAPHIC);
#endif #endif
close (s); close (s);
@@ -648,7 +660,6 @@ int main (void)
server_mon, timeout); server_mon, timeout);
shutdown_context_and_server_side (ctx, zap_thread, server, server_mon, shutdown_context_and_server_side (ctx, zap_thread, server, server_mon,
handler); handler);
fprintf (stderr, "test_curve_security_with_null_client_credentials\n"); fprintf (stderr, "test_curve_security_with_null_client_credentials\n");
setup_context_and_server_side (&ctx, &handler, &zap_thread, &server, setup_context_and_server_side (&ctx, &handler, &zap_thread, &server,
&server_mon, my_endpoint); &server_mon, my_endpoint);
@@ -664,7 +675,6 @@ int main (void)
server_mon); server_mon);
shutdown_context_and_server_side (ctx, zap_thread, server, server_mon, shutdown_context_and_server_side (ctx, zap_thread, server, server_mon,
handler); handler);
fprintf (stderr, "test_curve_security_unauthenticated_message\n"); fprintf (stderr, "test_curve_security_unauthenticated_message\n");
setup_context_and_server_side (&ctx, &handler, &zap_thread, &server, setup_context_and_server_side (&ctx, &handler, &zap_thread, &server,
&server_mon, my_endpoint); &server_mon, my_endpoint);

41
tests/test_security_zap.cpp
View File

@@ -87,11 +87,12 @@ void test_zap_protocol_error (void *ctx,
void *server, void *server,
void *server_mon, void *server_mon,
socket_config_fn socket_config_, socket_config_fn socket_config_,
void *socket_config_data_) void *socket_config_data_,
int expected_error)
{ {
test_zap_unsuccessful (ctx, my_endpoint, server, server_mon, test_zap_unsuccessful (ctx, my_endpoint, server, server_mon,
#ifdef ZMQ_BUILD_DRAFT_API #ifdef ZMQ_BUILD_DRAFT_API
ZMQ_EVENT_HANDSHAKE_FAILED_ZAP, EPROTO, ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL, expected_error,
#else #else
0, 0, 0, 0,
#endif #endif
@@ -119,7 +120,13 @@ void test_zap_errors (socket_config_fn server_socket_config_,
&zap_handler_wrong_version, server_socket_config_, &zap_handler_wrong_version, server_socket_config_,
server_socket_config_data_); server_socket_config_data_);
test_zap_protocol_error (ctx, my_endpoint, server, server_mon, test_zap_protocol_error (ctx, my_endpoint, server, server_mon,
client_socket_config_, client_socket_config_data_); client_socket_config_, client_socket_config_data_,
#ifdef ZMQ_BUILD_DRAFT_API
ZMQ_PROTOCOL_ERROR_ZAP_BAD_VERSION
#else
0
#endif
);
shutdown_context_and_server_side (ctx, zap_thread, server, server_mon, shutdown_context_and_server_side (ctx, zap_thread, server, server_mon,
handler); handler);
@@ -130,7 +137,13 @@ void test_zap_errors (socket_config_fn server_socket_config_,
&zap_handler_wrong_request_id, server_socket_config_, &zap_handler_wrong_request_id, server_socket_config_,
server_socket_config_data_); server_socket_config_data_);
test_zap_protocol_error (ctx, my_endpoint, server, server_mon, test_zap_protocol_error (ctx, my_endpoint, server, server_mon,
client_socket_config_, client_socket_config_data_); client_socket_config_, client_socket_config_data_,
#ifdef ZMQ_BUILD_DRAFT_API
ZMQ_PROTOCOL_ERROR_ZAP_BAD_REQUEST_ID
#else
0
#endif
);
shutdown_context_and_server_side (ctx, zap_thread, server, server_mon, shutdown_context_and_server_side (ctx, zap_thread, server, server_mon,
handler); handler);
@@ -141,7 +154,13 @@ void test_zap_errors (socket_config_fn server_socket_config_,
&zap_handler_wrong_status_invalid, server_socket_config_, &zap_handler_wrong_status_invalid, server_socket_config_,
server_socket_config_data_); server_socket_config_data_);
test_zap_protocol_error (ctx, my_endpoint, server, server_mon, test_zap_protocol_error (ctx, my_endpoint, server, server_mon,
client_socket_config_, client_socket_config_data_); client_socket_config_, client_socket_config_data_,
#ifdef ZMQ_BUILD_DRAFT_API
ZMQ_PROTOCOL_ERROR_ZAP_INVALID_STATUS_CODE
#else
0
#endif
);
shutdown_context_and_server_side (ctx, zap_thread, server, server_mon, shutdown_context_and_server_side (ctx, zap_thread, server, server_mon,
handler); handler);
@@ -152,7 +171,13 @@ void test_zap_errors (socket_config_fn server_socket_config_,
&zap_handler_too_many_parts, server_socket_config_, &zap_handler_too_many_parts, server_socket_config_,
server_socket_config_data_); server_socket_config_data_);
test_zap_protocol_error (ctx, my_endpoint, server, server_mon, test_zap_protocol_error (ctx, my_endpoint, server, server_mon,
client_socket_config_, client_socket_config_data_); client_socket_config_, client_socket_config_data_,
#ifdef ZMQ_BUILD_DRAFT_API
ZMQ_PROTOCOL_ERROR_ZAP_MALFORMED_REPLY
#else
0
#endif
);
shutdown_context_and_server_side (ctx, zap_thread, server, server_mon, shutdown_context_and_server_side (ctx, zap_thread, server, server_mon,
handler); handler);
@@ -169,7 +194,7 @@ void test_zap_errors (socket_config_fn server_socket_config_,
server_socket_config_data_); server_socket_config_data_);
test_zap_unsuccessful (ctx, my_endpoint, server, server_mon, test_zap_unsuccessful (ctx, my_endpoint, server, server_mon,
#ifdef ZMQ_BUILD_DRAFT_API #ifdef ZMQ_BUILD_DRAFT_API
ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL, EAGAIN, ZMQ_EVENT_HANDSHAKE_FAILED_AUTH, 300,
#else #else
0, 0, 0, 0,
#endif #endif
@@ -184,7 +209,7 @@ void test_zap_errors (socket_config_fn server_socket_config_,
&zap_handler_wrong_status_internal_error, server_socket_config_); &zap_handler_wrong_status_internal_error, server_socket_config_);
test_zap_unsuccessful (ctx, my_endpoint, server, server_mon, test_zap_unsuccessful (ctx, my_endpoint, server, server_mon,
#ifdef ZMQ_BUILD_DRAFT_API #ifdef ZMQ_BUILD_DRAFT_API
ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL, EFAULT, ZMQ_EVENT_HANDSHAKE_FAILED_AUTH, 500,
#else #else
0, 0, 0, 0,
#endif #endif

16
tests/testutil_security.hpp
View File

@@ -331,11 +331,11 @@ void setup_context_and_server_side (
char monitor_endpoint [] = "inproc://monitor-server"; char monitor_endpoint [] = "inproc://monitor-server";
// Monitor handshake events on the server // Monitor handshake events on the server
rc = zmq_socket_monitor ( rc = zmq_socket_monitor (*server, monitor_endpoint,
*server, monitor_endpoint, ZMQ_EVENT_HANDSHAKE_SUCCEEDED
ZMQ_EVENT_HANDSHAKE_SUCCEEDED | ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL | ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL
| ZMQ_EVENT_HANDSHAKE_FAILED_ZAP | ZMQ_EVENT_HANDSHAKE_FAILED_ZMTP | ZMQ_EVENT_HANDSHAKE_FAILED_AUTH
| ZMQ_EVENT_HANDSHAKE_FAILED_ENCRYPTION); | ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL);
assert (rc == 0); assert (rc == 0);
// Create socket for collecting monitor events // Create socket for collecting monitor events
@@ -514,7 +514,11 @@ int expect_monitor_event_multiple (void *server_mon,
} }
if (event != expected_event if (event != expected_event
|| (-1 != expected_err && err != expected_err)) { || (-1 != expected_err && err != expected_err)) {
fprintf (stderr, "Unexpected event: %x (err = %i)\n", event, err); fprintf (
stderr,
"Unexpected event: 0x%x, value = %i/0x%x (expected: 0x%x, value "
"= %i/0x%x)\n",
event, err, err, expected_event, expected_err, expected_err);
assert (false); assert (false);
} }
++count_of_expected_events; ++count_of_expected_events;