Commit Graph

6040 Commits

Author SHA1 Message Date
Luca Boccassi
0a8775e717 Merge pull request #2655 from sigiesec/fix-curve-produce-error
Problem: zmq::curve_server_t::produce_error sends sizeof std::string instead of status code length
2017-08-04 17:43:24 +01:00
Luca Boccassi
067b7b0d27 Problem: Android build on Travis OSX takes 10 minutes+
Solution: remove it, and test it only on Linux, as the toolchain and
build process is the same.
2017-08-04 16:29:11 +01:00
Luca Boccassi
9c085381ee Problem: test_security_curve timeouts on CMake
Solution: bump timeout from 20 to 60 seconds
2017-08-04 16:25:59 +01:00
Luca Boccassi
8275f6356a Problem: redundant appveyor test
Solution: remove it. No need to do an additional sodium on - curve
off test, as sodium will be disabled anyway
2017-08-04 16:24:40 +01:00
Luca Boccassi
e83abb3de3 Merge pull request #2652 from sigiesec/curve-security-tests-improvement
Problem: open TODOs in test code, CI failures
2017-08-04 16:03:44 +01:00
Simon Giesecke
41108b203e Problem: zmq::curve_server_t::produce_error sends sizeof std::string instead of status code length
Solution: send status code length (always 3) instead
2017-08-04 16:54:46 +02:00
Simon Giesecke
7ba70e95e5 Problem: test failure on CI due to ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL/EPIPE problem
Solution: add workaround at another place, unify two code fragments to remove duplication
2017-08-04 16:05:20 +02:00
Simon Giesecke
aacb219acd Problem: open TODOs in test code
Solution: removed code duplication
improved global variable naming
added assertions on number of ZAP requests handled
added assertion on monitor event to test_curve_security_with_plain_client_credentials
2017-08-04 15:11:14 +02:00
Jim Klimov
e84804d4cc Merge pull request #2647 from bluca/travis_test
Problems: too many OSX travis builds, curve test uses hard-coded TCP port
2017-08-04 13:21:02 +02:00
Luca Boccassi
5c7f56639b Merge pull request #2651 from sigiesec/doc-property-defines
Problem: new ZMQ_MSG_PROPERTY_* defines were not mentioned in the documentation
2017-08-04 11:51:12 +01:00
Luca Boccassi
32085870df Merge pull request #2650 from sigiesec/connection-close-event-workaround
Problem: sporadic failure in test_curve_security_with_null_client_credentials
2017-08-04 11:48:27 +01:00
Simon Giesecke
63779094d3 Problem: new ZMQ_MSG_PROPERTY_* defines were not mentioned in the documentation
Solution: add documentation
2017-08-04 12:46:41 +02:00
Luca Boccassi
b92dc0a674 Merge pull request #2649 from sigiesec/remove-property-literal-duplication
Problem: Message property names are duplicated
2017-08-04 11:09:31 +01:00
Simon Giesecke
4b847f3ff9 Problem: no tests for ZAP handler that has an invalid protocol (#2648)
* Problem: no tests for ZAP protocol errors

Solution: added first test for a bogus version number in ZAP reply

* Problem: no tests for ZAP protocol errors

Solution: added more test cases

* Problem: cannot compile without ZMQ_BUILD_DRAFT_API

Solution: conditionally compile parts that depend on draft API

* Problem: test_security_curve times out in CI

Solution: Increase timeout for this test to 20 seconds
2017-08-04 11:07:41 +01:00
Simon Giesecke
4fec4c99be Problem: sporadic failure in test_curve_security_with_null_client_credentials
Solution: add workaround for EPIPE error
2017-08-04 11:35:00 +02:00
Simon Giesecke
7a16c292b7 Problem: Documentation mentions a message property "Resource", which does not exist
Solution: Remove from documentation
2017-08-04 10:34:48 +02:00
Simon Giesecke
9949965717 Problem: Property names are duplicated at several places
Solution: Define them in zmq.h and use them (currently in DRAFT API)
2017-08-04 10:33:51 +02:00
Luca Boccassi
5b91eb549b Problem: OSX builds are very slow
Solution: avoid running brew update and brew install binutils unless
it's for the android cross-compilation, where it's necessary for
greadelf.
2017-08-03 23:35:51 +01:00
Luca Boccassi
0c5731ac00 Problem: 2 OSX libsodium Travis runs
Solution: remove the non-draft test run, as OSX is very slow and
overcrowded on Travis
2017-08-03 14:43:36 +01:00
Luca Boccassi
d96b0f42a6 Problem: additional doc-build test on Travis
Solution: remove it, as it takes time and it's enough to test once
2017-08-03 14:42:14 +01:00
Luca Boccassi
ccb1250fcc Problem: a curve test uses hard-coded TCP port
Solution: use the wildcard endpoint instead
2017-08-03 14:41:36 +01:00
Simon Giesecke
c191909c0e Problem: Misleading error code in case ZAP handler sends an invalid status code (#2646)
Solution: Use EPROTO instead of EACCES error code in that case
2017-08-03 14:20:35 +01:00
Simon Giesecke
5d4e30eb13 Replace console output by monitoring events for curve security issues (#2645)
* Fixing #2002 one way of doing it

 * Mechanisms can implement a new method `error_detail()`
 * This error detail have three values for the moment: no_detail
 (default), protocol, encryption.
    + generic enough to make sense for all mechanisms.
    - low granularity level on information.

* Fixing #2002: implementation of the error details

The ZMQ_EVENT_HANDSHAKE_FAILED event carries the error details
as value.

* Removed Microsoft extenstion for enum member access

This was leading to compilation error under linux.

* Adaptation of CURVE test cases

* Monitoring event: changed API for detailed events

Removed ZMQ_EVENT_HANDSHAKE_FAILED and replaced it by:
- ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL,
- ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL,
- ZMQ_EVENT_HANDSHAKE_FAILED_ENCRYPTION

Adaptation of text case `security_curve`

* Removed event value comparison

This was introduced for the previous API model adaptation

* Removed the prints in std output and added missing details

`current_error_detail` was not set in every protocol error cases

* Fixed initialization of current_error_detail

* Fixed error in greeting test case

The handshake failure due to mechanism mismatch in greeting is actually
a protocol error. The error handling method consider it like so and
send a protocol handshake failure monitoring event instead of no_detail.

Fixed the test_security_curve expectation as well.

* Upgraded tests of monitoring events

The tests check the number of monitoring events received

* Problem: does not build under Linux or without ZMQ_DRAFT_API

Solution:
- properly use ZMQ_DRAFT_API conditional compilation
- use receive timeouts instead of Sleep

* Problem: duplicate definition of variable 'timeout'

Solution: merged definitions

* Problem: inconsistent timing dependencies

Solution: reduce timing dependency by using timeouts at more places

* Problem: assertion failure under Linux due to unexpected monitor event

Solution: output event type to aid debugging

* Problem: erroneous assertion code

* Problem: assertion failure with a garbage server key due to an extra third event

Solution: changed assertion to expect three events (needs to be checked)

* Problem: extra include directive to non-existent file

Solution: removed include directive

* Problem: assertion failure on appveyor for unknown reason

Solution: improve debug output

* Problem: no build with libsodium and draft api

Solution: add build configurations with libsodium and draft api

* Problem: assertion failure on CI

Solution: change assertion to reflect actual behaviour on CI (at least temporarily)

* Problem: error in condition in assertion code

* Problem: assertion failure on CI

Solution: generalize assertion to match behavior on CI

* Problem: assertion failures on CI

Solution: removed inconsistent assertion on no monitor events before flushing
improved debuggability by converting function into macro

* Problem: diverging test code for three analogous test cases with garbage key

Solution: extract common code into function

* Problem: does not build without ZMQ_BUILD_DRAFT_API

Solution: introduce dummy variable

* Attempt to remove workaround regarding ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL again

* Problem: EAGAIN error after handshake complete if there is no more data in inbuffer

Solution: Skip tcp_read attempt in that case

* Problem: handshaking event emitted after handshaking failed

Solution: use stream_engine_t::handshaking instead of mechanism_t::status() to determine whether still handshaking

* Include error code in debug output

* Improve debugging output: output flushed events

* Split up ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL into ZMQ_EVENT_HANDSHAKE_FAILED_ZMTP and ZMQ_EVENT_HANDSHAKE_FAILED_ZAP

* Fixed compilation without ZMQ_BUILD_DRAFT_API

* Renamed ZMQ_EVENT_HANDSHAKE_SUCCEED to ZMQ_EVENT_HANDSHAKE_SUCCEEDED for language consistency

* Renamed ZMQ_EVENT_HANDSHAKE_SUCCEED to ZMQ_EVENT_HANDSHAKE_SUCCEEDED for language consistency

* Renamed ZMQ_EVENT_HANDSHAKE_SUCCEED to ZMQ_EVENT_HANDSHAKE_SUCCEEDED for language consistency

* Fixed assert_monitor_event (require event instead of allowing no event)
Reverted erroneous change to handshaking condition
Renamed test_wrong_key to test_garbage_key
Generalized assumption in test_garbage_key to allow for ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL with error == EPIPE

* Better isolate test cases from each other by providing a fresh context & server for each

* Added diagnostic output

* Changed assertion to reflect actual behavior on CI

* Fixed formatting, observe maximum line length

* Fixed formatting, observe maximum line length

* Increase timeout to check if this fixes valgrind run

* Close server with close_zero_linger

* Increase timeout to check if this fixes valgrind run

* Increase timeout to check if this fixes valgrind run

* Generalize assertion to also work with valgrind

* Fixed formatting

* Add more diagnostic output

* Generalize assertion to also work with valgrind
2017-08-03 14:15:56 +01:00
Jim Klimov
fda9daa200 Merge pull request #2639 from bluca/wine_doc
Problems: using Wine requires system tuning, ZMQ_BINDTODEVICE not draft
2017-08-01 15:39:45 +02:00
Luca Boccassi
bb0b518e7f Problem: ZMQ_BINDTODEVICE not used for ZMQ_DISH
Solution: apply the option outside of the send/recv_enabled blocks so
that it is used for all types of UDP sockets
2017-07-31 16:31:31 +01:00
Luca Boccassi
415bdbc1b9 Problem: ZMQ_BINDTODEVICE is DRAFT but not DRAFT
Solution: move definition in the DRAFT section of the header
2017-07-31 16:31:31 +01:00
Luca Boccassi
2048ed5dbf Problem: using Wine requires system tuning
Solution: document it in the INSTALL file
Fixes #2638
2017-07-31 15:59:39 +01:00
Luca Boccassi
a34adbf474 Merge pull request #2640 from brianbalerno/vrf
Add socket option BINDTODEVICE
2017-07-31 15:58:56 +01:00
Brian Russell
b963542e8f Add socket option BINDTODEVICE
Linux now supports Virtual Routing and Forwarding (VRF) as per:

https://www.kernel.org/doc/Documentation/networking/vrf.txt

In order for an application to bind or connect to a socket with an
address in a VRF, they need to first bind the socket to the VRF device:

    setsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, dev, strlen(dev)+1);

Note "dev" is the VRF device, eg. VRF "blue", rather than an interface
enslaved to the VRF.

Add a new socket option, ZMQ_BINDTODEVICE, to bind a socket to a device.
In general, if a socket is bound to a device, eg. an interface, only
packets received from that particular device are processed by the socket.

If device is a VRF device, then subsequent binds/connects to that socket
use addresses in the VRF routing table.
2017-07-31 15:31:47 +01:00
Constantin Rack
4a37ce9aeb Merge pull request #2636 from bluca/tweetnacl_fd
Problem: tweetnacl on *nix use of /dev/urandom is not thread safe
2017-07-28 17:04:54 +02:00
Luca Boccassi
fbb6bbdcb8 Problem: reading from /dev/urandom is clunky
Solution: if available use the getrandom function as it doesn't
require any synchronization, state or cleanup
2017-07-28 11:28:19 +01:00
Luca Boccassi
2626fdfa23 Problem: tweetnacl leaks file descriptor on fork+exec
Solution: open with O_CLOEXEC if available or set FD_CLOEXEC if not
2017-07-28 11:27:55 +01:00
Luca Boccassi
e015a0f8b9 Problem: fd leak in tweetnacl with one ctx per thread
Solution: add a crypto [de-]initialiser, refcounted and serialised
through critical sections.
This is necessary as utility APIs such as zmq_curve_keypair also
call into the sodium/tweetnacl libraries and need the initialisation
outside of the zmq context.
Also the libsodium documentation explicitly says that sodium_init
must not be called concurrently from multiple threads, which could
have happened until now. Also the randombytes_close function does
not appear to be thread safe either.
This change guarantees that the library is initialised only once at
any given time across the whole program.
Fixes #2632
2017-07-28 11:27:53 +01:00
Luca Boccassi
a7bf010ee2 Problem: misleading indentation in tweetnacl.c
Solution: fix it
2017-07-27 21:04:43 +01:00
Luca Boccassi
2991e6f602 Merge pull request #2633 from pavel-pimenov/fix-C4324
Suppress C4324 (VC++2017)
2017-07-27 10:10:03 +01:00
pavel.pimenov
dfd9d48496 Suppress C4324 (VC++2017)
'zmq::command_t': structure was padded due to alignment specifier
https://msdn.microsoft.com/en-us/library/92fdk6xx.aspx
2017-07-27 07:06:19 +03:00
Constantin Rack
a537ace084 Merge pull request #2631 from ecoughlan/skip_invalid_setsockopt
Don't try to set IPV6_V6ONLY on OpenBSD
2017-07-22 23:16:28 +02:00
Eamonn Coughlan
cfb59dde21 Problem: can't set IPV6_V6ONLY on OpenBSD
Solution: skip setsockopt call resulting in EINVAL
2017-07-22 22:53:12 +02:00
Constantin Rack
b2c4dad46e Merge pull request #2626 from minrk/relicense
RELICENSE: minrk
2017-07-17 14:01:26 +02:00
Min RK
01f29ed8b9 add license grant for minrk 2017-07-17 13:57:53 +02:00
Constantin Rack
e1dfb2e337 Merge pull request #2625 from trofi/master
configure.ac: allow user to disable libunwind discovery via --disable-libunwind
2017-07-14 23:14:54 +02:00
Sergei Trofimovich
88487e7da3 configure.ac: allow user to disable libunwind discovery via --disable-libunwind
on ia64 architecture libunwind comes with gcc. Unfortunately
libunwind is not directly usable as-is and fails at link time:

```
    ia64-unknown-linux-gnu-g++ -o perf/.libs/local_lat perf/local_lat.o src/.libs/libzmq.so -lsodium -lrt -lpthread -ldl
    src/.libs/libzmq.so: undefined reference to `_ULia64_step'
```

The change adds --{enable,disable}-libunwind flag to control
automatic dependency. The default is unchanged: use if available.

Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
2017-07-14 21:44:30 +01:00
Luca Boccassi
dfcf396ded Merge pull request #2624 from msune/master
Problem: adapt, clarify docs ZMQ_ROUTER_MANDATORY
2017-07-14 17:53:55 +01:00
Marc Sune
609c131249 Problem: adapt, clarify docs ZMQ_ROUTER_MANDATORY
Solution:

* Document the new behaviour when generating 'ZMQ_POLLOUT' events
  for ZMQ_ROUTER sockets with 'ZMQ_ROUTER_MANDATORY' set to `1`
* Add clarifications for 'ZMQ_ROUTER' socket when
  'ZMQ_ROUTER_MANDATORY' is set to `1`
2017-07-14 18:49:14 +02:00
Luca Boccassi
bba4a93727 Merge pull request #2622 from msune/master
Fix ROUTER's xhas_out() in MANDATORY mode
2017-07-14 15:48:37 +01:00
Marc Sune
b7b89a8f60 Fix ROUTER's xhas_out() in MANDATORY mode
Before this commit, xhas_out() was returning true regardless. This
was correct before the ZMQ_ROUTER_MANDATORY flag as introduced.
However, ZMQ_POLLOUT.

With this commit, _if_ ZMQ_ROUTER_MANDATORY is set, xhas_out() will
return false if ALL peer's outgoing pipes are full.

There is an outstanding high-level design question:

If ZMQ_ROUTER_MANDATORY is set, and zmq_poll() waits for ZMQ_POLLOUT
events, zmq_poll() will immediately wake up if only 1 pipe has
room to send, regardless of the peer, creating a busy loop of
zmq_poll() wake-up, zmq_send() (EAGAIN). There is no way for
the application to selectively wait for ZMQ_POLLOUT for specific
peer(s), which seems somehow necessary in ZMQ_ROUTER_MANDATORY.

This discussion will be addressed in a separate issue.

Signed-off-by: Marc Sune <marc@voltanet.io>
Signed-off-by: Fredi Raspall <fredi@voltanet.io>
2017-07-14 15:55:58 +02:00
Doron Somech
30ab0ed897 Merge pull request #2615 from bluca/curve_server_reconnect
Problem: CURVE server (connect) fails when client rebinds
2017-07-01 20:54:32 +03:00
Luca Boccassi
d04065b778 Problem: CURVE server (connect) fails when client rebinds
Solution: if a CURVE server is using zmq_connect, the same session
will be used for any client "reconnect" (actual binds). This is
acceptable, so do not assert if zap_pipe already exists during the
handshake, but simply reuse it.
Fixes #2608
2017-07-01 17:37:07 +01:00
Constantin Rack
4e6c89e3cd Merge pull request #2613 from mattconnolly/relicense
RELICENSE: Matt Connolly
2017-06-29 08:04:24 +02:00
Matt Connolly
1d17182799 RELICENSE: Matt Connolly
Refs #2376
2017-06-28 22:51:24 -07:00