120 Commits

Author SHA1 Message Date
Luca Boccassi
b6aee51691 Problem: strict ZAP protocol adherence is backward incompatible
Solution: add ZMQ_ZAP_ENFORCE_DOMAIN to hide backward incompatible
change and make it disabled by default.
In a future release that breaks API compatibility we can then switch
the default to enabled in order to achieve full RFC compatibility.

Fixes #2762
2017-10-09 17:48:33 +01:00
sigiesec
d6694e7d47 Problem: Use of "rid" in the docs
Solution: Replaced by "routing id"
2017-09-19 17:53:54 +02:00
sigiesec
12f62c74c1 Problem: docs refer to "Identity"
Solution: change docs to refer to "Routing id"
2017-09-19 17:53:54 +02:00
sigiesec
7297df6278 Problem: documentation of ZMQ_ZAP_DOMAIN is wrong
Solution: fix documentation
2017-09-19 09:13:57 +02:00
Doron Somech
af03241dcb Revert "Problem: term "identity" is confusing" 2017-09-07 15:47:43 +03:00
sigiesec
0874eec803 Problem: Use of "rid" in the docs
Solution: Replaced by "routing id"
2017-09-07 11:18:50 +02:00
sigiesec
f174003740 Problem: docs refer to "Identity"
Solution: change docs to refer to "Routing id"
2017-09-07 11:09:18 +02:00
Brian Russell
b963542e8f Add socket option BINDTODEVICE
Linux now supports Virtual Routing and Forwarding (VRF) as per:

https://www.kernel.org/doc/Documentation/networking/vrf.txt

In order for an application to bind or connect to a socket with an
address in a VRF, they need to first bind the socket to the VRF device:

    setsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, dev, strlen(dev)+1);

Note "dev" is the VRF device, eg. VRF "blue", rather than an interface
enslaved to the VRF.

Add a new socket option, ZMQ_BINDTODEVICE, to bind a socket to a device.
In general, if a socket is bound to a device, eg. an interface, only
packets received from that particular device are processed by the socket.

If device is a VRF device, then subsequent binds/connects to that socket
use addresses in the VRF routing table.
2017-07-31 15:31:47 +01:00
Jim Garlick
568feb1c7f gssapi: document NAMETYPE options in get/setsockopt(3)
Problem: GSSAPI NAMETYPE options were not documented in man
pages for zmq_getsockopt() and zmq_setsockopt().

Solution: add new options to these manual pages.
2017-04-24 16:13:10 -07:00
Luca Boccassi
3dc016cab3 Problem: no documentation for ZMQ_SOCKS_PROXY
Solution: add paragraphs to zmq_get/setsockopt man pages
2016-12-26 14:54:58 +01:00
Patrik Wenger
18e0451092 Problem: documentation markup unrecognized
The effect can be seen on http://api.zeromq.org/4-2:zmq-getsockopt at
options ZMQ_USE_FD and ZMQ_RATE.

Solution: fix length of squiggly line under option title
2016-09-21 21:39:01 +02:00
Pieter Hintjens
7470c00d4d Problem: ZMQ_TCP_RECV_BUFFER/SEND_BUFFER are redundant
These options are confusing and redundant. Their names suggest
they apply to the tcp:// transport, yet they are used for all
stream protocols. The methods zmq::set_tcp_receive_buffer and
zmq::set_tcp_send_buffer don't use these values at all, they use
ZMQ_SNDBUF and ZMQ_RCVBUF.

Solution: merge these new options into ZMQ_SNDBUF and ZMQ_RCVBUF.

This means defaulting these two options to 8192, and removing the
new options. We now have ZMQ_SNDBUF and ZMQ_RCVBUF being used both
for TCP socket control, and for input/output buffering.

Note: the default for SNDBUF and RCVBUF are otherwise 4096.
2016-02-09 10:53:52 +01:00
Pieter Hintjens
884c7f78e9 Problem: zmq_getsockopt wrongly referred to ZMQ_THREADSAFE
The proper name is ZMQ_THREAD_SAFE

Solution: fix in the documentation.
2016-02-09 10:53:52 +01:00
Pieter Hintjens
da8ce55a14 Problem: ZMQ_TCP_RETRANSMIT_TIMEOUT is a clumsy name
Solution: rename to ZMQ_MAXRT

This is the option name used on Windows, so easier to use and
remember.
2016-02-09 10:53:52 +01:00
Luca Boccassi
edc4ee03e8 Problem: ZMQ_USEFD does not follow conventions
Solution: rename socket option (and variables and files) from usefd
to use_fd.
2016-02-09 09:36:14 +00:00
Luca Boccassi
c158178798 Problem: ZMQ_PRE_ALLOCATED_FD is too long
Solution: rename socket option (and variables and files) from
pre_allocated_fd to usefd.
2016-02-08 22:46:34 +00:00
Luca Boccassi
4bcbb3055e Problem: cannot use pre-allocated FDs. Fixes #777
Solution: add new [set|get]sockopt ZMQ_PRE_ALLOCATED_FD to allow
users to let ZMQ use a pre-allocated file descriptor instead of
allocating a new one. Update [set|get]sockopt documentation and
test accordingly.

The main use case for this feature is a socket-activated systemd
service. For more information about this feature see:
http://0pointer.de/blog/projects/socket-activation.html
2016-02-04 16:57:26 +00:00
Pieter Hintjens
44c6b0484e Revert "Revert "Problem: deprecated use and reference of zmq_term"" 2016-02-01 23:00:06 +01:00
Pieter Hintjens
1708bfefb7 Revert "Problem: deprecated use and reference of zmq_term" 2016-02-01 22:41:51 +01:00
Constantin Rack
a26bb743d4 Problem: docs are still referring to deprecated zmq_term
Solution: Replace with `zmq_ctx_term`
2016-02-01 22:00:35 +01:00
Ilya Kulakov
68b13fbddb Add the VMCI transport.
VMCI transport allows fast communication between the Host
and a virtual machine, between virtual machines on the same host,
and within a virtual machine (like IPC).

It requires VMware to be installed on the host and Guest Additions
to be installed on a guest.
2015-12-08 13:16:09 +06:00
Jim Hague
e71471b2e8 Add new option ZMQ_MULTICAST_MAXTPDU to set PGM_MTU.
Fixes #1646
2015-11-23 19:35:02 +00:00
Constantin Rack
fc1099ffd1 Problem: documentation shows wrong default value
Solution: fix documentation
2015-11-13 11:08:23 +01:00
Constantin Rack
ec41f6540f Problem: tcp_recv/send_buffer should be byte value instead of scale factor
Solution: change option behaviour and adopt documentation
2015-11-13 10:47:15 +01:00
Jens Auer
cdeec4c115 New options to set send/recv buffer size for TCP sockets. 2015-11-08 19:00:29 +01:00
Pieter Hintjens
3f9255019b Problem: description of ZMQ_CLIENT/SERVER has inaccuracies
- both are thread safe
- they do not accept ZMQ_SNDMORE nor ZMQ_RCVMORE
2015-09-13 12:28:43 +02:00
Pieter Hintjens
e7da0ea07b Problem: client/server pattern is not documented
Solution: add man pages/sections for:

 * ZMQ_SERVER
 * ZMQ_CLIENT
 * ZMQ_THREADSAFE
 * zmq_msg_routing_id
 * zmq_msg_set_routing_id
2015-09-11 17:12:58 -04:00
KIU Shueng Chuan
ca9215de1e add ZMQ_TCP_RETRANSMIT_TIMEOUT socket option 2015-08-06 23:36:27 +08:00
KIU Shueng Chuan
c9971e08a0 write man pages 2015-08-04 22:17:02 +08:00
KIU Shueng Chuan
2d9c7f3a1f ZMQ_TCP_KEEPALIVE_IDLE doc wrongly mentions TCP_KEEPCNT
was fixed in zmq_setsockopt.txt but not in zmq_getsockopt.txt
2015-08-04 21:43:44 +08:00
Juha Reunanen
7362f3af0f update documentation regarding the rcvbuf parameter 2015-07-08 11:59:47 +03:00
Juha Reunanen
8096990e45 update documentation regarding the sndbuf and rcvbuf parameters 2015-07-08 11:41:42 +03:00
Julien Ruffin
cf2238f80e Added socket option ZMQ_INVERT_MATCHING.
ZMQ_INVERT_MATCHING reverses the PUB/SUB prefix matching. The subscription
list becomes a rejection list. The PUB socket sends messages to all
connected (X)SUB sockets that do not have any matching subscription.

Whenever the option is used on a PUB/XPUB socket, any connecting SUB
sockets must also set it or they will reject everything the publisher
sends them. XSUB sockets are unaffected because they do not filter out
incoming messages.
2015-01-26 17:59:43 +01:00
Thomas Rodgers
a55005feb1 Remove documentation for ZMQ_IDENTITY_FD 2015-01-09 17:32:05 -06:00
J.T. Conklin
ea011a33de Fix typos. 2014-11-07 22:30:15 -08:00
Pieter Hintjens
75d4f50be3 Problem: ZMQ_CURVE_SECRETKEY reads beyond end of Z85 data
Solution: change setsockopts on printable keys to expect 41, nor 40
bytes. Code still accepts 40 bytes for compatibility, and copies the
key to a well-terminated string before using it.

Fixes #1148
2014-08-12 12:37:49 +02:00
Mike Gatny
0a4123fd91 Add documentation for GSSAPI options. 2014-06-19 23:57:48 -04:00
Stoian Ivanov
a16d3dbb0e docu 2014-05-12 11:02:44 +03:00
Will Strang
afe5fd87e9 Issue #1017: add ZMQ_HANDSHAKE_IVL time limit on connection handshake 2014-05-09 13:54:24 +00:00
Pieter Hintjens
5bf96f64b0 Removed ZMQ_ZAP_IPC_CREDS option
- This seems redundant; is there a use case for NOT providing
  the IPC credentials to the ZAP authenticator?

- More, why is IPC authentication done via libzmq instead of ZAP?
  Is it because we're missing the transport type on the ZAP request?
2014-01-01 17:39:14 +01:00
Pieter Hintjens
adf5b45d71 Reordered socket options
- put into alphabetical order
- there was no consistency in previous ordering
2014-01-01 16:28:30 +01:00
Brandon Carpenter
a018ef5e86 Add support for extending ZAP request address with IPC peer credentials.
Another take on LIBZMQ-568 to allow filtering IPC connections, this time
using ZAP.  This change is backward compatible.  If the
ZMQ_ZAP_IPC_CREDS option is set, the user, group, and process IDs of the
peer process are appended to the address (separated by colons) of a ZAP
request; otherwise, nothing changes.  See LIBZMQ-568 and zmq_setsockopt
documentation for more information.
2013-12-06 14:28:44 -08:00
Chris Laws
38bceca9ca Add ability to set and get DSCP socket option 2013-11-25 13:31:21 +10:30
Pieter Hintjens
50a1973ee6 Identity can only be set on sockets that can connect to ROUTER 2013-10-09 19:53:18 +02:00
Pieter Hintjens
5e609be345 Renamed new socket options to be clearer
* ZMQ_REQ_STRICT was negative option (default 1) which goes against
  the standard, where defaults are zero. I renamed this to
  ZMQ_REQ_RELAXED.

* ZMQ_REQ_REQUEST_IDS felt clumsy and describes the technical solution
  rather than the problem/requirement. I changed to ZMQ_REQ_CORRELATE
  which seems more explicit.
2013-09-20 15:30:04 +02:00
Pieter Hintjens
345bf146f1 Fixed overwrite in zmq_getsockopt
On ZMQ_CURVE_xxxKEY fetches, would return 41 bytes into caller's 40-byte
buffer. Now these fetches only return 41 bytes if the caller explicitly
provides a 41-byte buffer (i.e. the option size is 41).
2013-09-12 18:03:23 +02:00
Pieter Hintjens
6725c4644f Added ZMQ_ZAP_DOMAIN socket option
* This is passed to the ZAP handler in the 'domain' field

* If not set, or empty, then NULL security does not call the ZAP handler

* This resolves the phantom ZAP request syndrome seen with sockets where
  security was never intended (e.g. in test cases)

* This means if you install a ZAP handler, it will not get any requests
  for new connections until you take some explicit action, which can be
  setting a username/password for PLAIN, a key for CURVE, or the domain
  for NULL.
2013-09-09 20:40:34 +02:00
Pieter Hintjens
7041770108 Added Z85 support
The use of binary for CURVE keys is painful; you cannot easily copy
these in e.g. email, or use them directly in source code. There are
various encoding possibilities. Base16 and Base64 are not optimal.
Ascii85 is not safe for source (it generates quotes and escapes).

So, I've designed a new Base85 encoding, Z85, which is safe to use
in code and elsewhere, and I've modified libzmq to use this where
it also uses binary keys (in get/setsockopt).

Very simply, if you use a 32-byte value, it's Base256 (binary),
and if you use a 40-byte value, it's Base85 (Z85).

I've put the Z85 codec into z85_codec.hpp, it's not elegant C++
but it is minimal and it works. Feel free to rewrap as a real class
if this annoys you.
2013-06-28 22:10:22 +02:00
Pieter Hintjens
e1f797b048 Added configuration for PLAIN security
* ZMQ_PLAIN_SERVER, ZMQ_PLAIN_USERNAME, ZMQ_PLAIN_PASSWORD options
* Man page changes to zmq_setsockopt and zmq_getsockopt
* Man pages for ZMQ_NULL, ZMQ_PLAIN, and ZMQ_CURVE
* Test program test_security
2013-05-15 17:55:21 +02:00
Pieter Hintjens
67e02ca8bc Use of named authors on man pages is no longer a good idea since it puts off
contributors and doesn't reflect the real process. I've taken out all named
authors and referred to the contribution policy. Hopefully this will improve
the contributions to the man pages.
2013-04-15 18:50:42 +02:00