Commit Graph

81 Commits

Author SHA1 Message Date
Simon Giesecke
3ee65906af Problem: various warnings regarding SOCKET vs. int in test_security_curve
Solution: Use fd_t
2018-05-14 21:09:56 +02:00
Simon Giesecke
9ec95f9d46 Problem: build failure with VS <2015, has no snprintf
Solution: use _snprintf when snprintf is not available
2018-02-11 17:33:13 +00:00
sigiesec
5f854a31b7 Problem: test_security_curve not using test framework
Solution: use unity in test_security_curve
2018-02-11 17:25:36 +00:00
sigiesec
41f459e1dc Problem: formatting inconsistent
Solution: applied clang-format
2018-02-02 15:47:43 +01:00
sigiesec
1414bf938c Problem: use of unqualified "id" in code example
Solution: use "routing_id" instead
2017-09-19 17:54:52 +02:00
sigiesec
41bae55af7 Problem: inconsistent naming related to routing ids
Solution: renamed routing_id fields in pipe_t, renamed ZMQ_CONNECT_RID to ZMQ_CONNECT_ROUTING_ID
2017-09-19 17:53:53 +02:00
sigiesec
e0243dcbca Problem: tests where client should receive an ERROR sometimes do not
receive an ERROR (probably because the connection is closed before)

Solution: wait for client-side monitor events before closing the client
socket

Fixes #2705
2017-09-19 11:16:05 +02:00
Doron Somech
af03241dcb Revert "Problem: term "identity" is confusing" 2017-09-07 15:47:43 +03:00
sigiesec
e00131dd43 Problem: inconsistent naming related to routing ids
Solution: renamed routing_id fields in pipe_t, renamed ZMQ_CONNECT_RID to ZMQ_CONNECT_ROUTING_ID
2017-09-07 10:33:13 +02:00
Simon Giesecke
74203729bd Problem: test_zap_unsuccessful_status_500 and test_curve_security_with_bogus_client_credentials sometimes fail, particulary on slow/valgrind runs
Solutio: relax test assertion
2017-08-20 22:47:15 +02:00
sigiesec
bd0675b93f Problem: no tests for client-side events for successful handshake and authentication failure in handshake
Solution: added tests for CURVE, add emitting of client-side event in curve_client_t; add ZAP code 300/500 tests for all mechanisms; suppress sending an error message for ZAP code 300
2017-08-20 22:45:14 +02:00
Luca Boccassi
90b6c102bb Problem: various unused variables warnings
Solution: use LIBZMQ_UNUSED where necessary
2017-08-19 12:18:51 +01:00
sigiesec
301f3c70c2 Problem: code duplication between curve_client_t and curve_server_t decode and encode
Solution: extracted common base class curve_mechanism_base_t
2017-08-18 11:34:22 +02:00
sigiesec
e2d3ba9c62 Problem: classification ZMQ_HANDSHAKE_FAILED_* events is coarse-grained and partially misleading
Solution: redesign ZMQ_HANDSHAKE_FAILED_* events, introduce new class of ZMQ_HANDSHAKE_FAILED_AUTH events
2017-08-18 09:17:59 +02:00
sigiesec
406af1ef67 Problem: ZAP tests are now generic but placed in test_security_curve.cpp
Solution: Move ZAP tests to own file test_security_zap.cpp, move common code to testutil_security.hpp
2017-08-17 11:45:18 +02:00
sigiesec
59d8060165 Problem: ZAP tests are only run with CURVE security
Solution: as a first step, parametrize mechanism configuration in CURVE tests
2017-08-17 11:10:11 +02:00
Simon Giesecke
4a18f6204c Problem: Possible buffer overruns related to metadata in various mechanisms (#2683)
* Problem: no test case with CURVE encryption and large identity

Solution: added test case (currently crashing)

* Problem: possible buffer overflow in mechanism_t::add_property

Solution: add target buffer length parameter and check the buffer is sufficiently large

* Problem: test cases accidentally excluded from build

Solution: remove #if/#endif

* Problem: possible buffer overruns related to metadata at various locations

Solution: allocate buffer large enough for actual metadata, reduce code duplication

* Problem: syntax error related to pointer type conversion

Solution: change argument type of make_command_with_basic_properties to const char *

* Problem: large metadata may cause an assertion in produce_initiate

Solution: Allow metadata of arbitrary size in produce_initiate
2017-08-15 18:42:31 +01:00
Simon Giesecke
d5e4319edc [WIP, do not merge] Problem: insufficient tests for ZMTP-CURVE protocol errors (#2680)
* Extracted connect_vanilla_socket function

* Problem: no tests for ZMTP-CURVE protocol errors

Solution: added two test cases with erroneous HELLO commands

* Problem: insufficient tests for ZMTP-CURVE protocol errors

Solution: added two test cases with erroneous HELLO command version

* Problem: test HELLO message is invalid apart from deliberate errors

Solution: create cryptographically correct HELLO message
add tweetnacl.c to test_security_curve

* Problem: nonce is incorrect, build fails with GCC

Solution: use correct non prefix

* Problem: make builds are failing

Solution: transfer CMake changes to (auto)make files

* Problem: nonce is incorrect, build fails with GCC

Solution: use correct non prefix

* Problem: make builds are failing

Solution: transfer CMake changes to (auto)make files

* Problem: no test with INITIATE command with invalid length

Solution: added test case

* Problem: code duplication between test_security_curve.cpp and curve_client.cpp

Solution: extracted parts of zmq::curve_client_t::produce_hello into reusable function

* Problem: code duplication between test_security_curve.cpp and curve_client.cpp

Solution: extracted further parts of zmq::curve_client_t into reusable functions
added missing file

* Problem: mechanism_t::add_property can be declared static

Solution: declare mechanism_t::add_property static

* Problem: intermediate crypto data needs to be passed between static function calls to curve_client_tools_t

Solution: add non-static member functions

* Problem: msg_t instance may be closed twice

Solution: remove offending close

* Problem: prepare_hello uses static curve_client_tools_t::produce_hello

Solution: Use non-static curve_client_tools_t::produce_hello

* Problem: no test with invalid command name where INITIATE command is expected

Solution: added test case

* Problem: make builds are failing due to curve_client_tools.hpp not being found

Solution: add curve_client_tools.hpp to list of source files

* Problem: wrong initializer order in zmq::curve_client_t

Solution: reorder

* Problem: under non-Windows systems, test fails because random_open was not called

Solution: call random_open/random_close within test

* Problem: conflict between custom function htonll and macro definition on Darwin

Solution: define htonll function only if not defined as a macro

* Problem: nullptr not defined on all platforms

Solution: replace nullptr by NULL

* Problem: libsodium builds not working

Solution: adapt compile and link file sets for libsodium builds

* Problem: Makefile.am broken

Solution: Fix syntax

* Problem: no tests for garbage encrypted cookie or content in INITIATE

Solution: added test cases

* Problem: test cases accidentally excluded from build

Solution: remove #if/#endif

* Solution: some error cases are unreachable

Problem: for the time being, added some comments without changing the code

* Added comments on hard-to-test cases
2017-08-15 15:28:24 +01:00
Simon Giesecke
a6cef4ef86 Problem: ZAP status codes != 200 do not result in an appropriate monitor event (#2665)
* Problem: missing test for status code 300, inadequate assertion for status code 500

Solution: add test, change assertion (currently test fails)

* Problem: gcc compiler error deprecated conversion from string constant

Solution: declare variable as const

* Problem: in case of ZAP handler returning a status code other than 200, no appropriate event is emitted

Solution: immediately emit event after receiving reply from ZAP handler

* Problem: endpoint address is not included in zap-reply monitor event

Solution: added functions to retrieve endpoint address in zmq::i_engine and zmq::session_base_t
removed unused code block in zmq::stream_engine_t::next_handshake_command

* Problem: wrong formatting

Solution: fix formatting

* Problem: test fails because of EPIPE

Solution: add EPIPE/ECONNRESET/ECONNAGAIN handling for more test cases
2017-08-08 13:10:20 +01:00
Simon Giesecke
834b9e4cd7 Problem: some test cases may still fail because of EPIPE/ECONNABORT/ECONNRESET (#2664)
* Problem: CI failure on Appveyor with err==ECONNRESET

Solution: ignore ECONNRESET analogous to EPIPE

* Problem: blocking test execution

Solution: added more debug output, do not wait for monitor infinitely without output
2017-08-07 17:07:37 +01:00
Jim Klimov
612d81a831 Merge pull request #2659 from bluca/fix_getrandom
Problems: test_security_curve occasionally hangs or fails due to ECONNABORTED
2017-08-07 12:36:59 +02:00
Simon Giesecke
de82cbe4ba Problem: failing assertion on ZAP protocol error
Solution: do not assert on ZAP protocol error when connection was closed by client
2017-08-07 10:59:36 +02:00
Luca Boccassi
5f6ff69f62 Problem: test_security_curve fails due to ECONNABORTED
Solution: expect that error, which can happen on very slow machines
due to a client timimng out or RST before the connection is accepted
by the server
2017-08-07 09:26:38 +01:00
Luca Boccassi
1c1f10a25a Problem: test_security_curve occasionally hangs
Solution: refactor the ZAP thread to avoid creating the socket in the
main thread and using it in the ZAP thread, and also to eliminate
races at shutdown use another inproc control socket to signal
termination to the thread
2017-08-07 09:18:37 +01:00
Luca Boccassi
14df80ae3a Problem: test_security_curve does not account for ECONNRESET
Solution: ignore ECONNRESET as with EPIPE - it can happen on very
slow machines when the engine sends data to the peer and then tries
to read from the TCP socket before the peer has read
2017-08-05 18:08:21 +01:00
Simon Giesecke
7ba70e95e5 Problem: test failure on CI due to ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL/EPIPE problem
Solution: add workaround at another place, unify two code fragments to remove duplication
2017-08-04 16:05:20 +02:00
Simon Giesecke
aacb219acd Problem: open TODOs in test code
Solution: removed code duplication
improved global variable naming
added assertions on number of ZAP requests handled
added assertion on monitor event to test_curve_security_with_plain_client_credentials
2017-08-04 15:11:14 +02:00
Jim Klimov
e84804d4cc Merge pull request #2647 from bluca/travis_test
Problems: too many OSX travis builds, curve test uses hard-coded TCP port
2017-08-04 13:21:02 +02:00
Luca Boccassi
32085870df Merge pull request #2650 from sigiesec/connection-close-event-workaround
Problem: sporadic failure in test_curve_security_with_null_client_credentials
2017-08-04 11:48:27 +01:00
Simon Giesecke
4b847f3ff9 Problem: no tests for ZAP handler that has an invalid protocol (#2648)
* Problem: no tests for ZAP protocol errors

Solution: added first test for a bogus version number in ZAP reply

* Problem: no tests for ZAP protocol errors

Solution: added more test cases

* Problem: cannot compile without ZMQ_BUILD_DRAFT_API

Solution: conditionally compile parts that depend on draft API

* Problem: test_security_curve times out in CI

Solution: Increase timeout for this test to 20 seconds
2017-08-04 11:07:41 +01:00
Simon Giesecke
4fec4c99be Problem: sporadic failure in test_curve_security_with_null_client_credentials
Solution: add workaround for EPIPE error
2017-08-04 11:35:00 +02:00
Luca Boccassi
ccb1250fcc Problem: a curve test uses hard-coded TCP port
Solution: use the wildcard endpoint instead
2017-08-03 14:41:36 +01:00
Simon Giesecke
5d4e30eb13 Replace console output by monitoring events for curve security issues (#2645)
* Fixing #2002 one way of doing it

 * Mechanisms can implement a new method `error_detail()`
 * This error detail have three values for the moment: no_detail
 (default), protocol, encryption.
    + generic enough to make sense for all mechanisms.
    - low granularity level on information.

* Fixing #2002: implementation of the error details

The ZMQ_EVENT_HANDSHAKE_FAILED event carries the error details
as value.

* Removed Microsoft extenstion for enum member access

This was leading to compilation error under linux.

* Adaptation of CURVE test cases

* Monitoring event: changed API for detailed events

Removed ZMQ_EVENT_HANDSHAKE_FAILED and replaced it by:
- ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL,
- ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL,
- ZMQ_EVENT_HANDSHAKE_FAILED_ENCRYPTION

Adaptation of text case `security_curve`

* Removed event value comparison

This was introduced for the previous API model adaptation

* Removed the prints in std output and added missing details

`current_error_detail` was not set in every protocol error cases

* Fixed initialization of current_error_detail

* Fixed error in greeting test case

The handshake failure due to mechanism mismatch in greeting is actually
a protocol error. The error handling method consider it like so and
send a protocol handshake failure monitoring event instead of no_detail.

Fixed the test_security_curve expectation as well.

* Upgraded tests of monitoring events

The tests check the number of monitoring events received

* Problem: does not build under Linux or without ZMQ_DRAFT_API

Solution:
- properly use ZMQ_DRAFT_API conditional compilation
- use receive timeouts instead of Sleep

* Problem: duplicate definition of variable 'timeout'

Solution: merged definitions

* Problem: inconsistent timing dependencies

Solution: reduce timing dependency by using timeouts at more places

* Problem: assertion failure under Linux due to unexpected monitor event

Solution: output event type to aid debugging

* Problem: erroneous assertion code

* Problem: assertion failure with a garbage server key due to an extra third event

Solution: changed assertion to expect three events (needs to be checked)

* Problem: extra include directive to non-existent file

Solution: removed include directive

* Problem: assertion failure on appveyor for unknown reason

Solution: improve debug output

* Problem: no build with libsodium and draft api

Solution: add build configurations with libsodium and draft api

* Problem: assertion failure on CI

Solution: change assertion to reflect actual behaviour on CI (at least temporarily)

* Problem: error in condition in assertion code

* Problem: assertion failure on CI

Solution: generalize assertion to match behavior on CI

* Problem: assertion failures on CI

Solution: removed inconsistent assertion on no monitor events before flushing
improved debuggability by converting function into macro

* Problem: diverging test code for three analogous test cases with garbage key

Solution: extract common code into function

* Problem: does not build without ZMQ_BUILD_DRAFT_API

Solution: introduce dummy variable

* Attempt to remove workaround regarding ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL again

* Problem: EAGAIN error after handshake complete if there is no more data in inbuffer

Solution: Skip tcp_read attempt in that case

* Problem: handshaking event emitted after handshaking failed

Solution: use stream_engine_t::handshaking instead of mechanism_t::status() to determine whether still handshaking

* Include error code in debug output

* Improve debugging output: output flushed events

* Split up ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL into ZMQ_EVENT_HANDSHAKE_FAILED_ZMTP and ZMQ_EVENT_HANDSHAKE_FAILED_ZAP

* Fixed compilation without ZMQ_BUILD_DRAFT_API

* Renamed ZMQ_EVENT_HANDSHAKE_SUCCEED to ZMQ_EVENT_HANDSHAKE_SUCCEEDED for language consistency

* Renamed ZMQ_EVENT_HANDSHAKE_SUCCEED to ZMQ_EVENT_HANDSHAKE_SUCCEEDED for language consistency

* Renamed ZMQ_EVENT_HANDSHAKE_SUCCEED to ZMQ_EVENT_HANDSHAKE_SUCCEEDED for language consistency

* Fixed assert_monitor_event (require event instead of allowing no event)
Reverted erroneous change to handshaking condition
Renamed test_wrong_key to test_garbage_key
Generalized assumption in test_garbage_key to allow for ZMQ_EVENT_HANDSHAKE_FAILED_NO_DETAIL with error == EPIPE

* Better isolate test cases from each other by providing a fresh context & server for each

* Added diagnostic output

* Changed assertion to reflect actual behavior on CI

* Fixed formatting, observe maximum line length

* Fixed formatting, observe maximum line length

* Increase timeout to check if this fixes valgrind run

* Close server with close_zero_linger

* Increase timeout to check if this fixes valgrind run

* Increase timeout to check if this fixes valgrind run

* Generalize assertion to also work with valgrind

* Fixed formatting

* Add more diagnostic output

* Generalize assertion to also work with valgrind
2017-08-03 14:15:56 +01:00
Luca Boccassi
5934919f3e Problem: tests bind to hardcoded TCP ports
Solution: use ZMQ_LAST_ENDPOINT in most places. This alllows running
tests in paralle, and on over-booked shared machines where many of
the ports would be already in use.
Keep 3 tests with an hardcoded port, as there are some code paths that
require it (eg: connect before bind), but list those ports in
tests/testutil.hpp as macros so that they do not overlap and still
allow parallel runs.

These changes were inspired by a patch uploaded to Ubuntu by the
package maintainer, Steve Langasek <steve.langasek@ubuntu.com>.
Thank you Steve!
2017-05-01 22:57:05 +01:00
Luca Boccassi
3f3601e855 Problem: handshake events not tested with curve
Solution: check that the expected handshake success or failure events
are triggered in the curve security unit test
2016-12-31 01:31:37 +01:00
Pieter Hintjens
5b7bf7509f Problem: can't be sure crypto_box always returns 0
Libsodium has started returning -1 in some cases.

Solution: allow and handle error returns from these calls.

Fixes #1831
2016-03-01 15:01:23 +01:00
Pieter Hintjens
9c0d176d68 Problem: tests don't build on Windows
There were numerous small issues with test cases:

- some lacked the right source file header
- some were not portable at all
- some were using internal libzmq APIs (headers)

Solution: fixed and cleaned up.
2016-02-12 16:12:44 +01:00
Pieter Hintjens
b49a60410a Problem: use of libsodium vs. tweetnacl is confused
It's unclear which we need and in the source code, conditional code
treats tweetnacl as a subclass of libsodium, which is inaccurate.

Solution: redesign the configure/cmake API for this:

* tweetnacl is present by default and cannot be enabled
* libsodium can be enabled using --with-libsodium, which replaces
  the built-in tweetnacl
* CURVE encryption can be disabled entirely using --enable-curve=no

The macros we define in platform.hpp are:

    ZMQ_HAVE_CURVE    1        //  When CURVE is enabled
    HAVE_LIBSODIUM    1        //  When we are using libsodium
    HAVE_TWEETNACL    1        //  When we're using tweetnacl (default)

As of this patch, the default build of libzmq always has CURVE
security, and always uses tweetnacl.
2016-02-11 13:32:01 +01:00
Michael
b98b1495af added ZMQ_HAVE_WINDOWS check to _WIN32_WINNT usage 2016-02-06 22:59:13 +11:00
Constantin Rack
a539b0c6e8 Problem: copyright year is still 2015
Solution: update to 2016
2016-01-28 15:07:31 +01:00
Pieter Hintjens
8620c3e032 Problem: source file headers are somewhat confusing about LGPLv3
Of course people still "can" distributed the sources under the
LGPLv3. However we provide COPYING.LESSER with additional grants.

Solution: specify these grants in the header of each source file.
2015-06-02 22:33:55 +02:00
Dan Riegsecker
f4f918ba73 Some test fail to build targeting less that Windows Vista
When targeting a version of Windows less than Windows Vista, the
security tests fail to build. Added a check for Windows version
and substituted inet_pton for inet_addr. Fixes libzmq issue #1396.
2015-05-07 16:52:37 -04:00
Pieter Hintjens
a7a512ab3d Problem: test cases are failing on slower PCs (eee PC)
Solution: raise timeouts from 100-150 msec to 250 msec
2015-01-30 11:57:31 +01:00
Pieter Hintjens
94d9a4ffdf Problem: copyright statements are out of date
Solution: update for 2015

Fixes #1320
2015-01-22 10:32:37 +01:00
Min RK
5385a51527 craft vanilla socket security test messages
use explicit ZMTP/1.0 anonymous greeting
rather than HTTP request that just happened to work
2014-12-03 14:52:39 -08:00
Min RK
5a8b46e375 allow vanilla socket security tests to run on Windows
- add ws2tcpip.h
- alias close->closesocket
- increment port in sec_null test
2014-12-03 14:07:07 -08:00
Min RK
c35c0ca1bb test unauthenticated messages from vanilla sockets
fails on all auth mechanisms
2014-12-03 10:34:34 -08:00
Constantin Rack
e00ea532df Add tests for issue #1094. 2014-11-07 17:35:41 +01:00
Pieter Hintjens
77f14aad95 Problem: stream_engine.cpp security can be downgraded
Solution: accept only the mechanism defined by the socket options.

I've not tested this yet, so it's a speculative fix.
2014-09-19 19:24:45 +02:00
Pieter Hintjens
57ade6d5bb Problem: test_security_curve does't try wrong mechanisms
Solution: check that it rejects attempts to connect to a CURVE server
using NULL or PLAIN client.
2014-09-18 07:32:07 +02:00