Luca Boccassi
6f49e40e36
Problem: gssapi_mechanism_base does not include mechanism_base
...
Solution: include mechanism_base.hpp instead of mechanism.hpp
2017-08-19 17:40:15 +01:00
Luca Boccassi
e2ffa2a77b
Problem: produce_ready in gssapi_mechanism_base not deduped
...
Solution: call make_command_with_basic_properties
2017-08-19 17:40:15 +01:00
Doron Somech
2c8a1315c1
Merge pull request #2700 from bluca/gssapi_uninit_ref
...
Problems: free of stack variable, TODO left to evaluate
2017-08-19 14:49:52 +03:00
Luca Boccassi
7453a02144
Problem: CMake on Linux does not link libzmq with optional libs
...
Solution: add missing target_link_libraries
Fixes #2701
2017-08-19 12:26:36 +01:00
Luca Boccassi
90b6c102bb
Problem: various unused variables warnings
...
Solution: use LIBZMQ_UNUSED where necessary
2017-08-19 12:18:51 +01:00
Luca Boccassi
e81a40b8bd
Problem: CMake build ignores SO_BINDTODEVICE
...
Solution: add it to CMake's platform.hpp.in
2017-08-19 12:07:25 +01:00
Luca Boccassi
9387897674
Problem: multi-part able sockets deprecated in favour of non-multi-part
...
Solution: as discussed, remove the deprecation notices, as many users
expressed the need for multi-part support.
Fixes #2699
2017-08-19 11:23:18 +01:00
Luca Boccassi
5b1c0cd0ac
Problem: test_security_gssapi fails to build
...
Solution: monitor new events only if DRAFT APIs are enabled, and
convert to new event types. Same for DRAFT socket options.
2017-08-18 16:56:36 +01:00
Luca Boccassi
330856daec
Problem: double definition in test_security_gssapi
...
Solution: remove the second one to fix build failure
2017-08-18 16:28:03 +01:00
Luca Boccassi
b7346f8e00
Problem: gssapi search in autoconf does not use pkgconfig
...
Solution: use it before falling back to headers checks
2017-08-18 16:24:53 +01:00
Luca Boccassi
7be3efc936
Problem: TODO in gssapi mechanism
...
Solution: remove it.
Looking at the code:
https://github.com/krb5/krb5/blob/master/src/lib/gssapi/mechglue/g_unseal.c#L55
gss_unwrap as the very first thing checks that plaintext is not a
null pointer, which in our case it's true given it's on the stack,
and then initialises its members to 0 length and null ptr.
https://github.com/krb5/krb5/blob/master/src/lib/gssapi/mechglue/g_rel_buffer.c#L36
So it should be safe to release it in all cases, and the release API
seems to check again if it's not a null pointer and then if the
members are 0 length and null pointer it's a no-op.
2017-08-18 15:58:35 +01:00
Luca Boccassi
77444e206c
Problem: free on stack variable in GSSAPI mechanism
...
Solution: free wrapper.value instead of wrapper.
2017-08-18 15:57:51 +01:00
Doron Somech
80f4a87fb9
Merge pull request #2697 from bluca/vs2008
...
Problem: missing files from VS2008 solution
2017-08-18 16:49:20 +03:00
Luca Boccassi
f0554e7f16
Merge pull request #2696 from sigiesec/gssapi-dont-abort-on-bad-data
...
Problem: gssapi_mechanism_base_t aborts the application when it receives a message it cannot decode
2017-08-18 12:50:28 +01:00
Luca Boccassi
8ecfee475c
Problem: missing files from VS2008 solution
...
Solution: generate list of sources and headers with:
ls -1 src/*cpp | sort | sed 's|src/\(.*\)| <File RelativePath="..\\..\\..\\..\\src\\\1" />|g'
ls -1 src/*hpp | sort | sed 's|src/\(.*\)| <File RelativePath="..\\..\\..\\..\\src\\\1" />|g'
and add them.
2017-08-18 12:45:12 +01:00
sigiesec
898691e2eb
Problem: gssapi_mechanism_base_t aborts the application when it receives a message it cannot decode
...
Solution: emit an ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL event instead of using zmq_assert
2017-08-18 12:29:37 +02:00
Luca Boccassi
31c72e22ab
Merge pull request #2695 from sigiesec/fine-grained-handshake-error-codes
...
Problem: Values in ZMQ_EVENT_HANDSHAKE_FAILED_* are not helpful
2017-08-18 11:21:48 +01:00
sigiesec
301f3c70c2
Problem: code duplication between curve_client_t and curve_server_t decode and encode
...
Solution: extracted common base class curve_mechanism_base_t
2017-08-18 11:34:22 +02:00
sigiesec
44f6aa3de6
Problem: gssapi_* do not emit ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL events
...
Solution: emit appropriate events
2017-08-18 10:30:48 +02:00
sigiesec
ca7eee357e
Problem: no ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL events emitted in plain_client_t
...
Solution: emit events at appropriate places
2017-08-18 10:15:44 +02:00
sigiesec
c66ae4656f
Problem: curve_client_t may emit misleading event on bad data processed by curve_client_t::decode
...
Solution: use check_basic_command_structure in curve_client_t::decode, also prepare other client mechanisms to use that method by rearranging inheritance hierarchy
2017-08-18 10:04:58 +02:00
sigiesec
bdd0f3b18b
Problem: documentation on zmq_socket_monitor out-of-sync with current
...
state of ZMQ_EVENT_HANDSHAKE_FAILED_* events
Solution: update documentation
2017-08-18 09:35:13 +02:00
sigiesec
e22ca065d6
Problem: curve_client_t does not emit handshake failure events
...
Solution: add handshake failure events to curve_client_t
2017-08-18 09:18:06 +02:00
sigiesec
9bec68354c
Problem: console output for NULL protocol errors
...
Solution: emit socket monitor events for NULL protocol errors (like CURVE)
2017-08-18 09:18:06 +02:00
sigiesec
11b3c93852
Problem: console output for PLAIN protocol errors
...
Solution: emit socket monitor events for PLAIN protocol errors (like CURVE)
2017-08-18 09:18:06 +02:00
sigiesec
e2d3ba9c62
Problem: classification ZMQ_HANDSHAKE_FAILED_* events is coarse-grained and partially misleading
...
Solution: redesign ZMQ_HANDSHAKE_FAILED_* events, introduce new class of ZMQ_HANDSHAKE_FAILED_AUTH events
2017-08-18 09:17:59 +02:00
Constantin Rack
f252f02b01
Merge pull request #2693 from bluca/verbose_check
...
Problem: coverage CI job does not print test errors
2017-08-17 18:53:53 +02:00
Luca Boccassi
9ac244a67c
Problem: coverage CI job does not print test errors
...
Solution: run make check with VERBOSE=1
2017-08-17 17:20:56 +01:00
Luca Boccassi
2d2b51579b
Merge pull request #2692 from minrk/utf8-groups
...
specify that groups shall be UTF8
2017-08-17 15:33:29 +01:00
Min RK
3130b913fc
specify that groups shall be UTF8
...
group being a `char *` is logically a text type, which needs an encoding.
Declare in the API that groups shall be UTF8-encoded,
matching the `zmq_msg_gets` API, which is the other user-facing `char *` API,
which has the same definition.
This allows bindings to provide text-type APIs,
which they cannot do if arbitrary bytes are allowed
2017-08-17 16:12:53 +02:00
Luca Boccassi
1e393586c7
Merge pull request #2691 from sigiesec/relicense
...
Problem: no relicense agreement by sigiesec
2017-08-17 14:27:52 +01:00
sigiesec
fecbd42dbe
Problem: no relicense agreement by sigiesec
...
Solution: added relicense agreement
2017-08-17 15:20:12 +02:00
Luca Boccassi
d52197d84f
Merge pull request #2689 from sigiesec/remove-zap-client-duplication
...
Problem: ZAP client code duplicated across mechanisms with behaviour deviations
2017-08-17 13:24:36 +01:00
Jim Klimov
77aa5f4b3e
Merge pull request #2688 from bluca/unwind_test_curve
...
Problem: missing flags break build of test_security_curve
2017-08-17 13:57:58 +02:00
sigiesec
f9985708b7
Problem: unreachable code in zap_client_t
...
Solution: replaced unreachable code by assertions and adapted uses
2017-08-17 12:54:05 +02:00
sigiesec
7f15e6c868
Problem: make-based builds broken
...
Solution: add testutil_security.hpp to Makefile.am
2017-08-17 12:34:49 +02:00
sigiesec
863a02b4a1
Problem: no ZAP tests for PLAIN mechanism
...
Solution: added ZAP tests for PLAIN
2017-08-17 12:22:26 +02:00
sigiesec
00816875b8
Problem: no ZAP tests for NULL mechanism
...
Solution: added ZAP tests for NULL
2017-08-17 12:11:14 +02:00
sigiesec
f107b53768
Problem: deviating behavior regarding monitoring events between mechanisms
...
Solution: move relevant behavior to zap_client_t
2017-08-17 12:10:00 +02:00
sigiesec
406af1ef67
Problem: ZAP tests are now generic but placed in test_security_curve.cpp
...
Solution: Move ZAP tests to own file test_security_zap.cpp, move common code to testutil_security.hpp
2017-08-17 11:45:18 +02:00
sigiesec
59d8060165
Problem: ZAP tests are only run with CURVE security
...
Solution: as a first step, parametrize mechanism configuration in CURVE tests
2017-08-17 11:10:11 +02:00
sigiesec
8dce0396fb
Problem: inconsistent handling of ZAP replies
...
Solution: unification, pulled up common behaviour to zap_client_t/zap_client_common_handshake_t
2017-08-17 09:44:05 +02:00
sigiesec
8c58ef7f5c
Problem: zap_msg_available duplicated between curve_server_t and plain_server_t (with deviating behaviour)
...
Solution: pull up into zap_client_common_handshake_t, along with handle_zap_status_code and error_detail/current_error_detail
2017-08-16 18:05:36 +02:00
sigiesec
314a3acfa9
Problem: status method duplicated between curve_server_t and plain_server_t
...
Solution: extract into new intermediate base class zap_client_common_handshake_t
2017-08-16 18:05:36 +02:00
sigiesec
ebba815a4d
Problem: duplicate but equivalent state enums in curve_server_t and plain_server_t
...
Solution: pull state enum up to zap_client_t and unify names of enum values
2017-08-16 18:05:35 +02:00
sigiesec
414c6f45b8
Problem: receive_and_process_zap_reply is duplicated in all mechanisms
...
Solution: extract receive_and_process_zap_reply into zap_client_t and convert zap_client_t into base class of the server mechanism classes
2017-08-16 18:05:35 +02:00
sigiesec
d7a3778387
Problem: plain_server_t duplicates zap_client_t::send_zap_request
...
Solution: Use zap_client_t::send_zap_request
2017-08-16 18:05:35 +02:00
sigiesec
014b201d3e
Problem: ZAP message without credentials is not terminated
...
Solution: Set more flag depending on presence of credentials
2017-08-16 18:05:35 +02:00
sigiesec
b324c66b6f
Problem: null_mechanism duplicates zap_client_t::send_zap_request\nSolution: use zap_client_t::send_zap_request
2017-08-16 18:05:34 +02:00
sigiesec
f3884f3380
Problem: gssapi_server_t duplicates zap_client_t::send_zap_request
...
Solution: Use zap_client_t::send_zap_request
2017-08-16 18:04:31 +02:00