Commit Graph

120 Commits

Author SHA1 Message Date
Pieter Hintjens
75d4f50be3 Problem: ZMQ_CURVE_SECRETKEY reads beyond end of Z85 data
Solution: change setsockopts on printable keys to expect 41, nor 40
bytes. Code still accepts 40 bytes for compatibility, and copies the
key to a well-terminated string before using it.

Fixes #1148
2014-08-12 12:37:49 +02:00
Pieter Hintjens
2c5baff95f Note that ZMQ_TCP_ACCEPT_FILTER is deprecated 2014-08-12 12:37:49 +02:00
Goswin von Brederlow
da6cf63857 Document altered HWM behaviour when ZMQ_ROUTER_MANDATORY is set. 2014-08-07 13:16:12 +02:00
Mike Gatny
0a4123fd91 Add documentation for GSSAPI options. 2014-06-19 23:57:48 -04:00
Pieter Hintjens
a178097f95 Problem: artificial restriction on binary identities
Applications that use ZMQ_IDENTITY can be trapped by the artificial
restriction on not using a binary zero as first byte. It's specially
nasty on random generated identities, e.g. UUIDs, as the chance of a
binary zero is low, so it will pass 255 out of 256 times.

Solution: remove the restriction.
2014-05-16 16:00:37 +02:00
Will Strang
afe5fd87e9 Issue #1017: add ZMQ_HANDSHAKE_IVL time limit on connection handshake 2014-05-09 13:54:24 +00:00
KIU Shueng Chuan
e71dfd13d7 typo fix: RECVHWM -> RCVHWM 2014-01-22 08:40:35 +08:00
Tim M
515af9b147 Added assert on duplicate id in ROUTER and STREAM sockets. Updated man to reflect this change. Modified test case to match. 2014-01-21 11:43:34 -08:00
Tim M
3fbc10eba7 Updated man entries, and added behavior in case the user duplicates peer ids. In this case the socket reverts to default behavior. 2014-01-19 17:28:13 -08:00
Pieter Hintjens
5bf96f64b0 Removed ZMQ_ZAP_IPC_CREDS option
- This seems redundant; is there a use case for NOT providing
  the IPC credentials to the ZAP authenticator?

- More, why is IPC authentication done via libzmq instead of ZAP?
  Is it because we're missing the transport type on the ZAP request?
2014-01-01 17:39:14 +01:00
Pieter Hintjens
adf5b45d71 Reordered socket options
- put into alphabetical order
- there was no consistency in previous ordering
2014-01-01 16:28:30 +01:00
Pieter Hintjens
49a2902c82 Fixed issue #801 2014-01-01 15:36:47 +01:00
Pieter Hintjens
9d9592f830 Whitespace fixes
Minor layout fix

Whitespace fix
2014-01-01 15:36:33 +01:00
KIU Shueng Chuan
5fa3f0a045 doc bugfix: ZMQ_MSGMORE should be ZMQ_SNDMORE 2013-12-23 23:06:18 +08:00
Brandon Carpenter
a018ef5e86 Add support for extending ZAP request address with IPC peer credentials.
Another take on LIBZMQ-568 to allow filtering IPC connections, this time
using ZAP.  This change is backward compatible.  If the
ZMQ_ZAP_IPC_CREDS option is set, the user, group, and process IDs of the
peer process are appended to the address (separated by colons) of a ZAP
request; otherwise, nothing changes.  See LIBZMQ-568 and zmq_setsockopt
documentation for more information.
2013-12-06 14:28:44 -08:00
Brandon Carpenter
dc9b1309b9 Shortened ZMQ_IPC_ACCEPT_FILTER_[UGP]ID to ZMQ_IPC_FILTER_[UGP]ID. 2013-12-06 09:58:10 -08:00
Pieter Hintjens
e48ca50663 Merge pull request #774 from shubred1/master
Updated documentation for zmq_disconnect() and zmq_setsockopt().
2013-12-05 03:23:12 -08:00
Brandon Carpenter
2252322acc Add IPC accept filter socket options.
Adds ZMQ_IPC_ACCEPT_FILTER_{PID,UID,GID} socket options to add processs,
user, and group IDs to the IPC filter sets. Fixes LIBZMQ-568.
2013-12-04 14:23:13 -08:00
Shane Hubred
c7693bedea Updated documentation for zmq_disconnect() and zmq_setsockopt(). 2013-12-04 15:02:49 -06:00
Chris Laws
38bceca9ca Add ability to set and get DSCP socket option 2013-11-25 13:31:21 +10:30
Mark Barbisan
e84f17bbb4 Modified the zmq_setsockopt documentation to include the ZMQ_ROUTER_HANDOVER option 2013-11-06 23:21:28 -05:00
Pieter Hintjens
87718c6102 Clarified use of secret/public keys 2013-10-23 16:03:40 +02:00
Pieter Hintjens
09426ff308 Fixed man page for CURVE key options 2013-10-23 12:04:40 +02:00
Pieter Hintjens
50a1973ee6 Identity can only be set on sockets that can connect to ROUTER 2013-10-09 19:53:18 +02:00
Pieter Hintjens
5e609be345 Renamed new socket options to be clearer
* ZMQ_REQ_STRICT was negative option (default 1) which goes against
  the standard, where defaults are zero. I renamed this to
  ZMQ_REQ_RELAXED.

* ZMQ_REQ_REQUEST_IDS felt clumsy and describes the technical solution
  rather than the problem/requirement. I changed to ZMQ_REQ_CORRELATE
  which seems more explicit.
2013-09-20 15:30:04 +02:00
Pieter Hintjens
9e66685c08 Reformatted text 2013-09-17 13:33:27 +02:00
Pieter Hintjens
6725c4644f Added ZMQ_ZAP_DOMAIN socket option
* This is passed to the ZAP handler in the 'domain' field

* If not set, or empty, then NULL security does not call the ZAP handler

* This resolves the phantom ZAP request syndrome seen with sockets where
  security was never intended (e.g. in test cases)

* This means if you install a ZAP handler, it will not get any requests
  for new connections until you take some explicit action, which can be
  setting a username/password for PLAIN, a key for CURVE, or the domain
  for NULL.
2013-09-09 20:40:34 +02:00
Guido Goldstein
455739f942 Fixed markup so documentation can be built. 2013-08-29 09:35:17 +02:00
danielkr
f59c1a5c5a Update doc for ZMQ_CONFLATE socket option 2013-08-17 23:55:00 +03:00
Christian Kamm
423ca36b17 Rename ZMQ_REQ_SEND_RESETS -> ZMQ_REQ_STRICT.
It defaults to enabled. Switch it off to be able to send a new message
before the previous reply has been received.
2013-08-03 14:35:18 +02:00
Christian Kamm
a0cc87a9d9 Add ZMQ_REQ_SEND_RESETS option.
This allows making a new request on a REQ socket by sending a new
message. Without the option set, calling send() after the first message
is done will continue to return an EFSM error.

It's useful for when a REQ is not getting a response. Previously that
meant creating a new socket or switching to DEALER.
2013-07-28 11:43:38 +02:00
Christian Kamm
b9646f2aac Add ZMQ_REQ_REQUEST_IDS option.
* Documentation:
The default behavior of REQ sockets is to rely on the ordering of messages
to match requests and responses and that is usually sufficient. When this option
is set to 1, the REQ socket will prefix outgoing messages with an extra frame
containing a request id. That means the full message is (request id, 0,
user frames...). The REQ socket will discard all incoming messages that don't
begin with these two frames.

* Behavior change: When a REQ socket gets an invalid reply, it used to
  discard the message and return EAGAIN. REQ sockets still discard
  invalid messages, but keep looking at the next one automatically
  until a good one is found or there are no more messages.
* Add test_req_request_ids.
2013-07-26 21:38:21 +02:00
Pieter Hintjens
7041770108 Added Z85 support
The use of binary for CURVE keys is painful; you cannot easily copy
these in e.g. email, or use them directly in source code. There are
various encoding possibilities. Base16 and Base64 are not optimal.
Ascii85 is not safe for source (it generates quotes and escapes).

So, I've designed a new Base85 encoding, Z85, which is safe to use
in code and elsewhere, and I've modified libzmq to use this where
it also uses binary keys (in get/setsockopt).

Very simply, if you use a 32-byte value, it's Base256 (binary),
and if you use a 40-byte value, it's Base85 (Z85).

I've put the Z85 codec into z85_codec.hpp, it's not elegant C++
but it is minimal and it works. Feel free to rewrap as a real class
if this annoys you.
2013-06-28 22:10:22 +02:00
Pieter Hintjens
dd14d4e01b Minor whitespace fixes in man page 2013-06-28 10:16:56 +02:00
Pieter Hintjens
ad77937956 Added ZMQ_STREAM socket type
- designed for TCP clients and servers
- added HTTP client / server example in tests/test_stream.cpp
- same as ZMQ_ROUTER + ZMQ_ROUTER_RAW + ZMQ_ROUTER_MANDATORY
- includes b893ce set ZMQ_IDENTITY on outgoing connect
- deprecates ZMQ_ROUTER_RAW
2013-06-27 20:53:15 +02:00
Pieter Hintjens
fb43d5a0fe Whitespace fix to man page 2013-06-22 13:39:24 +02:00
Pieter Hintjens
10f69c1500 Clarified man pages on mixed security 2013-06-20 18:30:30 +02:00
Pieter Hintjens
d9bb16725e Added options for CURVE security
- ZMQ_CURVE_PUBLICKEY for clients and servers
- ZMQ_CURVE_SECRETKEY for clients
- ZMQ_CURVE_SERVERKEY for clients
- ZMQ_CURVE_SERVER for servers
- added tools/curve_keygen.c as example
- updated man pages
2013-06-20 18:09:12 +02:00
Pieter Hintjens
a9679da764 Packaging on ZMQ_PROBE_ROUTER
- renamed to ZMQ_PROBE_ROUTER
2013-06-05 15:55:15 +02:00
Pieter Hintjens
2344131db3 Packaging of ZMQ_PROBE
- Cleaned up man page a little
- Wrote test case tests/test_router_probe.cpp
2013-06-05 15:29:40 +02:00
shripchenko
9c980e17dd changed option name. +documentation changes 2013-06-05 15:29:40 +02:00
shripchenko
97324398a7 refactored ZMQ_ROUTER_ANNOUNCE_SELF code. renamed it to ZMQ_PROBE_NEW_PEERS.
implement it for DEALER tocket.
+documentation
2013-06-05 15:29:40 +02:00
shripchenko
f805e4dd03 changed option name. +documentation changes 2013-05-24 07:09:53 -07:00
shripchenko
51750a7d2a refactored ZMQ_ROUTER_ANNOUNCE_SELF code. renamed it to ZMQ_PROBE_NEW_PEERS.
implement it for DEALER tocket.
+documentation
2013-05-23 01:49:40 -07:00
Pieter Hintjens
e1f797b048 Added configuration for PLAIN security
* ZMQ_PLAIN_SERVER, ZMQ_PLAIN_USERNAME, ZMQ_PLAIN_PASSWORD options
* Man page changes to zmq_setsockopt and zmq_getsockopt
* Man pages for ZMQ_NULL, ZMQ_PLAIN, and ZMQ_CURVE
* Test program test_security
2013-05-15 17:55:21 +02:00
Pieter Hintjens
8ea779c8f7 Fixed sizeof usage in man pages 2013-05-15 14:11:22 +02:00
Pieter Hintjens
67e02ca8bc Use of named authors on man pages is no longer a good idea since it puts off
contributors and doesn't reflect the real process. I've taken out all named
authors and referred to the contribution policy. Hopefully this will improve
the contributions to the man pages.
2013-04-15 18:50:42 +02:00
Pieter Hintjens
16f8ea3e95 Clarified HWM=0 means infinite 2013-03-17 11:30:49 +01:00
Pieter Hintjens
8358d4e832 Renamed ZMQ_DELAY_ATTACH_ON_CONNECT_COULD_THIS_BE_ANY_LONGER to ZMQ_IMMEDIATE 2013-03-12 16:11:19 +01:00
Pieter Hintjens
309740e197 Fixed issue #499 2013-01-31 20:47:45 +01:00