Commit Graph

5666 Commits

Author SHA1 Message Date
Jim Garlick
8892087e99 gssapi: add NAMETYPE options to zmq_getsockopt
Problem: GSSAPI NAMETYPE options were added to zmq_setsockopt()
but not zmq_getsockopt().

Add them to zmq_getsockopt().
2017-04-24 16:12:42 -07:00
Jim Garlick
9fbf2e2eb6 gssapi: move new options to DRAFT section
Problem: The new GSSAPI NAMESPACE options should have been
added to the DRAFT section of the API so they can be changed
until stabilized.

Solution:
- Move defines to the DRAFT section of zmq.h
- Duplicate them in zmq_draft.h, as is the local custom
- Compile only if defined (ZMQ_BUILD_DRAFT_API)
- Refactor internals slightly to avoid #ifdef hell
2017-04-24 16:12:27 -07:00
Luca Boccassi
c49436ad94 Merge pull request #2547 from diorcety/x
Targets broken by some parts of f7d1c159d4
2017-04-24 15:48:10 +01:00
Yann Diorcet
17460b3b2b Targets broken by some parts of f7d1c159d4 2017-04-24 15:57:14 +02:00
Constantin Rack
74395668c6 Merge pull request #2546 from rikvdh/master
RELICENSE: Grant from rikvdh
2017-04-23 11:52:54 +02:00
Rik van der Heijden
67eee47557 RELICENSE: Grant from rikvdh 2017-04-23 11:21:12 +02:00
Luca Boccassi
4ae2ffdac7 Merge pull request #2545 from garlick/gssapi_nametype
add GSSAPI NAMETYPE socket options
2017-04-22 11:12:23 +01:00
Jim Garlick
48f72844ad gssapi: add zmq_gssapi.7 to MAN7 in Makefile.am
Problem: zmq_gssapi.7 was not mentioned in doc/Makefile.am

Solution: add man page to MAN7 in doc/Makefile.am
2017-04-21 13:08:48 -07:00
Jim Garlick
8bd3f03cd4 gssapi: add NAMETYPE socket opts to zmq_gssapi.7
Problem: new GSSAPI socket options are not documented.

Solution: add PRINCIPAL NAMES section to zmq_gssapi.7
2017-04-21 13:08:48 -07:00
Jim Garlick
0b185e8297 gssapi: add NAMETYPE socket options
Problem: principals are looked up unconditionally
with the GSS_C_NT_HOSTBASED_SERVICE name type.

Solution: Add two new socket options to set the name type
for ZMQ_GSSAPI_PRINCIPAL and ZMQ_GSSAPI_SERVICE_PRINCIPAL:

ZMQ_GSSAPI_PRINCIPAL_NAMETYPE
ZMQ_GSSAPI_SERVICE_PRINCIPAL_NAMETYPE

They take an integer argument which must be one of
ZMQ_GSSAPI_NT_HOSTBASED (0) - default
ZMQ_GSSAPI_NT_USER_NAME (1)
ZMQ_GSSAPI_NT_KRB5_PRINCIPAL (2)

These correspond to GSSAPI name types of:
GSS_C_NT_HOSTBASED_SERVICE
GSS_C_NT_USER_NAME
GSS_KRB5_NT_PRINCIPAL_NAME

Fixes #2542
2017-04-21 13:08:45 -07:00
Constantin Rack
4783605b78 Merge pull request #2544 from Asmod4n/patch-2
RELICENSE: Hendrik Beskow grant
2017-04-21 19:58:33 +02:00
Asmod4n
798b258fbc Create Asmod4n.md 2017-04-21 19:54:25 +02:00
Luca Boccassi
427292561c Merge pull request #2541 from garlick/gssapi_fix
fix misc. bugs in GSSAPI support
2017-04-20 18:49:05 +01:00
Jim Garlick
2b9a352a3c gssapi: use gss_buffer_desc consistently
Problem: one call to gss_import_name() includes the terminating
NULL in a gss_buffer_desc.length, and one doesn't.

According to the examples at:
http://docs.oracle.com/cd/E19253-01/816-4863/overview-22/index.html
the NULL should be included in the length.

Solution:  Fix one case to include the terminating NULL in the length.
2017-04-20 09:42:06 -07:00
Jim Garlick
4e22dd0e97 gssapi: fail if client sets wrong principal
Problem: if client sets ZMQ_GSSAPI_PRINCIPAL to a name
for which credentials cannot be obtained, authentication
proceeds with default credentials.

Solution: Before initializing the security context, check
whether there was a failed attempt to acquire credentials
for a specific principal and bail out if so.

Fixes #2531
2017-04-20 09:42:06 -07:00
Jim Garlick
f2b579ce02 gssapi: use GSS_C_BOTH to acquire credentials
Problem: if client sets the ZMQ_GSSAPI_PRINCIPAL to a valid
principal, authentication fails.

When an application sets ZMQ_GSSAPI_PRINCIPAL, whether as a
client or a server, libzmq internally calls gss_acquire_cred()
with cred_usage=GSS_C_ACCEPT.  This cred_usage setting is for
acceptors (servers) only, thus it doesn't work for initiators
(clients).

Solution: Change the cred_usage parameter to GSS_C_BOTH to allow
initiators to set ZMQ_GSSAPI_PRINCIPAL.
2017-04-20 09:42:06 -07:00
Jim Garlick
c371824b5b gssapi: document ZMQ_GSSAPI_PRINCIPAL as optional
Problem: the ZMQ_GSSAPI_PRINCIPAL socket option is described
as mandatory in the zmq_gssapi(7) manual page.  In fact it
is optional.

Solution: Describe ZMQ_GSSAPI_PRINCIPAL as optional.
If unspecified, default credentials are used.
2017-04-20 09:42:06 -07:00
Jim Garlick
43f4c28660 gssapi: define HAVE_LIBGSSAPI_KRB5 in configure.ac
Problem: configure.ac is not setting HAVE_LIBGSSAPI_KRB5
in src/platform.hpp when --with-libgssapi_krb5 is specified

Commit 09e868b743
switched the libgssapi_krb5 check from AC_CHECK_LIB
to AC_SEARCH_LIBS, but neglected to add an AC_DEFINE
for HAVE_LIBGSSAPI_KRB5, thus the GSSAPI code is
never compiled.

Solution: Add missing AC_DEFINE of HAVE_LIBGSSAPI_KRB5.
2017-04-20 09:41:27 -07:00
Luca Boccassi
aa90863b77 Merge pull request #2539 from juan-filewave/win_build_if_defined_ZMQ_USE_POLL
Problem: Windows build broken by #if ZMQ_USE_POLL
2017-04-20 15:05:15 +01:00
Juan A. Garcia Pardo
52ce6aab86 Problem: Windows build broken by #if ZMQ_USE_POLL
Solution: use #if defined ZMQ_USE_POLL
2017-04-20 15:53:06 +02:00
Asmod4n
ce602d08db change macOS < 10.12 clock to SYSTEM_CLOCK, fixes #2537 (#2538)
* change macOS < 10.12 clock to SYSTEM_CLOCK, fixes #2537

* remove clock_id option from alt_clock_gettime since we always want a monotonic clock.

* update header definition for alt_clock_gettime

* pass clock definition down to host_get_clock_service for macOS < 10.12

* change to monotonic clocks
2017-04-19 23:13:06 +01:00
Luca Boccassi
45f4a40026 Merge pull request #2536 from RPGillespie6/master
Add CMake Build Output Options
2017-04-17 23:54:26 +01:00
RPGillespie6
69b2affe05 Add CMake Build Output Options
Add two new options to CMakeLists.txt:

`BUILD_SHARED` - Whether or not to build the shared object (Default: ON)
`BUILD_STATIC` - Whether or not to build the static archive (Default: ON)
2017-04-17 18:26:04 -04:00
BJovke
1d4014dc52 Problem: Minor inconsistency in macro syntax. Solution: Code fixed. (#2534)
* Problem: Minor inconsistency in macro syntax. Solution: Code fixed.
2017-04-14 17:10:57 +01:00
Luca Boccassi
e8be2e9d60 Merge pull request #2533 from bjovke/my_work
Problem: FD set copying for Windows still not optimal in some places.
2017-04-14 16:01:53 +01:00
bjovke
dc7bbe35b4 Problem: FD set copying on Windows still not optimal on some places. Solution: Improved memcpy() of FD sets for Windows builds. 2017-04-14 16:31:05 +02:00
Luca Boccassi
a3ad12f7fa Merge pull request #2532 from bjovke/my_work
Problem: Stack overflow in Windows VS 2012 builds for simple ZeroMQ u…
2017-04-14 11:26:33 +01:00
bjovke
6d3d99f3a1 Problem: Stack overflow in Windows VS 2012 builds for simple ZeroMQ usage. Solution: Added notice in INSTALL file to mandatory use at least 2 MB stack size in VS 2012 and recommendation to use at least 2 MB in all other Windows builds. 2017-04-14 11:54:51 +02:00
Constantin Rack
eb37793a43 Merge pull request #2528 from kurdybacha/master
RELICENSE: Pawel Kurdybacha grant
2017-04-13 06:56:45 +02:00
Pawel Kurdybacha
01f8ae061d RELICENSE: Pawel Kurdybacha grant 2017-04-13 00:44:22 +01:00
Luca Boccassi
bf07573188 Merge pull request #2527 from diorcety/x
Fix compilation on windows using msys2
2017-04-12 11:58:50 +01:00
Yann Diorcet
f7d1c159d4 Fix windows compilation 2017-04-12 10:59:04 +02:00
Luca Boccassi
dfde9a22cc Merge pull request #2526 from bjovke/my_work
Problem: GCC 6 build fails due to misleading indentation and visually ambiguous if/else block ordering.
2017-04-11 12:42:35 +01:00
bjovke
aa3540e657 Problem: misleading indentation and visually ambiguous if/else block ordering.
Solution: fixed indentation and if/else block.
2017-04-11 13:14:13 +02:00
Doron Somech
c2798ef0db Merge pull request #2525 from swansontec/master
RELICENSE: William Swanson
2017-04-11 08:47:25 +03:00
William Swanson
0b1402ffc7 RELICENSE: William Swanson 2017-04-10 18:32:15 -07:00
Luca Boccassi
d815228246 Merge pull request #2523 from bjovke/my_working_branch
Critical BUG introduced with #2518 fixed.
2017-04-10 20:09:07 +01:00
Luca Boccassi
3b01410edc Merge pull request #2524 from jakecobb/tcp_codestyle
Problem: Bad style in tcp.hpp/cpp
2017-04-10 19:13:48 +01:00
bjovke
c635ee7e9d Critical BUG introduced with #2518 fixed. 2017-04-10 20:09:22 +02:00
Jake Cobb
f89e3ee854 Problem: Bad style in tcp.hpp/cpp
Solution: Add spaces between function
name and parentheses.
2017-04-10 13:57:29 -04:00
Luca Boccassi
2df4e87849 Merge pull request #2522 from bjovke/my_working_branch
Another macro correction.
2017-04-10 17:31:32 +01:00
Luca Boccassi
af6e071f65 Merge pull request #2521 from jakecobb/windows_tcptuning_consistency
Consistency of Windows TCP tuning assertions
2017-04-10 17:27:50 +01:00
Jake Cobb
cd39b00e19 Consistency of Windows TCP tuning assertions
Treat ECONNRESET, ENETRESET and EINTR as non-fatal
failures in TCP Tuning on Windows as they are in the
Unixes.  Also adds ENETRESET to the Unix list that was missing.
2017-04-10 10:57:17 -04:00
bjovke
9bee9d6d03 Another macro correction. 2017-04-10 16:14:26 +02:00
Luca Boccassi
d66c2508cf Merge pull request #2519 from bjovke/master
Case found not covered in latest zmq::proxy() code.
2017-04-10 15:01:27 +01:00
bjovke
b6fb1f64a5 Macro correction. 2017-04-10 15:39:20 +02:00
bjovke
2bdd06ca7e Relicense file extensions corrected. 2017-04-10 14:36:30 +02:00
BJovke
64807214be Merge pull request #2520 from twhittock/patch-1
Relicense: Tom Whittock grant
2017-04-10 14:33:43 +02:00
twhittock
6ecdd68153 Tom Whittock grant 2017-04-10 13:28:10 +01:00
bjovke
30cd655b3d Case found not covered in latest zmq::proxy() code. 2017-04-10 14:10:47 +02:00