Commit Graph

33 Commits

Author SHA1 Message Date
Pieter Hintjens
77f14aad95 Problem: stream_engine.cpp security can be downgraded
Solution: accept only the mechanism defined by the socket options.

I've not tested this yet, so it's a speculative fix.
2014-09-19 19:24:45 +02:00
Pieter Hintjens
57ade6d5bb Problem: test_security_curve does't try wrong mechanisms
Solution: check that it rejects attempts to connect to a CURVE server
using NULL or PLAIN client.
2014-09-18 07:32:07 +02:00
Pieter Hintjens
75d4f50be3 Problem: ZMQ_CURVE_SECRETKEY reads beyond end of Z85 data
Solution: change setsockopts on printable keys to expect 41, nor 40
bytes. Code still accepts 40 bytes for compatibility, and copies the
key to a well-terminated string before using it.

Fixes #1148
2014-08-12 12:37:49 +02:00
Pieter Hintjens
b433adf49e Fixed comment 2014-03-16 11:53:40 +01:00
Pieter Hintjens
b3b9e046ee Updated copyright statements for 2014 2014-01-02 12:00:57 +01:00
Pieter Hintjens
fd4d125d8e Packaging for zmq_curve_keypair function
* Added new man page for this
* Added test case, in tests/test_security_curve.cpp
* Noted in zmq_utils.h that these methods are documented
2013-09-30 15:14:02 +02:00
Richard Newton
de91c7362c Merge pull request #668 from mrothe/no-public-tests
tests: don't listen on public ports
2013-09-18 04:09:51 -07:00
Markus Rothe
b13230510c tests: don't listen on public ports 2013-09-18 12:58:19 +02:00
Pieter Hintjens
825052f83f Revert "makes curve keys symetric as in libcurve + factorisation"
This reverts commit bfd472f97c.
2013-09-17 14:05:55 +02:00
Pieter Hintjens
22eb4d600b Revert "oblige the application to explicitely set the node type for PLAIN"
This reverts commit 1206f4572b.
2013-09-17 14:05:41 +02:00
Laurent Alebarde
1206f4572b oblige the application to explicitely set the node type for PLAIN 2013-09-17 12:47:21 +02:00
Laurent Alebarde
bfd472f97c makes curve keys symetric as in libcurve + factorisation 2013-09-17 12:44:14 +02:00
Pieter Hintjens
fe9815a789 Fixed random failures in test_security_plain and _curve
* ZAP handler thread was not getting time to start up
* Code now creates and binds handler socket in parent thread and
  passes the socket to the zap_handler, so this always gets the
  authentication requests.
2013-09-16 10:56:49 +02:00
Laurent Alebarde
dc1f5e9f7c simplify test_security_curve.cpp with zmq_z85_encode 2013-09-16 00:06:24 +02:00
Pieter Hintjens
576e3ca5e0 Added z85 codec to ZMQ API
* Removed redundant Z85 code and include files from project
* Simplified use of headers in test cases (now they all just use testutil.hpp)
* Export zmq_z85_encode() and zmq_z85_decode() in API
* Added man pages for these two functions
2013-09-15 20:13:44 +02:00
Pieter Hintjens
193d0bb634 Fixed Z85 methods to be static and not pollute library 2013-09-15 17:30:18 +02:00
Pieter Hintjens
52370bff44 Removed debugging printfs 2013-09-12 12:46:23 +02:00
Martin Hurton
25c89cace1 Merge pull request #649 from hintjens/master
Fixed minor error in NULL mechanism (spec was wrong)
2013-09-09 12:12:36 -07:00
Pieter Hintjens
6725c4644f Added ZMQ_ZAP_DOMAIN socket option
* This is passed to the ZAP handler in the 'domain' field

* If not set, or empty, then NULL security does not call the ZAP handler

* This resolves the phantom ZAP request syndrome seen with sockets where
  security was never intended (e.g. in test cases)

* This means if you install a ZAP handler, it will not get any requests
  for new connections until you take some explicit action, which can be
  setting a username/password for PLAIN, a key for CURVE, or the domain
  for NULL.
2013-09-09 20:40:34 +02:00
Richard Newton
7485b09cba Fix tests on windows 2013-09-06 10:08:11 +01:00
Pieter Hintjens
9dd324aab2 z85 encoding buffer overrun 2013-09-05 15:18:42 +02:00
Pieter Hintjens
28b0a5fa27 Updated libzmq to match RFC 23, 24, 25, 26
* Command names changed from null terminated to length-specified
* Command frames use the correct flag (bit 2)
* test_stream acts as test case for command frames
* Some code cleanups
2013-09-04 17:59:45 +02:00
Pieter Hintjens
fb67e160a1 Fixed ZAP authentication
- if ZAP server returns anything except 200, connection is closed
- all security tests now pass correctly
- test_security_curve now does proper client key authentication using test key
- test_security_plain now does proper password authentication
2013-09-02 18:21:36 +02:00
Pieter Hintjens
fba5612026 Fixed 'make check' failures
- Split off NULL security check from PLAIN
- Cleaned up test_linger code a little
- Got all tests to pass, added TODOs for outstanding issues
- Added ZAP authentication for NULL test case
- NULL mechanism was not passing server identity - fixed
- cleaned up test_security_plain and removed option double-checks (made code ugly)
- lowered timeout on expect_bounce_fail to 150 msec to speed up checks
- removed all sleeps from test_fork and simplified code (it still passes :-)
2013-09-02 17:22:24 +02:00
Pieter Hintjens
01b336f1f1 Whitespace fixes 2013-09-02 15:08:40 +02:00
MinRK
9d94640edc test failed CURVE auth
adds expect_bounce_fail test function

which is like bounce, but fails if messages arrive.
2013-08-30 17:56:59 -07:00
Jeremy Rossi
19ca8a0fc0 Add the Socket Identity info to the ZAP Messages
This change adds the socket identity infomartion from the socket to the
zap frames.  In doing this the ZAP is able preform different operations
based on different sockets.  This is not compaitable with the current ZAP
RFC, but that can be updated.  As the ZAP rfc is currently draft for I
did not change the version number.

Tests also modified and passing.
2013-08-20 13:48:05 -04:00
Richard Newton
a83baa9b0b Fix up threading code from port tests to windows. 2013-08-17 14:23:22 +01:00
Richard Newton
7f74fc7c99 Port tests to windows and add to cmake build. 2013-08-17 13:43:45 +01:00
Martin Hurton
d65231be1c Update CURVE mechanism to the latest ZAP revision 2013-07-18 10:59:31 +02:00
Pieter Hintjens
7041770108 Added Z85 support
The use of binary for CURVE keys is painful; you cannot easily copy
these in e.g. email, or use them directly in source code. There are
various encoding possibilities. Base16 and Base64 are not optimal.
Ascii85 is not safe for source (it generates quotes and escapes).

So, I've designed a new Base85 encoding, Z85, which is safe to use
in code and elsewhere, and I've modified libzmq to use this where
it also uses binary keys (in get/setsockopt).

Very simply, if you use a 32-byte value, it's Base256 (binary),
and if you use a 40-byte value, it's Base85 (Z85).

I've put the Z85 codec into z85_codec.hpp, it's not elegant C++
but it is minimal and it works. Feel free to rewrap as a real class
if this annoys you.
2013-06-28 22:10:22 +02:00
Pieter Hintjens
7832addd20 Updated security mechanisms to use variable-length commands
RFC23, RFC24, RFC26 now use variable-length command names that
end in null octet (valid C strings) instead of fixed-length
space padded strings.
2013-06-28 11:42:54 +02:00
Ian Barber
211bf2b08e Added security curve test
Test is skipped if no libsodium.
Added warning if libsodium not configured
2013-06-22 16:17:25 +01:00