Solution: change setsockopts on printable keys to expect 41, nor 40
bytes. Code still accepts 40 bytes for compatibility, and copies the
key to a well-terminated string before using it.
Fixes#1148
Users who need e.g. zmq_curve_keypair() have to remember to include
zmq_utils.h, which is counter-intuitive. The whole library should be
represented by a single include file.
Solution: merge all contents of zmq_utils.h into zmq.h, and deprecate
zmq_utils.h. Existing apps can continue unchanged. New apps can ignore
zmq_utils.h completely.
Since https://github.com/zeromq/libzmq/commit/350a1a, TCP addresses
get resolved asynchronously, so zmq_connect no longer returned an
error on incorrect addresses.
This is troublesome since we rely on some error checking to catch
blatant errors.
Solution add some upfront syntax checking that catches at least the
obvious kinds of errors (invalid characters, wrong or missing port
number).
As libzmq is compiled with optional transports and security mechanisms,
there is no clean way for applications to determine what capabilities
are actually available in a given libzmq instance.
Solution: provide an API specifically for capability reporting. The
zmq_has () method is meant to be open ended. It accepts a string so
that we can add arbitrary capabilities without breaking existing
applications.
zmq.h also defines ZMQ_HAS_CAPABILITIES when this method is provided.
The expect_bounce_fail () helper assumed that messages could always
be sent. However in some cases zmq_send() blocks, due to there not
being any outgoing pipe. This changed in 77f5f7, where previously
there would be a pipe that kept trying to reconnect forever.
Solution: use a send timeout and check for EAGAIN if sending failed.
There is a race condition when connect and bind on a new inproc
endpoint happen "simultaneously" in threads. Causes the error:
Assertion failed: ok (ctx.cpp:474)
Using 'ipc://@abstract-socket' on non-Linux platforms yields inconsistent
behaviour. Abstract sockets don't exist, so the literal file is created.
The test previously failed, but for a different reason: this is not the
directory you are looking for. Now, zmq_bind() will fail for the right
reason: the socket can't be created. Put the XFAIL back.
fork() support is optional and its availability is correctly detected at
contfigure time.
But test_fork was all always built, preventing build for targets that do
not provide fork() from building successfully.
This pacth fixes the autotools on this point.
Has some bits commented out due to #939, now work.
Note: there is an issue in libzmq when binding/unbinding or
connecting/disconnecting (I did not investigate deeper) the
same socket several times. Even closing the socket with zero
linger, zmq_ctx_term will block. The workaround in this test
case is to close the sockets for each test step.
Specifically:
* zmq_event_t should not be used internally in libzmq, it was
meant to be an outward facing structure.
* In 4.x, zmq_event_t does not correspond to monitor events, so
I removed the structure entirely.
* man page for zmq_socket_monitor is incomplete and the example
code was particularly nasty.
* test_monitor.cpp needed rewriting, it was not clean.
- this failing test was confusing users
- ZMTP v3.0 now does not define resources at all
- resources, along with other unimplemented aspects moved to
RFC 37 ZMTP v3.1
The new options allows querying the maximum allowed number of sockets.
This is system dependent and cannot be encoded in the include file as a
preprocessor macro: for ZMQ_USE_SELECT, this depends on the FD_SETSIZE
macro at time of library compilation, not at time of include file use.
- renamed test_stream_disconnect_notifications (too long!)
- removed print statements in that test case
- fixed Makefile.am for test_zap_ipc_creds (was not building)
When a ZMQ_STREAM socket connection is broken (intentionally, via `shutdown()`
or accidentally via client crash or network failure), there is no way for the
application to dertermine that it should drop per-connection data (such as
buffers).
This contribution makes sure the application receives a 0-length message to
notify it that the connection has been broken. This is symmetric with the
process of closing the connection from within the application (where the
application sends a 0-length message to tell ZeroMQ to close the connection).
Conflicts:
CMakeLists.txt
This fixes the test on Mac OS X and SmartOS (probably other Solarises).
Also updates the sockets using ipc: to use DEALER sockets instead
of PAIR sockets.
- This seems redundant; is there a use case for NOT providing
the IPC credentials to the ZAP authenticator?
- More, why is IPC authentication done via libzmq instead of ZAP?
Is it because we're missing the transport type on the ZAP request?
Another take on LIBZMQ-568 to allow filtering IPC connections, this time
using ZAP. This change is backward compatible. If the
ZMQ_ZAP_IPC_CREDS option is set, the user, group, and process IDs of the
peer process are appended to the address (separated by colons) of a ZAP
request; otherwise, nothing changes. See LIBZMQ-568 and zmq_setsockopt
documentation for more information.
- used msleep (10) in most places instead of zmq_sleep (1)
- may cause failures on slower machines
- to change, modify SETTLE_TIME in testutil.h
- tested down to 1 msec on fast boxes
As TIPC transport for 0MQ will only work on post 3.8
Linux kernels where nonblocking connect was added,
we add AC_RUN test to check for this functionality.
Should the test fail, tipc is excluded from build/test.
Signed-off-by: Erik Hugne <erik.hugne@ericsson.com>
* ZMQ_REQ_STRICT was negative option (default 1) which goes against
the standard, where defaults are zero. I renamed this to
ZMQ_REQ_RELAXED.
* ZMQ_REQ_REQUEST_IDS felt clumsy and describes the technical solution
rather than the problem/requirement. I changed to ZMQ_REQ_CORRELATE
which seems more explicit.
* ZAP handler thread was not getting time to start up
* Code now creates and binds handler socket in parent thread and
passes the socket to the zap_handler, so this always gets the
authentication requests.
* Removed redundant Z85 code and include files from project
* Simplified use of headers in test cases (now they all just use testutil.hpp)
* Export zmq_z85_encode() and zmq_z85_decode() in API
* Added man pages for these two functions
* This is passed to the ZAP handler in the 'domain' field
* If not set, or empty, then NULL security does not call the ZAP handler
* This resolves the phantom ZAP request syndrome seen with sockets where
security was never intended (e.g. in test cases)
* This means if you install a ZAP handler, it will not get any requests
for new connections until you take some explicit action, which can be
setting a username/password for PLAIN, a key for CURVE, or the domain
for NULL.
- tests that system can provide at least 1,000 sockets
- we could expand on this but this covers the main case of OS/X
having a too-low default limit of 256 handles per process
* Command names changed from null terminated to length-specified
* Command frames use the correct flag (bit 2)
* test_stream acts as test case for command frames
* Some code cleanups
- if ZAP server returns anything except 200, connection is closed
- all security tests now pass correctly
- test_security_curve now does proper client key authentication using test key
- test_security_plain now does proper password authentication
- Split off NULL security check from PLAIN
- Cleaned up test_linger code a little
- Got all tests to pass, added TODOs for outstanding issues
- Added ZAP authentication for NULL test case
- NULL mechanism was not passing server identity - fixed
- cleaned up test_security_plain and removed option double-checks (made code ugly)
- lowered timeout on expect_bounce_fail to 150 msec to speed up checks
- removed all sleeps from test_fork and simplified code (it still passes :-)
This change adds the socket identity infomartion from the socket to the
zap frames. In doing this the ZAP is able preform different operations
based on different sockets. This is not compaitable with the current ZAP
RFC, but that can be updated. As the ZAP rfc is currently draft for I
did not change the version number.
Tests also modified and passing.
This allows making a new request on a REQ socket by sending a new
message. Without the option set, calling send() after the first message
is done will continue to return an EFSM error.
It's useful for when a REQ is not getting a response. Previously that
meant creating a new socket or switching to DEALER.
* Documentation:
The default behavior of REQ sockets is to rely on the ordering of messages
to match requests and responses and that is usually sufficient. When this option
is set to 1, the REQ socket will prefix outgoing messages with an extra frame
containing a request id. That means the full message is (request id, 0,
user frames...). The REQ socket will discard all incoming messages that don't
begin with these two frames.
* Behavior change: When a REQ socket gets an invalid reply, it used to
discard the message and return EAGAIN. REQ sockets still discard
invalid messages, but keep looking at the next one automatically
until a good one is found or there are no more messages.
* Add test_req_request_ids.
* Add lb_t::sendpipe() that returns the pipe that was used for sending,
similar to fq_t::recvpipe().
* Add forwarder functions to dealer_t to access these two.
* Add logic to req_t to ignore replies on pipes that are not the one
where the request was sent.
* Enable test in test_spec_req.
* disabled the specific tests that do not work (yet) on libzmq
* cleaned up one source (test_spec_rep.c) but the others need similar work
* added sleep in test_spec_rep to allow connects time to happen; this would
not be needed if we connected out to the REP peers instead in from them,
but I didn't want to change the logic of the test code.
* See http://rfc.zeromq.org/spec:28/REQREP
* Not all testable statements are covered.
* At this point, there are several failures:
- test_spec_req: The REQ socket does not correctly discard messages
from peers that are not currently being talked to.
- test_spec_dealer/router: On disconnect, the queues seem to not be
emptied. The DEALER can still receive a message the disconnected
peer sent, the ROUTER can still send to the identity of the dis-
connected peer.
The use of binary for CURVE keys is painful; you cannot easily copy
these in e.g. email, or use them directly in source code. There are
various encoding possibilities. Base16 and Base64 are not optimal.
Ascii85 is not safe for source (it generates quotes and escapes).
So, I've designed a new Base85 encoding, Z85, which is safe to use
in code and elsewhere, and I've modified libzmq to use this where
it also uses binary keys (in get/setsockopt).
Very simply, if you use a 32-byte value, it's Base256 (binary),
and if you use a 40-byte value, it's Base85 (Z85).
I've put the Z85 codec into z85_codec.hpp, it's not elegant C++
but it is minimal and it works. Feel free to rewrap as a real class
if this annoys you.
- designed for TCP clients and servers
- added HTTP client / server example in tests/test_stream.cpp
- same as ZMQ_ROUTER + ZMQ_ROUTER_RAW + ZMQ_ROUTER_MANDATORY
- includes b893ce set ZMQ_IDENTITY on outgoing connect
- deprecates ZMQ_ROUTER_RAW
- we need to switch to PLAIN according to options.mechanism
- we need to catch case when both peers are as-server (or neither is)
- and to use username/password from options, for client
* ZMQ_PLAIN_SERVER, ZMQ_PLAIN_USERNAME, ZMQ_PLAIN_PASSWORD options
* Man page changes to zmq_setsockopt and zmq_getsockopt
* Man pages for ZMQ_NULL, ZMQ_PLAIN, and ZMQ_CURVE
* Test program test_security
1) VSM - you cannot hand out the 'data' address as it was not allocated on the heap
2) for other messages the 'data' address cannot be handed out either, as it not the address
originally returned by malloc and hence cannot be passed to 'free'.
see msg.cpp
u.lmsg.content = (content_t*) malloc (sizeof (content_t) + size_);
....
u.lmsg.content->data = u.lmsg.content + 1;
So the function is changed to always malloc a data buffer and copy the data into it.
There is a possible optimisation using memmove for the non-VSM case but that is not done yet.
* Removed or truncated sleeps so the tests run faster
* Removed dependencies on zmq_utils
* Rewrote a few tests that were confusing
* Minor code cleanups
