86 Commits

Author SHA1 Message Date
J.T. Conklin
ea011a33de Fix typos. 2014-11-07 22:30:15 -08:00
Pieter Hintjens
75d4f50be3 Problem: ZMQ_CURVE_SECRETKEY reads beyond end of Z85 data
Solution: change setsockopts on printable keys to expect 41, nor 40
bytes. Code still accepts 40 bytes for compatibility, and copies the
key to a well-terminated string before using it.

Fixes #1148
2014-08-12 12:37:49 +02:00
Mike Gatny
0a4123fd91 Add documentation for GSSAPI options. 2014-06-19 23:57:48 -04:00
Stoian Ivanov
a16d3dbb0e docu 2014-05-12 11:02:44 +03:00
Will Strang
afe5fd87e9 Issue #1017: add ZMQ_HANDSHAKE_IVL time limit on connection handshake 2014-05-09 13:54:24 +00:00
Pieter Hintjens
5bf96f64b0 Removed ZMQ_ZAP_IPC_CREDS option
- This seems redundant; is there a use case for NOT providing
  the IPC credentials to the ZAP authenticator?

- More, why is IPC authentication done via libzmq instead of ZAP?
  Is it because we're missing the transport type on the ZAP request?
2014-01-01 17:39:14 +01:00
Pieter Hintjens
adf5b45d71 Reordered socket options
- put into alphabetical order
- there was no consistency in previous ordering
2014-01-01 16:28:30 +01:00
Brandon Carpenter
a018ef5e86 Add support for extending ZAP request address with IPC peer credentials.
Another take on LIBZMQ-568 to allow filtering IPC connections, this time
using ZAP.  This change is backward compatible.  If the
ZMQ_ZAP_IPC_CREDS option is set, the user, group, and process IDs of the
peer process are appended to the address (separated by colons) of a ZAP
request; otherwise, nothing changes.  See LIBZMQ-568 and zmq_setsockopt
documentation for more information.
2013-12-06 14:28:44 -08:00
Chris Laws
38bceca9ca Add ability to set and get DSCP socket option 2013-11-25 13:31:21 +10:30
Pieter Hintjens
50a1973ee6 Identity can only be set on sockets that can connect to ROUTER 2013-10-09 19:53:18 +02:00
Pieter Hintjens
5e609be345 Renamed new socket options to be clearer
* ZMQ_REQ_STRICT was negative option (default 1) which goes against
  the standard, where defaults are zero. I renamed this to
  ZMQ_REQ_RELAXED.

* ZMQ_REQ_REQUEST_IDS felt clumsy and describes the technical solution
  rather than the problem/requirement. I changed to ZMQ_REQ_CORRELATE
  which seems more explicit.
2013-09-20 15:30:04 +02:00
Pieter Hintjens
345bf146f1 Fixed overwrite in zmq_getsockopt
On ZMQ_CURVE_xxxKEY fetches, would return 41 bytes into caller's 40-byte
buffer. Now these fetches only return 41 bytes if the caller explicitly
provides a 41-byte buffer (i.e. the option size is 41).
2013-09-12 18:03:23 +02:00
Pieter Hintjens
6725c4644f Added ZMQ_ZAP_DOMAIN socket option
* This is passed to the ZAP handler in the 'domain' field

* If not set, or empty, then NULL security does not call the ZAP handler

* This resolves the phantom ZAP request syndrome seen with sockets where
  security was never intended (e.g. in test cases)

* This means if you install a ZAP handler, it will not get any requests
  for new connections until you take some explicit action, which can be
  setting a username/password for PLAIN, a key for CURVE, or the domain
  for NULL.
2013-09-09 20:40:34 +02:00
Pieter Hintjens
7041770108 Added Z85 support
The use of binary for CURVE keys is painful; you cannot easily copy
these in e.g. email, or use them directly in source code. There are
various encoding possibilities. Base16 and Base64 are not optimal.
Ascii85 is not safe for source (it generates quotes and escapes).

So, I've designed a new Base85 encoding, Z85, which is safe to use
in code and elsewhere, and I've modified libzmq to use this where
it also uses binary keys (in get/setsockopt).

Very simply, if you use a 32-byte value, it's Base256 (binary),
and if you use a 40-byte value, it's Base85 (Z85).

I've put the Z85 codec into z85_codec.hpp, it's not elegant C++
but it is minimal and it works. Feel free to rewrap as a real class
if this annoys you.
2013-06-28 22:10:22 +02:00
Pieter Hintjens
e1f797b048 Added configuration for PLAIN security
* ZMQ_PLAIN_SERVER, ZMQ_PLAIN_USERNAME, ZMQ_PLAIN_PASSWORD options
* Man page changes to zmq_setsockopt and zmq_getsockopt
* Man pages for ZMQ_NULL, ZMQ_PLAIN, and ZMQ_CURVE
* Test program test_security
2013-05-15 17:55:21 +02:00
Pieter Hintjens
67e02ca8bc Use of named authors on man pages is no longer a good idea since it puts off
contributors and doesn't reflect the real process. I've taken out all named
authors and referred to the contribution policy. Hopefully this will improve
the contributions to the man pages.
2013-04-15 18:50:42 +02:00
Pieter Hintjens
16f8ea3e95 Clarified HWM=0 means infinite 2013-03-17 11:30:49 +01:00
Pieter Hintjens
309740e197 Fixed issue #499 2013-01-31 20:47:45 +01:00
Pieter Hintjens
79da450b8b Fixed formatting in man page 2012-10-31 04:35:15 +01:00
Ian Barber
e5904e63ce Allow blocking while connect() is completing
This patch, salvaged from a trainwreck accidental merge earlier, adds a
new sockopt, ZMQ_DELAY_ATTACH_ON_CONNECT which prevents a end point
being available to push messages to until it has fully connected, making
connect work more like bind. This also applies to reconnecting sockets,
which may cause message loss of in-queue messages, so it is sensible to
use this in conjunction with a low HWM and potentially an alternative
acknowledgement path.

Notes on most of the individual commits can be found the repository log.
2012-06-12 15:34:48 +01:00
Ian Barber
95cbad3841 Revert "After speaking with Ben Gray and the discussion on the mailing list, this is an attempt to create a sockopt to allow connecting pipes to not immediately be available for traffic. The problem is in a PUSH to many PULL situation, where there is a connect to a PULL which is not there. This connect will immediately create a pipe (unlike bind), and traffic will be load balanced to that pipe. This means if there is a persistently unavailable end point then the traffic will queue until HWM is hit, and older messages will be lost."
This reverts commit fe3fb419fe249d7015a6c864d18464d434a55468.
2012-06-12 14:53:57 +01:00
Ian Barber
fe3fb419fe After speaking with Ben Gray and the discussion on the mailing list, this is an attempt to create a sockopt to allow connecting pipes to not immediately be available for traffic. The problem is in a PUSH to many PULL situation, where there is a connect to a PULL which is not there. This connect will immediately create a pipe (unlike bind), and traffic will be load balanced to that pipe. This means if there is a persistently unavailable end point then the traffic will queue until HWM is hit, and older messages will be lost.
This patch adds a sockopt ZMQ_DELAY_ATTACH_ON_CONNECT, which if set to 1 will attempt to preempt this behavior. It does this by extending the use of the session_base to include in the outbound as well as the inbound pipe, and only associates the pipe with the socket once it receives the connected callback via a process_attach message. This works, and a test has been added to show so, but may introduce unexpected complications. The shutdown logic in this class has become marginally more awkward because of this, requiring the session to serve as the sink for both pipes if shutdown occurs with a still-connecting pipe in place. It is also possible there could be issues around flushing the messages, but as I could not directly think how to create such an issue I have not written any code with regards to that.

The documentation has been updated to reflect the change, but please do check over the code and test and review.
2012-06-01 17:58:19 +01:00
Lourens Naudé
04f0e7f26e Documentation for zmq_monitor 2012-05-22 20:08:02 +01:00
Lourens Naudé
e13b3723b8 Rename type zmq_monitor_fn -> zmq_monitor for a more natural callback definition API (zmq_monitor type, monitor.function callback) 2012-05-20 18:27:59 +01:00
KennyTM~
c995de6584 Allow the ZMQ_MONITOR code compilable on gcc 4.7 on Linux.
The current ZMQ_MONITOR code does not compile in gcc 4.7, as -pedantic
and -Werror are enabled, and ISO C++ doesn't allow casting between
normal pointers (void*) and function pointers, as pedantically their
size could be different. This caused the library not compilable. This
commit workaround the problem by introducing one more indirection, i.e.
instead of calling

    (void *)listener

which is an error, we have to use

    *(void **)&listener

which is an undefined behavior :) but works on most platforms

Also, `optval_ = monitor` will not set the parameter in getsockopt(),
and the extra casting caused the LHS to be an rvalue which again makes
the code not compilable. The proper way is to pass a pointer of function
pointer and assign with indirection, i.e. `*optval_ = monitor`.

Also, fixed an asciidoc error in zmq_getsockopt.txt because the `~~~~`
is too long.
2012-05-13 20:49:05 +08:00
Lourens Naudé
5c6f72c17c ZMQ_MONITOR socket option registers a callback / event sink for changes in socket state 2012-05-04 02:32:46 +01:00
Ian Barber
b7c9fc0750 Slight tweak to text for readability 2012-04-27 11:22:17 +01:00
Paul Colomiets
138def0b99 Added refinement for ZMQ_FD option 2012-04-27 12:55:17 +03:00
Sergey KHripchenko
4315467d7c documentation trimmed down to be just placeholders for who knows english better than me 2012-04-09 13:39:52 +04:00
Sergey KHripchenko
4b303402a7 more flexible keepalive options detection + awful options documentation 2012-04-06 20:04:35 +04:00
Emmanuel Taurel
107581213c Disable reconnection option
Add value -1 to the ZMQ_RECONNECT_IVL to disable the reconnection algorithm
2012-03-20 09:22:27 +01:00
Ian Barber
5e1efc9ec3 Update documentation for last endpoint to mention inaddr_any and add a test for IPC last endpoint checking 2012-02-19 18:46:46 +00:00
Pieter Hintjens
5f6b95f4a2 Fixed footers to refer to man page, not all docs 2012-02-15 10:39:18 -06:00
Pieter Hintjens
2000d44109 Fixed syntax error in zmq_getsockopt man page 2012-02-15 09:26:39 -06:00
Ian Barber
cc10c00193 Updating docs with new sockopt 2012-02-14 23:14:33 +00:00
Martin Lucina
22ef966d4a Update email address in man pages
Signed-off-by: Martin Lucina <martin@lucina.net>
2011-12-18 11:19:55 +01:00
Martin Sustrik
f8bd3967bf Documentation for IPv4ONLY option clarified
Signed-off-by: Martin Sustrik <sustrik@250bpm.com>
2011-11-16 19:49:31 +01:00
Martin Sustrik
d20ea25b8c ZMQ_IDENTITY option re-introduced
Signed-off-by: Martin Sustrik <sustrik@250bpm.com>
2011-11-02 14:33:58 +01:00
Martin Sustrik
1c071f54a6 LABELs removed from the documentation
Signed-off-by: Martin Sustrik <sustrik@250bpm.com>
2011-11-01 14:09:54 +01:00
Martin Sustrik
d31792e652 Default HWMs are set to 1000
This patch is meant to prevent users from running out of memory
when using 0MQ in the default configuration.

Signed-off-by: Martin Sustrik <sustrik@250bpm.com>
2011-10-06 13:12:49 +02:00
Pieter Hintjens
4138aca54b Fixed doc to clarify how label parts work
Signed-off-by: Pieter Hintjens <ph@imatix.com>
Signed-off-by: Martin Sustrik <sustrik@250bpm.com>
2011-09-03 09:02:56 +02:00
Steven McCoy
784041f5b9 ZMQ_IPV4ONLY option added
At this point option exists, is documented and can be set,
however, it has no effect.

Signed-off-by: Steven McCoy <steven.mccoy@miru.hk>
Signed-off-by: Martin Sustrik <sustrik@250bpm.com>
2011-08-08 12:10:31 +02:00
Martin Sustrik
1a40880552 ZMQ_IDENTITY option removed from the documentation
Signed-off-by: Martin Sustrik <sustrik@250bpm.com>
2011-07-18 09:30:37 +02:00
Martin Sustrik
d7adc3f19a ZMQ_FILTER option removed
The filtering is now done depending on the socket type. SUB socket
filters the messages (end-to-end filtering) while XSUB relies
on upstream nodes to do (imprefect) filtering.

Signed-off-by: Martin Sustrik <sustrik@250bpm.com>
2011-07-11 09:57:59 +02:00
Martin Sustrik
f437c9ed9b Fix errors in zmq_getsockopt(3) manpage
Signed-off-by: Martin Sustrik <sustrik@250bpm.com>
2011-06-20 12:27:56 +02:00
Martin Sustrik
ab99975ad4 LABEL flag added to the wire format
So far there was no distinction between message parts used by 0MQ
and message parts used by user. Now, the message parts used by 0MQ
are marked as 'LABEL'.

Signed-off-by: Martin Sustrik <sustrik@250bpm.com>
2011-06-20 11:33:54 +02:00
Fabien Ninoles
d7923f08ca Add sockopt ZMQ_RCVTIMEO/ZMQ_SNDTIMEO.
- Add doc and tests
- Add options and setup
- Wait using poll/select

Signed-off-by: Fabien Ninoles <fabien@tzone.org>
Signed-off-by: Martin Sustrik <sustrik@250bpm.com>
2011-06-17 12:22:02 +02:00
Martin Sustrik
ff93f54653 ZMQ_FILTER socket option added
This option is a performance tweak. In devices XSUB socket filters
the messages just to send them to XPUB socket which filters them
once more. Setting ZMQ_FILTER option to 0 allows to switch the
filtering in XSUB socket off.

Signed-off-by: Martin Sustrik <sustrik@250bpm.com>
2011-06-12 15:24:08 +02:00
Martin Sustrik
5d0cffc52f ZMQ_MULTICAST_HOPS socket option added
Sets the time-to-live field in every multicast packet sent from the socket.

Signed-off-by: Martin Sustrik <sustrik@250bpm.com>
2011-05-15 18:25:43 +02:00
Pieter Hintjens
a3b49ca958 Fixed example
Signed-off-by: Pieter Hintjens <ph@imatix.com>
2011-04-11 12:14:00 +02:00