235 Commits

Author SHA1 Message Date
Stoian Ivanov
fe3e8c5c70 linking fd to pipe identity via socket option 2014-04-30 16:34:55 +03:00
Chris Busbey
27591d2da6 ZMQ_GSSAPI_PLAINTEXT option for disabling encryption 2014-04-24 14:21:33 -07:00
Chris Busbey
2e1645a519 principle->principal 2014-04-24 14:20:53 -07:00
Chris Busbey
5441db3d7d configurable principle and service principle (for client) 2014-04-24 14:18:58 -07:00
Mike Gatny
4b1c851db4 Stubbed in gssapi security mechanism. 2014-04-24 14:17:05 -07:00
Pieter Hintjens
407b7fb474 Removed duplicate zmq_z85_* methods from zmq.h
Fixes #967
2014-04-10 09:43:16 +02:00
Mark Barbisan
52db50f844 Add the tag name to the zmq_pollitem_t struct to allow easier forward declaration 2014-03-12 10:11:12 -04:00
Pieter Hintjens
305a1442ae Added scaffolding for zmq_msg_gets 2014-03-03 13:19:40 +01:00
Olaf Mandel
e41c8cba0e Rename ZMQ_MAX_SOCKETS_MAX to ZMQ_SOCKET_LIMIT
As per suggestion by Pieter Hintjens. Also update wording in
zmq_ctx_set manual a bit.
2014-02-14 10:09:19 +01:00
Pieter Hintjens
1e9ea54bf6 Merge pull request #889 from olafmandel/MAX_SOCKETS_MAX
Add ZMQ_MAX_SOCKETS_MAX to zmq_ctx_get()
2014-02-13 19:15:01 +01:00
Laurent Alebarde
abf9d8b74e Revert "add a proxy hook"
This reverts commit 9ae6a91fadb96fd48038fde04cc3d4b61b49a8a1.
2014-02-13 18:35:09 +01:00
Laurent Alebarde
bc25366f7c Revert "add proxy_chain, a multi proxies chaining in the same thread feature"
This reverts commit bc7441f5176589ad9a34dc2bde6b91d78a44e3e0.
2014-02-13 18:35:09 +01:00
Olaf Mandel
5815b768b9 Add ZMQ_MAX_SOCKETS_MAX to zmq_ctx_get()
The new options allows querying the maximum allowed number of sockets.
This is system dependent and cannot be encoded in the include file as a
preprocessor macro: for ZMQ_USE_SELECT, this depends on the FD_SETSIZE
macro at time of library compilation, not at time of include file use.
2014-02-13 15:54:06 +01:00
Laurent Alebarde
bc7441f517 add proxy_chain, a multi proxies chaining in the same thread feature 2014-01-28 18:15:01 +01:00
Laurent Alebarde
9ae6a91fad add a proxy hook 2014-01-24 16:52:30 +01:00
Pieter Hintjens
50bd28c037 Cleaned up option to force identity on outgoing connection
- renamed to ZMQ_CONNECT_RID
- fixed whitespace malformating around previous patch
- renamamed next_peer_id to next_rid in preparation for
  larger rename of IDENTITY to ROUTING_ID

Note: ZMQ_CONNECT_RID has no test case and no entry in the man
page, as yet.
2014-01-19 09:27:57 +01:00
Tim M
b1920bdf90 Fixed compile issue with missing member of socket_base. Changed ZMQ_NEXT_IDENTITY to ZMQ_NEXT_CONNECT_PEER_ID.
Fixed case where ZMQ_NEXT_CONNECT_PEER_ID is used in ROUTER, and ROUTER does not read the identity message from the connected pipe.
2014-01-18 17:49:54 -08:00
Tim M
f13512a926 fixed define value in header 2014-01-17 14:41:45 -08:00
Tim M
5d4860ea12 Both STREAM and ROUTER sockets suffer from a naming problem on outbound connections. While these connections can be created, they can't be immediately used. Traffic must be received before it can be sent. This prevents practical, minimal usage of STREAM or ROUTER as a true N fan in/out socket.
This change simply provides the user with a socket option that sets a user defined name of the next outbound connection:

zmq_setsockopt(routerSock,ZMQ_NEXT_IDENTITY,"myname",6);
if(0 > zmq_connect(routerSock,"tcp://127.0.0.1:1234")) return 1;
ret = zmq_send(routerSock,"myname",6,ZMQ_SNDMORE);
zmq_send(routerSock,b.mem,b.used,0);

In this example, the socket is immediately given the name "myname", and is capable of immediately sending traffic.

This approach is more effective in three ways:
1) It prevents all sorts of malicious peer naming attacks that can cause undefined behavior in existing ROUTER connections. (Two connections are made that both transmit the same name to the ROUTER, the ROUTER behavior is undefined)
2) It allows immediate control of connections made to external parties for STREAM sockets. Something that is not possible right now. Before an outbound connection had no name for STREAM or ROUTER sockets because outbound connections cannot be sent to without first receiving traffic.
3) It is simpler and more general than expecting two ROUTER sockets to handshake on assigned connection names. Plus it allows inline sending to new connections on ROUTER.
2014-01-17 14:34:39 -08:00
Stefan Radomski
3aeaa6fab1 ZMQ_SRCFD docs and tests
Also moved the fd field from message content to message itself
2014-01-07 01:09:51 +01:00
Stefan Radomski
f30fb8501e Expose remote FD via zmq_msg_get(&msg, ZMQ_SRCFD)
This patch allows client applications to retrieve the remote endpoint from a message that originated from a tcp socket
2014-01-06 10:31:42 +01:00
Pieter Hintjens
b3b9e046ee Updated copyright statements for 2014 2014-01-02 12:00:57 +01:00
Pieter Hintjens
5bf96f64b0 Removed ZMQ_ZAP_IPC_CREDS option
- This seems redundant; is there a use case for NOT providing
  the IPC credentials to the ZAP authenticator?

- More, why is IPC authentication done via libzmq instead of ZAP?
  Is it because we're missing the transport type on the ZAP request?
2014-01-01 17:39:14 +01:00
Brandon Carpenter
a018ef5e86 Add support for extending ZAP request address with IPC peer credentials.
Another take on LIBZMQ-568 to allow filtering IPC connections, this time
using ZAP.  This change is backward compatible.  If the
ZMQ_ZAP_IPC_CREDS option is set, the user, group, and process IDs of the
peer process are appended to the address (separated by colons) of a ZAP
request; otherwise, nothing changes.  See LIBZMQ-568 and zmq_setsockopt
documentation for more information.
2013-12-06 14:28:44 -08:00
Brandon Carpenter
dc9b1309b9 Shortened ZMQ_IPC_ACCEPT_FILTER_[UGP]ID to ZMQ_IPC_FILTER_[UGP]ID. 2013-12-06 09:58:10 -08:00
Brandon Carpenter
2252322acc Add IPC accept filter socket options.
Adds ZMQ_IPC_ACCEPT_FILTER_{PID,UID,GID} socket options to add processs,
user, and group IDs to the IPC filter sets. Fixes LIBZMQ-568.
2013-12-04 14:23:13 -08:00
Chris Laws
38bceca9ca Add ability to set and get DSCP socket option 2013-11-25 13:31:21 +10:30
Pieter Hintjens
75a293d379 Moved version macros to top for better visibility 2013-11-24 12:47:24 +01:00
Richard Newton
7c51429440 Reduce default maximum number of sockets by 1 so there is room for the reaper socket. 2013-11-11 13:41:42 +00:00
Mark Barbisan
5e71475d45 Shorten ZMQ_ROUTER_REASSIGN_IDENTITIES to ZMQ_ROUTER_HANDOVER. Also, added a test for the HANDOVER functionality. 2013-11-01 00:03:00 -04:00
Mark Barbisan
3825f3b300 Add support to the ROUTER socket to reassign identities upon name collision. 2013-10-30 23:45:46 -04:00
Laurent Alebarde
e33a382f8d new zmq_proxy is zmq_proxy_steerable to respect C API 2013-10-18 15:01:05 +02:00
Laurent Alebarde
1b75d1ecb5 add proxy control flow and test 2013-10-18 11:12:48 +02:00
Pieter Hintjens
b7eb1cdcce Revert "replace macro constants with enum types for user facing constants"
This reverts commit d4bb6d693f0542bbf35bc1b6810100d5b2a901a8.
2013-10-08 14:51:19 +02:00
Pieter Hintjens
b0085a7f29 Revert "distinguish between options and defaults"
This reverts commit e7804c5027633d18558c05b550ea11c46fb37c42.
2013-10-08 14:51:00 +02:00
Pieter Hintjens
d33a3ad0fd Merge pull request #696 from calid/enum-constants
replace macro constants with enum types for user facing constants
2013-10-04 01:58:48 -07:00
Dylan Cali
e7804c5027 distinguish between options and defaults 2013-10-04 02:21:35 -05:00
Dylan Cali
d4bb6d693f replace macro constants with enum types for user facing constants 2013-10-04 01:45:42 -05:00
Pieter Hintjens
d37d32fb0c Clarified that zmq.h constants are part of the public contract 2013-10-02 12:05:14 +02:00
Ivan Pechorin
b504aad160 stdint.h is not available on all platforms 2013-09-24 14:10:31 +04:00
Pieter Hintjens
21157f7d85 Next version off libzmq master is 4.1.0 2013-09-20 15:59:16 +02:00
Pieter Hintjens
5e609be345 Renamed new socket options to be clearer
* ZMQ_REQ_STRICT was negative option (default 1) which goes against
  the standard, where defaults are zero. I renamed this to
  ZMQ_REQ_RELAXED.

* ZMQ_REQ_REQUEST_IDS felt clumsy and describes the technical solution
  rather than the problem/requirement. I changed to ZMQ_REQ_CORRELATE
  which seems more explicit.
2013-09-20 15:30:04 +02:00
Pieter Hintjens
825052f83f Revert "makes curve keys symetric as in libcurve + factorisation"
This reverts commit bfd472f97cad5e37fa384b687a906f515600bac4.
2013-09-17 14:05:55 +02:00
Pieter Hintjens
22eb4d600b Revert "oblige the application to explicitely set the node type for PLAIN"
This reverts commit 1206f4572b4b3bb405a14cc60605b75d53b819a0.
2013-09-17 14:05:41 +02:00
Laurent Alebarde
1206f4572b oblige the application to explicitely set the node type for PLAIN 2013-09-17 12:47:21 +02:00
Laurent Alebarde
bfd472f97c makes curve keys symetric as in libcurve + factorisation 2013-09-17 12:44:14 +02:00
Pieter Hintjens
576e3ca5e0 Added z85 codec to ZMQ API
* Removed redundant Z85 code and include files from project
* Simplified use of headers in test cases (now they all just use testutil.hpp)
* Export zmq_z85_encode() and zmq_z85_decode() in API
* Added man pages for these two functions
2013-09-15 20:13:44 +02:00
Richard Newton
ccf0e61b77 Merge remote-tracking branch 'upstream/master' 2013-09-10 13:30:11 +01:00
Richard Newton
64e1c181f7 Implement non-blocking shutdown command that unblocks other threads waiting on blocking operations. 2013-09-10 13:30:00 +01:00
Pieter Hintjens
6725c4644f Added ZMQ_ZAP_DOMAIN socket option
* This is passed to the ZAP handler in the 'domain' field

* If not set, or empty, then NULL security does not call the ZAP handler

* This resolves the phantom ZAP request syndrome seen with sockets where
  security was never intended (e.g. in test cases)

* This means if you install a ZAP handler, it will not get any requests
  for new connections until you take some explicit action, which can be
  setting a username/password for PLAIN, a key for CURVE, or the domain
  for NULL.
2013-09-09 20:40:34 +02:00