null_mechanism.cpp 10.4 KB
Newer Older
1
/*
2
    Copyright (c) 2007-2016 Contributors as noted in the AUTHORS file
3

4
    This file is part of libzmq, the ZeroMQ core engine in C++.
5

6 7 8
    libzmq is free software; you can redistribute it and/or modify it under
    the terms of the GNU Lesser General Public License (LGPL) as published
    by the Free Software Foundation; either version 3 of the License, or
9 10
    (at your option) any later version.

11 12 13 14 15 16 17 18 19 20 21 22 23 24
    As a special exception, the Contributors give you permission to link
    this library with independent modules to produce an executable,
    regardless of the license terms of these independent modules, and to
    copy and distribute the resulting executable under terms of your choice,
    provided that you also meet, for each linked independent module, the
    terms and conditions of the license of that module. An independent
    module is a module which is not derived from or based on this library.
    If you modify this library, you must extend this exception to your
    version of the library.

    libzmq is distributed in the hope that it will be useful, but WITHOUT
    ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
    FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
    License for more details.
25 26 27 28 29

    You should have received a copy of the GNU Lesser General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

30
#include "precompiled.hpp"
31 32 33 34 35 36 37

#include <stddef.h>
#include <string.h>
#include <stdlib.h>

#include "err.hpp"
#include "msg.hpp"
38
#include "session_base.hpp"
39 40 41
#include "wire.hpp"
#include "null_mechanism.hpp"

42 43 44 45 46 47 48
zmq::null_mechanism_t::null_mechanism_t (session_base_t *session_,
                                         const std::string &peer_address_,
                                         const options_t &options_) :
    mechanism_t (options_),
    session (session_),
    peer_address (peer_address_),
    ready_command_sent (false),
49
    error_command_sent (false),
50
    ready_command_received (false),
51
    error_command_received (false),
52 53 54
    zap_connected (false),
    zap_request_sent (false),
    zap_reply_received (false)
55
{
56 57 58 59
    //  NULL mechanism only uses ZAP if there's a domain defined
    //  This prevents ZAP requests on naive sockets
    if (options.zap_domain.size () > 0
    &&  session->zap_connect () == 0)
60
        zap_connected = true;
61 62 63 64 65 66
}

zmq::null_mechanism_t::~null_mechanism_t ()
{
}

67
int zmq::null_mechanism_t::next_handshake_command (msg_t *msg_)
68
{
69
    if (ready_command_sent || error_command_sent) {
70 71 72
        errno = EAGAIN;
        return -1;
    }
73 74 75 76 77 78 79 80 81 82 83 84
    if (zap_connected && !zap_reply_received) {
        if (zap_request_sent) {
            errno = EAGAIN;
            return -1;
        }
        send_zap_request ();
        zap_request_sent = true;
        const int rc = receive_and_process_zap_reply ();
        if (rc != 0)
            return -1;
        zap_reply_received = true;
    }
85

86 87
    if (zap_reply_received
    &&  strncmp (status_code, "200", sizeof status_code) != 0) {
88
        const int rc = msg_->init_size (6 + 1 + sizeof status_code);
89 90 91 92
        zmq_assert (rc == 0);
        unsigned char *msg_data =
            static_cast <unsigned char *> (msg_->data ());
        memcpy (msg_data, "\5ERROR", 6);
93 94
        msg_data [6] = sizeof status_code;
        memcpy (msg_data + 7, status_code, sizeof status_code);
95 96 97 98
        error_command_sent = true;
        return 0;
    }

99
    unsigned char *const command_buffer = (unsigned char *) malloc (512);
100 101 102 103 104
    alloc_assert (command_buffer);

    unsigned char *ptr = command_buffer;

    //  Add mechanism string
105
    memcpy (ptr, "\5READY", 6);
106
    ptr += 6;
107 108 109 110 111 112 113 114

    //  Add socket type property
    const char *socket_type = socket_type_string (options.type);
    ptr += add_property (ptr, "Socket-Type", socket_type, strlen (socket_type));

    //  Add identity property
    if (options.type == ZMQ_REQ
    ||  options.type == ZMQ_DEALER
115 116
    ||  options.type == ZMQ_ROUTER)
        ptr += add_property (ptr, "Identity", options.identity, options.identity_size);
117 118 119 120 121 122 123 124 125 126 127 128

    const size_t command_size = ptr - command_buffer;
    const int rc = msg_->init_size (command_size);
    errno_assert (rc == 0);
    memcpy (msg_->data (), command_buffer, command_size);
    free (command_buffer);

    ready_command_sent = true;

    return 0;
}

129
int zmq::null_mechanism_t::process_handshake_command (msg_t *msg_)
130
{
131
    if (ready_command_received || error_command_received) {
132 133
        //  Temporary support for security debugging
        puts ("NULL I: client sent invalid NULL handshake (duplicate READY)");
134 135 136 137
        errno = EPROTO;
        return -1;
    }

138
    const unsigned char *cmd_data =
139
        static_cast <unsigned char *> (msg_->data ());
140
    const size_t data_size = msg_->size ();
141

142 143 144 145 146 147 148
    int rc = 0;
    if (data_size >= 6 && !memcmp (cmd_data, "\5READY", 6))
        rc = process_ready_command (cmd_data, data_size);
    else
    if (data_size >= 6 && !memcmp (cmd_data, "\5ERROR", 6))
        rc = process_error_command (cmd_data, data_size);
    else {
149 150
        //  Temporary support for security debugging
        puts ("NULL I: client sent invalid NULL handshake (not READY)");
151
        errno = EPROTO;
152
        rc = -1;
153 154
    }

155
    if (rc == 0) {
156
        rc = msg_->close ();
157 158 159
        errno_assert (rc == 0);
        rc = msg_->init ();
        errno_assert (rc == 0);
160
    }
161 162
    return rc;
}
163

164 165 166
int zmq::null_mechanism_t::process_ready_command (
        const unsigned char *cmd_data, size_t data_size)
{
167
    ready_command_received = true;
168 169
    return parse_metadata (cmd_data + 6, data_size - 6);
}
170

171 172 173
int zmq::null_mechanism_t::process_error_command (
        const unsigned char *cmd_data, size_t data_size)
{
174 175 176 177 178 179
    if (data_size < 7) {
        errno = EPROTO;
        return -1;
    }
    const size_t error_reason_len = static_cast <size_t> (cmd_data [6]);
    if (error_reason_len > data_size - 7) {
180 181 182
        errno = EPROTO;
        return -1;
    }
183
    error_command_received = true;
184
    return 0;
185 186
}

187 188 189 190 191 192 193 194 195 196 197 198
int zmq::null_mechanism_t::zap_msg_available ()
{
    if (zap_reply_received) {
        errno = EFSM;
        return -1;
    }
    const int rc = receive_and_process_zap_reply ();
    if (rc == 0)
        zap_reply_received = true;
    return rc;
}

199
zmq::mechanism_t::status_t zmq::null_mechanism_t::status () const
200
{
201 202 203 204 205 206 207
    const bool command_sent =
        ready_command_sent || error_command_sent;
    const bool command_received =
        ready_command_received || error_command_received;

    if (ready_command_sent && ready_command_received)
        return ready;
208
    else
209 210 211 212
    if (command_sent && command_received)
        return error;
    else
        return handshaking;
213
}
214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243

void zmq::null_mechanism_t::send_zap_request ()
{
    int rc;
    msg_t msg;

    //  Address delimiter frame
    rc = msg.init ();
    errno_assert (rc == 0);
    msg.set_flags (msg_t::more);
    rc = session->write_zap_msg (&msg);
    errno_assert (rc == 0);

    //  Version frame
    rc = msg.init_size (3);
    errno_assert (rc == 0);
    memcpy (msg.data (), "1.0", 3);
    msg.set_flags (msg_t::more);
    rc = session->write_zap_msg (&msg);
    errno_assert (rc == 0);

    //  Request id frame
    rc = msg.init_size (1);
    errno_assert (rc == 0);
    memcpy (msg.data (), "1", 1);
    msg.set_flags (msg_t::more);
    rc = session->write_zap_msg (&msg);
    errno_assert (rc == 0);

    //  Domain frame
244
    rc = msg.init_size (options.zap_domain.length ());
245
    errno_assert (rc == 0);
246
    memcpy (msg.data (), options.zap_domain.c_str (), options.zap_domain.length ());
247 248 249 250 251 252 253 254 255 256 257 258
    msg.set_flags (msg_t::more);
    rc = session->write_zap_msg (&msg);
    errno_assert (rc == 0);

    //  Address frame
    rc = msg.init_size (peer_address.length ());
    errno_assert (rc == 0);
    memcpy (msg.data (), peer_address.c_str (), peer_address.length ());
    msg.set_flags (msg_t::more);
    rc = session->write_zap_msg (&msg);
    errno_assert (rc == 0);

259
    //  Identity frame
260 261 262 263 264 265 266
    rc = msg.init_size (options.identity_size);
    errno_assert (rc == 0);
    memcpy (msg.data (), options.identity, options.identity_size);
    msg.set_flags (msg_t::more);
    rc = session->write_zap_msg (&msg);
    errno_assert (rc == 0);

267
    //  Mechanism frame
268
    rc = msg.init_size (4);
269
    errno_assert (rc == 0);
270
    memcpy (msg.data (), "NULL", 4);
271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290
    rc = session->write_zap_msg (&msg);
    errno_assert (rc == 0);
}

int zmq::null_mechanism_t::receive_and_process_zap_reply ()
{
    int rc = 0;
    msg_t msg [7];  //  ZAP reply consists of 7 frames

    //  Initialize all reply frames
    for (int i = 0; i < 7; i++) {
        rc = msg [i].init ();
        errno_assert (rc == 0);
    }

    for (int i = 0; i < 7; i++) {
        rc = session->read_zap_msg (&msg [i]);
        if (rc == -1)
            break;
        if ((msg [i].flags () & msg_t::more) == (i < 6? 0: msg_t::more)) {
291 292
            //  Temporary support for security debugging
            puts ("NULL I: ZAP handler sent incomplete reply message");
293 294 295 296 297 298 299 300 301 302 303
            errno = EPROTO;
            rc = -1;
            break;
        }
    }

    if (rc != 0)
        goto error;

    //  Address delimiter frame
    if (msg [0].size () > 0) {
304 305
        //  Temporary support for security debugging
        puts ("NULL I: ZAP handler sent malformed reply message");
306
        errno = EPROTO;
307
        rc = -1;
308 309 310 311 312
        goto error;
    }

    //  Version frame
    if (msg [1].size () != 3 || memcmp (msg [1].data (), "1.0", 3)) {
313 314
        //  Temporary support for security debugging
        puts ("NULL I: ZAP handler sent bad version number");
315
        errno = EPROTO;
316
        rc = -1;
317 318 319 320 321
        goto error;
    }

    //  Request id frame
    if (msg [2].size () != 1 || memcmp (msg [2].data (), "1", 1)) {
322 323
        //  Temporary support for security debugging
        puts ("NULL I: ZAP handler sent bad request ID");
324
        errno = EPROTO;
325
        rc = -1;
326 327 328 329
        goto error;
    }

    //  Status code frame
330
    if (msg [3].size () != 3) {
331 332
        //  Temporary support for security debugging
        puts ("NULL I: ZAP handler rejected client authentication");
333
        errno = EPROTO;
334
        rc = -1;
335 336 337
        goto error;
    }

338 339 340
    //  Save status code
    memcpy (status_code, msg [3].data (), sizeof status_code);

341 342 343
    //  Save user id
    set_user_id (msg [5].data (), msg [5].size ());

344 345
    //  Process metadata frame
    rc = parse_metadata (static_cast <const unsigned char*> (msg [6].data ()),
346
                         msg [6].size (), true);
347 348 349 350 351 352 353 354 355

error:
    for (int i = 0; i < 7; i++) {
        const int rc2 = msg [i].close ();
        errno_assert (rc2 == 0);
    }

    return rc;
}