Updated ZAP request for changed protocol draft

- username and password sent as two string frames - fixed test case to match

Updated ZAP request for changed protocol draft
- username and password sent as two string frames - fixed test case to match
6ff51ee9 · Pieter Hintjens · 656ff5b2 · 6ff51ee9 · 6ff51ee9
Commit 6ff51ee9 authored Jun 07, 2013 by Pieter Hintjens
Hide whitespace changes
Inline Side-by-side

Showing with 32 additions and 40 deletions

plain_mechanism.cpp src/plain_mechanism.cpp +12 -9

test_security.cpp tests/test_security.cpp +20 -31

No files found.
--- a/src/plain_mechanism.cpp
+++ b/src/plain_mechanism.cpp
@@ -262,18 +262,21 @@ int zmq::plain_mechanism_t::process_hello_command (msg_t *msg_)
    rc = session->write_zap_msg (&msg);
    errno_assert (rc == 0);

-    //  Credentials frame
-    rc = msg.init_size (1 + username_length + 1 + password_length);
+    //  Username frame
+    rc = msg.init_size (username_length);
    errno_assert (rc == 0);
-    char *data_ptr = static_cast <char *> (msg.data ());
-    *data_ptr++ = static_cast <unsigned char> (username_length);
-    memcpy (data_ptr, username.c_str (), username_length);
-    data_ptr += username_length;
-    *data_ptr++ = static_cast <unsigned char> (password_length);
-    memcpy (data_ptr, password.c_str (), password_length);
+    memcpy (msg.data (), username.c_str (), username_length);
+    msg.set_flags (msg_t::more);
    rc = session->write_zap_msg (&msg);
    errno_assert (rc == 0);
-
+    
+    //  Password frame
+    rc = msg.init_size (password_length);
+    errno_assert (rc == 0);
+    memcpy (msg.data (), password.c_str (), password_length);
+    rc = session->write_zap_msg (&msg);
+    errno_assert (rc == 0);
+    
    return 0;
 }


--- a/tests/test_security.cpp
+++ b/tests/test_security.cpp
@@ -21,33 +21,12 @@
 #include <string.h>
 #include "testutil.hpp"

-static bool
-authenticate (const unsigned char *data, size_t data_length)
-{
-    const char *username = "admin";
-    const size_t username_length = strlen (username);
-    const char *password = "password";
-    const size_t password_length = strlen (password);
-
-    if (data_length != 1 + username_length + 1 + password_length)
-        return false;
-    if (data [0] != username_length)
-        return false;
-    if (memcmp (data + 1, username, username_length))
-        return false;
-    if (data [1 + username_length] != password_length)
-        return false;
-    if (memcmp (data + 1 + username_length + 1, password, password_length))
-        return false;
-    return true;
-}
-
 static void *
 zap_handler (void *zap)
 {
    int rc, more;
    size_t optlen;
-    zmq_msg_t version, seqno, domain, mechanism, credentials;
+    zmq_msg_t version, seqno, domain, mechanism, username, password;
    zmq_msg_t status_code, status_text, user_id;

    //  Version
@@ -86,17 +65,24 @@ zap_handler (void *zap)
    rc = zmq_getsockopt (zap, ZMQ_RCVMORE, &more, &optlen);
    assert (rc == 0 && more == 1);

-    //  Credentials
-    rc = zmq_msg_init (&credentials);
+    //  Username
+    rc = zmq_msg_init (&username);
+    assert (rc == 0);
+    rc = zmq_msg_recv (&username, zap, 0);
+    bool username_ok = (rc == 5 && memcmp (zmq_msg_data (&username), "admin", 5) == 0);
+    optlen = sizeof more;
+    rc = zmq_getsockopt (zap, ZMQ_RCVMORE, &more, &optlen);
+    assert (rc == 0 && more == 1);
+    
+    //  Password
+    rc = zmq_msg_init (&password);
    assert (rc == 0);
-    rc = zmq_msg_recv (&credentials, zap, 0);
+    rc = zmq_msg_recv (&password, zap, 0);
    optlen = sizeof more;
    rc = zmq_getsockopt (zap, ZMQ_RCVMORE, &more, &optlen);
    assert (rc == 0 && more == 0);
-
-    const bool auth_ok =
-        authenticate ((unsigned char *) zmq_msg_data (&credentials),
-                      zmq_msg_size (&credentials));
+    
+    bool password_ok = (rc == 8 && memcmp (zmq_msg_data (&password), "password", 8) == 0);

    rc = zmq_msg_send (&version, zap, ZMQ_SNDMORE);
    assert (rc == 3);
@@ -106,7 +92,7 @@ zap_handler (void *zap)

    rc = zmq_msg_init_size (&status_code, 3);
    assert (rc == 0);
-    memcpy (zmq_msg_data (&status_code), auth_ok? "200": "400", 3);
+    memcpy (zmq_msg_data (&status_code), username_ok && password_ok? "200": "400", 3);
    rc = zmq_msg_send (&status_code, zap, ZMQ_SNDMORE);
    assert (rc == 3);

@@ -126,9 +112,12 @@ zap_handler (void *zap)
    rc = zmq_msg_close (&mechanism);
    assert (rc == 0);

-    rc = zmq_msg_close (&credentials);
+    rc = zmq_msg_close (&username);
    assert (rc == 0);

+    rc = zmq_msg_close (&password);
+    assert (rc == 0);
+    
    rc = zmq_close (zap);
    assert (rc == 0);