Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in / Register
Toggle navigation
L
libzmq
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Packages
Packages
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
submodule
libzmq
Commits
adddda17
Commit
adddda17
authored
May 16, 2014
by
Pieter Hintjens
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #1038 from hurtonm/master
CURVE: Implement server-side ERROR handling
parents
4f571edf
bd73119e
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
48 additions
and
21 deletions
+48
-21
curve_server.cpp
src/curve_server.cpp
+42
-17
curve_server.hpp
src/curve_server.hpp
+6
-4
No files found.
src/curve_server.cpp
View file @
adddda17
...
@@ -38,7 +38,6 @@ zmq::curve_server_t::curve_server_t (session_base_t *session_,
...
@@ -38,7 +38,6 @@ zmq::curve_server_t::curve_server_t (session_base_t *session_,
session
(
session_
),
session
(
session_
),
peer_address
(
peer_address_
),
peer_address
(
peer_address_
),
state
(
expect_hello
),
state
(
expect_hello
),
expecting_zap_reply
(
false
),
cn_nonce
(
1
),
cn_nonce
(
1
),
sync
()
sync
()
{
{
...
@@ -78,6 +77,11 @@ int zmq::curve_server_t::next_handshake_command (msg_t *msg_)
...
@@ -78,6 +77,11 @@ int zmq::curve_server_t::next_handshake_command (msg_t *msg_)
if
(
rc
==
0
)
if
(
rc
==
0
)
state
=
connected
;
state
=
connected
;
break
;
break
;
case
send_error
:
rc
=
produce_error
(
msg_
);
if
(
rc
==
0
)
state
=
error_sent
;
break
;
default
:
default
:
errno
=
EAGAIN
;
errno
=
EAGAIN
;
rc
=
-
1
;
rc
=
-
1
;
...
@@ -93,22 +97,13 @@ int zmq::curve_server_t::process_handshake_command (msg_t *msg_)
...
@@ -93,22 +97,13 @@ int zmq::curve_server_t::process_handshake_command (msg_t *msg_)
switch
(
state
)
{
switch
(
state
)
{
case
expect_hello
:
case
expect_hello
:
rc
=
process_hello
(
msg_
);
rc
=
process_hello
(
msg_
);
if
(
rc
==
0
)
state
=
send_welcome
;
else
state
=
errored
;
break
;
break
;
case
expect_initiate
:
case
expect_initiate
:
rc
=
process_initiate
(
msg_
);
rc
=
process_initiate
(
msg_
);
if
(
rc
==
0
)
state
=
expecting_zap_reply
?
expect_zap_reply
:
send_ready
;
else
state
=
errored
;
break
;
break
;
default
:
default
:
// Temporary support for security debugging
// Temporary support for security debugging
puts
(
"CURVE I: invalid handshake command"
);
puts
(
"CURVE I: invalid handshake command"
);
state
=
errored
;
errno
=
EPROTO
;
errno
=
EPROTO
;
rc
=
-
1
;
rc
=
-
1
;
break
;
break
;
...
@@ -243,13 +238,21 @@ int zmq::curve_server_t::zap_msg_available ()
...
@@ -243,13 +238,21 @@ int zmq::curve_server_t::zap_msg_available ()
}
}
const
int
rc
=
receive_and_process_zap_reply
();
const
int
rc
=
receive_and_process_zap_reply
();
if
(
rc
==
0
)
if
(
rc
==
0
)
state
=
send_ready
;
state
=
status_code
==
"200"
?
send_ready
:
send_error
;
return
rc
;
return
rc
;
}
}
zmq
::
mechanism_t
::
status_t
zmq
::
curve_server_t
::
status
()
const
zmq
::
mechanism_t
::
status_t
zmq
::
curve_server_t
::
status
()
const
{
{
return
state
==
connected
?
mechanism_t
::
ready
:
mechanism_t
::
handshaking
;
if
(
state
==
connected
)
return
mechanism_t
::
ready
;
else
if
(
state
==
error_sent
)
return
mechanism_t
::
error
;
else
return
mechanism_t
::
handshaking
;
}
}
int
zmq
::
curve_server_t
::
process_hello
(
msg_t
*
msg_
)
int
zmq
::
curve_server_t
::
process_hello
(
msg_t
*
msg_
)
...
@@ -303,6 +306,7 @@ int zmq::curve_server_t::process_hello (msg_t *msg_)
...
@@ -303,6 +306,7 @@ int zmq::curve_server_t::process_hello (msg_t *msg_)
return
-
1
;
return
-
1
;
}
}
state
=
send_welcome
;
return
rc
;
return
rc
;
}
}
...
@@ -478,12 +482,18 @@ int zmq::curve_server_t::process_initiate (msg_t *msg_)
...
@@ -478,12 +482,18 @@ int zmq::curve_server_t::process_initiate (msg_t *msg_)
if
(
rc
==
0
)
{
if
(
rc
==
0
)
{
send_zap_request
(
client_key
);
send_zap_request
(
client_key
);
rc
=
receive_and_process_zap_reply
();
rc
=
receive_and_process_zap_reply
();
if
(
rc
!=
0
)
{
if
(
rc
==
0
)
if
(
errno
!=
EAGAIN
)
state
=
status_code
==
"200"
?
send_ready
:
send_error
;
else
if
(
errno
==
EAGAIN
)
state
=
expect_zap_reply
;
else
return
-
1
;
return
-
1
;
expecting_zap_reply
=
true
;
}
}
}
else
state
=
send_ready
;
return
parse_metadata
(
initiate_plaintext
+
crypto_box_ZEROBYTES
+
128
,
return
parse_metadata
(
initiate_plaintext
+
crypto_box_ZEROBYTES
+
128
,
clen
-
crypto_box_ZEROBYTES
-
128
);
clen
-
crypto_box_ZEROBYTES
-
128
);
...
@@ -535,6 +545,18 @@ int zmq::curve_server_t::produce_ready (msg_t *msg_)
...
@@ -535,6 +545,18 @@ int zmq::curve_server_t::produce_ready (msg_t *msg_)
return
0
;
return
0
;
}
}
int
zmq
::
curve_server_t
::
produce_error
(
msg_t
*
msg_
)
const
{
zmq_assert
(
status_code
.
length
()
==
3
);
const
int
rc
=
msg_
->
init_size
(
6
+
1
+
status_code
.
length
());
zmq_assert
(
rc
==
0
);
char
*
msg_data
=
static_cast
<
char
*>
(
msg_
->
data
());
memcpy
(
msg_data
,
"
\5
ERROR"
,
6
);
msg_data
[
6
]
=
sizeof
status_code
;
memcpy
(
msg_data
+
7
,
status_code
.
c_str
(),
status_code
.
length
());
return
0
;
}
void
zmq
::
curve_server_t
::
send_zap_request
(
const
uint8_t
*
key
)
void
zmq
::
curve_server_t
::
send_zap_request
(
const
uint8_t
*
key
)
{
{
int
rc
;
int
rc
;
...
@@ -658,7 +680,7 @@ int zmq::curve_server_t::receive_and_process_zap_reply ()
...
@@ -658,7 +680,7 @@ int zmq::curve_server_t::receive_and_process_zap_reply ()
}
}
// Status code frame
// Status code frame
if
(
msg
[
3
].
size
()
!=
3
||
memcmp
(
msg
[
3
].
data
(),
"200"
,
3
)
)
{
if
(
msg
[
3
].
size
()
!=
3
)
{
// Temporary support for security debugging
// Temporary support for security debugging
puts
(
"CURVE I: ZAP handler rejected client authentication"
);
puts
(
"CURVE I: ZAP handler rejected client authentication"
);
errno
=
EACCES
;
errno
=
EACCES
;
...
@@ -666,6 +688,9 @@ int zmq::curve_server_t::receive_and_process_zap_reply ()
...
@@ -666,6 +688,9 @@ int zmq::curve_server_t::receive_and_process_zap_reply ()
goto
error
;
goto
error
;
}
}
// Save status code
status_code
.
assign
(
static_cast
<
char
*>
(
msg
[
3
].
data
()),
3
);
// Save user id
// Save user id
set_user_id
(
msg
[
5
].
data
(),
msg
[
5
].
size
());
set_user_id
(
msg
[
5
].
data
(),
msg
[
5
].
size
());
...
...
src/curve_server.hpp
View file @
adddda17
...
@@ -74,8 +74,9 @@ namespace zmq
...
@@ -74,8 +74,9 @@ namespace zmq
expect_initiate
,
expect_initiate
,
expect_zap_reply
,
expect_zap_reply
,
send_ready
,
send_ready
,
connected
,
send_error
,
errored
error_sent
,
connected
};
};
session_base_t
*
const
session
;
session_base_t
*
const
session
;
...
@@ -85,8 +86,8 @@ namespace zmq
...
@@ -85,8 +86,8 @@ namespace zmq
// Current FSM state
// Current FSM state
state_t
state
;
state_t
state
;
//
True iff we are awaiting reply from ZAP handler.
//
Status code as received from ZAP handler
bool
expecting_zap_reply
;
std
::
string
status_code
;
uint64_t
cn_nonce
;
uint64_t
cn_nonce
;
...
@@ -112,6 +113,7 @@ namespace zmq
...
@@ -112,6 +113,7 @@ namespace zmq
int
produce_welcome
(
msg_t
*
msg_
);
int
produce_welcome
(
msg_t
*
msg_
);
int
process_initiate
(
msg_t
*
msg_
);
int
process_initiate
(
msg_t
*
msg_
);
int
produce_ready
(
msg_t
*
msg_
);
int
produce_ready
(
msg_t
*
msg_
);
int
produce_error
(
msg_t
*
msg_
)
const
;
void
send_zap_request
(
const
uint8_t
*
key
);
void
send_zap_request
(
const
uint8_t
*
key
);
int
receive_and_process_zap_reply
();
int
receive_and_process_zap_reply
();
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment