- 19 Aug, 2017 2 commits
-
-
Luca Boccassi authored
Solution: remove it from the gssapi_mechanism_base initialiser
-
Luca Boccassi authored
Solution: call make_command_with_basic_properties
-
- 18 Aug, 2017 5 commits
-
-
Luca Boccassi authored
Solution: remove it. Looking at the code: https://github.com/krb5/krb5/blob/master/src/lib/gssapi/mechglue/g_unseal.c#L55 gss_unwrap as the very first thing checks that plaintext is not a null pointer, which in our case it's true given it's on the stack, and then initialises its members to 0 length and null ptr. https://github.com/krb5/krb5/blob/master/src/lib/gssapi/mechglue/g_rel_buffer.c#L36 So it should be safe to release it in all cases, and the release API seems to check again if it's not a null pointer and then if the members are 0 length and null pointer it's a no-op.
-
Luca Boccassi authored
Solution: free wrapper.value instead of wrapper.
-
sigiesec authored
Solution: emit an ZMQ_EVENT_HANDSHAKE_FAILED_PROTOCOL event instead of using zmq_assert
-
sigiesec authored
Solution: emit appropriate events
-
sigiesec authored
Solution: use check_basic_command_structure in curve_client_t::decode, also prepare other client mechanisms to use that method by rearranging inheritance hierarchy
-
- 04 Aug, 2017 1 commit
-
-
Simon Giesecke authored
Solution: Define them in zmq.h and use them (currently in DRAFT API)
-
- 25 Apr, 2017 1 commit
-
-
Jim Garlick authored
Problem: GSSAPI DRAFT code was made conditional on ZMQ_BUILD_DRAFT_API, but zmq_draft.h duplicates the DRAFT symbols definitions from zmq.h so this is unnecessary. Solution: drop the extra ifdefs
-
- 24 Apr, 2017 1 commit
-
-
Jim Garlick authored
Problem: The new GSSAPI NAMESPACE options should have been added to the DRAFT section of the API so they can be changed until stabilized. Solution: - Move defines to the DRAFT section of zmq.h - Duplicate them in zmq_draft.h, as is the local custom - Compile only if defined (ZMQ_BUILD_DRAFT_API) - Refactor internals slightly to avoid #ifdef hell
-
- 21 Apr, 2017 1 commit
-
-
Jim Garlick authored
Problem: principals are looked up unconditionally with the GSS_C_NT_HOSTBASED_SERVICE name type. Solution: Add two new socket options to set the name type for ZMQ_GSSAPI_PRINCIPAL and ZMQ_GSSAPI_SERVICE_PRINCIPAL: ZMQ_GSSAPI_PRINCIPAL_NAMETYPE ZMQ_GSSAPI_SERVICE_PRINCIPAL_NAMETYPE They take an integer argument which must be one of ZMQ_GSSAPI_NT_HOSTBASED (0) - default ZMQ_GSSAPI_NT_USER_NAME (1) ZMQ_GSSAPI_NT_KRB5_PRINCIPAL (2) These correspond to GSSAPI name types of: GSS_C_NT_HOSTBASED_SERVICE GSS_C_NT_USER_NAME GSS_KRB5_NT_PRINCIPAL_NAME Fixes #2542
-
- 20 Apr, 2017 1 commit
-
-
Jim Garlick authored
Problem: if client sets the ZMQ_GSSAPI_PRINCIPAL to a valid principal, authentication fails. When an application sets ZMQ_GSSAPI_PRINCIPAL, whether as a client or a server, libzmq internally calls gss_acquire_cred() with cred_usage=GSS_C_ACCEPT. This cred_usage setting is for acceptors (servers) only, thus it doesn't work for initiators (clients). Solution: Change the cred_usage parameter to GSS_C_BOTH to allow initiators to set ZMQ_GSSAPI_PRINCIPAL.
-
- 27 Mar, 2017 2 commits
-
-
Thomas Braun authored
Solution: Use the appropriate assertion macro.
-
Thomas Braun authored
Solution: Do it unconditionally.
-
- 27 Aug, 2016 1 commit
-
-
Hunter Laux authored
The gssapi has some helper functions gssalloc_malloc()/gssalloc_free() which on windows doesn't call malloc()/free(). Instead these are wrappers around HeapAlloc() and HeapFree(). To complicate matters gssapi doesn't export these helper functions, so you're left using the allocation method of your choice. See Here: https://github.com/krb5/krb5/blob/89683d1f135765e91041f3a239af865b11aaf86b/src/lib/gssapi/generic/gssapi_alloc.h The zmq gssapi implementation is calling malloc and then calling gss_release_buffer() to free the memory. gss_release_buffer uses gssalloc_free() to free this buffer which on windows calls HeapFree() instead of free(). This causes an access violation on windows.
-
- 14 May, 2016 1 commit
-
-
evoskuil authored
-
- 18 Feb, 2016 1 commit
-
-
Osiris authored
Solution: Phase I - make precompiled.hpp be first file included in every source file
-
- 07 Feb, 2016 1 commit
-
-
OBATA Akio authored
-
- 28 Jan, 2016 1 commit
-
-
Constantin Rack authored
Solution: update to 2016
-
- 20 Aug, 2015 1 commit
-
-
Joe Eli McIlvain authored
Solution: Convert to spaces and remove trailing whitespace in these files.
-
- 24 Jun, 2015 1 commit
-
-
Jonathan Reams authored
This commit adds ZMTP connection heartbeats described in http://rfc.zeromq.org/spec:37/ZMTP.
-
- 02 Jun, 2015 1 commit
-
-
Pieter Hintjens authored
Of course people still "can" distributed the sources under the LGPLv3. However we provide COPYING.LESSER with additional grants. Solution: specify these grants in the header of each source file.
-
- 22 Jan, 2015 1 commit
-
-
Pieter Hintjens authored
Solution: update for 2015 Fixes #1320
-
- 05 May, 2014 1 commit
-
-
Franco Fichtner authored
Tested on FreeBSD 10.
-
- 02 May, 2014 1 commit
-
-
Pieter Hintjens authored
- also prioritize ZAP metadata over ZMTP metadata in case application uses same names.
-
- 25 Apr, 2014 1 commit
-
-
Chris Laws authored
-
- 24 Apr, 2014 14 commits
-
-
Chris Busbey authored
-
Chris Busbey authored
-
Chris Busbey authored
-
Chris Busbey authored
-
Chris Busbey authored
-
Chris Busbey authored
-
Chris Busbey authored
-
Chris Busbey authored
-
Chris Busbey authored
-
Mike Gatny authored
-
Mike Gatny authored
-
Mike Gatny authored
-
Mike Gatny authored
For exchanging tokens.
-
Mike Gatny authored
E.g., both client and server need to produce and process GSSAPI tokens.
-