- 14 May, 2014 3 commits
-
-
Martin Hurton authored
-
Martin Hurton authored
-
Martin Hurton authored
-
- 12 May, 2014 1 commit
-
-
Martin Hurton authored
-
- 06 May, 2014 1 commit
-
-
Martin Hurton authored
-
- 05 May, 2014 1 commit
-
-
Martin Hurton authored
-
- 02 May, 2014 1 commit
-
-
Pieter Hintjens authored
- also prioritize ZAP metadata over ZMTP metadata in case application uses same names.
-
- 01 May, 2014 1 commit
-
-
Martin Hurton authored
-
- 29 Apr, 2014 1 commit
-
-
Pieter Hintjens authored
- additional messages to help people debugging security errors
-
- 12 Jan, 2014 1 commit
-
-
Martin Hurton authored
The get_credential () member function returns credential for the last peer we received message for. The idea is that this function is used to implement user-level API.
-
- 02 Jan, 2014 1 commit
-
-
Pieter Hintjens authored
-
- 09 Sep, 2013 1 commit
-
-
Pieter Hintjens authored
* This is passed to the ZAP handler in the 'domain' field * If not set, or empty, then NULL security does not call the ZAP handler * This resolves the phantom ZAP request syndrome seen with sockets where security was never intended (e.g. in test cases) * This means if you install a ZAP handler, it will not get any requests for new connections until you take some explicit action, which can be setting a username/password for PLAIN, a key for CURVE, or the domain for NULL.
-
- 04 Sep, 2013 1 commit
-
-
Pieter Hintjens authored
* Command names changed from null terminated to length-specified * Command frames use the correct flag (bit 2) * test_stream acts as test case for command frames * Some code cleanups
-
- 02 Sep, 2013 2 commits
-
-
Pieter Hintjens authored
- if ZAP server returns anything except 200, connection is closed - all security tests now pass correctly - test_security_curve now does proper client key authentication using test key - test_security_plain now does proper password authentication
-
Pieter Hintjens authored
- Split off NULL security check from PLAIN - Cleaned up test_linger code a little - Got all tests to pass, added TODOs for outstanding issues - Added ZAP authentication for NULL test case - NULL mechanism was not passing server identity - fixed - cleaned up test_security_plain and removed option double-checks (made code ugly) - lowered timeout on expect_bounce_fail to 150 msec to speed up checks - removed all sleeps from test_fork and simplified code (it still passes :-)
-
- 20 Aug, 2013 1 commit
-
-
Jeremy Rossi authored
This change adds the socket identity infomartion from the socket to the zap frames. In doing this the ZAP is able preform different operations based on different sockets. This is not compaitable with the current ZAP RFC, but that can be updated. As the ZAP rfc is currently draft for I did not change the version number. Tests also modified and passing.
-
- 18 Jul, 2013 1 commit
-
-
Martin Hurton authored
-
- 01 Jul, 2013 1 commit
-
-
Martin Hurton authored
-
- 28 Jun, 2013 1 commit
-
-
Pieter Hintjens authored
RFC23, RFC24, RFC26 now use variable-length command names that end in null octet (valid C strings) instead of fixed-length space padded strings.
-
- 23 Jun, 2013 1 commit
-
-
Martin Hurton authored
-
- 22 Jun, 2013 3 commits
-
-
Martin Hurton authored
-
Martin Hurton authored
-
Martin Hurton authored
-
- 07 Jun, 2013 1 commit
-
-
Pieter Hintjens authored
- username and password sent as two string frames - fixed test case to match
-
- 06 Jun, 2013 2 commits
-
-
Martin Hurton authored
-
Martin Hurton authored
-
- 18 May, 2013 1 commit
-
-
Pieter Hintjens authored
-
- 17 May, 2013 2 commits
-
-
Pieter Hintjens authored
- we need to switch to PLAIN according to options.mechanism - we need to catch case when both peers are as-server (or neither is) - and to use username/password from options, for client
-
Martin Hurton authored
-
- 14 May, 2013 1 commit
-
-
Martin Hurton authored
This implements protocol handshake. We still need to design and implement 1) API changes so a user can set username and password, and 2) a mechanism for engine to authenticate users.
-