- 20 Aug, 2017 1 commit
-
-
sigiesec authored
Problem: no tests for client-side events for successful handshake and authentication failure in handshake Solution: added tests for CURVE, add emitting of client-side event in curve_client_t; add ZAP code 300/500 tests for all mechanisms; suppress sending an error message for ZAP code 300
-
- 18 Aug, 2017 3 commits
-
-
sigiesec authored
Solution: extracted common base class curve_mechanism_base_t
-
sigiesec authored
Solution: use check_basic_command_structure in curve_client_t::decode, also prepare other client mechanisms to use that method by rearranging inheritance hierarchy
-
sigiesec authored
Solution: add handshake failure events to curve_client_t
-
- 15 Aug, 2017 2 commits
-
-
Simon Giesecke authored
* Problem: no test case with CURVE encryption and large identity Solution: added test case (currently crashing) * Problem: possible buffer overflow in mechanism_t::add_property Solution: add target buffer length parameter and check the buffer is sufficiently large * Problem: test cases accidentally excluded from build Solution: remove #if/#endif * Problem: possible buffer overruns related to metadata at various locations Solution: allocate buffer large enough for actual metadata, reduce code duplication * Problem: syntax error related to pointer type conversion Solution: change argument type of make_command_with_basic_properties to const char * * Problem: large metadata may cause an assertion in produce_initiate Solution: Allow metadata of arbitrary size in produce_initiate
-
Simon Giesecke authored
* Extracted connect_vanilla_socket function * Problem: no tests for ZMTP-CURVE protocol errors Solution: added two test cases with erroneous HELLO commands * Problem: insufficient tests for ZMTP-CURVE protocol errors Solution: added two test cases with erroneous HELLO command version * Problem: test HELLO message is invalid apart from deliberate errors Solution: create cryptographically correct HELLO message add tweetnacl.c to test_security_curve * Problem: nonce is incorrect, build fails with GCC Solution: use correct non prefix * Problem: make builds are failing Solution: transfer CMake changes to (auto)make files * Problem: nonce is incorrect, build fails with GCC Solution: use correct non prefix * Problem: make builds are failing Solution: transfer CMake changes to (auto)make files * Problem: no test with INITIATE command with invalid length Solution: added test case * Problem: code duplication between test_security_curve.cpp and curve_client.cpp Solution: extracted parts of zmq::curve_client_t::produce_hello into reusable function * Problem: code duplication between test_security_curve.cpp and curve_client.cpp Solution: extracted further parts of zmq::curve_client_t into reusable functions added missing file * Problem: mechanism_t::add_property can be declared static Solution: declare mechanism_t::add_property static * Problem: intermediate crypto data needs to be passed between static function calls to curve_client_tools_t Solution: add non-static member functions * Problem: msg_t instance may be closed twice Solution: remove offending close * Problem: prepare_hello uses static curve_client_tools_t::produce_hello Solution: Use non-static curve_client_tools_t::produce_hello * Problem: no test with invalid command name where INITIATE command is expected Solution: added test case * Problem: make builds are failing due to curve_client_tools.hpp not being found Solution: add curve_client_tools.hpp to list of source files * Problem: wrong initializer order in zmq::curve_client_t Solution: reorder * Problem: under non-Windows systems, test fails because random_open was not called Solution: call random_open/random_close within test * Problem: conflict between custom function htonll and macro definition on Darwin Solution: define htonll function only if not defined as a macro * Problem: nullptr not defined on all platforms Solution: replace nullptr by NULL * Problem: libsodium builds not working Solution: adapt compile and link file sets for libsodium builds * Problem: Makefile.am broken Solution: Fix syntax * Problem: no tests for garbage encrypted cookie or content in INITIATE Solution: added test cases * Problem: test cases accidentally excluded from build Solution: remove #if/#endif * Solution: some error cases are unreachable Problem: for the time being, added some comments without changing the code * Added comments on hard-to-test cases
-
- 04 Aug, 2017 1 commit
-
-
Simon Giesecke authored
Solution: Define them in zmq.h and use them (currently in DRAFT API)
-
- 14 May, 2016 1 commit
-
-
evoskuil authored
-
- 29 Mar, 2016 1 commit
-
-
Nikolay Edigaryev authored
libsodium calls abort() when /dev/urandom can't be found even if one creates ZeroMQ context before calling chroot()[1]. This happens because crypto gets initialized on handshake, and at that moment the process is already chroot'ed. Solution: initialize cryptographic libraries in ctx randombytes_close() is already there in the destructor. [1] https://download.libsodium.org/doc/usage/index.html
-
- 01 Mar, 2016 1 commit
-
-
Pieter Hintjens authored
Libsodium has started returning -1 in some cases. Solution: allow and handle error returns from these calls. Fixes #1831
-
- 18 Feb, 2016 1 commit
-
-
Osiris authored
Solution: Phase I - make precompiled.hpp be first file included in every source file
-
- 11 Feb, 2016 2 commits
-
-
Pieter Hintjens authored
- they have no copyright / license statement - they are in some randomish directory structure - they are a mix of postable and non-portable files - they do not conform to conditional compile environment Overall, it makes it rather more work than needed, in build scripts. Solution: clean up tweetnacl sauce. - merged code into single tweetnacl.c and .h - standard copyright header, DJB to AUTHORS - moved into src/ along with all other source files - all system and conditional compilation hidden in these files - thus, they can be compiled and packaged in all cases - ZMQ_USE_TWEETNACL is set when we're using built-in tweetnacl - HAVE_LIBSODIUM is set when we're using external libsodium
-
Pieter Hintjens authored
It's unclear which we need and in the source code, conditional code treats tweetnacl as a subclass of libsodium, which is inaccurate. Solution: redesign the configure/cmake API for this: * tweetnacl is present by default and cannot be enabled * libsodium can be enabled using --with-libsodium, which replaces the built-in tweetnacl * CURVE encryption can be disabled entirely using --enable-curve=no The macros we define in platform.hpp are: ZMQ_HAVE_CURVE 1 // When CURVE is enabled HAVE_LIBSODIUM 1 // When we are using libsodium HAVE_TWEETNACL 1 // When we're using tweetnacl (default) As of this patch, the default build of libzmq always has CURVE security, and always uses tweetnacl.
-
- 28 Jan, 2016 1 commit
-
-
Constantin Rack authored
Solution: update to 2016
-
- 24 Jun, 2015 1 commit
-
-
Jonathan Reams authored
This commit adds ZMTP connection heartbeats described in http://rfc.zeromq.org/spec:37/ZMTP.
-
- 02 Jun, 2015 1 commit
-
-
Pieter Hintjens authored
Of course people still "can" distributed the sources under the LGPLv3. However we provide COPYING.LESSER with additional grants. Solution: specify these grants in the header of each source file.
-
- 22 Jan, 2015 1 commit
-
-
Pieter Hintjens authored
Solution: update for 2015 Fixes #1320
-
- 08 Nov, 2014 1 commit
-
-
Constantin Rack authored
There are two todo comments in curve_client.cpp and curve_server.cpp that suggest checking the return code of sodium_init() call. sodium_init() returns -1 on error, 0 on success and 1 if it has been called before and is already initalized: https://github.com/jedisct1/libsodium/blob/master/src/libsodium/sodium/core.c
-
- 20 Sep, 2014 1 commit
-
-
Matthew Hawn authored
Solution: ensure message short nonces are strictly increasing and validate them
-
- 15 May, 2014 1 commit
-
-
Martin Hurton authored
-
- 08 May, 2014 4 commits
- 06 May, 2014 1 commit
-
-
Martin Hurton authored
-
- 02 May, 2014 1 commit
-
-
Pieter Hintjens authored
- also prioritize ZAP metadata over ZMTP metadata in case application uses same names.
-
- 01 May, 2014 1 commit
-
-
Frank authored
-
- 02 Jan, 2014 1 commit
-
-
Pieter Hintjens authored
-
- 24 Sep, 2013 1 commit
-
-
Pieter Hintjens authored
* The INITIATE command vouch box is Box[C',S](C->S') instead of Box[C'](C->S), as recommended by https://codesinchaos.wordpress.com/2012/09/09/curvecp-1/, to reduce the risk of client impersonation. * Mirrors the change in libcurve and CurveZMQ specifications.
-
- 17 Sep, 2013 2 commits
-
-
Pieter Hintjens authored
This reverts commit bfd472f9.
-
Laurent Alebarde authored
-
- 04 Sep, 2013 1 commit
-
-
Pieter Hintjens authored
* Command names changed from null terminated to length-specified * Command frames use the correct flag (bit 2) * test_stream acts as test case for command frames * Some code cleanups
-
- 01 Jul, 2013 1 commit
-
-
Martin Hurton authored
-
- 28 Jun, 2013 1 commit
-
-
Pieter Hintjens authored
RFC23, RFC24, RFC26 now use variable-length command names that end in null octet (valid C strings) instead of fixed-length space padded strings.
-
- 23 Jun, 2013 1 commit
-
-
Martin Hurton authored
-
- 22 Jun, 2013 3 commits
-
-
Martin Hurton authored
-
Martin Hurton authored
-
Martin Hurton authored
-
- 20 Jun, 2013 2 commits
-
-
Pieter Hintjens authored
- ZMQ_CURVE_PUBLICKEY for clients and servers - ZMQ_CURVE_SECRETKEY for clients - ZMQ_CURVE_SERVERKEY for clients - ZMQ_CURVE_SERVER for servers - added tools/curve_keygen.c as example - updated man pages
-
Martin Hurton authored
-