-
Notifications
You must be signed in to change notification settings - Fork 119
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add bindings for CZMQ security primitives #125
Conversation
@@ -36,6 +36,7 @@ | |||
#include "main/php_ini.h" | |||
|
|||
#include <zmq.h> | |||
#include <czmq.h> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe this should be a conditional dependency?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Absolutely. I wouldn't remove the WIP tag without that being the case. First though, I'm going to focus on the ZMQAuth
and ZMQCurve
classes.
Added some comments! |
I'll remove the WIP status when I've documented the |
|
|
Merge conflicts are in zmq.c at the top of the file, near
Maybe add a empty line can help |
Thanks @wysman! |
Why do you use shadow context in ZMQAuth, and not directly the real context ? |
I have a issue on PHP 5.3.10
It's produce a "undefined symbol: object_properties_init" at execution time. |
In the private header, |
Thank you for your review @wysman. I think that I've addressed your last two points. |
<?php | ||
|
||
$cert = new ZMQCert(); | ||
$cert->save('/tmp/cert'); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This would not be portable. Can you use DIR instead?
this = (php_zmq_cert *) zend_object_store_get_object(getThis() TSRMLS_CC); | ||
public_key = zcert_public_key(this->zcert); | ||
|
||
RETURN_STRINGL((char *) public_key, 32, 1); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
does public_key need to be freed here as well?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
zcert_public_key
returns a pointer to the associated property of the zcert_t
struct. With that in mind, I don't think public_key
should be freed (and RETURN_STRINGL(..., 1)
is correct). This is also the case for zcert_secret_key
, zcert_public_txt
, and zcert_secret_txt
.
Sorry for the delay in addressing your review @mkoppanen. I think I've covered it all. |
// TODO (phuedx, 2014-05-16): CZMQ now supports GSSAPI (see | ||
// zauth_configure_gssapi). | ||
|
||
default: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unknown auth type should probably throw an exception?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
Added two comments. Minor changes and after that I am happy to merge! Amazing work |
The ZMQCert class wraps the CZMQ zcert API. Instances of the ZMQCert class can: * have their public and private text inspected, either as 32-byte binary strings or Z85 armoured strings * be tested for equality * be cloned * store and retrieve metadata * have their public and private test saved to and loaded from disk be applied to a ZMQSocket
The ZMQAuth class wraps the CZMQ zauth API. Instances of the ZMQAuth class can: * install a ZAP handler for a ZMQContext * whitelist/blacklist IP addresses * use plain or curve authentication for one or more domains
grasslands.php, strawhouse.php, woodhouse.php, stonehouse.php, and ironhouse.php are faithful translations of Pieter Hintjens' examples of the same names, which he originally published as part of his blog post Using ZeroMQ Security (part 2)[0]. [0] http://hintjens.com/blog:49
Thanks @mkoppanen! I also removed a few erroneous |
Waiting for travis to finish and then merging. Looking all green this far! |
|
Seems like we have one failure:
|
I'll fix up |
Add bindings for CZMQ security primitives
Merged. Thanks! |
Congrats ! |
Add bindings for CZMQ security primitives
This PR adds bindings for the ZeroMQ security primitives,
zcert
, andzauth
(exposed asZMQCert
andZMQAuth
respectively), which are introduced in @hintjens' Using ZeroMQ Security part 1 and part 2.I've also converted all but the last of the examples from part 2 to PHP (see grasslands.php, strawhouse.php, woodhouse.php, stonehouse.php, and ironhouse.php in the examples directory).
Breaking changes
None.
Notes
CZMQ'sSee Fix trying to save zconfig_t to non-existant path czmq#468zconfig_save
function currently segfaults when the filename isn't writeable. I'm going to send a PR shortly