Add bindings for CZMQ security primitives #125
Conversation
| @@ -36,6 +36,7 @@ | |||
| #include "main/php_ini.h" | |||
|
|
|||
| #include <zmq.h> | |||
| #include <czmq.h> | |||
There was a problem hiding this comment.
Maybe this should be a conditional dependency?
There was a problem hiding this comment.
Absolutely. I wouldn't remove the WIP tag without that being the case. First though, I'm going to focus on the ZMQAuth and ZMQCurve classes.
|
Added some comments! |
|
I'll remove the WIP status when I've documented the |
phuedx
changed the title
phuedx
changed the title
|
|
|
|
|
Merge conflicts are in zmq.c at the top of the file, near
Maybe add a empty line can help |
|
Thanks @wysman! |
|
Why do you use shadow context in ZMQAuth, and not directly the real context ? |
|
I have a issue on PHP 5.3.10
It's produce a "undefined symbol: object_properties_init" at execution time. |
|
In the private header, |
|
Thank you for your review @wysman. I think that I've addressed your last two points. |
| <?php | ||
|
|
||
| $cert = new ZMQCert(); | ||
| $cert->save('/tmp/cert'); |
There was a problem hiding this comment.
This would not be portable. Can you use DIR instead?
| this = (php_zmq_cert *) zend_object_store_get_object(getThis() TSRMLS_CC); | ||
| public_key = zcert_public_key(this->zcert); | ||
|
|
||
| RETURN_STRINGL((char *) public_key, 32, 1); |
There was a problem hiding this comment.
does public_key need to be freed here as well?
There was a problem hiding this comment.
zcert_public_key returns a pointer to the associated property of the zcert_t struct. With that in mind, I don't think public_key should be freed (and RETURN_STRINGL(..., 1) is correct). This is also the case for zcert_secret_key, zcert_public_txt, and zcert_secret_txt.
|
Sorry for the delay in addressing your review @mkoppanen. I think I've covered it all. |
| // TODO (phuedx, 2014-05-16): CZMQ now supports GSSAPI (see | ||
| // zauth_configure_gssapi). | ||
|
|
||
| default: |
There was a problem hiding this comment.
Unknown auth type should probably throw an exception?
|
Added two comments. Minor changes and after that I am happy to merge! Amazing work |
The ZMQCert class wraps the CZMQ zcert API. Instances of the ZMQCert class can: * have their public and private text inspected, either as 32-byte binary strings or Z85 armoured strings * be tested for equality * be cloned * store and retrieve metadata * have their public and private test saved to and loaded from disk be applied to a ZMQSocket
The ZMQAuth class wraps the CZMQ zauth API. Instances of the ZMQAuth class can: * install a ZAP handler for a ZMQContext * whitelist/blacklist IP addresses * use plain or curve authentication for one or more domains
grasslands.php, strawhouse.php, woodhouse.php, stonehouse.php, and ironhouse.php are faithful translations of Pieter Hintjens' examples of the same names, which he originally published as part of his blog post Using ZeroMQ Security (part 2)[0]. [0] http://hintjens.com/blog:49
|
Thanks @mkoppanen! I also removed a few erroneous |
|
Waiting for travis to finish and then merging. Looking all green this far! |
|
|
Seems like we have one failure: |
|
I'll fix up |
Add bindings for CZMQ security primitives
|
Merged. Thanks! |
|
Congrats ! |
|
|
Add bindings for CZMQ security primitives
This PR adds bindings for the ZeroMQ security primitives,
zcert, andzauth(exposed asZMQCertandZMQAuthrespectively), which are introduced in @hintjens' Using ZeroMQ Security part 1 and part 2.I've also converted all but the last of the examples from part 2 to PHP (see grasslands.php, strawhouse.php, woodhouse.php, stonehouse.php, and ironhouse.php in the examples directory).
Breaking changes
None.
Notes
CZMQ'sSee Fix trying to save zconfig_t to non-existant path czmq#468zconfig_savefunction currently segfaults when the filename isn't writeable. I'm going to send a PR shortly