Hi folks,


The stable release ZeroMQ 4.0.1 is now available for download. Thanks
to all the people who helped make this.


The packages are at http://zeromq.org/intro:get-the-software as always.


The full release notes for 4.0.x are below.


Pieter Hintjens
iMatix Corporation




0MQ version 4.0.1 stable, released on 2013/10/08
================================================


Changes
-------


* Updated CURVE mechanism to track revised RFC 27 (INITIATE vouch).


   The INITIATE command vouch box is Box[C',S](C->S') instead of
   Box[C'](C->S), to reduce the risk of client impersonation, as per
   https://codesinchaos.wordpress.com/2012/09/09/curvecp-1/.


* Fixed LIBZMQ-567, adding abstract namespaces for IPC sockets on Linux.


   Converts an initial strudel or "at sign" (@) in the Unix socket path to
   a NULL character ('\0') indicating that the socket uses the abstract
   namespace instead of the filesystem namespace. For instance, binding a
   socket to 'ipc://@/tmp/tester' will not create a file associated with
   the socket whereas binding to 'ipc:///tmp/tester' will create the file
   /tmp/tester. See issue 567 for more information.


* Added zmq_z85_encode and zmq_z85_decode to core libzmq API.


* Added zmq_curve_keypair to core libzmq API.


* Bumped library ABI version to 4:0:1.


Bug fixes
---------


* Fixed some build/test errors on OS/X + Clang++.


* Fixed LIBZMQ-565, typo in code.


* Fixed LIBZMQ-566, dealer-to-router connections sometimes failing.


* Fixed builds for AIX, MSVC 2008, OS/X with clang++, Solaris.


* Improved CURVE handshake error handling.




0MQ version 4.0.0 (RC1), released on 2013/09/20
===============================================


Major changes
-------------


* New wire level protocol, ZMTP/3.0, see http://rfc.zeromq.org/spec:23.
   Does not yet implement the SUBSCRIBE, CANCEL, PING, and PONG commands.


* New security framework, from plain user+password to strong encryption,
   see section below. See http://hintjens.com/blog:49 for a tutorial.


* New ZMQ_STREAM socket type for working as a TCP client or server. See:
   tests/test_stream.cpp.


Improvements
------------


* You can now connect to an inproc:// endpoint that does not already
   exist. This means inproc:// no longer needs careful set-up, but it may
   break code that relied on the old behaviour. See:
   tests/test_inproc_connect.cpp.


* Libzmq now checks socket types at connection time, so that trying to
   connect a 'wrong' socket type will fail.


* New zmq_ctx_shutdown API method will shutdown a context and send ETERM
   to blocking calls, without blocking. Use zmq_ctx_term to finalise the
   process.


* The regression test suite has been significantly extended and improved.


* Contexts can now be terminated in forked child processes. See:
   tests/test_fork.cpp.


* zmq_disconnect now respects the linger setting on sockets.


* New zmq_send_const API method to send constant data (without copying).
   See: tests/test_inproc_connect.cpp.


* Added CMake support for static libraries.


* Added test cases for socket semantics as defined in RFCs 28, 29, 30, 31.
   See: tests/test_spec_*.cpp.


* New socket option, ZMQ_PROBE_ROUTER triggers an empty message on connect.
   See: tests/test_probe_router.cpp.


* New socket option, ZMQ_REQ_CORRELATE allows for correlation of replies
   from a REP socket. See: tests/test_req_correlate.cpp.


* New socket option, ZMQ_REQ_RELAXED, lets you disable the state machine
   on a REQ socket, so you can send multiple requests without waiting for
   replies, and without getting an EFSM error. See:
   tests/test_req_relaxed.cpp.


* New socket option, ZMQ_CONFLATE restricts the outgoing and incoming
   socket buffers to a single message. See: tests/test_conflate.cpp.


Deprecated Options
------------------


* ZMQ_IPV4ONLY deprecated and renamed to ZMQ_IPV6 so that options are
   consistently "off" by default.


* ZMQ_DELAY_ATTACH_ON_CONNECT deprecated, and renamed to ZMQ_IMMEDIATE.
   See: tests/test_immediate.cpp.


Security Framework
------------------


Based on new ZMTP wire level protocol that negotiates a security
"mechanism" between client and server before exchanging any other data.


Security mechanisms are extensible. ZMTP defines three by default:


* NULL - classic ZeroMQ, with no authentication. See
   http://rfc.zeromq.org/spec:23.


* PLAIN - plain-text username + password authentication. See
   http://rfc.zeromq.org/spec:24.


* CURVE - secure authentication and encryption based on elliptic curve
   cryptography, using the Curve25519 algorithm from Daniel Bernstein and
   based on CurveCP's security handshake. See http://rfc.zeromq.org/spec:25,
   http://rfc.zeromq.org/spec:26, and http://curvecp.org.


Authentication is done by pluggable "authenticators" that connect to libzmq
over an inproc endpoint, see http://rfc.zeromq.org/spec:27.


Socket options to configure PLAIN security on client or server:


* ZMQ_PLAIN_SERVER, ZMQ_PLAIN_USERNAME, ZMQ_PLAIN_PASSWORD. See
   tests/test_security_plain.


Socket options to configure CURVE security on client or server:


* ZMQ_CURVE_SERVER, ZMQ_CURVE_PUBLICKEY, ZMQ_CURVE_SECRETKEY,
   ZMQ_CURVE_SERVERKEY. See tests/test_security_curve.cpp.


Socket options to configure "domain" for ZAP handler:


* ZMQ_ZAP_DOMAIN, see tests/test_security_null.cpp.


Support for encoding/decoding CURVE binary keys to ASCII:


* zmq_z85_encode, zmq_z85_decode.


Other issues addressed in this release
--------------------------------------


* LIBZMQ-525 Multipart upstreaming from XSUB to XPUB

Search Discussions

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupzeromq-announce @
categorieszeromq
postedOct 18, '13 at 11:03a
activeOct 18, '13 at 11:03a
posts1
users1
websitezeromq.org
irc#zeromq

1 user in discussion

Pieter Hintjens: 1 post

People

Translate

site design / logo © 2021 Grokbase