[zeromq-announce] Stable release 4.0.1 now available
Pieter Hintjens
ph at imatix.com
Fri Oct 18 13:03:39 CEST 2013
Hi folks,
The stable release ZeroMQ 4.0.1 is now available for download. Thanks
to all the people who helped make this.
The packages are at http://zeromq.org/intro:get-the-software as always.
The full release notes for 4.0.x are below.
Pieter Hintjens
iMatix Corporation
0MQ version 4.0.1 stable, released on 2013/10/08
================================================
Changes
-------
* Updated CURVE mechanism to track revised RFC 27 (INITIATE vouch).
The INITIATE command vouch box is Box[C',S](C->S') instead of
Box[C'](C->S), to reduce the risk of client impersonation, as per
https://codesinchaos.wordpress.com/2012/09/09/curvecp-1/.
* Fixed LIBZMQ-567, adding abstract namespaces for IPC sockets on Linux.
Converts an initial strudel or "at sign" (@) in the Unix socket path to
a NULL character ('\0') indicating that the socket uses the abstract
namespace instead of the filesystem namespace. For instance, binding a
socket to 'ipc://@/tmp/tester' will not create a file associated with
the socket whereas binding to 'ipc:///tmp/tester' will create the file
/tmp/tester. See issue 567 for more information.
* Added zmq_z85_encode and zmq_z85_decode to core libzmq API.
* Added zmq_curve_keypair to core libzmq API.
* Bumped library ABI version to 4:0:1.
Bug fixes
---------
* Fixed some build/test errors on OS/X + Clang++.
* Fixed LIBZMQ-565, typo in code.
* Fixed LIBZMQ-566, dealer-to-router connections sometimes failing.
* Fixed builds for AIX, MSVC 2008, OS/X with clang++, Solaris.
* Improved CURVE handshake error handling.
0MQ version 4.0.0 (RC1), released on 2013/09/20
===============================================
Major changes
-------------
* New wire level protocol, ZMTP/3.0, see http://rfc.zeromq.org/spec:23.
Does not yet implement the SUBSCRIBE, CANCEL, PING, and PONG commands.
* New security framework, from plain user+password to strong encryption,
see section below. See http://hintjens.com/blog:49 for a tutorial.
* New ZMQ_STREAM socket type for working as a TCP client or server. See:
tests/test_stream.cpp.
Improvements
------------
* You can now connect to an inproc:// endpoint that does not already
exist. This means inproc:// no longer needs careful set-up, but it may
break code that relied on the old behaviour. See:
tests/test_inproc_connect.cpp.
* Libzmq now checks socket types at connection time, so that trying to
connect a 'wrong' socket type will fail.
* New zmq_ctx_shutdown API method will shutdown a context and send ETERM
to blocking calls, without blocking. Use zmq_ctx_term to finalise the
process.
* The regression test suite has been significantly extended and improved.
* Contexts can now be terminated in forked child processes. See:
tests/test_fork.cpp.
* zmq_disconnect now respects the linger setting on sockets.
* New zmq_send_const API method to send constant data (without copying).
See: tests/test_inproc_connect.cpp.
* Added CMake support for static libraries.
* Added test cases for socket semantics as defined in RFCs 28, 29, 30, 31.
See: tests/test_spec_*.cpp.
* New socket option, ZMQ_PROBE_ROUTER triggers an empty message on connect.
See: tests/test_probe_router.cpp.
* New socket option, ZMQ_REQ_CORRELATE allows for correlation of replies
from a REP socket. See: tests/test_req_correlate.cpp.
* New socket option, ZMQ_REQ_RELAXED, lets you disable the state machine
on a REQ socket, so you can send multiple requests without waiting for
replies, and without getting an EFSM error. See:
tests/test_req_relaxed.cpp.
* New socket option, ZMQ_CONFLATE restricts the outgoing and incoming
socket buffers to a single message. See: tests/test_conflate.cpp.
Deprecated Options
------------------
* ZMQ_IPV4ONLY deprecated and renamed to ZMQ_IPV6 so that options are
consistently "off" by default.
* ZMQ_DELAY_ATTACH_ON_CONNECT deprecated, and renamed to ZMQ_IMMEDIATE.
See: tests/test_immediate.cpp.
Security Framework
------------------
Based on new ZMTP wire level protocol that negotiates a security
"mechanism" between client and server before exchanging any other data.
Security mechanisms are extensible. ZMTP defines three by default:
* NULL - classic ZeroMQ, with no authentication. See
http://rfc.zeromq.org/spec:23.
* PLAIN - plain-text username + password authentication. See
http://rfc.zeromq.org/spec:24.
* CURVE - secure authentication and encryption based on elliptic curve
cryptography, using the Curve25519 algorithm from Daniel Bernstein and
based on CurveCP's security handshake. See http://rfc.zeromq.org/spec:25,
http://rfc.zeromq.org/spec:26, and http://curvecp.org.
Authentication is done by pluggable "authenticators" that connect to libzmq
over an inproc endpoint, see http://rfc.zeromq.org/spec:27.
Socket options to configure PLAIN security on client or server:
* ZMQ_PLAIN_SERVER, ZMQ_PLAIN_USERNAME, ZMQ_PLAIN_PASSWORD. See
tests/test_security_plain.
Socket options to configure CURVE security on client or server:
* ZMQ_CURVE_SERVER, ZMQ_CURVE_PUBLICKEY, ZMQ_CURVE_SECRETKEY,
ZMQ_CURVE_SERVERKEY. See tests/test_security_curve.cpp.
Socket options to configure "domain" for ZAP handler:
* ZMQ_ZAP_DOMAIN, see tests/test_security_null.cpp.
Support for encoding/decoding CURVE binary keys to ASCII:
* zmq_z85_encode, zmq_z85_decode.
Other issues addressed in this release
--------------------------------------
* LIBZMQ-525 Multipart upstreaming from XSUB to XPUB
More information about the zeromq-announce
mailing list