[zeromq-announce] Stable release 4.0.1 now available

Pieter Hintjens ph at imatix.com
Fri Oct 18 13:03:39 CEST 2013

Hi folks,

The stable release ZeroMQ 4.0.1 is now available for download. Thanks
to all the people who helped make this.

The packages are at http://zeromq.org/intro:get-the-software as always.

The full release notes for 4.0.x are below.

Pieter Hintjens
iMatix Corporation

0MQ version 4.0.1 stable, released on 2013/10/08


* Updated CURVE mechanism to track revised RFC 27 (INITIATE vouch).

  The INITIATE command vouch box is Box[C',S](C->S') instead of
  Box[C'](C->S), to reduce the risk of client impersonation, as per

* Fixed LIBZMQ-567, adding abstract namespaces for IPC sockets on Linux.

  Converts an initial strudel or "at sign" (@) in the Unix socket path to
  a NULL character ('\0') indicating that the socket uses the abstract
  namespace instead of the filesystem namespace.  For instance, binding a
  socket to 'ipc://@/tmp/tester' will not create a file associated with
  the socket whereas binding to 'ipc:///tmp/tester' will create the file
  /tmp/tester. See issue 567 for more information.

* Added zmq_z85_encode and zmq_z85_decode to core libzmq API.

* Added zmq_curve_keypair to core libzmq API.

* Bumped library ABI version to 4:0:1.

Bug fixes

* Fixed some build/test errors on OS/X + Clang++.

* Fixed LIBZMQ-565, typo in code.

* Fixed LIBZMQ-566, dealer-to-router connections sometimes failing.

* Fixed builds for AIX, MSVC 2008, OS/X with clang++, Solaris.

* Improved CURVE handshake error handling.

0MQ version 4.0.0 (RC1), released on 2013/09/20

Major changes

* New wire level protocol, ZMTP/3.0, see http://rfc.zeromq.org/spec:23.
  Does not yet implement the SUBSCRIBE, CANCEL, PING, and PONG commands.

* New security framework, from plain user+password to strong encryption,
  see section below. See http://hintjens.com/blog:49 for a tutorial.

* New ZMQ_STREAM socket type for working as a TCP client or server. See:


* You can now connect to an inproc:// endpoint that does not already
  exist. This means inproc:// no longer needs careful set-up, but it may
  break code that relied on the old behaviour. See:

* Libzmq now checks socket types at connection time, so that trying to
  connect a 'wrong' socket type will fail.

* New zmq_ctx_shutdown API method will shutdown a context and send ETERM
  to blocking calls, without blocking. Use zmq_ctx_term to finalise the

* The regression test suite has been significantly extended and improved.

* Contexts can now be terminated in forked child processes. See:

* zmq_disconnect now respects the linger setting on sockets.

* New zmq_send_const API method to send constant data (without copying).
  See: tests/test_inproc_connect.cpp.

* Added CMake support for static libraries.

* Added test cases for socket semantics as defined in RFCs 28, 29, 30, 31.
  See: tests/test_spec_*.cpp.

* New socket option, ZMQ_PROBE_ROUTER triggers an empty message on connect.
  See: tests/test_probe_router.cpp.

* New socket option, ZMQ_REQ_CORRELATE allows for correlation of replies
  from a REP socket. See: tests/test_req_correlate.cpp.

* New socket option, ZMQ_REQ_RELAXED, lets you disable the state machine
  on a REQ socket, so you can send multiple requests without waiting for
  replies, and without getting an EFSM error. See:

* New socket option, ZMQ_CONFLATE restricts the outgoing and incoming
  socket buffers to a single message. See: tests/test_conflate.cpp.

Deprecated Options

* ZMQ_IPV4ONLY deprecated and renamed to ZMQ_IPV6 so that options are
  consistently "off" by default.

* ZMQ_DELAY_ATTACH_ON_CONNECT deprecated, and renamed to ZMQ_IMMEDIATE.
  See: tests/test_immediate.cpp.

Security Framework

Based on new ZMTP wire level protocol that negotiates a security
"mechanism" between client and server before exchanging any other data.

Security mechanisms are extensible. ZMTP defines three by default:

* NULL - classic ZeroMQ, with no authentication. See

* PLAIN - plain-text username + password authentication. See

* CURVE - secure authentication and encryption based on elliptic curve
  cryptography, using the Curve25519 algorithm from Daniel Bernstein and
  based on CurveCP's security handshake. See http://rfc.zeromq.org/spec:25,
  http://rfc.zeromq.org/spec:26, and http://curvecp.org.

Authentication is done by pluggable "authenticators" that connect to libzmq
over an inproc endpoint, see http://rfc.zeromq.org/spec:27.

Socket options to configure PLAIN security on client or server:


Socket options to configure CURVE security on client or server:

  ZMQ_CURVE_SERVERKEY. See tests/test_security_curve.cpp.

Socket options to configure "domain" for ZAP handler:

* ZMQ_ZAP_DOMAIN, see tests/test_security_null.cpp.

Support for encoding/decoding CURVE binary keys to ASCII:

* zmq_z85_encode, zmq_z85_decode.

Other issues addressed in this release

* LIBZMQ-525 Multipart upstreaming from XSUB to XPUB

More information about the zeromq-announce mailing list