[zeromq-dev] Using zmq for a chat server protocol

[Pieter Hintjens]

On Tue, Apr 12, 2011 at 9:32 PM, Dan Ellis <dan at remember.this.name> wrote:

> I'm re-posting this here, because the IRC channel is very quiet.

Easter holidays, at least in some parts of the world...

> I was thinking zmq would be an excellent protocol to build upon for a
> chat server...

For sure.

> I could have the authentication cause a new, dedicated PUB socket to
> be created, and give its port number in the response, but that would
> lead to a race condition where someone else could connect as soon as
> it was opened.

I've not yet covered authenticated pub-sub in the Guide but there are
a few options. I'd avoid 'secret' ports since it's trivial to discover
open ports by scanning.

The proper, secure, way is to authenticate clients on one port, which
would be a ROUTER in the server and a REQ or DEALER in the client, and
then provide the clients with a key. A good pattern would be the
Freelance pattern from the Guide Chapter 4.

Secondly, to encrypt each channel with a key, so the clients can
decrypt it, and use a single pub/sub socket for all channels.

Encrypting/decrypting like this will cost a little CPU but that's not
relevant for chat. You can then authenticate per client/channel, and
create public channels that aren't encrypted, vs. private ones that
are.

Hope this helps.

-Pieter