[zeromq-dev] Is ZMQ_PLAIN authentication supposed to do anything?

[MinRK]

Hello,

I'm working on [adding support](https://github.com/zeromq/pyzmq/pull/401)
for 3.3 bits in pyzmq, and I'm testing the authentication mechanisms.  I
translated the [security test](
https://github.com/zeromq/libzmq/blob/master/tests/test_security.cpp) to
Python and it ran just fine.  However, when I checked to confirm that it
actually did something, I changed the password to be incorrect - and the
test *still* ran fine.  This means that ZMQ_PLAIN authentication actually
has no effect, and failed authentication doesn't result in any errors, and
messages still send and receive as normal.  I made the same changes to the
C test with the same result: **failed authentication has no consequence**.
 I confirmed that `receive_and_process_zap_reply` is indeed returning
`rc=-1` and setting `errno=EACCES`, but this does not seem to have any
effect on the behavior of the sockets.

I assume this is not intended. Is the implementation supposed to be
complete at this point?  And what precisely should be the effect of a
failed authentication (i.e. which calls should raise, block, etc.).

Thanks,
-MinRK
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20130825/9f04117c/attachment.htm>