[zeromq-dev] zauth vs linger time
Sean Robertson
sprobertson at gmail.com
Tue Dec 10 10:30:23 CET 2013
Hello out there!
I have been confounded by something I ran into while learning about
the security additions to 0MQ. I was going through the security
tutorial at http://hintjens.com/blog:49 and everything was cashmere
until the final code snippet.
It happened in the refactored ironhouse2, where the client and server
are running on different threads. I noticed that (after
double-checking zauth_set_verbose was indeed being set) I was not
seeing the "I: ALLOWED (CURVE) ..." output I had just become
accustomed to -- but the test still claimed to have passed. Curious, I
started messing around with the zauth_allow statements and found that
my client would receive no matter what I did to the authentication or
curve settings.
After some prodding it became apparent that letting the server thread
sleep a little longer (another 100ms) the authentication mechanism
would kick in and deny the client connection due to the now bogus
whitelist of 227.0.0.2. Interesting.
I'm still quite a bit confused by it, potentially due to my perilously
weak grasp of C. Did the fact that the linger time was set (100ms)
longer than the zauth mechanism allow the client to read the lingering
message?
Running with libzmq 4.1.0 on OS X 10.7.5
Best,
Sean
More information about the zeromq-dev
mailing list