[zeromq-dev] Can I change a socket mechanism after a connect ?
Laurent Alebarde
l.alebarde at free.fr
Tue Dec 10 19:51:14 CET 2013
The identity is set in stream.cpp / zmq::stream_t::identify_peer from a
counter. So, there is no possibility to hack it since other sockets may
be interleaved. It is not built with masks, or possibly the base number,
I have still some hopes here.
Otherwise, I assume that's the connect which is at the origin of that
process. Then I may find a simplier hack in avoiding to
disconnect/reconnect the socket and find how to force a new handcheck,
providing that the new settings (CURVE) will be taken into account.
Advices are welcome.....
Le 10/12/2013 18:38, Laurent Alebarde a écrit :
> When I disconnect and reconnect after having changed the mechanism to
> CURVE, the identity is changed. As I need the same identity as of the
> beginning of the handcheck, I cannot wait its setting from the
> metadata information, set by the socket identity option.
>
> So both solutions cannot work.
>
> The three last solutions for me are:
>
> 1. Move to ZMTP 3.1 with big changes to enable CURVE proxying -> I
> won't go that way myself.
> 2. Use libcurve instead of ZMTP-CURVE -> Complex with all the updates
> I would have to perform in my application.
> 3. Ack the default identity to make it independant of the mechanism
> -> I will try this one.
>
>
> Le 10/12/2013 11:45, Laurent Alebarde a écrit :
>> Thanks Pieter for your reply.
>>
>> "nor is there any sense in it" : The usual opinion is that when one
>> invent the wheel, he doesn't know 90% of the usefull applications
>> others will do with it. In my use case, it concerns curve proxying.
>> Registering workers under NULL before making the proxy active with
>> CURVE is simplier.
>>
>> So, may I assume it is alright if I I zmq_disconnect, change the
>> security options of the socket, and re-zmq_connect ?
>>
>> Other solution from our other discussion, may I assume I can use a
>> specific NULL socket between the worker and the proxy, just for
>> registration, and setting the same identities on both sockets, the
>> NULL one for registration, and the CURVE one that shall be proxified ?
>>
>>
>> Le 10/12/2013 10:15, Pieter Hintjens a écrit :
>>> The security mechanism, like some other socket options, applies to the
>>> next connection (in or outgoing). A single TCP connection cannot
>>> switch between mechanisms. There's no protocol for that, nor is there
>>> any sense in it. Changing security level on a socket after having
>>> connections is also dangerous and we've discussed banning it.
>>>
>>>
>>> On Mon, Dec 9, 2013 at 3:24 PM, Laurent Alebarde<l.alebarde at free.fr> wrote:
>>>> Hi Devs,
>>>>
>>>> Is it possible to start a socket as NULL, send some messages, then change
>>>> the socket to CURVE ?
>>>> Does the identity of the socket change in the process ?
>>>>
>>>> Cheers,
>>>>
>>>>
>>>> Laurent
>>>>
>>>> _______________________________________________
>>>> zeromq-dev mailing list
>>>> zeromq-dev at lists.zeromq.org
>>>> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>>>>
>>> _______________________________________________
>>> zeromq-dev mailing list
>>> zeromq-dev at lists.zeromq.org
>>> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>>
>>
>>
>>
>>
>> _______________________________________________
>> zeromq-dev mailing list
>> zeromq-dev at lists.zeromq.org
>> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
>
>
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20131210/a7ba71f1/attachment.htm>
More information about the zeromq-dev
mailing list