[zeromq-dev] debugging curve handshake

Drew Crawford drew at sealedabstract.com
Sat Feb 15 01:50:27 CET 2014


Just an update for you, I recorded the trace in Wireshark and compared against the spec at http://curvezmq.org/page:read-the-docs#toc9.  It appears that the server is sending FIN (disconnecting) after receiving a HELLO packet.  According to the documentation:

> The server SHALL validate all fields and SHALL reject and disconnect clients who send malformed HELLO commands.

So it would appear something is wrong with the client’s hello.

I am still investigating to figure out what is wrong with the hello, but this seems like an opportune moment to object to the client’s behavior.  The client is just reconnecting over and over to the server, wasting server resources, only to be rejected and immediately reconnect.  The libzmq client should report some kind of useful error and give up in this case.


On Feb 14, 2014, at 8:20 AM, Drew Crawford <drew at sealedabstract.com> wrote:

> It returns 0, which I think is the pass condition.  Good idea though, I wouldn’t have thought of that.
> 
> 
> On Feb 14, 2014, at 7:51 AM, Laurent Alebarde <l.alebarde at free.fr> wrote:
> 
>> Does the selftest test_security_curve pass ?
>> 
>> Le 14/02/2014 14:39, Drew Crawford a écrit :
>>> Hello folks,
>>> 
>>> For some reason, a message sent from the REQ side of a REQ/ROUTER isn’t arriving.  I know from experience this is some kind of CURVE issue, but I have stared at my curve usage for several hours now without seeing the problem.  I’m hoping to collect some general strategies on how to debug curve authentication issues as I seem to hit problems like this from time to time.
>>> 
>>> Some notes:
>>> 
>>> It’s definitely a curve issue, as when I turn off curve authentication on both sides everything works fine.
>>> Everybody’s on zeromq-4.0.3
>>> I’m reasonably sure the issue is client-side, as a test client written in Python authenticates with the server successfully.
>>> The server’s ZAP handler is never called, so something bad is happening very early
>>> I’ve checked the obvious things: the server’s port is open, the client is setting all three of ZMQ_CURVE_PUBLICKEY, ZMQ_CURVE_SECRETKEY, and ZMQ_CURVE_SERVERKEY to what look like reasonable values
>>> Client and server don’t have any zeromq errors returned during send, receive, or setsockopt
>>> Server is running pyzmq on python 3.3 on Darwin, client is a C client built for the iPhoneSimulator which is i386-apple-darwin.
>>> 
>>> An obvious next step is to verify at the TCP level that a connection is being established, but I’m not totally sure what I can check that would verify that.
>>> 
>>> Beyond that I am interested in your thoughts on what I should test.  I really think there should be some better errors for CURVE issues as I seem to get stuck here a lot.  But for now I will settle for understanding what is wrong…
>>> 
>>> Drew
>>> 
>>> 
>>> 
>>> 
>>> _______________________________________________
>>> zeromq-dev mailing list
>>> zeromq-dev at lists.zeromq.org
>>> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>> 
>> _______________________________________________
>> zeromq-dev mailing list
>> zeromq-dev at lists.zeromq.org
>> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20140214/424a1e1a/attachment.htm>


More information about the zeromq-dev mailing list