[zeromq-dev] some ideas for the xauth module in czmq
Peter Kleiweg
pkleiweg at xs4all.nl
Fri Jun 27 22:06:54 CEST 2014
I have been looking again at the security features in de Go
bindings for ZeroMQ, in github.com/pebbe/zmq4 .
Earlier, I wrote something that offers similar functionality as
the xauth module in czmq. It supports domains, which are not
supported yet in xauth (I think I read that somewhere).
Now I have come up with two new features. I think they might be
useful for xauth too. Both have to do with whitelist and
blacklist.
One thing I added was to use domains for these too, just like
already used for plain users and curve public user keys.
Since there can be only one ZAP socket, all differentiation has
to be done based on socket domains. So you really need this.
The other is to support not only IP addresses, but also IP
networks, e.g. 123.45.67.0/24
--
Peter Kleiweg
http://pkleiweg.home.xs4all.nl/
More information about the zeromq-dev
mailing list