[zeromq-dev] ZeroMQ 4.0.4 stable released

Pieter Hintjens ph at imatix.com
Sun Mar 16 11:54:41 CET 2014


On Sun, Mar 16, 2014 at 10:30 AM, Frank Hartmann <soundart at gmx.net> wrote:

> The CMake flow did not make it into stable? Was there a special reason?

Stable is a snapshot of git master from a certain point in time, plus
fixes over time. I assume the CMake flow wasn't there when we started
the 4.x stable fork. You could start by making sure it works on libzmq
master. Then we can see about backporting that to the next stable
release.

> And finally I tried the CURVE encryption stuff as I was really curious.
> Enabling it was very easy and non intruisive, congratulations!

Thanks. That was the goal. A lot of people helped make it so.

> Obviously I cannot really judge if it encrypts well, but from looking at
> wireshark traces it looks like a lot of structure is still visible after
> encryption:

There's a small discussion of this on the CurveZMQ RFC. You can expand
small messages to a certain size to avoid such analysis. You can
inject bogus traffic to hide real activity. You'd do this at the
application level. We may eventually move such techniques down into
the library if they prove to work.

> Do you have experienced any reasons why the version should vary
> occasionally?

No. It's not normal; presumably a race of some kind.

> Currently it feels like some sort of race somewhere. Does the client
> block while the encryption is established or could it happen, that the
> first message is sent while other mechanism are still exchanging keys?

The client blocks so it may be an error in libzmq.

> BTW: The comment above the zap_handler does not make sense to me, should it?

It's referring to code that isn't there any longer. I've fixed it and
sent a pull request.

Thanks for the review comments.

-Pieter



More information about the zeromq-dev mailing list