[zeromq-dev] Implementing a ZAP handler in C#

Arnaud Kapp kapp.arno at gmail.com
Thu Jul 23 21:41:34 CEST 2015


Hello,

The authentication should happen automatically if the socket has the
correct option configured (curve server flag, and a private key /
public key).
I am not aware of any limitation of the authentication / security code
when using PUB/SUB. It should work.

I am not familiar enough with C# to know if there is something wrong
with your code, but it looks ok.
Are you able to get this to work using the libzmq C API?

On Thu, Jul 23, 2015 at 7:16 PM, Robert Pickering
<robertfpickering at fastmail.com> wrote:
> I've been continuing to look at this today. To investigate further I
> build my own version of libzmq and added some debug code. What I think I
> see is the handshake in zmq::stream_engine_t::in_event is successful but
> in the sub/pub model the client sends no further data so there's nothing
> to trigger the ZAP handler. Is there anyway to force authentication to
> take place? Or is curve security just not an option with the sub/pub
> model?
>
> Thanks,
> Rob
>
> On Wed, Jul 22, 2015, at 04:54 PM, Robert Pickering wrote:
>> I'm trying to implement a ZAP handler in C#. I've updated the patho
>> sub/pub example to include curve cryptography and tried to add a ZAP
>> handler in the publisher. Here's a gist of what I have so far:
>> https://gist.github.com/robertpi/a140eaa62378c14678ad
>>
>> Basically in the publisher I bind a REP socket to
>> inproc://zeromq.zap.01. I then set the ZMQ_CURVE_SERVER and
>> ZMQ_CURVE_SECRETKEY on the publisher, while on the client I
>> ZMQ_CURVE_SERVERKEY to be the servers public key, and set it's
>> ZMQ_CURVE_PUBLICKEY and ZMQ_CURVE_SECRETKEY to be the clients
>> public/secret key.
>>
>> Before I sent up the curve options the messages follow and the example
>> works just fine. After I set the curve options the messages stop
>> following. I was expecting my ZAP handling method to be called, so I
>> could respond with with whether the client is valid or not, but it seem
>> the ZAP handler never receives a message.
>>
>> I feel I'm missing some simple step to enable the ZAP handler. Do I need
>> to send messages to inproc://zeromq.zap.01 to enable the ZAP handler? I
>> see some examples set a verbosity option and an IP filter, are these
>> messages that need to be sent to inproc://zeromq.zap.01? Or are they
>> values that need to be set somewhere else?
>>
>> Many thanks for any help!
>>
>> Rob
>>
>> --
>>   Robert Pickering
>>   robertfpickering at fastmail.com
>> _______________________________________________
>> zeromq-dev mailing list
>> zeromq-dev at lists.zeromq.org
>> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev



-- 
Kapp Arnaud - Xaqq



More information about the zeromq-dev mailing list