[zeromq-dev] CURVE I: cannot open client INITIATE vouch
Bachmair Florian - flexSolution GmbH
Florian.Bachmair at flexsolution.eu
Wed Mar 11 09:20:44 CET 2015
Hi!
I have generated the certificates with 'makecert' and put it in individual .curve folders for the subscriber and publisher.
If I let the publisher use the private certificate and the subscriber the public one I get this output :" CURVE I: cannot open client INITIATE vouch"
But if I use private key on publisher AND subscriber side it works, but that's not the way it should be?!
subscriber.c
#include "czmq.h"
static char * s_recv(void *socket);
int main(int argc, char **argv) {
puts("Subscriber");
zctx_t* context = zctx_new();
void* subscriber = zsocket_new(context, ZMQ_SUB);
zcert_t *client_cert = zcert_load(".curve/mycert.pub");
char* server_key = zcert_public_txt(client_cert);
puts(server_key);
assert(client_cert);
zcert_apply(client_cert, subscriber);
zsocket_set_curve_serverkey(subscriber, server_key);
zsocket_connect(subscriber, "tcp://127.0.0.1:55555");
zmq_setsockopt(subscriber, ZMQ_SUBSCRIBE, "B", 1);
while (1) {
// Read envelope with address
char *address = s_recv(subscriber);
// Read message contents
char *contents = s_recv(subscriber);
printf("[%s] %s\n", address, contents);
free(address);
free(contents);
}
// We never get here, but clean up anyhow
zmq_close(subscriber);
zmq_ctx_destroy(context);
return 0;
}
static char * s_recv(void *socket) {
char buffer[256];
int size = zmq_recv(socket, buffer, 255, 0);
if (size == -1)
return NULL;
if (size > 255)
size = 255;
buffer[size] = 0;
return strdup(buffer);
}
##########################################################################
publisher.c
#include "czmq.h"
static int s_send(void *socket, char *string);
static int s_sendmore(void *socket, char *string);
int main(void) {
puts("Publisher");
int major, minor, patch;
zmq_version(&major, &minor, &patch);
printf("Current ØMQ version is %d.%d.%d\n", major, minor, patch);
zctx_t *context = zctx_new();
zauth_t *auth = zauth_new(context);
zauth_allow(auth, "127.0.0.1");
assert(auth);
zauth_set_verbose(auth, true);
zauth_configure_curve(auth, "*", ".curve");
zcert_t *server_cert = zcert_load(".curve/mycert.pvt");
assert(server_cert);
void *publisher = zsocket_new(context, ZMQ_PUB);
zcert_apply(server_cert, publisher);
zsocket_set_curve_server(publisher, 1);
int rc = zsocket_bind(publisher, "tcp://*:55555");
assert (rc != -1);
while (1) {
s_sendmore(publisher, "A");
s_send(publisher, "We don't want to see this");
s_sendmore(publisher, "B");
s_send(publisher, "We would like to see this");
sleep(1);
}
zmq_close(publisher);
zmq_ctx_destroy(context);
puts("exit");
return 0;
}
// Convert C string to 0MQ string and send to socket
static int s_send(void *socket, char *string) {
int size = zmq_send(socket, string, strlen(string), 0);
return size;
}
// Sends string as 0MQ string, as multipart non-terminal
static int s_sendmore(void *socket, char *string) {
int size = zmq_send(socket, string, strlen(string), ZMQ_SNDMORE);
return size;
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20150311/43026c4d/attachment.htm>
More information about the zeromq-dev
mailing list