[zeromq-dev] Per publisher filter

Steve Eley sfeley at gmail.com
Thu May 14 23:40:15 CEST 2015


That sounds like a use case for authentication. You could either come up with some sort of key distribution/verification scheme and sign every message with a sender's unique key, then check it before accepting a message as valid; or use the built-in curve encryption with client certificates and a custom ZAP handler.  With the latter, you can use zmq_msg_gets (only in ZeroMQ 4.1 and later) to check the User ID set at connection handshake with the filter string.  If they don't match, disconnect and revoke the malicious sender's certificate.  

Have Fun,
Steve Eley




> On May 14, 2015, at 4:54 PM, Charles West <crwest at ncsu.edu> wrote:
> 
> Hello,
> 
> Is there any way to hack together per publisher filters?
> 
> I'm working on a application to distribute differential GPS updates from low cost single frequency GPS basestations.  The idea is that someone can buy a cheap basestation module and provide differential GPS corrections to not just their hardware, but that of everyone around them.
> 
> My original thought for how to implement this had the basestation creating a PUB socket and registering with one or more proxies/aggregators which would then subscribe to their corrections feed.  Someone trying to find a nearby basestation to subscribe to connects to the proxy, gets a list of the close by ones and then subscribes to the proxy with the associated basestation ID as the filter.
> 
> The problem I am running into is that I don't see any way to prevent a malicious user from disrupting not just their stream but everyone else's too.  Subscriber sockets don't keep track of which publisher created any given message, so I don't have any way to prevent publishers from preappending someone else's basestation ID to the messages they publish.  That means a single user could corrupt everyone else's stream.
> 
> Is there any option like ROUTER for subscribers, where messages get IDs based on who sent them?  Alternatively, is there some way to make a per publisher filter?  I don't think XSUB can do either of those.
> 
> Thanks,
> Charlie West
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20150514/23f64232/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4877 bytes
Desc: not available
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20150514/23f64232/attachment.bin>


More information about the zeromq-dev mailing list