[zeromq-dev] Per publisher filter

Pieter Hintjens ph at imatix.com
Fri May 15 12:46:02 CEST 2015


Take a look at Malamute, which is a lightweight broker you can embed
as a thread in a process. It does PLAIN authentication which we could
extend to CURVE.

https://github.com/zeromq/malamute

On Thu, May 14, 2015 at 11:40 PM, Steve Eley <sfeley at gmail.com> wrote:
> That sounds like a use case for authentication. You could either come up
> with some sort of key distribution/verification scheme and sign every
> message with a sender's unique key, then check it before accepting a message
> as valid; or use the built-in curve encryption with client certificates and
> a custom ZAP handler.  With the latter, you can use zmq_msg_gets (only in
> ZeroMQ 4.1 and later) to check the User ID set at connection handshake with
> the filter string.  If they don't match, disconnect and revoke the malicious
> sender's certificate.
>
> Have Fun,
> Steve Eley
>
>
>
>
> On May 14, 2015, at 4:54 PM, Charles West <crwest at ncsu.edu> wrote:
>
> Hello,
>
> Is there any way to hack together per publisher filters?
>
> I'm working on a application to distribute differential GPS updates from low
> cost single frequency GPS basestations.  The idea is that someone can buy a
> cheap basestation module and provide differential GPS corrections to not
> just their hardware, but that of everyone around them.
>
> My original thought for how to implement this had the basestation creating a
> PUB socket and registering with one or more proxies/aggregators which would
> then subscribe to their corrections feed.  Someone trying to find a nearby
> basestation to subscribe to connects to the proxy, gets a list of the close
> by ones and then subscribes to the proxy with the associated basestation ID
> as the filter.
>
> The problem I am running into is that I don't see any way to prevent a
> malicious user from disrupting not just their stream but everyone else's
> too.  Subscriber sockets don't keep track of which publisher created any
> given message, so I don't have any way to prevent publishers from
> preappending someone else's basestation ID to the messages they publish.
> That means a single user could corrupt everyone else's stream.
>
> Is there any option like ROUTER for subscribers, where messages get IDs
> based on who sent them?  Alternatively, is there some way to make a per
> publisher filter?  I don't think XSUB can do either of those.
>
> Thanks,
> Charlie West
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
>
>
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>



More information about the zeromq-dev mailing list