[zeromq-dev] Per publisher filter

Charles West crwest at ncsu.edu
Fri May 15 18:25:31 CEST 2015


Thank you!

On Fri, May 15, 2015 at 6:46 AM, Pieter Hintjens <ph at imatix.com> wrote:

> Take a look at Malamute, which is a lightweight broker you can embed
> as a thread in a process. It does PLAIN authentication which we could
> extend to CURVE.
>
> https://github.com/zeromq/malamute
>
> On Thu, May 14, 2015 at 11:40 PM, Steve Eley <sfeley at gmail.com> wrote:
> > That sounds like a use case for authentication. You could either come up
> > with some sort of key distribution/verification scheme and sign every
> > message with a sender's unique key, then check it before accepting a
> message
> > as valid; or use the built-in curve encryption with client certificates
> and
> > a custom ZAP handler.  With the latter, you can use zmq_msg_gets (only in
> > ZeroMQ 4.1 and later) to check the User ID set at connection handshake
> with
> > the filter string.  If they don't match, disconnect and revoke the
> malicious
> > sender's certificate.
> >
> > Have Fun,
> > Steve Eley
> >
> >
> >
> >
> > On May 14, 2015, at 4:54 PM, Charles West <crwest at ncsu.edu> wrote:
> >
> > Hello,
> >
> > Is there any way to hack together per publisher filters?
> >
> > I'm working on a application to distribute differential GPS updates from
> low
> > cost single frequency GPS basestations.  The idea is that someone can
> buy a
> > cheap basestation module and provide differential GPS corrections to not
> > just their hardware, but that of everyone around them.
> >
> > My original thought for how to implement this had the basestation
> creating a
> > PUB socket and registering with one or more proxies/aggregators which
> would
> > then subscribe to their corrections feed.  Someone trying to find a
> nearby
> > basestation to subscribe to connects to the proxy, gets a list of the
> close
> > by ones and then subscribes to the proxy with the associated basestation
> ID
> > as the filter.
> >
> > The problem I am running into is that I don't see any way to prevent a
> > malicious user from disrupting not just their stream but everyone else's
> > too.  Subscriber sockets don't keep track of which publisher created any
> > given message, so I don't have any way to prevent publishers from
> > preappending someone else's basestation ID to the messages they publish.
> > That means a single user could corrupt everyone else's stream.
> >
> > Is there any option like ROUTER for subscribers, where messages get IDs
> > based on who sent them?  Alternatively, is there some way to make a per
> > publisher filter?  I don't think XSUB can do either of those.
> >
> > Thanks,
> > Charlie West
> > _______________________________________________
> > zeromq-dev mailing list
> > zeromq-dev at lists.zeromq.org
> > http://lists.zeromq.org/mailman/listinfo/zeromq-dev
> >
> >
> >
> > _______________________________________________
> > zeromq-dev mailing list
> > zeromq-dev at lists.zeromq.org
> > http://lists.zeromq.org/mailman/listinfo/zeromq-dev
> >
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20150515/08af33cc/attachment.htm>


More information about the zeromq-dev mailing list