[zeromq-dev] pyzmq and curve, as server

Luca Boccassi luca.boccassi at gmail.com
Fri Jan 27 01:21:53 CET 2017


On Mon, 2016-06-13 at 08:57 -0400, Julien Kauffmann wrote:
> Hi,
> 
> I'm trying to use the CURVE mechanism with PYZMQ, following the code 
> example at 
> https://github.com/zeromq/pyzmq/blob/master/examples/security/stonehouse.py.
> 
> I created an authenticator, I generated key pairs (which work as a CURVE 
> client), set the `curve_server` flag to `True`, and finally bound the 
> socket.
> 
> However, when the REP socket tries to contact the REQ socket, a network 
> dump shows that it actually sends the `as_server` flag as `False` and 
> I'm lost as to understand why. For all intents and purpose, I'm 
> following the exact sequence done in the ironhouse sample.
> 
> Any clue what I could be missing here ? Is there any facility that could 
> help me debug this (additional logs for instance) ?
> 
> Thanks,
> 
> Julien.

I've just noticed the same, and it seems that contrary to what the RFC
says "as-server" is never used, and always set to 00:

https://github.com/zeromq/libzmq/blob/master/src/stream_engine.cpp#L562

It has been like that since the first time the RFC was implemented. The
ZMQ_CURVE_SERVER option is used to decide if a peer will be client or
server (by instantiating the corresponding curve class).

Does anyone know what was the intention there?

-- 
Kind regards,
Luca Boccassi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20170127/3db21daa/attachment.sig>


More information about the zeromq-dev mailing list