-
Notifications
You must be signed in to change notification settings - Fork 482
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can't get ZAuth to authorise Curve connection with unconventional REP, REQ socket pair. #872
Comments
Hi, I apologize for the delay. Can you share a compilable code pinpointing your problem? When I recycle the ZAuthTest#testCurveSuccessful, by binding a REQ and connecting a REP, it works.
|
Hi, Thanks for looking into this. Maybe you can see if I have done anything stupid: I have the keys hard coded into the source but also present in the Appdata .curve directory.
But Server does not report 'Done' unless I set CURVE_ALLOW_ANY Server Main is /*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
package ReqServer;
import java.io.IOException;
import org.zeromq.SocketType;
import org.zeromq.ZAuth;
import org.zeromq.ZCertStore;
import org.zeromq.ZContext;
import org.zeromq.ZMQ;
/**
*
* @author David
*/
public class Main {
/**
* @param args the command line arguments
*/
public static void main(String[] args) throws IOException {
String server_secret = "?y$]][$s+e:GHh#z!CN9ZJKvu)4sZw.y^>tDRLwD";
String client_secret = "Rg1UHpL(qiw<lh7b{(Im-{1v9w#3m){mM]+hNXYA";
String client_public = "2c*Um{$$YK7Tbd2)W5nq/{o=bXLM6DkS=!H0/%C=";
String server_public = "0pITW):T^ip-7ZT+*9ZqL6mY42IF.}wUSKC%nH5R";
var ctx = new ZContext(1);
ZAuth auth = new ZAuth(ctx, new ZCertStore.Hasher());
auth.setVerbose(true);
auth.replies(true);
// auth.configureCurve(ZAuth.CURVE_ALLOW_ANY);
auth.configureCurve("C:\\Users\\David\\AppData\\Roaming\\ZMQTest\\.curve");
ZMQ.Socket reqSocket = ctx.createSocket(SocketType.REQ);
reqSocket.setLinger(0);
reqSocket.setZapDomain("global".getBytes());
reqSocket.setCurveSecretKey(ZMQ.Curve.z85Decode(server_secret));
reqSocket.setCurveServer(true);
System.out.println("Bind...");
reqSocket.bind("tcp://*:5432");
System.out.println("Send Hello...");
reqSocket.send("HELLO");
System.out.println("Recv world...");
byte[] ba = reqSocket.recv(); // Curve server hangs here
System.out.println("Done...");
}
} Client main is /*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
package RepClient;
import java.io.IOException;
import org.zeromq.SocketType;
import org.zeromq.ZContext;
import org.zeromq.ZMQ;
/**
*
* @author David
*/
public class Main {
/**
* @param args the command line arguments
*/
public static void main(String[] args) throws IOException, InterruptedException {
String client_secret = "Rg1UHpL(qiw<lh7b{(Im-{1v9w#3m){mM]+hNXYA";
String client_public = "2c*Um{$$YK7Tbd2)W5nq/{o=bXLM6DkS=!H0/%C=";
String server_public = "0pITW):T^ip-7ZT+*9ZqL6mY42IF.}wUSKC%nH5R";
var context = new ZContext(1);
ZMQ.Socket repSocket = context.createSocket(SocketType.REP);
repSocket.setCurveServerKey(ZMQ.Curve.z85Decode(server_public));
repSocket.setCurvePublicKey(ZMQ.Curve.z85Decode(client_public));
repSocket.setCurveSecretKey(ZMQ.Curve.z85Decode(client_secret));
System.out.println("Connect...");
repSocket.connect("tcp://localhost:5432");
System.out.println("Recv...");
byte[] ba = repSocket.recv();
System.out.println("Send World...");
repSocket.send("WORLD");
System.out.println("Done...");
Thread.sleep(5000);
}
} Zipped gradle project files are: |
I'm trying to use ZAuth to authorise a request reply socket pair where the curveServer is on the REQ socket that 'binds' and waits for
the REP socket to connect.
It half works in that the REP socket is authorised and receives a request, then sends a reply. However, the REQ socket never sees this reply.
Setup
REQ CurveServer Config
REP CurveClient Config
Even with client2Sec key correctly set in my key store location, the CurveServer hangs waiting at the line indicated. Rep Client appears to go through the motions of receiving the message and sending the reply.
However, if I have auth configured as ALLOW_ANY it works fine.
Is there something a bit odd about this setup? Usually the CurveServer would be the 'Server' and reply to Client requests with a REP socket. But for this dynamically setup connection I want the CurveClient to be the 'Server' and respond to CurveServer requests.
If I swap the REP and REQ socket types over and send the initial Request from the CurveClient then it also works fine. Hence, I think I have my keys and ZAuth all configured correctly.
The text was updated successfully, but these errors were encountered: