Failed authentication should cause the socket to be closed. We'll take a look at this. Thanks for catching it.
On Sun, Aug 25, 2013 at 8:51 PM, MinRK <[email protected]> wrote: > Hello, > > I'm working on [adding support](https://github.com/zeromq/pyzmq/pull/401) > for 3.3 bits in pyzmq, and I'm testing the authentication mechanisms. I > translated the [security > test](https://github.com/zeromq/libzmq/blob/master/tests/test_security.cpp) > to Python and it ran just fine. However, when I checked to confirm that it > actually did something, I changed the password to be incorrect - and the > test *still* ran fine. This means that ZMQ_PLAIN authentication actually > has no effect, and failed authentication doesn't result in any errors, and > messages still send and receive as normal. I made the same changes to the C > test with the same result: **failed authentication has no consequence**. I > confirmed that `receive_and_process_zap_reply` is indeed returning `rc=-1` > and setting `errno=EACCES`, but this does not seem to have any effect on the > behavior of the sockets. > > I assume this is not intended. Is the implementation supposed to be complete > at this point? And what precisely should be the effect of a failed > authentication (i.e. which calls should raise, block, etc.). > > Thanks, > -MinRK > > _______________________________________________ > zeromq-dev mailing list > [email protected] > http://lists.zeromq.org/mailman/listinfo/zeromq-dev > _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
