On Sun, Aug 25, 2013 at 1:53 PM, Pieter Hintjens <[email protected]> wrote:
> Failed authentication should cause the socket to be closed. We'll take > a look at this. Thanks for catching it. > Thanks. By closed, you mean the connecting peer (client) should be closed, or the inner pipe on the server side? What should be the user-visible symptoms of failed authentication, both on the client side and the server side, if any? I'm looking to add a failed-auth test to test_security, but it is unclear to me what the expected behavior is. Is the symptom only that messages sent do not arrive, or should sending a message not succeed in the first place? -MinRK > On Sun, Aug 25, 2013 at 8:51 PM, MinRK <[email protected]> wrote: > > Hello, > > > > I'm working on [adding support](https://github.com/zeromq/pyzmq/pull/401 > ) > > for 3.3 bits in pyzmq, and I'm testing the authentication mechanisms. I > > translated the [security > > test]( > https://github.com/zeromq/libzmq/blob/master/tests/test_security.cpp) > > to Python and it ran just fine. However, when I checked to confirm that > it > > actually did something, I changed the password to be incorrect - and the > > test *still* ran fine. This means that ZMQ_PLAIN authentication actually > > has no effect, and failed authentication doesn't result in any errors, > and > > messages still send and receive as normal. I made the same changes to > the C > > test with the same result: **failed authentication has no consequence**. > I > > confirmed that `receive_and_process_zap_reply` is indeed returning > `rc=-1` > > and setting `errno=EACCES`, but this does not seem to have any effect on > the > > behavior of the sockets. > > > > I assume this is not intended. Is the implementation supposed to be > complete > > at this point? And what precisely should be the effect of a failed > > authentication (i.e. which calls should raise, block, etc.). > > > > Thanks, > > -MinRK > > > > _______________________________________________ > > zeromq-dev mailing list > > [email protected] > > http://lists.zeromq.org/mailman/listinfo/zeromq-dev > > > _______________________________________________ > zeromq-dev mailing list > [email protected] > http://lists.zeromq.org/mailman/listinfo/zeromq-dev >
_______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
