On Sun, Apr 20, 2014 at 01:41:23PM -0600, Steve Murphy wrote:
> Hello--
>
> I have a case here on ROUTER / tcp
> based sockets (actually, the type doesn't matter),
> where if the curve client has a bad/wrong
> file for the server public key, then I'd hope
> that what happens in zeromq-4.0.4 is a bug!
>
> Looking at the exchange via wireshark,
> I see a CURVE message sent and returned,
> and then a HELLO message is sent. If the server
> public key is correct, we would normally get
> a WELCOME message.
>
> But, when it's the wrong key, I a FIN packets
> sent instead of a WELCOME, and then, the whole
> exchange repeats over and over quite rapidly.
> After the server responds with a FIN packet,
> the client ACKs that, and then the server ACKs
> that. Then the client sends a SYN, and the server
> ACKs that, and the client ACKs that. (I assume this is
> typical tcp behavior.). Then the client sends
> a message and the server responds. Then the client
> sends a CURVE, and the server responds, and then
> the HELLO again. This process is repeated over and
> over. There is no error message generated by either
> the client or server, even tho both have zauth verbose
> set.
>
> I've looked over the code, and it's a bit questionable
> to me exactly where to put the ZAUTH error message,
> as this code is buried down in the libzmq layer.
> But, I think it would only be proper to generate a
> descriptive Error message, and let everyone know that
> there's a bad key in the pot, and NOT generate a lot of
> useless traffic.
>
> It is easy to reproduce. Just take the
> ironhouse client, and pass a bad key in the the call to
> zsocket_set_curve_serverkey(). Use wireshark to watch
> the fireworks. All the action is in
> zmq::curve_server_t::process_hello and
> zmq::curve_server_t::process_handshake_command.
>
> murf
Have you tried the latest git?
MfG
Goswin
_______________________________________________
zeromq-dev mailing list
[email protected]
http://lists.zeromq.org/mailman/listinfo/zeromq-dev
