You can't white/blacklist on domain names without a lot more work. The zauth class uses the IP address as provided by the network.
On Mon, Dec 15, 2014 at 9:57 PM, Check Peck <[email protected]> wrote: > Thanks Pieter, Yes it worked fine after I remove older version of libzmq. > > One question I have on Strawhouse pattern is - Does it always work with IP > Address? I cannot use hostname to white list it? If I try to replace > 127.0.0.1 with localhost or the actual machine name, then it doesn't work. > > zauth_allow (auth, "127.0.0.1"); // this works fine > zauth_allow (auth, "localhost"); // this doesn't works > zauth_allow (auth, "machineA.dev.com"); // this doesn't works > > // The Strawhouse Pattern > // > // We allow or deny clients according to their IP address. It may keep > // spammers and idiots away, but won't stop a real attacker for more > // than a heartbeat. > > #include <czmq.h> > > int main (void) > { > // Create context > zctx_t *ctx = zctx_new (); > > // Start an authentication engine for this context. This engine > // allows or denies incoming connections (talking to the libzmq > // core over a protocol called ZAP). > zauth_t *auth = zauth_new (ctx); > > // Get some indication of what the authenticator is deciding > zauth_set_verbose (auth, true); > > // Whitelist our address; any other address will be rejected > zauth_allow (auth, "127.0.0.1"); > > // Create and bind server socket > void *server = zsocket_new (ctx, ZMQ_PUSH); > zsocket_set_zap_domain (server, "global"); > zsocket_bind (server, "tcp://*:9000"); > > // Create and connect client socket > void *client = zsocket_new (ctx, ZMQ_PULL); > zsocket_connect (client, "tcp://127.0.0.1:9000"); > > // Send a single message from server to client > zstr_send (server, "Hello"); > char *message = zstr_recv (client); > assert (streq (message, "Hello")); > free (message); > puts ("Strawhouse test OK"); > > zauth_destroy (&auth); > zctx_destroy (&ctx); > return 0; > } > > > > On Sat, Dec 13, 2014 at 1:04 AM, Pieter Hintjens <[email protected]> wrote: >> >> You presumably have two versions of libzmq installed on your system, >> and gcc is complaining they both have the same symbols. I'd recommend >> removing the older version. >> >> On Sat, Dec 13, 2014 at 1:29 AM, Check Peck <[email protected]> >> wrote: >> > I am trying to use Strawhouse security pattern in my zero-mq >> > development. I >> > was following this wiki http://hintjens.com/blog:49 and when I try to >> > run >> > below simple program to make sure I have everything installed, I got an >> > error - >> > >> > #include <czmq.h> >> > >> > int main (void) { >> > zctx_t *ctx = zctx_new (); >> > void *publisher = zsocket_new (ctx, ZMQ_PUB); >> > zsocket_set_curve_server (publisher, true); >> > puts ("Hello, Curve!"); >> > zctx_destroy (&ctx); >> > return 0; >> > } >> > >> > I tried to compile it like this - >> > >> > gcc -o hello hello.c -lczmq -lzmq -lsodium >> > >> > And the error I got - >> > >> > /usr/bin/ld: warning: libzmq.so.4, needed by /usr/local/lib/libczmq.so, >> > may >> > conflict with libzmq.so.3 >> > >> > Does anyone know what does this mean and what wrong I am doing? >> > >> > _______________________________________________ >> > zeromq-dev mailing list >> > [email protected] >> > http://lists.zeromq.org/mailman/listinfo/zeromq-dev >> > >> _______________________________________________ >> zeromq-dev mailing list >> [email protected] >> http://lists.zeromq.org/mailman/listinfo/zeromq-dev > > > _______________________________________________ > zeromq-dev mailing list > [email protected] > http://lists.zeromq.org/mailman/listinfo/zeromq-dev > _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
