func initSecurity(private_key_path string, server_key_path string, sock *zmq.Socket) {
zmq.AuthStart()
private_key, public_key, err := keyloader.InitKeys(private_key_path)
condlog.Fatal(err, fmt.Sprintf("Unable to read key pair for private key '%v'", private_key_path))
zmq.AuthCurveAdd("scrabble", public_key)
err = keyloader.CheckPermissions(server_key_path)
condlog.Fatal(err, "Untrustworthy key file")
server_key_buf, err := ioutil.ReadFile(server_key_path)
condlog.Fatal(err, fmt.Sprintf("Unable to load public server key '%v'", server_key_path))
server_key := string(server_key_buf)
sock.ClientAuthCurve(server_key, public_key, private_key)
}
func initSecurity(client_key_path string, private_key_path string, sock *zmq.Socket) {
zmq.AuthStart()
private_key, _, err := keyloader.InitKeys(private_key_path)
condlog.Fatal(err, fmt.Sprintf("Unable to read key pair for private key '%v'", private_key_path))
sock.ServerAuthCurve("scrabble", private_key)
// Add all the public keys in the client key directory
files, err := ioutil.ReadDir(client_key_path)
condlog.Fatal(err, fmt.Sprintf("Unable to enumerate client keys in '%v'", client_key_path))
for _, f := range files {
if !f.IsDir() && strings.HasSuffix(f.Name(), ".public") {
fullpath := path.Join(client_key_path, f.Name())
err = keyloader.CheckPermissions(fullpath)
condlog.Fatal(err, "Untrustworthy key file")
buf, err := ioutil.ReadFile(fullpath)
condlog.Fatal(err, fmt.Sprintf("Unable to load public client key '%v'", fullpath))
zmq.AuthCurveAdd("scrabble", string(buf))
}
}
}
