Example #1
0
func main() {

	//  Start authentication engine
	zmq.AuthSetVerbose(true)
	zmq.AuthStart()
	zmq.AuthAllow("domain1", "127.0.0.1")

	//  Tell the authenticator how to handle PLAIN requests
	zmq.AuthPlainAdd("domain1", "admin", "secret")

	//  Create and bind server socket
	server, _ := zmq.NewSocket(zmq.PUSH)
	server.ServerAuthPlain("domain1")
	server.Bind("tcp://*:9000")

	//  Create and connect client socket
	client, _ := zmq.NewSocket(zmq.PULL)
	client.SetPlainUsername("admin")
	client.SetPlainPassword("secret")
	client.Connect("tcp://127.0.0.1:9000")

	//  Send a single message from server to client
	_, err := server.Send("Hello", 0)
	checkErr(err)
	message, err := client.Recv(0)
	checkErr(err)
	if message != "Hello" {
		log.Fatalln(message, "!= Hello")
	}

	zmq.AuthStop()

	fmt.Println("Woodhouse test OK")

}
Example #2
0
func initSecurity(private_key_path string, server_key_path string, sock *zmq.Socket) {
	zmq.AuthStart()
	private_key, public_key, err := keyloader.InitKeys(private_key_path)
	condlog.Fatal(err, fmt.Sprintf("Unable to read key pair for private key '%v'", private_key_path))
	zmq.AuthCurveAdd("scrabble", public_key)

	err = keyloader.CheckPermissions(server_key_path)
	condlog.Fatal(err, "Untrustworthy key file")
	server_key_buf, err := ioutil.ReadFile(server_key_path)
	condlog.Fatal(err, fmt.Sprintf("Unable to load public server key '%v'", server_key_path))
	server_key := string(server_key_buf)
	sock.ClientAuthCurve(server_key, public_key, private_key)
}
Example #3
0
func main() {
	msgChan := make(chan string)

	logger.Info.Println(fmt.Sprintf("SoundTouch - Connecting to SoundTouch at IP : %s on port : %s - (Version - %s)",
		config.ClientConf.SoundTouchIP,
		config.ClientConf.SoundTouchPort,
		version.APP_VERSION))

	logger.Info.Println(fmt.Sprintf("Connecting to Push Server IP : %s on port : %s",
		config.ClientConf.PushServerIP,
		config.ClientConf.PushServerPort))

	go connectWS(msgChan, config.ClientConf.SoundTouchIP, config.ClientConf.SoundTouchPort)

	clientSecretKey := config.ClientConf.ClientSecretKey
	serverPublicKey := config.ClientConf.ServerPublicKey
	clientPublicKey := config.ClientConf.ClientPublicKey

	//Start authentication engine
	zmq.AuthSetVerbose(true)
	zmq.AuthStart()
	zmq.AuthCurveAdd("*", string(clientPublicKey))

	//  Create and connect client socket
	client, err := zmq.NewSocket(zmq.PUSH)
	checkError(err)

	defer client.Close()

	client.ClientAuthCurve(string(serverPublicKey), string(clientPublicKey), string(clientSecretKey))
	client.Connect("tcp://" + config.ClientConf.PushServerIP + ":" + config.ClientConf.PushServerPort)

	//While we're getting messages on the msgChan channel send them to the push sever
	for msg := range msgChan {
		_, err = client.SendMessage(msg)
		checkError(err)

		logger.Info.Println("Sent : ", msg)
	}

	zmq.AuthStop()
}
Example #4
0
func main() {

	//  Start authentication engine
	zmq.AuthSetVerbose(true)
	zmq.AuthStart()
	zmq.AuthAllow("127.0.0.1")

	//  Tell the authenticator to allow any CURVE requests for this domain
	zmq.AuthCurveAdd("global", zmq.CURVE_ALLOW_ANY)

	//  We need two certificates, one for the client and one for
	//  the server. The client must know the server's public key
	//  to make a CURVE connection.
	client_public, client_secret, err := zmq.NewCurveKeypair()
	checkErr(err)
	server_public, server_secret, _ := zmq.NewCurveKeypair()
	checkErr(err)

	//  Create and bind server socket
	server, _ := zmq.NewSocket(zmq.PUSH)
	server.ServerAuthCurve("global", server_secret)
	server.Bind("tcp://*:9000")

	//  Create and connect client socket
	client, _ := zmq.NewSocket(zmq.PULL)
	client.ClientAuthCurve(server_public, client_public, client_secret)
	client.Connect("tcp://127.0.0.1:9000")

	//  Send a single message from server to client
	_, err = server.Send("Hello", 0)
	checkErr(err)
	message, err := client.Recv(0)
	checkErr(err)
	if message != "Hello" {
		log.Fatalln(message, "!= Hello")
	}

	zmq.AuthStop()

	fmt.Println("Stonehouse test OK")

}
Example #5
0
func initSecurity(client_key_path string, private_key_path string, sock *zmq.Socket) {
	zmq.AuthStart()
	private_key, _, err := keyloader.InitKeys(private_key_path)
	condlog.Fatal(err, fmt.Sprintf("Unable to read key pair for private key '%v'", private_key_path))
	sock.ServerAuthCurve("scrabble", private_key)

	// Add all the public keys in the client key directory
	files, err := ioutil.ReadDir(client_key_path)
	condlog.Fatal(err, fmt.Sprintf("Unable to enumerate client keys in '%v'", client_key_path))
	for _, f := range files {
		if !f.IsDir() && strings.HasSuffix(f.Name(), ".public") {
			fullpath := path.Join(client_key_path, f.Name())
			err = keyloader.CheckPermissions(fullpath)
			condlog.Fatal(err, "Untrustworthy key file")
			buf, err := ioutil.ReadFile(fullpath)
			condlog.Fatal(err, fmt.Sprintf("Unable to load public client key '%v'", fullpath))
			zmq.AuthCurveAdd("scrabble", string(buf))
		}
	}
}
Example #6
0
func main() {

	//  Get some indication of what the authenticator is deciding
	zmq.AuthSetVerbose(true)

	//  Start the authentication engine. This engine
	//  allows or denies incoming connections (talking to the libzmq
	//  core over a protocol called ZAP).
	zmq.AuthStart()

	//  Whitelist our address; any other address will be rejected
	zmq.AuthAllow("domain1", "127.0.0.1")

	//  Create and bind server socket
	server, err := zmq.NewSocket(zmq.PUSH)
	checkErr(err)
	server.ServerAuthNull("domain1")
	server.Bind("tcp://*:9000")

	//  Create and connect client socket
	client, err := zmq.NewSocket(zmq.PULL)
	checkErr(err)
	checkErr(client.Connect("tcp://127.0.0.1:9000"))

	//  Send a single message from server to client
	_, err = server.Send("Hello", 0)
	checkErr(err)
	message, err := client.Recv(0)
	checkErr(err)
	if message != "Hello" {
		log.Fatalln(message, "!= Hello")
	}

	zmq.AuthStop()

	fmt.Println("Strawhouse test OK")
}
Example #7
0
func (r *Resource) Connect() error {
	//log.Println("Resource.Connect()", r.Type)
	//make sure there is something to trust remotely
	if len(r.Trusted) == 0 {
		log.Fatal("no trusted public keys")
	}

	zmq.AuthSetVerbose(true)
	zmq.AuthStart()

	switch r.Type {
	case "SUB":
		return r.setup_sub()
	case "PUB":
		return r.setup_pub()
	case "REP":
		return r.setup_REP()
	case "REQ":
		return r.setup_REQ()
	default:
		log.Fatal("Invalid Resource Type", r.Type)
	}
	return nil
}
Example #8
0
func TestAuthStart(t *testing.T) {

	if _, minor, _ := zmq.Version(); minor >= 1 && !zmq.HasCurve() {
		t.Skip("Curve not available")
	}

	type Meta struct {
		key   string
		value string
		ok    bool
	}

	zmq.AuthSetVerbose(false)

	//  Start authentication engine
	err := zmq.AuthStart()
	if err != nil {
		t.Fatal("AuthStart:", err)
	}
	defer zmq.AuthStop()

	zmq.AuthSetMetadataHandler(
		func(version, request_id, domain, address, identity, mechanism string, credentials ...string) (metadata map[string]string) {
			return map[string]string{
				"Identity": identity,
				"User-Id":  "anonymous",
				"Hello":    "World!",
				"Foo":      "Bar",
			}
		})

	zmq.AuthAllow("domain1", "127.0.0.1")

	//  We need two certificates, one for the client and one for
	//  the server. The client must know the server's public key
	//  to make a CURVE connection.
	client_public, client_secret, err := zmq.NewCurveKeypair()
	if err != nil {
		t.Fatal("NewCurveKeypair:", err)
	}
	server_public, server_secret, err := zmq.NewCurveKeypair()
	if err != nil {
		t.Fatal("NewCurveKeypair:", err)
	}

	//  Tell authenticator to use this public client key
	zmq.AuthCurveAdd("domain1", client_public)

	//  Create and bind server socket
	server, err := zmq.NewSocket(zmq.DEALER)
	if err != nil {
		t.Fatal("NewSocket:", err)
	}
	defer func() {
		server.SetLinger(0)
		server.Close()
	}()
	server.SetIdentity("Server1")
	server.ServerAuthCurve("domain1", server_secret)
	err = server.Bind("tcp://*:9000")
	if err != nil {
		t.Fatal("server.Bind:", err)
	}

	//  Create and connect client socket
	client, err := zmq.NewSocket(zmq.DEALER)
	if err != nil {
		t.Fatal("NewSocket:", err)
	}
	defer func() {
		client.SetLinger(0)
		client.Close()
	}()
	server.SetIdentity("Client1")
	client.ClientAuthCurve(server_public, client_public, client_secret)
	err = client.Connect("tcp://127.0.0.1:9000")
	if err != nil {
		t.Fatal("client.Connect:", err)
	}

	//  Send a message from client to server
	msg := []string{"Greetings", "Earthlings!"}
	_, err = client.SendMessage(msg[0], msg[1])
	if err != nil {
		t.Fatal("client.SendMessage:", err)
	}

	// Receive message and metadata on the server
	tests := []Meta{
		{"Identity", "Server1", true},
		{"User-Id", "anonymous", true},
		{"Socket-Type", "DEALER", true},
		{"Hello", "World!", true},
		{"Foo", "Bar", true},
		{"Fuz", "", false},
	}
	keys := make([]string, len(tests))
	for i, test := range tests {
		keys[i] = test.key
	}
	message, metadata, err := server.RecvMessageWithMetadata(0, keys...)
	if err != nil {
		t.Fatal("server.RecvMessageWithMetadata:", err)
	}
	if !arrayEqual(message, msg) {
		t.Errorf("Received message was %q, expected %q", message, msg)
	}
	if _, minor, _ := zmq.Version(); minor < 1 {
		t.Log("Metadata not avalable in ZeroMQ versions prior to 4.1.0")
	} else {
		for _, test := range tests {
			value, ok := metadata[test.key]
			if value != test.value || ok != test.ok {
				t.Errorf("Metadata %s, expected %q %v, got %q %v", test.key, test.value, test.ok, value, ok)
			}
		}
	}
}
Example #9
0
func ExampleAuthStart() {

	checkErr := func(err error) bool {
		if err == nil {
			return false
		}
		log.Println(err)
		return true
	}

	zmq.AuthSetVerbose(false)

	//  Start authentication engine
	err := zmq.AuthStart()
	if checkErr(err) {
		return
	}
	defer zmq.AuthStop()

	zmq.AuthSetMetadataHandler(
		func(version, request_id, domain, address, identity, mechanism string, credentials ...string) (metadata map[string]string) {
			return map[string]string{
				"Identity": identity,
				"User-Id":  "anonymous",
				"Hello":    "World!",
				"Foo":      "Bar",
			}
		})

	zmq.AuthAllow("domain1", "127.0.0.1")

	//  We need two certificates, one for the client and one for
	//  the server. The client must know the server's public key
	//  to make a CURVE connection.
	client_public, client_secret, err := zmq.NewCurveKeypair()
	if checkErr(err) {
		return
	}
	server_public, server_secret, err := zmq.NewCurveKeypair()
	if checkErr(err) {
		return
	}

	//  Tell authenticator to use this public client key
	zmq.AuthCurveAdd("domain1", client_public)

	//  Create and bind server socket
	server, err := zmq.NewSocket(zmq.DEALER)
	if checkErr(err) {
		return
	}
	defer server.Close()
	server.SetIdentity("Server1")
	server.ServerAuthCurve("domain1", server_secret)
	err = server.Bind("tcp://*:9000")
	if checkErr(err) {
		return
	}

	//  Create and connect client socket
	client, err := zmq.NewSocket(zmq.DEALER)
	if checkErr(err) {
		return
	}
	defer client.Close()
	server.SetIdentity("Client1")
	client.ClientAuthCurve(server_public, client_public, client_secret)
	err = client.Connect("tcp://127.0.0.1:9000")
	if checkErr(err) {
		return
	}

	//  Send a message from client to server
	_, err = client.SendMessage("Greatings", "Earthlings!")
	if checkErr(err) {
		return
	}

	// Receive message and metadata on the server
	keys := []string{"Identity", "User-Id", "Socket-Type", "Hello", "Foo", "Fuz"}
	message, metadata, err := server.RecvMessageWithMetadata(0, keys...)
	if checkErr(err) {
		return
	}
	fmt.Println(message)
	if _, minor, _ := zmq.Version(); minor < 1 {
		// Metadata requires at least ZeroMQ version 4.1
		fmt.Println(`Identity: "Server1" true`)
		fmt.Println(`User-Id: "anonymous" true`)
		fmt.Println(`Socket-Type: "DEALER" true`)
		fmt.Println(`Hello: "World!" true`)
		fmt.Println(`Foo: "Bar" true`)
		fmt.Println(`Fuz: "" false`)
	} else {
		for _, key := range keys {
			value, ok := metadata[key]
			fmt.Printf("%v: %q %v\n", key, value, ok)
		}
	}
	// Output:
	// [Greatings Earthlings!]
	// Identity: "Server1" true
	// User-Id: "anonymous" true
	// Socket-Type: "DEALER" true
	// Hello: "World!" true
	// Foo: "Bar" true
	// Fuz: "" false
}