methodmissing / rbczmq

Ruby extension that wraps the official high level ZeroMQ C API ( http://czmq.zeromq.org/ )
http://github.com/methodmissing/rbczmq
MIT License
125 stars 32 forks source link

Support for security features in 4.0.0 #28

Open saki7 opened 10 years ago

saki7 commented 10 years ago

ZeroMQ protocol 4.0 and current CZMQ support new security features. I'd love to see it in rbczmq.

see: http://zeromq.org/docs:changes-4-0-0#toc4

methodmissing commented 10 years ago

Hi Nana,

It's on the roadmap - we just haven't gotten around to it yet as entry to 2014's been busy ...

saki7 commented 10 years ago

I see :)

mattconnolly commented 10 years ago

Hi @saki7,

One thing you could do to help, would be to let us know if you can compile zeromq and czmq on your operating system with security. This will require libsodium to be installed.

Depending on your system there there may be some steps required to make this happen. If you can try this out and let us know what you find that would be great.

Cheers, Matt.

saki7 commented 10 years ago

I have been using zeromq4-x and czmq for a while, which are built with libsodium. I haven't actually run the auth functions but since it has been successfully compiled so I guess I can use it if I want.

No complex process required, I just ran usual configure and make. Maybe I had installed some dependencies by apt-get install.

My environment is Ubuntu 12.04 LTS, GCC 4.8.1, and Ruby 2.1.0. Can you allow me to clarify, to be more specific, what do you actually want to know about my environment?

methodmissing commented 10 years ago

Seems like a good start already then :-) I'll sync up with Matt and see where we can get with this ...

saki7 commented 10 years ago

Yea. I am currently using ZMQ for bridging between C++ client and Ruby on Rails server. BTW I think ZMQ's protocol and API are fairly simple and clean. I like the design and concepts.

skandragon commented 10 years ago

Bump?

skandragon commented 10 years ago

Is it just a matter of defining the constants like DOMAIN and so on? It looks like there is a bit of other work, like depreciating ipv4only and using ipv6 instead, but that doesn't seem too terribly hard.

methodmissing commented 10 years ago

@skandragon there's quite a bit more to it.

I'll catch up when there's a block of free time.

skandragon commented 10 years ago

It could be done in some level of stages though, and I could do some of it. For instance, you don't actually need CURVE to be there in order to use the ZAP interface, which enables authentication using non-CURVE methods. The aligning could happen without adding curve, and I might be able to do some of that if you don't get to it first.

nestegg commented 9 years ago

Is there something I can do to help move this forward?

jesuspc commented 8 years ago

Any update on this?

paddor commented 8 years ago

@jesuspc You might wanna take a look at CZTop, a new CZMQ binding based on FFI. It supports ZMQ >= 4.0, including security features (CURVE).

joegoggins commented 8 years ago

Thanks for the link and the library @paddor :smile: !

I'm early in a greenfield project that requires zmq auth + secure encrypted communications and I'm considering switching out the backend to use CZTop instead. Your architectural approach with CZTop looks awesome, not to mention 100% test coverage and solid documentation. I'm looking forward to giving it a whirl.

This said, @methodmissing , I've had great luck with rbczmq and don't want to dive into a technical change I don't need to if I can get that same or similar functionality soon via this library. I'm curious on your thoughts/recommendations. (also, thanks for the great open source library!)