Receiving message on ZMQ socket from unauthenticated sender

I have a ZMQ pub/sub architecture where I have one sub and many pubs. One of those pubs is external and therefore I encrypted the incoming messages using ZMQ CURVE. The rest, however, are all internal pubs so I don't want to encrypt the messages due to the unnecessary overhead. My question is, is it possible to have the sub socket allow all messages (encrypted or not)?

From testing, I've found that once the options

{ zmq.CURVE_SERVER:    1,
  zmq.CURVE_SECRETKEY: server_private_key
  }

and

{ zmq.CURVE_SERVERKEY: server_public_key,
  zmq.CURVE_PUBLICKEY: client_public_key,
  zmq.CURVE_SECRETKEY: client_private_key
  }

were applied to the sub and pub sockets respectively, unauthenticated messages aren't accepted.


Solution 1:

If asking, whether a one & the same SUB-side AccessPoint can work chameleon-wise on security - using for some & not using for some other the said point-to-point security setup, I will have to answer no.

If asking, how to make some setup towards the aimed goal, I would start with testing this :


SUB = aCtx.Socket( zmq.SUB )

SUB.setsockopt( ... )

SUB.bind( aNonSecureLocalAccessPOINT ) # for zmq.PLAIN

SUB.bind( anotherSecuredAccessPOINT )  # for zmq.CURVE ...

This shall solve both performance and security as requested