A brief example of an SSL/TLS wrapper for ZMQ sockets using M2Crypto.
Python implementation of the nice C++ example given by Ian Barber:
Can be used for REQ-REP and REQ-ROUTER and REQ-DEALER sockets. Cannot be used for PUB-SUB sockets as SSL/TLS is end-to-end protocol, while zmq sockets are an abstraction over classic sockets and cannot negotiate with multiple endpoints.
Run
python main.py
This starts almost simultaneosly 100 clients, each of them starts 8 different requests as different subclients, or a total of 800 requests running for about 10 sec on a not-so-fast laptop. Running more may lead to 'Too many open files', as the OS cannot close so fast the open socket files.
Also see the contents of main.py
LOGS = logging.getLogger('SERVER')
LOGC = logging.getLogger('CLIENT')
PROTOCOL = 'sslv3' # or 'tlsv1'
from server import ZMQTLSServer
from client import ZMQTLSClient
cert, key, ca = ('CA/server.crt', 'CA/server.key', 'CA/ca.crt')
client_cert, client_key = ('CA/node.crt', 'CA/node.key')
socket_uri = 'tcp://0.0.0.0:5556'
server = ZMQTLSServer(LOGS, socket_uri, PROTOCOL, cert, key, ca)
client = ZMQTLSClient('clientId', LOGC, socket_uri, PROTOCOL,
client_cert, client_key)
server.start()
client.start()