Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Curve not enabled by default #640

Closed
muscleman opened this issue Jul 8, 2024 · 25 comments · Fixed by #682
Closed

Curve not enabled by default #640

muscleman opened this issue Jul 8, 2024 · 25 comments · Fixed by #682

Comments

@muscleman
Copy link

following some examples of implementing curve on a pub/sub i get cannot set public, secret or server public keys

setting socket.curveserver = true throws exceptions too.

  • OS: [Ubuntu 22.04]
  • ZeroMQ.js version: [6.0.0-beta.20]
@muscleman muscleman added the bug label Jul 8, 2024
@aminya
Copy link
Member

aminya commented Jul 8, 2024

Curve is not included in the prebuilt binaries anymore following the upstream approach. You should build the binaries from the source if that is desired.
Also see,
#638 (comment)

@muscleman
Copy link
Author

muscleman commented Jul 9, 2024

so adding
`
#.npmrc

build_from_source=true
zmq_draft=true
`

and setting
#build.ts -DWITH_LIBSODIUM=ON

is enough to get curve?

@muscleman
Copy link
Author

nope, still want work

@muscleman
Copy link
Author

would be super helpful if someone could do a little documentation on how to turn on curve

@aminya aminya added the 6.x label Aug 13, 2024
@damiDev8
Copy link

damiDev8 commented Sep 9, 2024

@aminya is it planned that curve will be reintegrated into the prebuilt binaries?

@aminya
Copy link
Member

aminya commented Oct 2, 2024

Curve needs to be added to the project prebuilds so it works out of the box.

You can expedite the process by sponsoring the project
https://github.com/sponsors/aminya
https://polar.sh/aminya/
https://www.patreon.com/aminya

@aminya
Copy link
Member

aminya commented Oct 22, 2024

I have migrated the build to CMake/vcpkg. Now you can enable the Curve support through npmrc by building from the source.
https://github.com/zeromq/zeromq.js#curve-support

@aminya aminya added enhancement and removed bug labels Oct 22, 2024
@aminya aminya changed the title Curve not working Curve not enabled by default Oct 22, 2024
@antoncxx
Copy link

Hi, @aminya

Tried installing zeromq with the following .npmrc file:

build_from_source=true
zmq_curve="true"
zmq_sodium="true"

But when I run this snippet [on a ubuntu machine]:

import * as zmq from "zeromq";

try {
  zmq.curveKeyPair();
} catch (err) {
  console.log(err);
}

I get Error: Operation not supported.
Did I miss a step ?

@aminya
Copy link
Member

aminya commented Nov 21, 2024

It should have worked, if it doesn't that's an issue we need to look into. Did it rebuild Zeromq from the source once you did this?

@antoncxx
Copy link

It should have worked, if it doesn't that's an issue we need to look into. Did it rebuild Zeromq from the source once you did this?

I think so. At least the first time I attempted to do npm install zeromq it failed, because I didn't have cmake installed.
Once I installed all the required dependencies, the installation succeeded.

@aminya
Copy link
Member

aminya commented Nov 21, 2024

Ok. Thanks for the report. I'll soon try to add it to the CI and reproduce it.

@ctataryn
Copy link

ctataryn commented Dec 10, 2024

@aminya I can confirm that adding:

build_from_source=true
zmq_curve="true"

to .npmrc doesn't seem to add Curve.

Here's my scenario:

We were using "zeromq": "^6.0.0-beta.6" and the following code works at runtime:

  wsiZmqDealerSock = new Dealer({
    routingId: ZMQ_ROUTING_ID,
    sendTimeout: 0,
    reconnectInterval: 2000,
    curveServer: false,
    curveServerKey: spk,
    curvePublicKey: cpk,
    curveSecretKey: csk
  })

However, we removed and re-generated our package-lock.json file and it upgraded zeromq as follows (in package-lock.json):

    "node_modules/zeromq": {
      "version": "6.1.2",
      "resolved": "https://registry.npmjs.org/zeromq/-/zeromq-6.1.2.tgz",
      "integrity": "sha512-5lqsW2UXnKhFhBbIm0wzrRnZmWaGI2b2bm4E03rYMK1c1jBMN0wbPnuyqqhGg7QkzBUmpqf+LyjLhg2TRJmvow==",
      "hasInstallScript": true,
      "license": "MIT AND MPL-2.0",
      "dependencies": {
        "@aminya/cmake-ts": "^0.3.0-aminya.7",
        "node-addon-api": "^8.2.1"
      },
      "engines": {
        "node": ">= 10",
        "pnpm": ">= 9"
      }
    }

After this, the Dealer code above would not work. After investigating, I found the documentation for enabling curve via .npmrc. I then removed the zeromq folder from node_modules then ran npm install again, but the above code still wouldn't run (I get the error: Cannot add property curveServer, object is not extensible).

Tried a few things, for instance I edited node_modules/zeromq/CMakeLists.txt and changed the following:

- option(ZMQ_CURVE "Enable CURVE security" OFF)
+ option(ZMQ_CURVE "Enable CURVE security" ON)

Then I ran:

npm explore zeromq --prefix "$(pwd)" -- npm run install --verbose

However, my code still failed with the same error.

Not sure if the above information helps, I hope it will, but admittedly I'm not that familiar with CMake so I'm not even sure if what I did was right.

@ctataryn
Copy link

Update:

By adding the following line to node_modules/zeromq/CMakeLists.txt:

set(VCPKG_MANIFEST_FEATURES, "${VCPKG_MANIFEST_FEATURES}" CACHE STRING "Features to enable for vcpkg manifest mode")

I was able to confirm that the curve feature was now included in ./node_modules/zeromq/staging/linux/x64/node/127/CMakeCache.txt:

//Features to enable for vcpkg manifest mode
VCPKG_MANIFEST_FEATURES,:STRING=curve

This is only after I force ZMQ_CURVE to ON as mentioned in my previous comment though...

However, my Dealer instantiation still errors out with Cannot add property curveServer, object is not extensible

Full install log file attached.
zeromq-curve-install.log

@ctataryn
Copy link

@aminya I sponsored and I'm hoping you have some time to take a 👀

@aminya
Copy link
Member

aminya commented Dec 12, 2024

@aminya I sponsored and I'm hoping you have some time to take a 👀

Thanks very much! I'll have a look soon.

@ctataryn
Copy link

@aminya 👋 Just wanted to check if you've had time to look at this, if not would you be able to advise an approximate time to check back in?

@aminya
Copy link
Member

aminya commented Dec 20, 2024

@ctataryn I've been very busy this week, but I'll work on Curve this weekend! Thanks for waiting.

@ctataryn
Copy link

@aminya Thanks for the update, I appreciate it!

@aminya
Copy link
Member

aminya commented Dec 23, 2024

libzmq no longer provides curve support without enabling libsodium. This was introduced in 4.3.5.
v4.3.4 vs v4.3.5

So, in #682, I have updated the readme to reflect that accordingly. You have to enable both in the .npmrc.

zmq_curve="true"
zmq_sodium="true"

You can try to build this locally, while I make #682 working for all platforms.

@ctataryn
Copy link

Thank you @aminya, I will give this a try and report back. I really appreciate your help 🙏

@aminya
Copy link
Member

aminya commented Dec 30, 2024

v6.2.0 was released and it includes secure Curve support with Libsodium by default
https://github.com/zeromq/zeromq.js/releases/tag/v6.2.0

@ctataryn
Copy link

@aminya confirmed, adding the following to .npmrc worked like a charm with v6.2.0.

zmq_curve="true"
zmq_sodium="true"

Question: would it make sense to only have to specify zmq_curve="true" and have it auto-add the sodium flag since it is a required dependcy?

@aminya
Copy link
Member

aminya commented Dec 31, 2024

For 6.2.0 you don't need to specify any options. It works out of the box! That was before I provided the prebuilds for the common platforms.

@ctataryn
Copy link

ctataryn commented Dec 31, 2024

@aminya Ohh, nice! Ok. So really you'd only need those options if you were to enable build_from_source=true?

@aminya
Copy link
Member

aminya commented Dec 31, 2024

Yes, now that Curve is enabled by default you don't need to build from the source. I'll enable the draft API for the next release as well.

@aminya aminya unpinned this issue Jan 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

5 participants