Peer Authentication Hook

[Scott Erholm]

Working on peer authentication, using the zetta-peer-auth as a starting point.  We’re using the ‘onPeerConnect’ hook, but aren’t sure exactly what the handler function should do if credentials are not accepted.  Here’s what we got so far:

server.httpServer.onPeerConnect(function(message, socket, head, next) {

   if (!credentialsPass(message.headers.authorization)) {

      var responseLine = 'HTTP/1.1 401 Unauthorized' + '\r\n\r\n\r\n';

      socket.write(responseLine);

      message.destroy();

   }

   next();    

});

This does not clean things up properly, since it leaves the peer_socket to just timeout.

What’s the proper way for the handler to respond and close the connection?

[Kevin Swiber]

Hey Scott,

Looking at my auth code, I use `socket.end()` instead of `message.destroy()`.  I haven't noticed hanging connections.  Do you get the same behavior with `socket.end()`?

--
You received this message because you are subscribed to the Google Groups "zetta-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zetta-discus...@googlegroups.com.
To post to this group, send email to zetta-...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/zetta-discuss/039d0d0a-ed31-4935-bd65-b09efdd739bc%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Scott Erholm]

Kevin,

Thanks for the help.  If we use 'socket.write(responseLine)' followed by 'socket.end()', or just a 'socket.end(responseLine)', then we get a ‘write after end’ error from the readable stream.

No matter what, the timeout in peer_socket is reached, which aborts the request and emits the error 'Confirm connection timeout reached’.

This does accomplish the task, but it seemed that there might be a cleaner way to do it.