From 17937ffcf0a16395302d27b355942e12eb9cf842 Mon Sep 17 00:00:00 2001
From: Pieter Hintjens <ph@imatix.com>
Date: Fri, 19 Dec 2014 22:17:14 +0100
Subject: [PATCH] Problem: very hard to debug security mechanism mismatch

E.g. when server is not configured, and client tries PLAIN security,
there is no hint of why this does not work.

Solution: add debugging output for this case. Note that the various
debugging outputs for security failures should probably be sent to
an inproc monitor of some kind.
---
 src/stream_engine.cpp | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/stream_engine.cpp b/src/stream_engine.cpp
index 21763d2c..d07b8e90 100644
--- a/src/stream_engine.cpp
+++ b/src/stream_engine.cpp
@@ -660,6 +660,18 @@ bool zmq::stream_engine_t::handshake ()
         }
 #endif
         else {
+            //  Temporary support for security debugging
+            char mechanism [21];
+            memcpy (mechanism, greeting_recv + 12, 20);
+            mechanism [20] = 0;
+            printf ("LIBZMQ I: security failure, self=%s peer=%s\n",
+                options.mechanism == ZMQ_NULL? "NULL":
+                options.mechanism == ZMQ_PLAIN? "PLAIN":
+                options.mechanism == ZMQ_CURVE? "CURVE":
+                options.mechanism == ZMQ_GSSAPI? "GSSAPI":
+                "OTHER",
+                mechanism);
+            
             error (protocol_error);
             return false;
         }