Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AuthCurveRemove does not disconnect peers immediately #143

Open
ghost opened this issue Dec 31, 2018 · 2 comments
Open

AuthCurveRemove does not disconnect peers immediately #143

ghost opened this issue Dec 31, 2018 · 2 comments

Comments

@ghost
Copy link

ghost commented Dec 31, 2018

An authorized peer/client's key is removed with AuthCurveRemove. The peer/client is still able to send data until the server is stopped and restarted. Shouldn't removing credentials have the effect of blocking the now-unauthorized peer/client immediately?

@pebbe
Copy link
Owner

pebbe commented Dec 31, 2018

AuthCurveRemove only removes the ability to authenticate. If you want to remove the authorization as well, you need to close the socket.

@ghost
Copy link
Author

ghost commented Dec 31, 2018

Couldn't this be considered a problem? When I deauthorize a client, I'll have to disconnect (potentially dozens) of other clients just to ensure the deauthorized client can no longer send data.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant