On Wed, Aug 24, 2022 at 12:46:07PM +0200, Arne Schwabe wrote: > With delayed data key generation now with deferred auth, NCP and similar > mechanism the "TLS Error: local/remote TLS keys are out of sync" is shown > much too frequent and confuses a lot of people. > > This also removes the dead code of printing multi not ready keys and > replace it with an assert. > > Factor out printing of error messages into an extra function to make > the code easier to understand and also to only call into that function > in the case that a key is not found and avoid the overhead. > > Patch v2: fix comparing key_id to state value, improve message
Okay, less confusing. But I still don't understand why we loop over all keys without checking the ks->key_id? Regards, -- Frank Lichtenheld _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
