Patch v2: fix comparing key_id to state value, improve message
Patch v3: also take key_id into account
Code looks good to me now. Is there any way of testing this?
You need to get both peer in some kind of inconsistent state. Like short
reneg-sec on one side and dealyed auth on the other s
On Wed, Sep 14, 2022 at 07:25:27PM +0200, Arne Schwabe wrote:
> With delayed data key generation now with deferred auth, NCP and similar
> mechanism the "TLS Error: local/remote TLS keys are out of sync" is shown
> much too frequent and confuses a lot of people.
>
> This also removes the dead code
With delayed data key generation now with deferred auth, NCP and similar
mechanism the "TLS Error: local/remote TLS keys are out of sync" is shown
much too frequent and confuses a lot of people.
This also removes the dead code of printing multi not ready keys and
replace it with an assert.
Factor
