In the initial state of checking whether an auth-token has been
validated, the check check if multi->auth_token is already set and
only then sets the value. This defeats the purpose and lead to always
a new auth-token with new session id and lifetime being generated when
the server restarts or the
Acked-by: Gert Doering
Discussed with Arne, change makes sense, old code did not do what it
tried to. Plus documentation enhancements, always welcome.
I haven't tested this in any "real" aspect (server-side), just basic
compile/client tests (which unsurprisingly didn't turn up anything).
Your
