zmq4 icon indicating copy to clipboard operation
zmq4 copied to clipboard

Published 20 hours ago verified publisher icon pebbe

AuthCurveRemove does not disconnect peers immediately

Open ghost opened this issue 6 years ago • 2 comments

An authorized peer/client's key is removed with AuthCurveRemove. The peer/client is still able to send data until the server is stopped and restarted. Shouldn't removing credentials have the effect of blocking the now-unauthorized peer/client immediately?

ghost avatar Dec 31 '18 19:12 ghost

AuthCurveRemove only removes the ability to authenticate. If you want to remove the authorization as well, you need to close the socket.

pebbe avatar Dec 31 '18 19:12 pebbe

Couldn't this be considered a problem? When I deauthorize a client, I'll have to disconnect (potentially dozens) of other clients just to ensure the deauthorized client can no longer send data.

ghost avatar Dec 31 '18 19:12 ghost