Re: [Openvpn-devel] [PATCH 16/28] Move CRL reload to key_state_init from S_START transition

[Gert D. <ge...@gr...>]

Hi,

On Wed, Apr 27, 2022 at 04:04:41PM +0200, Antonio Quartulli wrote:
> On 22/04/2022 16:29, Arne Schwabe wrote:
> > The current place that we reload is a bit more efficient since it only
> > triggers reload after a completed 3way handshake. On the other hand the
> > key_state_init is a much more logical place and with the upcoming
> > HMAC based UDP code and TCP code, the initialisation will only be done
> > after a 3way handshake.
> 
> There is something strange. Upon client reconnection the CRL is not 
> always reloaded. It feels as if "some stuff" are already initialized 
> (because we have a session for this client floating around) so we skip 
> that initialization and we also skip reloading the CRL.

Is that different from "without the patch"?

gert
-- 
"If was one thing all people took for granted, was conviction that if you 
 feed honest figures into a computer, honest figures come out. Never doubted 
 it myself till I met a computer with a sense of humor."
                             Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany                             ge...@gr...