AuthCurveRemove does not disconnect peers immediately
opened this issue · comments
Deleted user commented
An authorized peer/client's key is removed with AuthCurveRemove. The peer/client is still able to send data until the server is stopped and restarted. Shouldn't removing credentials have the effect of blocking the now-unauthorized peer/client immediately?
Peter Kleiweg commented
AuthCurveRemove only removes the ability to authenticate. If you want to remove the authorization as well, you need to close the socket.
Deleted user commented
Couldn't this be considered a problem? When I deauthorize a client, I'll have to disconnect (potentially dozens) of other clients just to ensure the deauthorized client can no longer send data.