p2p --tls-server with no active client/peer logs once per second "dco_update_keys: peer_id=-1"
which does exactly nothing, except fill the disk. So skip the call to dco_update_keys() if peer_id == -1. Signed-off-by: Gert Doering <g...@greenie.muc.de> --- src/openvpn/forward.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c index ae0512fc..2ba8b0fa 100644 --- a/src/openvpn/forward.c +++ b/src/openvpn/forward.c @@ -151,6 +151,12 @@ check_dco_key_status(struct context *c) return; } + /* no active peer (p2p tls-server mode) */ + if (c->c2.tls_multi->dco_peer_id == -1 ) + { + return; + } + if (!dco_update_keys(&c->c1.tuntap->dco, c->c2.tls_multi)) { /* Something bad happened. Kill the connection to -- 2.25.1 _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel