projects
/
tinc
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge remote-tracking branch 'VittGam/master'
[tinc]
/
src
/
net_setup.c
diff --git
a/src/net_setup.c
b/src/net_setup.c
index
5b985c3
..
2371f7e
100644
(file)
--- a/
src/net_setup.c
+++ b/
src/net_setup.c
@@
-1,7
+1,7
@@
/*
net_setup.c -- Setup.
Copyright (C) 1998-2005 Ivo Timmermans,
/*
net_setup.c -- Setup.
Copyright (C) 1998-2005 Ivo Timmermans,
- 2000-201
6
Guus Sliepen <guus@tinc-vpn.org>
+ 2000-201
7
Guus Sliepen <guus@tinc-vpn.org>
2006 Scott Lamb <slamb@slamb.org>
2010 Brandon Black <blblack@gmail.com>
2006 Scott Lamb <slamb@slamb.org>
2010 Brandon Black <blblack@gmail.com>
@@
-657,18
+657,21
@@
static bool setup_myself(void) {
else
myself->inkeylength = 1;
else
myself->inkeylength = 1;
- /* We need to use
OFB
mode for the meta protocol. Use AES for this,
+ /* We need to use
a stream
mode for the meta protocol. Use AES for this,
but try to match the key size with the one from the cipher selected
by Cipher.
but try to match the key size with the one from the cipher selected
by Cipher.
+
+ If Cipher is set to none, still use a low level of encryption for the
+ meta protocol.
*/
*/
- int keylen =
EVP_CIPHER_key_length(myself->incipher)
;
+ int keylen =
myself->incipher ? EVP_CIPHER_key_length(myself->incipher) : 0
;
if(keylen <= 16)
if(keylen <= 16)
- myself->connection->outcipher = EVP_aes_128_
o
fb();
+ myself->connection->outcipher = EVP_aes_128_
c
fb();
else if(keylen <= 24)
else if(keylen <= 24)
- myself->connection->outcipher = EVP_aes_192_
o
fb();
+ myself->connection->outcipher = EVP_aes_192_
c
fb();
else
else
- myself->connection->outcipher = EVP_aes_256_
o
fb();
+ myself->connection->outcipher = EVP_aes_256_
c
fb();
if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime))
keylifetime = 3600;
if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime))
keylifetime = 3600;