projects
/
tinc
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Update all header guards.
[tinc]
/
src
/
net_setup.c
diff --git
a/src/net_setup.c
b/src/net_setup.c
index
eeeefdf
..
2371f7e
100644
(file)
--- a/
src/net_setup.c
+++ b/
src/net_setup.c
@@
-1,7
+1,7
@@
/*
net_setup.c -- Setup.
Copyright (C) 1998-2005 Ivo Timmermans,
/*
net_setup.c -- Setup.
Copyright (C) 1998-2005 Ivo Timmermans,
- 2000-201
6
Guus Sliepen <guus@tinc-vpn.org>
+ 2000-201
7
Guus Sliepen <guus@tinc-vpn.org>
2006 Scott Lamb <slamb@slamb.org>
2010 Brandon Black <blblack@gmail.com>
2006 Scott Lamb <slamb@slamb.org>
2010 Brandon Black <blblack@gmail.com>
@@
-657,18
+657,21
@@
static bool setup_myself(void) {
else
myself->inkeylength = 1;
else
myself->inkeylength = 1;
- /* We need to use
OFB
mode for the meta protocol. Use AES for this,
+ /* We need to use
a stream
mode for the meta protocol. Use AES for this,
but try to match the key size with the one from the cipher selected
by Cipher.
but try to match the key size with the one from the cipher selected
by Cipher.
+
+ If Cipher is set to none, still use a low level of encryption for the
+ meta protocol.
*/
*/
- int keylen =
EVP_CIPHER_key_length(myself->incipher)
;
+ int keylen =
myself->incipher ? EVP_CIPHER_key_length(myself->incipher) : 0
;
if(keylen <= 16)
if(keylen <= 16)
- myself->connection->outcipher = EVP_aes_128_c
tr
();
+ myself->connection->outcipher = EVP_aes_128_c
fb
();
else if(keylen <= 24)
else if(keylen <= 24)
- myself->connection->outcipher = EVP_aes_192_c
tr
();
+ myself->connection->outcipher = EVP_aes_192_c
fb
();
else
else
- myself->connection->outcipher = EVP_aes_256_c
tr
();
+ myself->connection->outcipher = EVP_aes_256_c
fb
();
if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime))
keylifetime = 3600;
if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime))
keylifetime = 3600;