projects / tinc / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Prevent oracle attacks in the legacy protocol (CVE-2018-16737, CVE-2018-16738)
[tinc] / src / net_setup.c
diff --git a/src/net_setup.c b/src/net_setup.c
index 17675ae..d8b3116 100644 (file)
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -687,15 +687,8 @@ bool setup_myself_reloadable(void) {
                keylifetime = 3600;
        }
 
-       config_t *cfg = lookup_config(config_tree, "AutoConnect");
-
-       if(cfg) {
-               if(!get_config_bool(cfg, &autoconnect)) {
-                       // Some backwards compatibility with when this option was an int
-                       int val = 0;
-                       get_config_int(cfg, &val);
-                       autoconnect = val;
-               }
+       if(!get_config_bool(lookup_config(config_tree, "AutoConnect"), &autoconnect)) {
+               autoconnect = true;
        }
 
        get_config_bool(lookup_config(config_tree, "DisableBuggyPeers"), &disablebuggypeers);
@@ -949,6 +942,16 @@ static bool setup_myself(void) {
                }
        }
 
+       get_config_int(lookup_config(config_tree, "FWMark"), &fwmark);
+#ifndef SO_MARK
+
+       if(fwmark) {
+               logger(DEBUG_ALWAYS, LOG_ERR, "FWMark not supported on this platform!");
+               return false;
+       }
+
+#endif
+
        int replaywin_int;
 
        if(get_config_int(lookup_config(config_tree, "ReplayWindow"), &replaywin_int)) {
tinc, the VPN daemon