X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fprotocol_key.c;h=0ae95681bcbdc604de838beb1fe486dc81b67b00;hp=4b2047a79ba978f8c8b5519a9d805d2451622a05;hb=bbeab00f46a6c856573fe0d2b9b85bce35728403;hpb=d1cd3c81455ecb32149cbaa424b7870075b2b2fc

diff --git a/src/protocol_key.c b/src/protocol_key.c
index 4b2047a7..0ae95681 100644
--- a/src/protocol_key.c
+++ b/src/protocol_key.c
@@ -84,7 +84,7 @@ bool key_changed_h(connection_t *c, char *request) {
 }
 
 bool send_req_key(node_t *to) {
-	return send_request(to->nexthop->connection, "%d %s %s 1", REQ_KEY, myself->name, to->name);
+	return send_request(to->nexthop->connection, "%d %s %s %d", REQ_KEY, myself->name, to->name, experimental ? 1 : 0);
 }
 
 bool req_key_h(connection_t *c, char *request) {
@@ -123,7 +123,7 @@ bool req_key_h(connection_t *c, char *request) {
 	/* Check if this key request is for us */
 
 	if(to == myself) {			/* Yes, send our own key back */
-		if(kx_version > 0) {
+		if(experimental && kx_version >= 1) {
 			logger(LOG_DEBUG, "Got ECDH key request from %s", from->name);
 			from->status.ecdh = true;
 		}
@@ -161,7 +161,7 @@ bool send_ans_key_ecdh(node_t *to) {
 }
 
 bool send_ans_key(node_t *to) {
-	if(to->status.ecdh)
+	if(experimental && to->status.ecdh)
 		return send_ans_key_ecdh(to);
 
 	size_t keylen = cipher_keylength(&myself->incipher);
@@ -280,7 +280,7 @@ bool ans_key_h(connection_t *c, char *request) {
 
 	/* ECDH or old-style key exchange? */
 	
-	if(!strncmp(key, "ECDH:", 5)) {
+	if(experimental && !strncmp(key, "ECDH:", 5)) {
 		keylen = (strlen(key) - 5) / 2;
 
 		if(keylen != ECDH_SIZE) {