projects
/
tinc
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Use AES in CTR mode instead of OFB mode for meta-connections.
[tinc]
/
src
/
net_setup.c
diff --git
a/src/net_setup.c
b/src/net_setup.c
index
5b985c3
..
eeeefdf
100644
(file)
--- a/
src/net_setup.c
+++ b/
src/net_setup.c
@@
-664,11
+664,11
@@
static bool setup_myself(void) {
int keylen = EVP_CIPHER_key_length(myself->incipher);
if(keylen <= 16)
int keylen = EVP_CIPHER_key_length(myself->incipher);
if(keylen <= 16)
- myself->connection->outcipher = EVP_aes_128_
ofb
();
+ myself->connection->outcipher = EVP_aes_128_
ctr
();
else if(keylen <= 24)
else if(keylen <= 24)
- myself->connection->outcipher = EVP_aes_192_
ofb
();
+ myself->connection->outcipher = EVP_aes_192_
ctr
();
else
else
- myself->connection->outcipher = EVP_aes_256_
ofb
();
+ myself->connection->outcipher = EVP_aes_256_
ctr
();
if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime))
keylifetime = 3600;
if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime))
keylifetime = 3600;