X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fnet_setup.c;h=d7668885e7f76ca6965f9bfbf3b6ab80a47bb1df;hb=844dfe986db35675c0639823decdee0b3dbbf55b;hp=5b985c342c727da95b5d55b9748c19aff804b1b3;hpb=a85864809febde02687b52dc2931ac4505f57067;p=tinc

diff --git a/src/net_setup.c b/src/net_setup.c
index 5b985c34..d7668885 100644
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -657,18 +657,18 @@ static bool setup_myself(void) {
 	else
 		myself->inkeylength = 1;
 
-	/* We need to use OFB mode for the meta protocol. Use AES for this,
+	/* We need to use a stream mode for the meta protocol. Use AES for this,
 	   but try to match the key size with the one from the cipher selected
 	   by Cipher.
 	*/
 
 	int keylen = EVP_CIPHER_key_length(myself->incipher);
 	if(keylen <= 16)
-		myself->connection->outcipher = EVP_aes_128_ofb();
+		myself->connection->outcipher = EVP_aes_128_cfb();
 	else if(keylen <= 24)
-		myself->connection->outcipher = EVP_aes_192_ofb();
+		myself->connection->outcipher = EVP_aes_192_cfb();
 	else
-		myself->connection->outcipher = EVP_aes_256_ofb();
+		myself->connection->outcipher = EVP_aes_256_cfb();
 
 	if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime))
 		keylifetime = 3600;