X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet_setup.c;h=3c4bf48c71607795b8c5f4bedbc44436ef2e1991;hp=4eef68eda8f3d3fc37d24819205389e70702a509;hb=4bb3793e38b7c7f24dd308801e7f6dbb02cf02d2;hpb=73d77dd416b87b7c4e9b6aa450f64846235cd2b4

diff --git a/src/net_setup.c b/src/net_setup.c
index 4eef68ed..3c4bf48c 100644
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -306,9 +306,12 @@ bool setup_myself(void)
 	} else
 		routing_mode = RMODE_ROUTER;
 
-	if(routing_mode == RMODE_ROUTER)
-		if(!get_config_bool(lookup_config(myself->connection->config_tree, "PMTUDiscovery"), &choice) || choice)
-			myself->options |= OPTION_PMTU_DISCOVERY;
+	// Enable PMTUDiscovery by default if we are in router mode.
+
+	choice = routing_mode == RMODE_ROUTER;
+	get_config_bool(lookup_config(myself->connection->config_tree, "PMTUDiscovery"), &choice);
+	if(choice)	
+		myself->options |= OPTION_PMTU_DISCOVERY;
 
 	get_config_bool(lookup_config(config_tree, "PriorityInheritance"), &priorityinheritance);
 
@@ -359,14 +362,14 @@ bool setup_myself(void)
 			}
 		}
 	} else
-		myself->incipher = EVP_bf_cbc();
+		myself->incipher = EVP_aes_256_cbc();
 
 	if(myself->incipher)
 		myself->inkeylength = myself->incipher->key_len + myself->incipher->iv_len;
 	else
 		myself->inkeylength = 1;
 
-	myself->connection->outcipher = EVP_bf_ofb();
+	myself->connection->outcipher = EVP_aes_256_ofb();
 
 	if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime))
 		keylifetime = 3600;
@@ -387,9 +390,9 @@ bool setup_myself(void)
 			}
 		}
 	} else
-		myself->indigest = EVP_sha1();
+		myself->indigest = EVP_sha256();
 
-	myself->connection->outdigest = EVP_sha1();
+	myself->connection->outdigest = EVP_sha256();
 
 	if(get_config_int(lookup_config(myself->connection->config_tree, "MACLength"), &myself->inmaclength)) {
 		if(myself->indigest) {