X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fnet_setup.c;h=ce84c80f20bfda8a15644bb573b1b00166c9e773;hp=4eef68eda8f3d3fc37d24819205389e70702a509;hb=c217d214f4f071c235bc7c463a1da6124e2570a6;hpb=73d77dd416b87b7c4e9b6aa450f64846235cd2b4 diff --git a/src/net_setup.c b/src/net_setup.c index 4eef68ed..ce84c80f 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -16,8 +16,6 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - - $Id$ */ #include "system.h" @@ -306,9 +304,12 @@ bool setup_myself(void) } else routing_mode = RMODE_ROUTER; - if(routing_mode == RMODE_ROUTER) - if(!get_config_bool(lookup_config(myself->connection->config_tree, "PMTUDiscovery"), &choice) || choice) - myself->options |= OPTION_PMTU_DISCOVERY; + // Enable PMTUDiscovery by default if we are in router mode. + + choice = routing_mode == RMODE_ROUTER; + get_config_bool(lookup_config(myself->connection->config_tree, "PMTUDiscovery"), &choice); + if(choice) + myself->options |= OPTION_PMTU_DISCOVERY; get_config_bool(lookup_config(config_tree, "PriorityInheritance"), &priorityinheritance); @@ -359,14 +360,14 @@ bool setup_myself(void) } } } else - myself->incipher = EVP_bf_cbc(); + myself->incipher = EVP_aes_256_cbc(); if(myself->incipher) myself->inkeylength = myself->incipher->key_len + myself->incipher->iv_len; else myself->inkeylength = 1; - myself->connection->outcipher = EVP_bf_ofb(); + myself->connection->outcipher = EVP_aes_256_ofb(); if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime)) keylifetime = 3600; @@ -387,9 +388,9 @@ bool setup_myself(void) } } } else - myself->indigest = EVP_sha1(); + myself->indigest = EVP_sha256(); - myself->connection->outdigest = EVP_sha1(); + myself->connection->outdigest = EVP_sha256(); if(get_config_int(lookup_config(myself->connection->config_tree, "MACLength"), &myself->inmaclength)) { if(myself->indigest) {