projects / oweals / tinc.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Don't dereference myself->incipher if it's NULL.
[oweals/tinc.git] / src / net_setup.c
diff --git a/src/net_setup.c b/src/net_setup.c
index eeeefdf6baaa982f6c9a1ede4ba33b2c50ba2035..2371f7ee099c5390800ec484387867d874bf0c75 100644 (file)
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -1,7 +1,7 @@
 /*
     net_setup.c -- Setup.
     Copyright (C) 1998-2005 Ivo Timmermans,
 /*
     net_setup.c -- Setup.
     Copyright (C) 1998-2005 Ivo Timmermans,
-                  2000-2016 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2017 Guus Sliepen <guus@tinc-vpn.org>
                   2006      Scott Lamb <slamb@slamb.org>
                   2010      Brandon Black <blblack@gmail.com>
 
                   2006      Scott Lamb <slamb@slamb.org>
                   2010      Brandon Black <blblack@gmail.com>
 
@@ -657,18 +657,21 @@ static bool setup_myself(void) {
        else
                myself->inkeylength = 1;
 
        else
                myself->inkeylength = 1;
 
-       /* We need to use OFB mode for the meta protocol. Use AES for this,
+       /* We need to use a stream mode for the meta protocol. Use AES for this,
           but try to match the key size with the one from the cipher selected
           by Cipher.
           but try to match the key size with the one from the cipher selected
           by Cipher.
+
+          If Cipher is set to none, still use a low level of encryption for the
+          meta protocol.
        */
 
        */
 
-       int keylen = EVP_CIPHER_key_length(myself->incipher);
+       int keylen = myself->incipher ? EVP_CIPHER_key_length(myself->incipher) : 0;
        if(keylen <= 16)
        if(keylen <= 16)
-               myself->connection->outcipher = EVP_aes_128_ctr();
+               myself->connection->outcipher = EVP_aes_128_cfb();
        else if(keylen <= 24)
        else if(keylen <= 24)
-               myself->connection->outcipher = EVP_aes_192_ctr();
+               myself->connection->outcipher = EVP_aes_192_cfb();
        else
        else
-               myself->connection->outcipher = EVP_aes_256_ctr();
+               myself->connection->outcipher = EVP_aes_256_cfb();
 
        if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime))
                keylifetime = 3600;
 
        if(!get_config_int(lookup_config(config_tree, "KeyExpire"), &keylifetime))
                keylifetime = 3600;
Unnamed repository; edit this file 'description' to name the repository.