diff --git a/node/IncomingPacket.cpp b/node/IncomingPacket.cpp
index 05ba7bbe0..d1f0f51dc 100644
--- a/node/IncomingPacket.cpp
+++ b/node/IncomingPacket.cpp
@@ -67,7 +67,7 @@ bool IncomingPacket::tryDecode(const RuntimeEnvironment *RR,void *tPtr,int32_t f
 		const SharedPtr<Peer> peer(RR->topology->getPeer(tPtr,sourceAddress));
 		if (peer) {
 			if (!trusted) {
-				if (!dearmor(peer->key(), peer->aesKeysIfSupported())) {
+				if (!dearmor(peer->key(), peer->aesKeys())) {
 					RR->t->incomingPacketMessageAuthenticationFailure(tPtr,_path,packetId(),sourceAddress,hops(),"invalid MAC");
 					peer->recordIncomingInvalidPacket(_path);
 					return true;
diff --git a/node/Peer.hpp b/node/Peer.hpp
index 4a0dad928..a064bf697 100644
--- a/node/Peer.hpp
+++ b/node/Peer.hpp
@@ -534,12 +534,15 @@ public:
 	 */
 	inline int8_t bondingPolicy() { return _bondingPolicy; }
 
-	//const AES *aesKeysIfSupported() const
+	//inline const AES *aesKeysIfSupported() const
 	//{ return (const AES *)0; }
 
-	const AES *aesKeysIfSupported() const
+	inline const AES *aesKeysIfSupported() const
 	{ return (_vProto >= 12) ? _aesKeys : (const AES *)0; }
 
+	inline const AES *aesKeys() const
+	{ return _aesKeys; }
+
 private:
 	struct _PeerPath
 	{