Menu
▾
▴
[Ipsec-tools-commits] ipsec-tools/src/racoon isakmp.c,1.32,1.32.2.1
|
From: VANHULLEBUS Y. <va...@us...> - 2005-01-24 08:50:22
|
Update of /cvsroot/ipsec-tools/ipsec-tools/src/racoon In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17707/src/racoon Modified Files: Tag: ipsec-tools-0_5-branch isakmp.c Log Message: set UDP_ENCAPS_ESPINUDP_NON_IKE option when needed Index: isakmp.c =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/isakmp.c,v retrieving revision 1.32 retrieving revision 1.32.2.1 diff -u -d -r1.32 -r1.32.2.1 --- isakmp.c 20 Dec 2004 16:18:27 -0000 1.32 +++ isakmp.c 24 Jan 2005 08:50:03 -0000 1.32.2.1 @@ -1584,21 +1584,31 @@ saddr2str(p->addr), p->sock); #ifdef ENABLE_NATT - if (p->udp_encap && (p->addr->sa_family == AF_INET)) { - int option = UDP_ENCAP_ESPINUDP; + if (p->addr->sa_family == AF_INET) { + int option = -1; - if (setsockopt (p->sock, SOL_UDP, UDP_ENCAP, - &option, sizeof (option)) < 0) { - plog(LLV_ERROR, LOCATION, NULL, - "setsockopt(UDP_ENCAP_ESPINUDP): %s\n", - strerror(errno)); - goto err_and_next; - } - else { - plog(LLV_INFO, LOCATION, NULL, - "%s used for NAT-T\n", - saddr2str(p->addr)); - encap_ifnum++; + + if(p->udp_encap) + option = UDP_ENCAP_ESPINUDP; +#if defined(ENABLE_NATT_00) || defined(ENABLE_NATT_01) + else + option = UDP_ENCAP_ESPINUDP_NON_IKE; +#endif + if(option != -1){ + if (setsockopt (p->sock, SOL_UDP, UDP_ENCAP, + &option, sizeof (option)) < 0) { + plog(LLV_ERROR, LOCATION, NULL, + "setsockopt(%s): %s\n", + option == UDP_ENCAP_ESPINUDP ? "UDP_ENCAP_ESPINUDP" : "UDP_ENCAP_ESPINUDP_NON_IKE", + strerror(errno)); + goto err_and_next; + } + else { + plog(LLV_INFO, LOCATION, NULL, + "%s used for NAT-T\n", + saddr2str(p->addr)); + encap_ifnum++; + } } } #endif |