X-Git-Url: https://git.saurik.com/apple/ipsec.git/blobdiff_plain/52b7d2ce06d68d0a9160d16f6e7c08c21c149d0d..5122e997b817982e567ac8959bcb3aa7a6dd5cf7:/ipsec-tools/racoon/sainfo.c?ds=inline

diff --git a/ipsec-tools/racoon/sainfo.c b/ipsec-tools/racoon/sainfo.c
index 2ad8797..502914b 100644
--- a/ipsec-tools/racoon/sainfo.c
+++ b/ipsec-tools/racoon/sainfo.c
@@ -79,12 +79,16 @@ static LIST_HEAD(_sitree, sainfo) sitree;
  * First pass is for sainfo from a specified peer, second for others.
  */
 struct sainfo *
-getsainfo(src, dst, peer)
+getsainfo(src, dst, peer, use_nat_addr)
 	const vchar_t *src, *dst, *peer;
+	int use_nat_addr;
 {
 	struct sainfo *s = NULL;
 	struct sainfo *anonymous = NULL;
 	int pass = 1;
+	
+	if (use_nat_addr && lcconf->ext_nat_id == NULL)
+		return NULL;
 
 	if (peer == NULL)
 		pass = 2;
@@ -109,9 +113,13 @@ getsainfo(src, dst, peer)
 			continue;
 		}
 
-		if (memcmp(src->v, s->idsrc->v, s->idsrc->l) == 0
-		 && memcmp(dst->v, s->iddst->v, s->iddst->l) == 0)
-			return s;
+		if (memcmp(src->v, s->idsrc->v, s->idsrc->l) == 0) {
+			if (use_nat_addr) {
+				if (memcmp(lcconf->ext_nat_id->v, s->iddst->v, s->iddst->l) == 0)
+					return s;
+			} else if (memcmp(dst->v, s->iddst->v, s->iddst->l) == 0)
+				return s;
+		}
 	}
 
 	if (anonymous) {