X-Git-Url: https://git.saurik.com/apple/network_cmds.git/blobdiff_plain/ffda1f4a07bc29b162ac42e2babde7cf0d4efa38..f47db663cb3ae4d2fc391bb3acf9d0c2b38a41b7:/racoon.tproj/isakmp_ident.c

diff --git a/racoon.tproj/isakmp_ident.c b/racoon.tproj/isakmp_ident.c
index ca55619..e5c46c2 100644
--- a/racoon.tproj/isakmp_ident.c
+++ b/racoon.tproj/isakmp_ident.c
@@ -441,17 +441,9 @@ ident_i3recv(iph1, msg)
 		case ISAKMP_NPTYPE_NATD_DRAFT:
 		case ISAKMP_NPTYPE_NATD_BADDRAFT:
 #ifdef IKE_NAT_T
-			{
-				natd_match_t match;
 				
-				if (pa->type != iph1->natd_payload_type) {
-					plog(LLV_ERROR, LOCATION, iph1->remote,
-						"ignore the packet, "
-						"received unexpected natd payload type %d.\n",
-						pa->type);
-					goto end;
-				}			
-				match = natd_matches(iph1, pa->ptr);
+			if (pa->type == iph1->natd_payload_type) {
+				natd_match_t match = natd_matches(iph1, pa->ptr);
 				iph1->natt_flags |= natt_natd_received;
 				if ((match & natd_match_local) != 0)
 					iph1->natt_flags |= natt_no_local_nat;
@@ -1098,17 +1090,8 @@ ident_r2recv(iph1, msg)
 		case ISAKMP_NPTYPE_NATD_DRAFT:
 		case ISAKMP_NPTYPE_NATD_BADDRAFT:
 #ifdef IKE_NAT_T
-			{
-				natd_match_t match;
-				
-				if (pa->type != iph1->natd_payload_type) {
-					plog(LLV_ERROR, LOCATION, iph1->remote,
-						"ignore the packet, "
-						"received unexpected natd payload type %d.\n",
-						pa->type);
-					goto end;
-				}			
-				match = natd_matches(iph1, pa->ptr);
+			if (pa->type == iph1->natd_payload_type) {
+				natd_match_t match = natd_matches(iph1, pa->ptr);
 				iph1->natt_flags |= natt_natd_received;
 				if ((match & natd_match_local) != 0)
 					iph1->natt_flags |= natt_no_local_nat;
@@ -1649,10 +1632,17 @@ ident_ir2mx(iph1)
 
 #ifdef IKE_NAT_T
 	if (natd_type) {
-		if (iph1->local_natd)
-			p = set_isakmp_payload(p, iph1->local_natd, natd_type);
-		if (iph1->remote_natd)
-			p = set_isakmp_payload(p, iph1->remote_natd, ISAKMP_NPTYPE_NONE);
+		if ((iph1->natt_flags & NATT_TYPE_MASK) == natt_type_apple) {
+			if (iph1->local_natd)
+				p = set_isakmp_payload(p, iph1->local_natd, natd_type);
+			if (iph1->remote_natd)
+				p = set_isakmp_payload(p, iph1->remote_natd, ISAKMP_NPTYPE_NONE);
+		} else {
+			if (iph1->remote_natd)
+				p = set_isakmp_payload(p, iph1->remote_natd, natd_type);
+			if (iph1->local_natd)
+				p = set_isakmp_payload(p, iph1->local_natd, ISAKMP_NPTYPE_NONE);
+		}
 	}
 #endif
 	error = 0;