1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
https://github.com/xelerance/Openswan/commit/b6041cb5d1d07974596be79606a977e88dd9ec48.patch
From b6041cb5d1d07974596be79606a977e88dd9ec48 Mon Sep 17 00:00:00 2001
From: Patrick Naubert <patrickn@xelerance.com>
Date: Fri, 28 Feb 2014 19:59:54 -0500
Subject: [PATCH] Bring back NAT traversal that got mistakenly pulled out by
CVE-2014-2037 patch. Patch by Thomas Geulig
---
lib/libopenswan/constants.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/lib/libopenswan/constants.c b/lib/libopenswan/constants.c
index 932b205..09f7e80 100644
--- a/lib/libopenswan/constants.c
+++ b/lib/libopenswan/constants.c
@@ -167,9 +167,18 @@ const char *const payload_name_ikev2_main[] = {
NULL /* termination for bitnamesof() */
};
+const char *const payload_name_nat_d[] = {
+ "ISAKMP_NEXT_NAT-D",
+ "ISAKMP_NEXT_NAT-OA",
+ NULL
+};
+
+static enum_names payload_names_nat_d =
+{ ISAKMP_NEXT_NATD_DRAFTS, ISAKMP_NEXT_NATOA_DRAFTS, payload_name_nat_d, NULL };
+
static enum_names payload_names_ikev2_main =
{ ISAKMP_NEXT_v2SA, ISAKMP_NEXT_v2EAP, payload_name_ikev2_main,
- NULL };
+ &payload_names_nat_d };
const char *const payload_name_ikev2[] = {
"ISAKMP_NEXT_v2NONE", /* 33 */
--
1.9.1
|