Overview

File vpnc-nortel-attributes.diff of Package vpnc

Index: b/isakmp-pkt.c
===================================================================
--- a/isakmp-pkt.c
+++ b/isakmp-pkt.c
@@ -637,10 +637,24 @@ static struct isakmp_attribute *parse_is
 				hex_dump("t.attributes.u.acl.mask", &r->u.acl.acl_ent[i].mask.s_addr, 4, NULL);
 				hex_dump("t.attributes.u.acl.protocol", &r->u.acl.acl_ent[i].protocol, DUMP_UINT16, NULL);
 				hex_dump("t.attributes.u.acl.sport", &r->u.acl.acl_ent[i].sport, DUMP_UINT16, NULL);
 				hex_dump("t.attributes.u.acl.dport", &r->u.acl.acl_ent[i].dport, DUMP_UINT16, NULL);
 			}
+		} else if (r->type == ISAKMP_MODECFG_ATTRIB_NORTEL_SPLIT_INC) {
+			r->af = isakmp_attr_acl;
+			r->u.acl.count = length / (4 + 4);
+			if (r->u.acl.count * (4 + 4) != length) {
+				*reject = ISAKMP_N_PAYLOAD_MALFORMED;
+				return r;
+			}
+			r->u.acl.acl_ent = xallocc(r->u.acl.count * sizeof(struct acl_ent_s));
+			for (i = 0; i < r->u.acl.count; i++) {
+				fetchn(&r->u.acl.acl_ent[i].addr.s_addr, 4);
+				fetchn(&r->u.acl.acl_ent[i].mask.s_addr, 4);
+				hex_dump("t.attributes.u.acl.addr", &r->u.acl.acl_ent[i].addr.s_addr, 4, NULL);
+				hex_dump("t.attributes.u.acl.mask", &r->u.acl.acl_ent[i].mask.s_addr, 4, NULL);
+			}
 		} else {
 			r->u.lots.data = xallocc(length);
 			fetchn(r->u.lots.data, length);
 			if ((((ISAKMP_XAUTH_06_ATTRIB_TYPE < type)
 				&& (type <= ISAKMP_XAUTH_06_ATTRIB_ANSWER)
Index: b/isakmp.h
===================================================================
--- a/isakmp.h
+++ b/isakmp.h
@@ -456,10 +456,11 @@ enum isakmp_modecfg_attrib_enum {
 	ISAKMP_XAUTH_02_ATTRIB_DOMAIN,
 	ISAKMP_XAUTH_02_ATTRIB_STATUS,
 	ISAKMP_XAUTH_02_ATTRIB_NEXT_PIN,
 	ISAKMP_XAUTH_02_ATTRIB_ANSWER, /* TYPE .. ANSWER is excluded from dump */
 
+	ISAKMP_MODECFG_ATTRIB_NORTEL_SPLIT_INC = 0x4000,
 	ISAKMP_MODECFG_ATTRIB_NORTEL_UNKNOWN_4011 = 0x4011,
 	ISAKMP_MODECFG_ATTRIB_NORTEL_CLIENT_ID = 0x4012,
 
 	ISAKMP_XAUTH_06_ATTRIB_TYPE = 0x4088,
 	ISAKMP_XAUTH_06_ATTRIB_USER_NAME,
Index: b/vpnc.c
===================================================================
--- a/vpnc.c
+++ b/vpnc.c
@@ -992,10 +992,11 @@ static int do_config_to_env(struct sa_bl
 				DEBUG(2, printf("got peer udp encapsulation port: %hu\n", s->ipsec.peer_udpencap_port));
 			}
 			break;
 
 		case ISAKMP_MODECFG_ATTRIB_CISCO_SPLIT_INC:
+		case ISAKMP_MODECFG_ATTRIB_NORTEL_SPLIT_INC:
 			if (a->af != isakmp_attr_acl) {
 				reject = ISAKMP_N_ATTRIBUTES_NOT_SUPPORTED;
 				break;
 			}
openSUSE Build Service is sponsored by
Places