[Openswan Users] Apple macOSX 10.4.3: success!
Jacco de Leeuw
jacco2 at dds.nl
Tue Nov 15 17:32:38 CET 2005
Paul Wouters wrote:
>>>>I guess the only remaining problem is the bug in Apple's racoon where they
>>>>swapped the NAT-D hashs: http://bugs.xelerance.com/view.php?id=462
>>>>Peter Van der Beken made a workaround but it is not in the recently
>>>>released Openswan 2.4.2.
>>>
>>>It is broken.
>>
>>The workaround is broken? Or do you mean Apple's racoon? Openswan 2.4.2?
>
> Yes, the workaround is broken. It is reported to break when there is no nat.
Correct. The first version of Peter Van der Beken's patch contained support
for Apple's oddball NAT-T method which was adapted for inclusion in
Openswan 2.4.2. However, this patch did not account for a NAT-D bug in
Mac OS X. Peter submitted another version which works around this bug.
I've extracted this workaround from Peter's second patch and attach it below.
It's a patch against 2.4.2. As you can see, Apple swapped the NAT-D hashes
by mistake. Non-Mac clients should not be affected by this workaround because
only Macs use this NAT_TRAVERSAL_OSX method.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
Mosquitos suck
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openswan-OSX-swapNATDhashes.patch
Type: text/x-patch
Size: 5275 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20051115/fc06ef6e/openswan-OSX-swapNATDhashes-0001.bin
More information about the Users
mailing list