diff --git a/vpn-daemons/vpnc/ChangeLog b/vpn-daemons/vpnc/ChangeLog index c3863ebcf2..2d9b2e11bf 100644 --- a/vpn-daemons/vpnc/ChangeLog +++ b/vpn-daemons/vpnc/ChangeLog @@ -1,3 +1,9 @@ +2007-12-31 Christopher Aillon + + * src/nm-vpnc-service.h: + * src/nm-vpnc-service.c: + - Support Cisco UDP Encapsulation in vpnc >= 0.4 (#420925) + 2007-12-11 Dan Williams Patches from Casey Harkins diff --git a/vpn-daemons/vpnc/src/nm-vpnc-service.c b/vpn-daemons/vpnc/src/nm-vpnc-service.c index 29bd5d4109..cb4534cf24 100644 --- a/vpn-daemons/vpnc/src/nm-vpnc-service.c +++ b/vpn-daemons/vpnc/src/nm-vpnc-service.c @@ -40,22 +40,27 @@ typedef struct { } ValidProperty; static ValidProperty valid_properties[] = { - { NM_VPNC_KEY_GATEWAY, G_TYPE_STRING }, - { NM_VPNC_KEY_ID, G_TYPE_STRING }, - { NM_VPNC_KEY_SECRET, G_TYPE_STRING }, - { NM_VPNC_KEY_XAUTH_USER, G_TYPE_STRING }, - { NM_VPNC_KEY_XAUTH_PASSWORD, G_TYPE_STRING }, - { NM_VPNC_KEY_UDP_ENCAPS, G_TYPE_BOOLEAN }, - { NM_VPNC_KEY_UDP_ENCAPS_PORT, G_TYPE_INT }, - { NM_VPNC_KEY_DOMAIN, G_TYPE_STRING }, - { NM_VPNC_KEY_DHGROUP, G_TYPE_STRING }, - { NM_VPNC_KEY_PERFECT_FORWARD, G_TYPE_STRING }, - { NM_VPNC_KEY_APP_VERSION, G_TYPE_STRING }, - { NM_VPNC_KEY_REKEYING, G_TYPE_INT }, - { NM_VPNC_KEY_NAT_KEEPALIVE, G_TYPE_STRING }, - { NM_VPNC_KEY_DISABLE_NAT, G_TYPE_BOOLEAN }, - { NM_VPNC_KEY_SINGLE_DES, G_TYPE_BOOLEAN }, - { NULL, G_TYPE_NONE } + { NM_VPNC_KEY_GATEWAY, G_TYPE_STRING }, + { NM_VPNC_KEY_ID, G_TYPE_STRING }, + { NM_VPNC_KEY_SECRET, G_TYPE_STRING }, + { NM_VPNC_KEY_XAUTH_USER, G_TYPE_STRING }, + { NM_VPNC_KEY_XAUTH_PASSWORD, G_TYPE_STRING }, + { NM_VPNC_KEY_DOMAIN, G_TYPE_STRING }, + { NM_VPNC_KEY_DHGROUP, G_TYPE_STRING }, + { NM_VPNC_KEY_PERFECT_FORWARD, G_TYPE_STRING }, + { NM_VPNC_KEY_APP_VERSION, G_TYPE_STRING }, + { NM_VPNC_KEY_REKEYING, G_TYPE_INT }, + { NM_VPNC_KEY_NAT_KEEPALIVE, G_TYPE_STRING }, + { NM_VPNC_KEY_DISABLE_NAT, G_TYPE_BOOLEAN }, + { NM_VPNC_KEY_SINGLE_DES, G_TYPE_BOOLEAN }, + /* vpnc 0.3.x */ + { NM_VPNC_KEY_UDP_ENCAPS, G_TYPE_BOOLEAN }, + { NM_VPNC_KEY_UDP_ENCAPS_PORT, G_TYPE_INT }, + /* vpnc 0.4.x */ + { NM_VPNC_KEY_NAT_TRAVERSAL_MODE, G_TYPE_STRING }, + { NM_VPNC_KEY_CISCO_UDP_ENCAPS_PORT, G_TYPE_INT }, + + { NULL, G_TYPE_NONE } }; static void @@ -246,7 +251,14 @@ nm_vpnc_config_write (gint vpnc_fd, NM_VPNC_REKEYING_INTERVAL); } - // FIXME: do we need to enable Cisco UDP encapsulation here? + /* Options for vpnc 0.4.x */ + write_config_option (vpnc_fd, + NM_VPNC_KEY_NAT_TRAVERSAL_MODE " %s\n", + "cisco-udp"); + write_config_option (vpnc_fd, + NM_VPNC_KEY_CISCO_UDP_ENCAPS_PORT " %d\n", + NM_VPNC_UDP_ENCAPSULATION_PORT); + /* 0.4.x rekeys automatically */ /* Fill username if it's not present */ diff --git a/vpn-daemons/vpnc/src/nm-vpnc-service.h b/vpn-daemons/vpnc/src/nm-vpnc-service.h index b34d91e415..12e6a884b0 100644 --- a/vpn-daemons/vpnc/src/nm-vpnc-service.h +++ b/vpn-daemons/vpnc/src/nm-vpnc-service.h @@ -23,8 +23,6 @@ #define NM_VPNC_KEY_SECRET "IPSec secret" #define NM_VPNC_KEY_XAUTH_USER "Xauth username" #define NM_VPNC_KEY_XAUTH_PASSWORD "Xauth password" -#define NM_VPNC_KEY_UDP_ENCAPS "UDP Encapsulate" -#define NM_VPNC_KEY_UDP_ENCAPS_PORT "UDP Encapsulation Port" #define NM_VPNC_KEY_DOMAIN "Domain" #define NM_VPNC_KEY_DHGROUP "IKE DH Group" #define NM_VPNC_KEY_PERFECT_FORWARD "Perfect Forward Secrecy" @@ -33,7 +31,12 @@ #define NM_VPNC_KEY_NAT_KEEPALIVE "NAT-Keepalive packet interval" #define NM_VPNC_KEY_DISABLE_NAT "Disable NAT Traversal" #define NM_VPNC_KEY_SINGLE_DES "Enable Single DES" - +/* vpnc 0.3.x */ +#define NM_VPNC_KEY_UDP_ENCAPS "UDP Encapsulate" +#define NM_VPNC_KEY_UDP_ENCAPS_PORT "UDP Encapsulation Port" +/* vpnc 0.4.x */ +#define NM_VPNC_KEY_NAT_TRAVERSAL_MODE "NAT Traversal Mode" +#define NM_VPNC_KEY_CISCO_UDP_ENCAPS_PORT "Cisco UDP Encapsulation Port" typedef struct { NMVPNPlugin parent;