Fixing Apple's L2TP/IPSec

[kasei1]

Hi!

Since Mac OS X makes a lot of trouble when it comes to connecting to non Mac L2TP/IPSec Servers and I still wanted to maintain the default VPN interface (instead of configuring the vpn with config files) I fixed Apple's L2TP/IPSec implementation for Snow Leopard. This version connects perfectly to a Windows Server 2008.

What is fixed?
-Use the standard port 1701 on the client side for outgoing connections.
-Fix retrieving psks from the Keychain.

Instructions:
Download the zip file.
L2TP goes to /System/Library/Extensions/L2TP.ppp/Contents/MacOS/ (fix the access rights if necessary)
racoon goes to /usr/sbin/

What did I change?
In http://www.opensource.apple.com/source/ppp/ppp-412.3/Drivers/L2TP/L2TP-plugin/main.c

replaced

our_address.sin_port = htons(opt_udpport);

with

our_address.sin_port = htons(L2TP_UDP_PORT);

replaced

our_address.sin_port = htons(0);

with

our_address.sin_port = htons(L2TP_UDP_PORT);

Although this could be fixed better by Apple in their non OS source.

In http://www.opensource.apple.com/source/ipsec/ipsec-93.8/ipsec-tools/racoon/localconf.c

replaced

key = vmalloc(cur_password_len + 1);

with

key = vmalloc(cur_password_len);

removed

key->v[cur_password_len] = 0;

Somebody must have thought the ipsec key is a 0 terminated string which leads to the error that pre-shared keys wont be read correctly from the keychain. Apple, please implement this fix as it is .

Have Fun!

If you appreciate my work just leave me a post