From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 16 Jun 2022 14:36:04 +0000 (+0200)
Subject: aggressive-mode: Determine local identity before deriving keys
X-Git-Tag: 5.9.7rc1~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3d966d6d0a323bc38f112814998cb8b7dc39d384;p=thirdparty%2Fstrongswan.git

aggressive-mode: Determine local identity before deriving keys

This might require a PSK, for which the local identity might be necessary.
---

diff --git a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
index 0184cb55ea..517843d3c8 100644
--- a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
@@ -604,14 +604,15 @@ METHOD(task_t, build_r, status_t,
 		{
 			return send_notify(this, NO_PROPOSAL_CHOSEN);
 		}
+
+		id = this->ph1->get_id(this->ph1, this->peer_cfg, TRUE);
+		this->ike_sa->set_my_id(this->ike_sa, id->clone(id));
+
 		if (!this->ph1->derive_keys(this->ph1, this->peer_cfg, this->method))
 		{
 			return send_notify(this, INVALID_KEY_INFORMATION);
 		}
 
-		id = this->ph1->get_id(this->ph1, this->peer_cfg, TRUE);
-		this->ike_sa->set_my_id(this->ike_sa, id->clone(id));
-
 		id_payload = id_payload_create_from_identification(PLV1_ID, id);
 		message->add_payload(message, &id_payload->payload_interface);