From: Martin Willi <martin@revosec.ch>
Date: Thu, 15 Dec 2011 11:28:43 +0000 (+0100)
Subject: Store Main Mode identity even if XAuth-only is used for authentication
X-Git-Tag: 5.0.0~338^2~9^2~197
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=10a6a5acff4a1237be0d33e9a483585e01c5e652;p=thirdparty%2Fstrongswan.git

Store Main Mode identity even if XAuth-only is used for authentication
---

diff --git a/src/libcharon/sa/tasks/main_mode.c b/src/libcharon/sa/tasks/main_mode.c
index 42290d4277..0582c33d53 100644
--- a/src/libcharon/sa/tasks/main_mode.c
+++ b/src/libcharon/sa/tasks/main_mode.c
@@ -362,14 +362,14 @@ static bool check_constraints(private_main_mode_t *this)
 	identification_t *id;
 	auth_cfg_t *auth;
 
-	if (skipped_auth(this, FALSE))
-	{
-		return TRUE;
-	}
 	auth = this->ike_sa->get_auth_cfg(this->ike_sa, FALSE);
 	/* auth identity to comply */
 	id = this->ike_sa->get_other_id(this->ike_sa);
 	auth->add(auth, AUTH_RULE_IDENTITY, id->clone(id));
+	if (skipped_auth(this, FALSE))
+	{
+		return TRUE;
+	}
 	return auth->complies(auth, this->other_auth, TRUE);
 }