From: Martin Willi <martin@revosec.ch>
Date: Wed, 23 May 2012 10:18:45 +0000 (+0200)
Subject: Use received identity to look up PSK as aggressive responder
X-Git-Tag: 5.0.0~234
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=523ce7c20cdc86e732e3a2b00f5749552fdea2c8;p=thirdparty%2Fstrongswan.git

Use received identity to look up PSK as aggressive responder
---

diff --git a/src/libcharon/sa/ikev1/phase1.c b/src/libcharon/sa/ikev1/phase1.c
index 709bc6cbc0..20abd0a02b 100644
--- a/src/libcharon/sa/ikev1/phase1.c
+++ b/src/libcharon/sa/ikev1/phase1.c
@@ -131,13 +131,20 @@ static shared_key_t *lookup_shared_key(private_phase1_t *this,
 	}
 
 	if (peer_cfg)
-	{	/* as initiator, use identities from configuraiton */
+	{	/* as initiator or aggressive responder, use identities */
 		my_auth = get_auth_cfg(peer_cfg, TRUE);
 		other_auth = get_auth_cfg(peer_cfg, FALSE);
 		if (my_auth && other_auth)
 		{
 			my_id = my_auth->get(my_auth, AUTH_RULE_IDENTITY);
-			other_id = other_auth->get(other_auth, AUTH_RULE_IDENTITY);
+			if (peer_cfg->use_aggressive(peer_cfg))
+			{
+				other_id = this->ike_sa->get_other_id(this->ike_sa);
+			}
+			else
+			{
+				other_id = other_auth->get(other_auth, AUTH_RULE_IDENTITY);
+			}
 			if (my_id && other_id)
 			{
 				shared_key = lib->credmgr->get_shared(lib->credmgr, SHARED_IKE,