diff options
| author | Martin Willi <martin@revosec.ch> | 2012-05-23 12:18:45 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2012-05-23 12:18:45 +0200 |
| commit | 523ce7c20cdc86e732e3a2b00f5749552fdea2c8 (patch) | |
| tree | a2d07771a60cd7b9194895dc58c6cf5d3902d574 /src | |
| parent | 51754f6654cd44b572eed8b26e7d30255cae8bca (diff) | |
| download | strongswan-523ce7c20cdc86e732e3a2b00f5749552fdea2c8.tar.bz2 strongswan-523ce7c20cdc86e732e3a2b00f5749552fdea2c8.tar.xz | |
Use received identity to look up PSK as aggressive responder
Diffstat (limited to 'src')
| -rw-r--r-- | src/libcharon/sa/ikev1/phase1.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/src/libcharon/sa/ikev1/phase1.c b/src/libcharon/sa/ikev1/phase1.c index 709bc6cbc..20abd0a02 100644 --- a/src/libcharon/sa/ikev1/phase1.c +++ b/src/libcharon/sa/ikev1/phase1.c @@ -131,13 +131,20 @@ static shared_key_t *lookup_shared_key(private_phase1_t *this, } if (peer_cfg) - { /* as initiator, use identities from configuraiton */ + { /* as initiator or aggressive responder, use identities */ my_auth = get_auth_cfg(peer_cfg, TRUE); other_auth = get_auth_cfg(peer_cfg, FALSE); if (my_auth && other_auth) { my_id = my_auth->get(my_auth, AUTH_RULE_IDENTITY); - other_id = other_auth->get(other_auth, AUTH_RULE_IDENTITY); + if (peer_cfg->use_aggressive(peer_cfg)) + { + other_id = this->ike_sa->get_other_id(this->ike_sa); + } + else + { + other_id = other_auth->get(other_auth, AUTH_RULE_IDENTITY); + } if (my_id && other_id) { shared_key = lib->credmgr->get_shared(lib->credmgr, SHARED_IKE, |