1 files changed, 29 insertions, 2 deletions

diff --git a/src/pluto/ike_alg.c b/src/pluto/ike_alg.c
index 43cb24ea2..a62285809 100644
--- a/src/pluto/ike_alg.c
+++ b/src/pluto/ike_alg.c
@@ -233,6 +233,7 @@ ike_alg_db_new(struct alg_info_ike *ai , lset_t policy)
     struct ike_info *ike_info;
     u_int ealg, halg, modp, eklen = 0;
     struct encrypt_desc *enc_desc;
+    bool is_xauth_server;
     int i;
 
     if (!ai)
@@ -298,11 +299,37 @@ ike_alg_db_new(struct alg_info_ike *ai , lset_t policy)
 	    db_trans_add(db_ctx, KEY_IKE);
 	    db_attr_add_values(db_ctx, OAKLEY_ENCRYPTION_ALGORITHM, ealg);
 	    db_attr_add_values(db_ctx, OAKLEY_HASH_ALGORITHM, halg);
-	    if (ike_info->ike_eklen)
-		db_attr_add_values(db_ctx, OAKLEY_KEY_LENGTH, ike_info->ike_eklen);
+	    if (eklen)
+		db_attr_add_values(db_ctx, OAKLEY_KEY_LENGTH, eklen);
 	    db_attr_add_values(db_ctx, OAKLEY_AUTHENTICATION_METHOD, OAKLEY_PRESHARED_KEY);
 	    db_attr_add_values(db_ctx, OAKLEY_GROUP_DESCRIPTION, modp);
 	}
+
+	is_xauth_server = (policy & POLICY_XAUTH_SERVER) != LEMPTY;
+
+	if (policy & POLICY_XAUTH_RSASIG)
+	{
+	    db_trans_add(db_ctx, KEY_IKE);
+	    db_attr_add_values(db_ctx, OAKLEY_ENCRYPTION_ALGORITHM, ealg);
+	    db_attr_add_values(db_ctx, OAKLEY_HASH_ALGORITHM, halg);
+	    if (eklen)
+		db_attr_add_values(db_ctx, OAKLEY_KEY_LENGTH, eklen);
+	    db_attr_add_values(db_ctx, OAKLEY_AUTHENTICATION_METHOD
+		, is_xauth_server ? XAUTHRespRSA : XAUTHInitRSA);
+	    db_attr_add_values(db_ctx, OAKLEY_GROUP_DESCRIPTION, modp);
+	}
+
+	if (policy & POLICY_XAUTH_PSK)
+	{
+	    db_trans_add(db_ctx, KEY_IKE);
+	    db_attr_add_values(db_ctx, OAKLEY_ENCRYPTION_ALGORITHM, ealg);
+	    db_attr_add_values(db_ctx, OAKLEY_HASH_ALGORITHM, halg);
+	    if (eklen)
+		db_attr_add_values(db_ctx, OAKLEY_KEY_LENGTH, eklen);
+	    db_attr_add_values(db_ctx, OAKLEY_AUTHENTICATION_METHOD
+		, is_xauth_server ? XAUTHRespPreShared : XAUTHInitPreShared);
+	    db_attr_add_values(db_ctx, OAKLEY_GROUP_DESCRIPTION, modp);
+	}
     }
 fail:
     return db_ctx;