4 files changed, 20 insertions, 6 deletions

diff --git a/src/pluto/keys.c b/src/pluto/keys.c
index 0d2efc9ca..6cdf169d8 100644
--- a/src/pluto/keys.c
+++ b/src/pluto/keys.c
@@ -647,7 +647,7 @@ xauth_get_secret(xauth_t *xauth_secret)
  * find a matching secret
  */
 static bool
-xauth_verify_secret(const char *conn_name, const xauth_t *xauth_secret)
+xauth_verify_secret(const xauth_peer_t *peer, const xauth_t *xauth_secret)
 {
     bool found = FALSE;
     secret_t *s;
diff --git a/src/pluto/modecfg.c b/src/pluto/modecfg.c
index 04f13fab3..967a0b2a5 100644
--- a/src/pluto/modecfg.c
+++ b/src/pluto/modecfg.c
@@ -967,6 +967,12 @@ xauth_inR1(struct msg_digest *md)
     }
     else 
     {
+	xauth_peer_t peer;
+
+	peer.conn_name = st->st_connection->name;
+	addrtot(&md->sender, 0, peer.ip_address, sizeof(peer.ip_address));
+	idtoa(&md->st->st_connection->spd.that.id, peer.id, sizeof(peer.id));
+
 	DBG(DBG_CONTROL,
 	    DBG_log("peer xauth user name is '%.*s'"
 		   , ia.xauth_secret.user_name.len
@@ -977,9 +983,8 @@ xauth_inR1(struct msg_digest *md)
 		   , ia.xauth_secret.user_password.len
 		   , ia.xauth_secret.user_password.ptr)
 	)
-	/* verify the user credentials using a plugn function */
-	st->st_xauth.status = xauth_module.verify_secret(st->st_connection->name
-						       , &ia.xauth_secret);
+	/* verify the user credentials using a plugin function */
+	st->st_xauth.status = xauth_module.verify_secret(&peer, &ia.xauth_secret);
 	plog("extended authentication %s", st->st_xauth.status? "was successful":"failed");
     }
 
diff --git a/src/pluto/xauth.c b/src/pluto/xauth.c
index 4c82a37d5..31ffcc378 100644
--- a/src/pluto/xauth.c
+++ b/src/pluto/xauth.c
@@ -44,7 +44,7 @@ xauth_init(void)
 		DBG_log("xauth module: found get_secret() function");
 	    }
 	)
-	xauth_module.verify_secret = (bool (*) (const char*, const xauth_t*))
+	xauth_module.verify_secret = (bool (*) (const xauth_peer_t*, const xauth_t*))
 			dlsym(xauth_module.handle, "verify_secret");
 	DBG(DBG_CONTROL,
 	    if (xauth_module.verify_secret != NULL)
diff --git a/src/pluto/xauth.h b/src/pluto/xauth.h
index b36f291b0..0a9f792aa 100644
--- a/src/pluto/xauth.h
+++ b/src/pluto/xauth.h
@@ -18,11 +18,20 @@
 #ifndef _XAUTH_H
 #define _XAUTH_H
 
+#include <freeswan.h>
+#include "defs.h"
+
 /* XAUTH credentials */
 
 struct chunk_t;
 
 typedef struct {
+    char *conn_name;
+    char id[BUF_LEN];
+    char ip_address[ADDRTOT_BUF];
+} xauth_peer_t;
+
+typedef struct {
     chunk_t user_name;
     chunk_t user_password;
 } xauth_t;
@@ -30,7 +39,7 @@ typedef struct {
 typedef struct {
     void *handle;
     bool (*get_secret) (xauth_t *xauth_secret);
-    bool (*verify_secret) (const char *conn_name, const xauth_t *xauth_secret);
+    bool (*verify_secret) (const xauth_peer_t *peer, const xauth_t *xauth_secret);
 } xauth_module_t;
 
 extern xauth_module_t xauth_module;