Store Main Mode identity even if XAuth-only is used for authentication
authorMartin Willi <martin@revosec.ch>
Thu, 15 Dec 2011 11:28:43 +0000 (12:28 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:31:23 +0000 (17:31 +0100)
src/libcharon/sa/tasks/main_mode.c

index 42290d4..0582c33 100644 (file)
@@ -362,14 +362,14 @@ static bool check_constraints(private_main_mode_t *this)
        identification_t *id;
        auth_cfg_t *auth;
 
-       if (skipped_auth(this, FALSE))
-       {
-               return TRUE;
-       }
        auth = this->ike_sa->get_auth_cfg(this->ike_sa, FALSE);
        /* auth identity to comply */
        id = this->ike_sa->get_other_id(this->ike_sa);
        auth->add(auth, AUTH_RULE_IDENTITY, id->clone(id));
+       if (skipped_auth(this, FALSE))
+       {
+               return TRUE;
+       }
        return auth->complies(auth, this->other_auth, TRUE);
 }