}
METHOD(phase1_t, select_config, peer_cfg_t*,
- private_phase1_t *this, auth_method_t method, identification_t *id)
+ private_phase1_t *this, auth_method_t method, bool aggressive,
+ identification_t *id)
{
enumerator_t *enumerator;
peer_cfg_t *current, *found = NULL;
me, other, NULL, id, IKEV1);
while (enumerator->enumerate(enumerator, ¤t))
{
- if (get_auth_method(this, current) == method)
+ if (get_auth_method(this, current) == method &&
+ current->use_aggressive(current) == aggressive)
{
found = current->get_ref(current);
break;
* Select a peer config as responder.
*
* @param method used authentication method
+ * @param aggressive TRUE to get an aggressive mode config
* @param id initiator identity
* @return selected peer config, NULL if none found
*/
peer_cfg_t* (*select_config)(phase1_t *this, auth_method_t method,
- identification_t *id);
+ bool aggressive, identification_t *id);
/**
* Get configured identity from peer config.
this->id_data = id_payload->get_encoded(id_payload);
this->ike_sa->set_other_id(this->ike_sa, id);
this->peer_cfg = this->ph1->select_config(this->ph1,
- this->method, id);
+ this->method, TRUE, id);
if (!this->peer_cfg)
{
DBG1(DBG_IKE, "no peer config found");
id = id_payload->get_identification(id_payload);
this->ike_sa->set_other_id(this->ike_sa, id);
this->peer_cfg = this->ph1->select_config(this->ph1,
- this->method, id);
+ this->method, FALSE, id);
if (!this->peer_cfg)
{
DBG1(DBG_IKE, "no peer config found");