--- embedaddon/strongswan/src/libcharon/sa/ikev1/tasks/main_mode.c	2020/06/03 09:46:45	1.1.1.1
+++ embedaddon/strongswan/src/libcharon/sa/ikev1/tasks/main_mode.c	2021/03/17 00:20:09	1.1.1.2
@@ -302,8 +302,14 @@ METHOD(task_t, build_i, status_t,
 		}
 		case MM_SA:
 		{
+			identification_t *id;
 			uint16_t group;
 
+			/* we might need the identity to look up a PSK when processing the
+			 * response */
+			id = this->ph1->get_id(this->ph1, this->peer_cfg, TRUE);
+			this->ike_sa->set_my_id(this->ike_sa, id->clone(id));
+
 			if (!this->ph1->create_hasher(this->ph1))
 			{
 				return send_notify(this, NO_PROPOSAL_CHOSEN);
@@ -331,8 +337,7 @@ METHOD(task_t, build_i, status_t,
 			id_payload_t *id_payload;
 			identification_t *id;
 
-			id = this->ph1->get_id(this->ph1, this->peer_cfg, TRUE);
-			this->ike_sa->set_my_id(this->ike_sa, id->clone(id));
+			id = this->ike_sa->get_my_id(this->ike_sa);
 			id_payload = id_payload_create_from_identification(PLV1_ID, id);
 			message->add_payload(message, &id_payload->payload_interface);
 
@@ -371,7 +376,8 @@ METHOD(task_t, process_r, status_t,
 
 			this->ike_sa->update_hosts(this->ike_sa,
 									   message->get_destination(message),
-									   message->get_source(message), TRUE);
+									   message->get_source(message),
+									   UPDATE_HOSTS_FORCE_ADDRS);
 
 			sa_payload = (sa_payload_t*)message->get_payload(message,
 													PLV1_SECURITY_ASSOCIATION);