Use XAuth/EAP remote identity for uniqueness check

src/libcharon/processing/jobs/adopt_children_job.c

@@ -77,7 +77,7 @@ METHOD(job_t, execute, void,
 		/* find old SA to adopt children from */
 		children = linked_list_create();
 		enumerator = charon->ike_sa_manager->create_id_enumerator(
-									charon->ike_sa_manager, my_id, other_id,
+									charon->ike_sa_manager, my_id, xauth,
 									other->get_family(other));
 		while (enumerator->enumerate(enumerator, &id))
 		{
@@ -92,7 +92,7 @@ METHOD(job_t, execute, void,
 					 ike_sa->get_state(ike_sa) == IKE_PASSIVE) &&
 					me->equals(me, ike_sa->get_my_host(ike_sa)) &&
 					other->equals(other, ike_sa->get_other_host(ike_sa)) &&
-					xauth->equals(xauth, ike_sa->get_other_eap_id(ike_sa)) &&
+					other_id->equals(other_id, ike_sa->get_other_id(ike_sa)) &&
 					cfg->equals(cfg, ike_sa->get_peer_cfg(ike_sa)))
 				{
 					childenum = ike_sa->create_child_sa_enumerator(ike_sa);

src/libcharon/sa/ike_sa_manager.c

@@ -1441,7 +1441,7 @@ METHOD(ike_sa_manager_t, checkin, void,
 
 	ike_sa_id = ike_sa->get_id(ike_sa);
 	my_id = ike_sa->get_my_id(ike_sa);
-	other_id = ike_sa->get_other_id(ike_sa);
+	other_id = ike_sa->get_other_eap_id(ike_sa);
 	other = ike_sa->get_other_host(ike_sa);
 
 	DBG2(DBG_MGR, "checkin IKE_SA %s[%u]", ike_sa->get_name(ike_sa),
@@ -1653,7 +1653,7 @@ METHOD(ike_sa_manager_t, check_uniqueness, bool,
 		return FALSE;
 	}
 	me = ike_sa->get_my_id(ike_sa);
-	other = ike_sa->get_other_id(ike_sa);
+	other = ike_sa->get_other_eap_id(ike_sa);
 	other_host = ike_sa->get_other_host(ike_sa);
 
 	enumerator = create_id_enumerator(this, me, other,

src/libcharon/sa/ike_sa_manager.h

@@ -172,6 +172,8 @@ struct ike_sa_manager_t {
 	/**
 	 * Create an enumerator over ike_sa_id_t*, matching peer identities.
 	 *
+	 * The remote peer is identified by its XAuth or EAP identity, if available.
+	 *
 	 * @param me				local peer identity to match
 	 * @param other				remote peer identity to match
 	 * @param family			address family to match, 0 for any