unity: Handle narrowing according to roles in the IKE_SA

Since the narrow hook types reflect the roles in the Quick Mode exchange
the plugin behaved incorrectly if the server initiated the CHILD_SA
rekeying.

src/libcharon/plugins/unity/unity_narrow.c

@@ -145,19 +145,35 @@ METHOD(listener_t, narrow, bool,
 {
 	if (ike_sa->get_version(ike_sa) == IKEV1 &&
 		ike_sa->supports_extension(ike_sa, EXT_CISCO_UNITY))
+	{
+		/* depending on who initiates a rekeying the hooks will not match the
+		 * roles in the IKE_SA */
+		if (ike_sa->has_condition(ike_sa, COND_ORIGINAL_INITIATOR))
 		{
 			switch (type)
 			{
 				case NARROW_INITIATOR_PRE_AUTH:
+				case NARROW_RESPONDER:
 					narrow_pre(remote, "other");
 					break;
 				case NARROW_INITIATOR_POST_AUTH:
+				case NARROW_RESPONDER_POST:
 					narrow_initiator(this, ike_sa,
 									 child_sa->get_config(child_sa), remote);
 					break;
+				default:
+					break;
+			}
+		}
+		else
+		{
+			switch (type)
+			{
+				case NARROW_INITIATOR_PRE_AUTH:
 				case NARROW_RESPONDER:
 					narrow_pre(local, "us");
 					break;
+				case NARROW_INITIATOR_POST_AUTH:
 				case NARROW_RESPONDER_POST:
 					narrow_responder_post(child_sa->get_config(child_sa), local);
 					break;
@@ -165,6 +181,7 @@ METHOD(listener_t, narrow, bool,
 					break;
 			}
 		}
+	}
 	return TRUE;
 }