#
#
# patch "base.hh"
#  from [58dfd20a5d4614b7660e79da2c4a24c6a8eb7b2b]
#    to [77e8fea2271e17bb57bb1c960888da3c65ae2a7c]
# 
# patch "key_store.cc"
#  from [b083bb11781ce170e067859a28944fb9375843a4]
#    to [c8b5b99b303acbf68a849b7e44e1bdfcb1c2fa05]
# 
# patch "network/session.cc"
#  from [1993eb0f6246a793eacd07e284641bba7cd39a8d]
#    to [8911d09f563ff70cdefff537034b7c8c371afb32]
# 
# patch "network/session.hh"
#  from [1bf5b381aed995a946253357f8850523ce288021]
#    to [02803a0b67e3e3e93397511cdaee5976defb1196]
# 
# patch "sanity.cc"
#  from [7e4d028499e1899cddb4cbc6a91349c5e9e90721]
#    to [981b8ecbcf2ecc2b4d617f94bbbe303f95c4b57a]
#
============================================================
--- base.hh	58dfd20a5d4614b7660e79da2c4a24c6a8eb7b2b
+++ base.hh	77e8fea2271e17bb57bb1c960888da3c65ae2a7c
@@ -44,6 +44,7 @@ template <> void dump(char const * const
 
 template <> void dump(std::string const & obj, std::string & out);
 template <> void dump(char const * const & obj, std::string & out);
+template <> void dump(bool const & obj, std::string & out);
 
 // NORETURN(void function()); declares a function that will never return
 // in the normal fashion. a function that invariably throws an exception
============================================================
--- key_store.cc	b083bb11781ce170e067859a28944fb9375843a4
+++ key_store.cc	c8b5b99b303acbf68a849b7e44e1bdfcb1c2fa05
@@ -295,6 +295,7 @@ key_store::get_key_pair(key_id const & i
 key_store::get_key_pair(key_id const & ident,
                         keypair & kp)
 {
+  MM(ident);
   bool found = maybe_get_key_pair(ident, kp);
   I(found);
 }
@@ -317,6 +318,7 @@ key_store::get_key_pair(key_id const & h
                         key_name & keyid,
                         keypair & kp)
 {
+  MM(hash);
   bool found = maybe_get_key_pair(hash, keyid, kp);
   I(found);
 }
============================================================
--- network/session.cc	1993eb0f6246a793eacd07e284641bba7cd39a8d
+++ network/session.cc	8911d09f563ff70cdefff537034b7c8c371afb32
@@ -33,13 +33,12 @@ session::session(options & opts, lua_hoo
                  key_store & keys,
                  protocol_voice voice,
                  std::string const & peer,
-                 shared_ptr<Netxx::StreamBase> sock,
-                 bool use_transport_auth) :
+                 shared_ptr<Netxx::StreamBase> sock) :
   session_base(voice, peer, sock),
   version(opts.max_netsync_version),
   max_version(opts.max_netsync_version),
   min_version(opts.min_netsync_version),
-  use_transport_auth(use_transport_auth),
+  use_transport_auth(opts.use_transport_auth),
   signing_key(keys.signing_key),
   cmd_in(0),
   armed(false),
@@ -102,8 +101,10 @@ session::set_session_key(rsa_oaep_sha_da
 void
 session::set_session_key(rsa_oaep_sha_data const & hmac_key_encrypted)
 {
+  MM(use_transport_auth);
   if (use_transport_auth)
     {
+      MM(signing_key);
       string hmac_key;
       keys.decrypt_rsa(signing_key, hmac_key_encrypted, hmac_key);
       set_session_key(hmac_key);
@@ -212,14 +213,14 @@ bool session::do_work(transaction_guard 
 
                 key_name name;
                 keypair kp;
-                keys.get_key_pair(signing_key, name, kp);
                 if (use_transport_auth)
                   {
+                    keys.get_key_pair(signing_key, name, kp);
                     cmd.write_hello_cmd(name, kp.pub, mk_nonce());
                   }
                 else
                   {
-                    cmd.write_hello_cmd(name, rsa_pub_key(), mk_nonce());
+                    cmd.write_hello_cmd(name, kp.pub, mk_nonce());
                   }
                 write_netcmd(cmd);
                 return true;
@@ -379,6 +380,7 @@ session::request_netsync(protocol_role r
                          globish const & our_include_pattern,
                          globish const & our_exclude_pattern)
 {
+  MM(use_transport_auth);
   id nonce2(mk_nonce());
   netcmd request(version);
   rsa_oaep_sha_data hmac_key_encrypted;
@@ -630,9 +632,12 @@ bool session::handle_service_request()
     }
 
   key_identity_info client_identity;
-  client_identity.id = client_id;
-  if (!client_identity.id.inner()().empty())
-    project.complete_key_identity(keys, lua, client_identity);
+  if (authenticated)
+    {
+      client_identity.id = client_id;
+      if (!client_identity.id.inner()().empty())
+        project.complete_key_identity(keys, lua, client_identity);
+    }
 
   wrapped->on_begin(session_id, client_identity);
   wrapped->prepare_to_confirm(client_identity, use_transport_auth);
@@ -643,6 +648,7 @@ bool session::handle_service_request()
 
 
   completed_hello = true;
+  authenticated = true;
   return true;
 }
 
============================================================
--- network/session.hh	1bf5b381aed995a946253357f8850523ce288021
+++ network/session.hh	02803a0b67e3e3e93397511cdaee5976defb1196
@@ -70,8 +70,7 @@ public:
           key_store & keys,
           protocol_voice voice,
           std::string const & peer,
-          boost::shared_ptr<Netxx::StreamBase> sock,
-          bool use_transport_auth = true);
+          boost::shared_ptr<Netxx::StreamBase> sock);
   ~session();
   void set_inner(boost::shared_ptr<wrapped_session> wrapped);
 
============================================================
--- sanity.cc	7e4d028499e1899cddb4cbc6a91349c5e9e90721
+++ sanity.cc	981b8ecbcf2ecc2b4d617f94bbbe303f95c4b57a
@@ -449,6 +449,11 @@ dump(char const * const & obj, string & 
 {
   out = obj;
 }
+template<> void
+dump(bool const & obj, string & out)
+{
+  out = (obj ? "true" : "false");
+}
 
 void
 sanity::print_var(std::string const & value, char const * var,