From 5ae822cfcdf58248bca6b51f20adc558561d393a Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 22 Nov 2013 14:02:56 +0100
Subject: [PATCH] nm: Handle PSK option in NM backend

---
 src/charon-nm/nm/nm_service.c | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/src/charon-nm/nm/nm_service.c b/src/charon-nm/nm/nm_service.c
index f373675320..f0daff61e9 100644
--- a/src/charon-nm/nm/nm_service.c
+++ b/src/charon-nm/nm/nm_service.c
@@ -412,9 +412,10 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
 		loose_gateway_id = TRUE;
 	}
 
-	if (auth_class == AUTH_CLASS_EAP)
+	if (auth_class == AUTH_CLASS_EAP ||
+		auth_class == AUTH_CLASS_PSK)
 	{
-		/* username/password authentication ... */
+		/* username/password or PSK authentication ... */
 		str = nm_setting_vpn_get_data_item(vpn, "user");
 		if (str)
 		{
@@ -548,7 +549,14 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
 	auth->add(auth, AUTH_RULE_IDENTITY, user);
 	peer_cfg->add_auth_cfg(peer_cfg, auth, TRUE);
 	auth = auth_cfg_create();
-	auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PUBKEY);
+	if (auth_class == AUTH_CLASS_PSK)
+	{
+		auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PSK);
+	}
+	else
+	{
+		auth->add(auth, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PUBKEY);
+	}
 	auth->add(auth, AUTH_RULE_IDENTITY, gateway);
 	auth->add(auth, AUTH_RULE_IDENTITY_LOOSE, loose_gateway_id);
 	peer_cfg->add_auth_cfg(peer_cfg, auth, FALSE);
@@ -623,7 +631,7 @@ static gboolean need_secrets(NMVPNPlugin *plugin, NMConnection *connection,
 	method = nm_setting_vpn_get_data_item(settings, "method");
 	if (method)
 	{
-		if (streq(method, "eap"))
+		if (streq(method, "eap") || streq(method, "psk"))
 		{
 			if (nm_setting_vpn_get_secret(settings, "password"))
 			{
-- 
2.47.2