[NetworkManager-libreswan/fg/IKEv2_rh1557035] all: add support to the "left" libreswan option

[Francesco Giudici <fgiudici src gnome org>]

commit db532bfc04285fb0c0bde67f0a49c4ebfa2746d3
Author: Francesco Giudici <fgiudici redhat com>
Date:   Sat Aug 4 17:35:54 2018 +0200

    all: add support to the "left" libreswan option
    
    Till now the value "%defaultroute" was always enforced. Let it be the
    default but allow also to specify a different one if needed.

 man/nm-settings-libreswan.5.in | 4 ++++
 shared/nm-service-defines.h    | 1 +
 shared/utils.c                 | 4 +++-
 src/nm-libreswan-service.c     | 1 +
 4 files changed, 9 insertions(+), 1 deletion(-)
---
diff --git a/man/nm-settings-libreswan.5.in b/man/nm-settings-libreswan.5.in
index 0384a6b..94f7485 100644
--- a/man/nm-settings-libreswan.5.in
+++ b/man/nm-settings-libreswan.5.in
@@ -56,6 +56,10 @@ parameter of the same name.
 specifies the remote's public key for RSA authentication.
 When the 'leftcert' key is defined a default value of "%cert" is assumed.
 .TP
+.I "left"
+contains the local address that should be used during IKE negotiation. If not specified, the value
+"%defaultroute" is assumed. Corresponds to the Libreswan parameter of the same name.
+.TP
 .I "leftid"
 specifies the local identifier to be used during IKE negotiation. When this property is specified and the
 IKEv1 protocol is used the key exchange will be performed in aggressive mode. Corresponds to the Libreswan
diff --git a/shared/nm-service-defines.h b/shared/nm-service-defines.h
index 40ebacb..978a17b 100644
--- a/shared/nm-service-defines.h
+++ b/shared/nm-service-defines.h
@@ -37,6 +37,7 @@
 #define NM_LIBRESWAN_RIGHT                      "right"
 #define NM_LIBRESWAN_RIGHTID                    "rightid"
 #define NM_LIBRESWAN_RIGHTRSASIGKEY             "rightrsasigkey"
+#define NM_LIBRESWAN_LEFT                       "left"
 #define NM_LIBRESWAN_LEFTID                     "leftid"
 #define NM_LIBRESWAN_LEFTRSASIGKEY              "leftrsasigkey"
 #define NM_LIBRESWAN_LEFTCERT                   "leftcert"
diff --git a/shared/utils.c b/shared/utils.c
index 5c40fe0..964ff54 100644
--- a/shared/utils.c
+++ b/shared/utils.c
@@ -103,6 +103,7 @@ nm_libreswan_config_write (gint fd,
        const char *phase2_alg_str;
        const char *phase1_lifetime_str;
        const char *phase2_lifetime_str;
+       const char *left;
        const char *leftid;
        const char *leftcert;
        const char *leftrsasigkey;
@@ -163,7 +164,8 @@ nm_libreswan_config_write (gint fd,
        if (!leftrsasigkey && !rightrsasigkey)
                WRITE_CHECK (fd, debug_write_fcn, error, " authby=secret");
 
-       WRITE_CHECK (fd, debug_write_fcn, error, " left=%%defaultroute");
+       left = nm_setting_vpn_get_data_item (s_vpn, NM_LIBRESWAN_LEFT);
+       WRITE_CHECK (fd, debug_write_fcn, error, " left=%s", left ? : "%defaultroute");
        WRITE_CHECK (fd, debug_write_fcn, error, " leftmodecfgclient=yes");
        if (leftupdown_script)
                WRITE_CHECK (fd, debug_write_fcn, error, " leftupdown=%s", leftupdown_script);
diff --git a/src/nm-libreswan-service.c b/src/nm-libreswan-service.c
index b3fa7cc..ef0160b 100644
--- a/src/nm-libreswan-service.c
+++ b/src/nm-libreswan-service.c
@@ -251,6 +251,7 @@ static ValidProperty valid_properties[] = {
        { NM_LIBRESWAN_RIGHT,                      G_TYPE_STRING, 0, 0 },
        { NM_LIBRESWAN_RIGHTID,                    G_TYPE_STRING, 0, 0 },
        { NM_LIBRESWAN_RIGHTRSASIGKEY,             G_TYPE_STRING, 0, 0 },
+       { NM_LIBRESWAN_LEFT,                       G_TYPE_STRING, 0, 0 },
        { NM_LIBRESWAN_LEFTID,                     G_TYPE_STRING, 0, 0 },
        { NM_LIBRESWAN_LEFTXAUTHUSER,              G_TYPE_STRING, 0, 0 },
        { NM_LIBRESWAN_LEFTRSASIGKEY,              G_TYPE_STRING, 0, 0 },