This commit updates all authorship and copyright information to include a
standard header that references the AUTHORS and CREDITS file. This standard
header was written by the Debian legal team at the request of Franck Joncourt.
This change helps to maintain backwards compatibility with older fwknopd daemons
that cannot handle Rijndael keys greater than 16 bytes. Blair Zajac suggested
printing a warning in '-M legacy' mode when keys are attempted > 16 bytes long,
and this warning is included in this commit.
The client --test mode decrypts SPA packet data as a final step, but get_keys()
was being called to re-acquire the encryption/HMAC keys. This commit reuses
the same keys that were supplied for SPA packet encryption/authentication
because the most important code to test is not get_keys() but rather libfko
encryption/decryption/authentication operations.
This change brings similar functionality to the client as the GPG_ALLOW_NO_PW
keyword in the server access.conf file. Although this option is less likely
to be used than the analogous server functionality, it stands to reason that
the client should offer this feature. The test suite has also been updated to
not use the --get-key option for the 'no password' GPG tests.
* ask_overwrite() : when the user inputs more than one char when prompted,
a second call to the function does not take the second char anymore.
We parse all of the chars until we reach an LF char and discard all of them
except the first one.
The overwrite is requested only when the user sets 'y', if there is anything
else we asssume 'N'.
* When -k is used on the command line along with the --save-rc-stanza, the
generated keys are also written in the stanza in fwknoprc.
Lots of places in the code were already using {0} to initialize stack char
arrays, but memset() was being used as well. This commit removes all
unnecessary memset() calls against char arrays that are already initialized
via {0} (which sets all members to zero for such arrays).
Significant merge from Franck Joncourt to add the ability to save command line
args to ~/.fwknoprc stanzas. This merge is in support of #4.
Conflicts:
lib/fko_util.c
lib/fko_util.h
Bug fix for --nat-rand-port mode to ensure that the port to be
NAT'd is properly defined so that the fwknopd server will NAT
connnections to this port instead of applying the NAT operation to the
port that is to be accessed via -A. This change also prints the
randomly assigned port to stdout regardless of whether --verbose mode is
used (since it not then the user will have no idea which port is
actually going to be NAT'd on the fwknopd side).
