The client --test mode decrypts SPA packet data as a final step, but get_keys()
was being called to re-acquire the encryption/HMAC keys. This commit reuses
the same keys that were supplied for SPA packet encryption/authentication
because the most important code to test is not get_keys() but rather libfko
encryption/decryption/authentication operations.
This change brings similar functionality to the client as the GPG_ALLOW_NO_PW
keyword in the server access.conf file. Although this option is less likely
to be used than the analogous server functionality, it stands to reason that
the client should offer this feature. The test suite has also been updated to
not use the --get-key option for the 'no password' GPG tests.
This change simplifies the fwknop client usage by allowing the -D argument to
be used as the stanza name if -n is not also specified in --save-rc-stanza
mode.
* ask_overwrite() : when the user inputs more than one char when prompted,
a second call to the function does not take the second char anymore.
We parse all of the chars until we reach an LF char and discard all of them
except the first one.
The overwrite is requested only when the user sets 'y', if there is anything
else we asssume 'N'.
* When -k is used on the command line along with the --save-rc-stanza, the
generated keys are also written in the stanza in fwknoprc.
an array containing only their name. It is now possible to sort them without
worrying about their position in the enumeration.
Improve variable naming for a better understanding (var_ndx becomes var_pos).
Interim commit to add the VERBOSE variable to be stored in the fwknoprc file when
-v is used with --save-rc-stanza. The VERBOSE variable is also read by fwknop
and the verbosity level is set accordingly.
Lots of places in the code were already using {0} to initialize stack char
arrays, but memset() was being used as well. This commit removes all
unnecessary memset() calls against char arrays that are already initialized
via {0} (which sets all members to zero for such arrays).
Make sure both functions works the same way and refer to the same
encryption mode string.
Updated the fwknop usage message to display the encryption mode.
