flux-keygen: add --name option

Problem: flux-keygen always uses the hostname for the certificate
'name' metadata, but this name is logged when a peer tries to authenticate.
In a system instance, these log messages can be confusing since the peer
is likely not the host that generated the certificate.

Add -n,--name option which allows the certificate name to be set on the
command line.

Author: garlick

src/cmd/flux-keygen.c

@@ -19,6 +19,8 @@
 #include "src/common/libutil/log.h"
 
 static struct optparse_option opts[] = {
+    { .name = "name", .key = 'n', .has_arg = 1, .arginfo = "NAME",
+      .usage = "Set certificate name (default: hostname)", },
     OPTPARSE_TABLE_END,
 };
 
@@ -67,7 +69,8 @@ int main (int argc, char *argv[])
     if (gethostname (buf, sizeof (buf)) < 0)
         log_err_exit ("gethostname");
     zcert_set_meta (cert, "hostname", "%s", buf);
-    zcert_set_meta (cert, "name", "%s", buf); // used in overlay logging
+    // name is used in overlay logging
+    zcert_set_meta (cert, "name", "%s", optparse_get_str (p, "name", buf));
     zcert_set_meta (cert, "time", "%s", ctime_iso8601_now (buf, sizeof (buf)));
     zcert_set_meta (cert, "userid", "%d", getuid ());