mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
agent: New option --s2k-count.
* agent/agent.h (opt): New field 's2k_count'. * agent/gpg-agent.c (oS2KCount): New enum value. (opts): New option --s2k-count. (parse_rereadable_options): Set opt.s2k_count. -- This option is useful to speed up the starting of gpg-agent and in cases where the auto-calibration runs into problems due to a broken time measurement facility. Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit f7212f1d11aad5d910d2c77b2e5c6ab31a0e786e)
This commit is contained in:
parent
680161647a
commit
78a6d0ce88
@ -171,6 +171,10 @@ struct
|
|||||||
/* The digest algorithm to use for ssh fingerprints when
|
/* The digest algorithm to use for ssh fingerprints when
|
||||||
* communicating with the user. */
|
* communicating with the user. */
|
||||||
int ssh_fingerprint_digest;
|
int ssh_fingerprint_digest;
|
||||||
|
|
||||||
|
/* The value of the option --s2k-count. If this option is not given
|
||||||
|
* or 0 an auto-calibrated value is used. */
|
||||||
|
unsigned long s2k_count;
|
||||||
} opt;
|
} opt;
|
||||||
|
|
||||||
|
|
||||||
|
@ -134,6 +134,8 @@ enum cmd_and_opt_values
|
|||||||
oPuttySupport,
|
oPuttySupport,
|
||||||
oDisableScdaemon,
|
oDisableScdaemon,
|
||||||
oDisableCheckOwnSocket,
|
oDisableCheckOwnSocket,
|
||||||
|
oS2KCount,
|
||||||
|
|
||||||
oWriteEnvFile
|
oWriteEnvFile
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -248,6 +250,8 @@ static ARGPARSE_OPTS opts[] = {
|
|||||||
),
|
),
|
||||||
ARGPARSE_s_n (oEnableExtendedKeyFormat, "enable-extended-key-format", "@"),
|
ARGPARSE_s_n (oEnableExtendedKeyFormat, "enable-extended-key-format", "@"),
|
||||||
|
|
||||||
|
ARGPARSE_s_u (oS2KCount, "s2k-count", "@"),
|
||||||
|
|
||||||
/* Dummy options for backward compatibility. */
|
/* Dummy options for backward compatibility. */
|
||||||
ARGPARSE_o_s (oWriteEnvFile, "write-env-file", "@"),
|
ARGPARSE_o_s (oWriteEnvFile, "write-env-file", "@"),
|
||||||
ARGPARSE_s_n (oUseStandardSocket, "use-standard-socket", "@"),
|
ARGPARSE_s_n (oUseStandardSocket, "use-standard-socket", "@"),
|
||||||
@ -819,6 +823,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
|
|||||||
disable_check_own_socket = 0;
|
disable_check_own_socket = 0;
|
||||||
/* Note: When changing the next line, change also gpgconf_list. */
|
/* Note: When changing the next line, change also gpgconf_list. */
|
||||||
opt.ssh_fingerprint_digest = GCRY_MD_MD5;
|
opt.ssh_fingerprint_digest = GCRY_MD_MD5;
|
||||||
|
opt.s2k_count = 0;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -910,6 +915,10 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
|
|||||||
opt.ssh_fingerprint_digest = i;
|
opt.ssh_fingerprint_digest = i;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case oS2KCount:
|
||||||
|
opt.s2k_count = pargs->r.ret_ulong;
|
||||||
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
return 0; /* not handled */
|
return 0; /* not handled */
|
||||||
}
|
}
|
||||||
|
@ -198,6 +198,9 @@ get_standard_s2k_count (void)
|
|||||||
{
|
{
|
||||||
static unsigned long count;
|
static unsigned long count;
|
||||||
|
|
||||||
|
if (opt.s2k_count)
|
||||||
|
return opt.s2k_count < 65536 ? 65536 : opt.s2k_count;
|
||||||
|
|
||||||
if (!count)
|
if (!count)
|
||||||
count = calibrate_s2k_count ();
|
count = calibrate_s2k_count ();
|
||||||
|
|
||||||
|
@ -648,6 +648,19 @@ Select the digest algorithm used to compute ssh fingerprints that are
|
|||||||
communicated to the user, e.g. in pinentry dialogs. OpenSSH has
|
communicated to the user, e.g. in pinentry dialogs. OpenSSH has
|
||||||
transitioned from using MD5 to the more secure SHA256.
|
transitioned from using MD5 to the more secure SHA256.
|
||||||
|
|
||||||
|
@item --s2k-count @var{n}
|
||||||
|
@opindex s2k-count
|
||||||
|
Specify the iteration count used to protect the passphrase. This
|
||||||
|
option can be used to override the auto-calibration done by default.
|
||||||
|
This auto-calibration computes a count which requires 100ms to mangle
|
||||||
|
a given passphrase. To view the auto-calibrated count do not use this
|
||||||
|
option (or use 0 for @var{n}) and run this command:
|
||||||
|
|
||||||
|
@example
|
||||||
|
gpg-connect-agent 'GETINFO s2k_count' /bye
|
||||||
|
@end example
|
||||||
|
|
||||||
|
|
||||||
@end table
|
@end table
|
||||||
|
|
||||||
All the long options may also be given in the configuration file after
|
All the long options may also be given in the configuration file after
|
||||||
@ -813,6 +826,7 @@ again. Only certain options are honored: @code{quiet},
|
|||||||
@code{pinentry-invisible-char},
|
@code{pinentry-invisible-char},
|
||||||
@code{default-cache-ttl},
|
@code{default-cache-ttl},
|
||||||
@code{max-cache-ttl}, @code{ignore-cache-for-signing},
|
@code{max-cache-ttl}, @code{ignore-cache-for-signing},
|
||||||
|
@code{s2k-count},
|
||||||
@code{no-allow-external-cache}, @code{allow-emacs-pinentry},
|
@code{no-allow-external-cache}, @code{allow-emacs-pinentry},
|
||||||
@code{no-allow-mark-trusted}, @code{disable-scdaemon}, and
|
@code{no-allow-mark-trusted}, @code{disable-scdaemon}, and
|
||||||
@code{disable-check-own-socket}. @code{scdaemon-program} is also
|
@code{disable-check-own-socket}. @code{scdaemon-program} is also
|
||||||
|
Loading…
x
Reference in New Issue
Block a user