[git] GnuPG - branch, master, updated. gnupg-2.2.0-7-g926d07c

by Daniel Kahn Gillmor cvs at cvs.gnupg.org
Sat Sep 9 00:45:11 CEST 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  926d07c5fa05de05caef3a72b6fe156606ac0549 (commit)
      from  73ff075204df09db5248170a049f06498cdbb7aa (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 926d07c5fa05de05caef3a72b6fe156606ac0549
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date:   Fri Sep 8 17:08:57 2017 -0400

    agent: compile-time configuration of s2k calibration.
    
    * configure.ac: add --with-agent-s2k-calibration=MSEC, introduces
    AGENT_S2K_CALIBRATION (measured in milliseconds)
    * agent/protect.c (calibrate_s2k_count): Calibrate based on
    AGENT_S2K_CALIBRATION.
    
    Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
    GnuPG-bug-id: 3399

diff --git a/agent/protect.c b/agent/protect.c
index c257861..9b262a9 100644
--- a/agent/protect.c
+++ b/agent/protect.c
@@ -159,7 +159,7 @@ calibrate_s2k_count_one (unsigned long count)
 
 
 /* Measure the time we need to do the hash operations and deduce an
-   S2K count which requires about 100ms of time.  */
+   S2K count which requires roughly some targeted amount of time.  */
 static unsigned long
 calibrate_s2k_count (void)
 {
@@ -171,11 +171,11 @@ calibrate_s2k_count (void)
       ms = calibrate_s2k_count_one (count);
       if (opt.verbose > 1)
         log_info ("S2K calibration: %lu -> %lums\n", count, ms);
-      if (ms > 100)
+      if (ms > AGENT_S2K_CALIBRATION)
         break;
     }
 
-  count = (unsigned long)(((double)count / ms) * 100);
+  count = (unsigned long)(((double)count / ms) * AGENT_S2K_CALIBRATION);
   count /= 1024;
   count *= 1024;
   if (count < 65536)
diff --git a/configure.ac b/configure.ac
index ee3aac6..b43cb60 100644
--- a/configure.ac
+++ b/configure.ac
@@ -122,7 +122,6 @@ use_tls_library=no
 large_secmem=no
 show_tor_support=no
 
-
 GNUPG_BUILD_PROGRAM(gpg, yes)
 GNUPG_BUILD_PROGRAM(gpgsm, yes)
 # The agent is a required part and can't be disabled anymore.
@@ -250,6 +249,15 @@ fi
 AC_DEFINE_UNQUOTED(SECMEM_BUFFER_SIZE,$SECMEM_BUFFER_SIZE,
                    [Size of secure memory buffer])
 
+AC_MSG_CHECKING([calibrated passphrase-stretching (s2k) duration])
+AC_ARG_WITH(agent-s2k-calibration,
+              AC_HELP_STRING([--with-agent-s2k-calibration=MSEC],
+                             [calibrate passphrase stretching (s2k) to MSEC milliseconds]),
+              agent_s2k_calibration=$withval, agent_s2k_calibration=100)
+AC_MSG_RESULT($agent_s2k_calibration milliseconds)
+AC_DEFINE_UNQUOTED(AGENT_S2K_CALIBRATION, $agent_s2k_calibration,
+                   [Agent s2k calibration time (ms)])
+
 AC_MSG_CHECKING([whether to enable trust models])
 AC_ARG_ENABLE(trust-models,
               AC_HELP_STRING([--disable-trust-models],

-----------------------------------------------------------------------

Summary of changes:
 agent/protect.c |  6 +++---
 configure.ac    | 10 +++++++++-
 2 files changed, 12 insertions(+), 4 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list