agent: New option --s2k-count.

* agent/agent.h (opt): New field 's2k_count'.
* agent/gpg-agent.c (oS2KCount): New enum value.
(opts): New option --s2k-count.
(parse_rereadable_options): Set opt.s2k_count.
--

This option is useful to speed up the starting of gpg-agent and in
cases where the auto-calibration runs into problems due to a broken
time measurement facility.

Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit f7212f1d11aad5d910d2c77b2e5c6ab31a0e786e)

1 files changed, 14 insertions, 0 deletions

diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi
index d7a562af1..6579622d8 100644
--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@@ -648,6 +648,19 @@ Select the digest algorithm used to compute ssh fingerprints that are
 communicated to the user, e.g. in pinentry dialogs.  OpenSSH has
 transitioned from using MD5 to the more secure SHA256.
 
+@item --s2k-count @var{n}
+@opindex s2k-count
+Specify the iteration count used to protect the passphrase.  This
+option can be used to override the auto-calibration done by default.
+This auto-calibration computes a count which requires 100ms to mangle
+a given passphrase.  To view the auto-calibrated count do not use this
+option (or use 0 for @var{n}) and run this command:
+
+@example
+gpg-connect-agent 'GETINFO s2k_count' /bye
+@end example
+
+
 @end table
 
 All the long options may also be given in the configuration file after
@@ -813,6 +826,7 @@ again.  Only certain options are honored: @code{quiet},
 @code{pinentry-invisible-char},
 @code{default-cache-ttl},
 @code{max-cache-ttl}, @code{ignore-cache-for-signing},
+@code{s2k-count},
 @code{no-allow-external-cache}, @code{allow-emacs-pinentry},
 @code{no-allow-mark-trusted}, @code{disable-scdaemon}, and
 @code{disable-check-own-socket}.  @code{scdaemon-program} is also