diff options
| author | Werner Koch <[email protected]> | 2009-07-30 16:45:06 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2009-07-30 16:45:06 +0000 |
| commit | 2c7a03d54b7d5bf714f662ab266840600f7b32ae (patch) | |
| tree | b3a571ad48787e183214099241f202041f4da7ac /g10/passphrase.c | |
| parent | 2009-07-29 Marcus Brinkmann <[email protected]> (diff) | |
| download | gnupg-2c7a03d54b7d5bf714f662ab266840600f7b32ae.tar.gz gnupg-2c7a03d54b7d5bf714f662ab266840600f7b32ae.zip | |
Comment changes.
Changed --learn-card.
Diffstat (limited to '')
| -rw-r--r-- | g10/passphrase.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/g10/passphrase.c b/g10/passphrase.c index d34f5fa92..83a6b0cf8 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -88,6 +88,10 @@ hash_passphrase ( DEK *dek, char *pw, STRING2KEY *s2k) count = len2; } + /* Fixme: To avoid DoS attacks by sending an sym-encrypted + packet with a very high S2K count, we should either cap + the iteration count or CPU seconds based timeout. */ + /* A little bit complicated because we need a ulong for count. */ while ( count > len2 ) /* maybe iterated+salted */ { |