[Pkg-gnupg-commit] [gnupg2] 86/180: g10: Create keys that expire in simple key generation mode.

[Daniel Kahn Gillmor]

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch master
in repository gnupg2.

commit d568a1561642ed9b7b7b6282b86c56786d10a956
Author: Justus Winter <justus at g10code.com>
Date:   Fri Dec 9 14:33:50 2016 +0100

    g10: Create keys that expire in simple key generation mode.
    
    * g10/keygen.c (default_expiration_interval): New variable.
    (generate_keypair): Use the new default.
    --
    Cursory discussion on gnupg-devel@ suggested two years as a good
    default expiration interval.
    
    GnuPG-bug-id: 2701
    Signed-off-by: Justus Winter <justus at g10code.com>
---
 g10/keygen.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/g10/keygen.c b/g10/keygen.c
index ad96cdd..ebb2d70 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -53,6 +53,10 @@
 #define DEFAULT_STD_KEY_PARAM  "rsa2048/cert,sign+rsa2048/encr"
 #define FUTURE_STD_KEY_PARAM   "ed25519/cert,sign+cv25519/encr"
 
+/* When generating keys using the streamlined key generation dialog,
+   use this as a default expiration interval.  */
+const char *default_expiration_interval = "2y";
+
 /* Flag bits used during key generation.  */
 #define KEYGEN_FLAG_NO_PROTECTION 1
 #define KEYGEN_FLAG_TRANSIENT_KEY 2
@@ -4306,7 +4310,8 @@ generate_keypair (ctrl_t ctrl, int full, const char *fname,
     }
 
 
-  expire = full? ask_expire_interval (0, NULL) : 0;
+  expire = full? ask_expire_interval (0, NULL)
+               : parse_expire_string (default_expiration_interval);
   r = xcalloc (1, sizeof *r + 20);
   r->key = pKEYEXPIRE;
   r->u.expire = expire;

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git