-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NotDashEscaped: You need GnuPG to verify this message

#! /bin/sh
patch -p0 -f $* < $0
exit $?

agent/
2010-01-26  Werner Koch  <wk@g10code.com>

	* protect.c (do_encryption): Encode the s2kcount and do not use a
	static value of 96.

--- agent/protect.c	(revision 5231)
+++ agent/protect.c	(working copy)
@@ -360,19 +360,25 @@
        
      in canoncical format of course.  We use asprintf and %n modifier
      and dummy values as placeholders.  */
-  p = xtryasprintf
-    ("(9:protected%d:%s((4:sha18:%n_8bytes_2:96)%d:%n%*s)%d:%n%*s)",
-     (int)strlen (modestr), modestr,
-     &saltpos, 
-     blklen, &ivpos, blklen, "",
-     enclen, &encpos, enclen, "");
-  if (!p)
-    {
-      gpg_error_t tmperr = out_of_core ();
-      xfree (iv);
-      xfree (outbuf);
-      return tmperr;
-    }
+  {
+    char countbuf[35];
+
+    snprintf (countbuf, sizeof countbuf, "%lu", get_standard_s2k_count ());
+    p = xtryasprintf
+      ("(9:protected%d:%s((4:sha18:%n_8bytes_%u:%s)%d:%n%*s)%d:%n%*s)",
+       (int)strlen (modestr), modestr,
+       &saltpos, 
+       (unsigned int)strlen (countbuf), countbuf,
+       blklen, &ivpos, blklen, "",
+       enclen, &encpos, enclen, "");
+    if (!p)
+      {
+        gpg_error_t tmperr = out_of_core ();
+        xfree (iv);
+        xfree (outbuf);
+        return tmperr;
+      }
+  }
   *resultlen = strlen (p);
   *result = (unsigned char*)p;
   memcpy (p+saltpos, iv+2*blklen, 8);

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.0-svn5201 (GNU/Linux)

iJwEAQECAAYFAktmpLoACgkQU7Yg0BzgxjCj5wQAyZjQbZM77wdcXIgPgeLsG99W
esWR89/5VM34dY5tOG+McCAiA4/0hl6CYUkkK/394wcfUXbvbZYARPjJg5wMoZsG
VufEL+Uz+eLgkejYPVakOWzK00i7MHqDSjttOqHg0d8wSiy3LKk6CN6N19uPqxbI
/1Io5f3gcroLGfEZlN0=
=oP/V
-----END PGP SIGNATURE-----