2003-02-22 Havoc Pennington <hp@pobox.com>

	* dbus/dbus-message.c (dbus_message_iter_get_string_array):
	(dbus_message_iter_get_byte_array): Fix up doxygen warnings

	* dbus/dbus-sha.c: add implementation of SHA-1 algorithm

	* dbus/test/data/sha-1: add US government test suite for SHA-1

1 files changed, 10 insertions, 6 deletions

diff --git a/dbus/dbus-keyring.c b/dbus/dbus-keyring.c
index 0f1dd1c9..0bc7ab9a 100644
--- a/dbus/dbus-keyring.c
+++ b/dbus/dbus-keyring.c
@@ -53,12 +53,16 @@
  * @{
  */
 
-/** The maximum time a key can be alive before we switch to a
- * new one. This isn't super-reliably enforced, since
- * system clocks can change or be wrong, but we make
- * a best effort to only use keys for a short time.
+/** The maximum age of a key before we create a new key to use in
+ * challenges.  This isn't super-reliably enforced, since system
+ * clocks can change or be wrong, but we make a best effort to only
+ * use keys for a short time.
  */
-#define MAX_KEY_LIFETIME_SECONDS (60*5)
+#define NEW_KEY_TIMEOUT     (60*5)
+/**
+ * The time after which we drop a key from the secrets file
+ */
+#define EXPIRE_KEYS_TIMEOUT (NEW_KEY_TIMEOUT + (60*2))
 
 typedef struct
 {
@@ -432,7 +436,7 @@ find_recent_key (DBusKeyring *keyring)
     {
       DBusKey *key = &keyring->keys[i];
 
-      if (tv_sec - MAX_KEY_LIFETIME_SECONDS < key->creation_time)
+      if (tv_sec - NEW_KEY_TIMEOUT < key->creation_time)
         return key;
       
       ++i;