From 6c07098c5ec68e78320a6f07e4c9e141a95729ed Mon Sep 17 00:00:00 2001
From: Havoc Pennington <hp@redhat.com>
Date: Sat, 22 Feb 2003 17:29:48 +0000
Subject: 2003-02-22  Havoc Pennington  <hp@pobox.com>

	* dbus/dbus-message.c (dbus_message_iter_get_string_array):
	(dbus_message_iter_get_byte_array): Fix up doxygen warnings

	* dbus/dbus-sha.c: add implementation of SHA-1 algorithm

	* dbus/test/data/sha-1: add US government test suite for SHA-1
---
 dbus/dbus-keyring.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

(limited to 'dbus/dbus-keyring.c')

diff --git a/dbus/dbus-keyring.c b/dbus/dbus-keyring.c
index 0f1dd1c9..0bc7ab9a 100644
--- a/dbus/dbus-keyring.c
+++ b/dbus/dbus-keyring.c
@@ -53,12 +53,16 @@
  * @{
  */
 
-/** The maximum time a key can be alive before we switch to a
- * new one. This isn't super-reliably enforced, since
- * system clocks can change or be wrong, but we make
- * a best effort to only use keys for a short time.
+/** The maximum age of a key before we create a new key to use in
+ * challenges.  This isn't super-reliably enforced, since system
+ * clocks can change or be wrong, but we make a best effort to only
+ * use keys for a short time.
  */
-#define MAX_KEY_LIFETIME_SECONDS (60*5)
+#define NEW_KEY_TIMEOUT     (60*5)
+/**
+ * The time after which we drop a key from the secrets file
+ */
+#define EXPIRE_KEYS_TIMEOUT (NEW_KEY_TIMEOUT + (60*2))
 
 typedef struct
 {
@@ -432,7 +436,7 @@ find_recent_key (DBusKeyring *keyring)
     {
       DBusKey *key = &keyring->keys[i];
 
-      if (tv_sec - MAX_KEY_LIFETIME_SECONDS < key->creation_time)
+      if (tv_sec - NEW_KEY_TIMEOUT < key->creation_time)
         return key;
       
       ++i;
-- 
cgit