gpg: Set the default digest algo for S2K to SHA256.

* g10/main.h (DEFAULT_S2K_DIGEST_ALGO): Alias to DEFAULT_DIGEST_ALGO.
--

GnuPG-bug-id: 6367

2 files changed, 9 insertions, 3 deletions

diff --git a/NEWS b/NEWS
index 5eb609987..6d46e1d34 100644
--- a/NEWS
+++ b/NEWS
@@ -7,12 +7,18 @@ Noteworthy changes in version 2.4.1 (unreleased)
     "[self-signature]" instead of the user-id in key signature
     listings.  [rG103acfe9ca]
 
+  * gpg: For symmetric encryption the default S2K hash is now SHA256.
+    [T6367]
+
   * gpgsm: Verification of detached signatures does now strip trailing
     zeroes from the input if --assume-binary is used.  [rG2a13f7f9dc]
 
   * gpgsm: Non-armored detached signature are now created without
     using indefinite form length octets.  This improves compatibility
-    with some PDF signature verification software.
+    with some PDF signature verification software.  [rG8996b0b655]
+
+  * dirmngr: The LDAP modifyTimestamp is now returned by some
+    keyserver commands.  [rG56d309133f]
 
   * gpg: Make list-options "show-sig-subpackets" work again.
     Fixes regression in 2.4.0.  [rG5a223303d7]
diff --git a/g10/main.h b/g10/main.h
index dbaa0c6f3..3d71d0c09 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -42,7 +42,7 @@
 #endif
 
 #define DEFAULT_DIGEST_ALGO     ((GNUPG)? DIGEST_ALGO_SHA256:DIGEST_ALGO_SHA1)
-#define DEFAULT_S2K_DIGEST_ALGO DIGEST_ALGO_SHA1
+#define DEFAULT_S2K_DIGEST_ALGO  DEFAULT_DIGEST_ALGO
 #ifdef HAVE_ZIP
 # define DEFAULT_COMPRESS_ALGO   COMPRESS_ALGO_ZIP
 #else
@@ -235,7 +235,7 @@ int  cpr_get_answer_okay_cancel (const char *keyword,
 /*-- helptext.c --*/
 void display_online_help( const char *keyword );
 
-/*-- encode.c --*/
+/*-- encrypt.c --*/
 gpg_error_t setup_symkey (STRING2KEY **symkey_s2k,DEK **symkey_dek);
 aead_algo_t use_aead (pk_list_t pk_list, int algo);
 int use_mdc (pk_list_t pk_list,int algo);