New protocol (fix mispelled PKBDF2)

server/_user

@@ -59,7 +59,7 @@ function load_database()
     return $db;
 }
 
-$PROTOCOL_VERSION = 3;
+$PROTOCOL_VERSION = 4;
 
 $db = load_database();
 
@@ -68,8 +68,8 @@ $res = "";
 $statement = $db->prepare("SELECT password FROM gpass WHERE login=:login");
 
 echo "protocol=gpass-$PROTOCOL_VERSION\n";
-if ($PKDBF2_LEVEL != 1000)
-    echo "pkdbf2_level=$PKDBF2_LEVEL\n";
+if ($PBKDF2_LEVEL != 1000)
+    echo "pbkdf2_level=$PBKDF2_LEVEL\n";
 
 for ($i=0; $i<$MAX_PASSWORDS_PER_REQUEST && isset($_POST["k$i"]); $i++)
 {

server/conf.php

@@ -29,7 +29,7 @@ $VIEW_CIPHERED_PASSWORDS=true;
 $ADMIN_MODE=true;
 
 /*
-  Number of iterations for PKDBF2 algorithm.
+  Number of iterations for PBKDF2 algorithm.
   Minimum recommended level is 1000, but you can increase
   this value to have a better security (need more computation
   power).
@@ -37,7 +37,7 @@ $ADMIN_MODE=true;
   !! Warning !! This impact master keys. So if you change
   this value with existings masterkeys, they will unusable !
  */
-$PKDBF2_LEVEL=1000;
+$PBKDF2_LEVEL=1000;
 
 /*
   This is a security feature : It protects from database dump
@@ -45,7 +45,7 @@ $PKDBF2_LEVEL=1000;
   When get all entries, instead of returning logins/passwords,
   it returns "shadow logins". These are random values.
   Shadow logins must be encrypted using masterkey and salt
-  (to generate a unique PKDBF2 derivation) that result in an access tokens.
+  (to generate a unique PBKDF2 derivation) that result in an access tokens.
   With this access token, user has the right to get
   encrypted login/password values and remove them.
   It's a kind of challenge.