From ebaba6bdab5cff7a7208106454cf9f0af45b69e1 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 20 Aug 2004 13:43:14 +0000 Subject: [PATCH] * gpg-agent.c: New option --max-cache-ttl. Suggested by Alexander Belopolsky. * cache.c (housekeeping): Use it here instead of the hardwired default of 1 hour. --- agent/ChangeLog | 5 +++++ agent/agent.h | 1 + agent/cache.c | 5 +++-- agent/gpg-agent.c | 9 +++++++-- 4 files changed, 16 insertions(+), 4 deletions(-) diff --git a/agent/ChangeLog b/agent/ChangeLog index 2fd201a8a..220eb21e4 100644 --- a/agent/ChangeLog +++ b/agent/ChangeLog @@ -1,5 +1,10 @@ 2004-08-20 Werner Koch + * gpg-agent.c: New option --max-cache-ttl. Suggested by Alexander + Belopolsky. + * cache.c (housekeeping): Use it here instead of the hardwired + default of 1 hour. + * query.c (start_pinentry): Use a timeout for the pinentry lock. 2004-08-18 Werner Koch diff --git a/agent/agent.h b/agent/agent.h index 6b7821e30..89fc4285e 100644 --- a/agent/agent.h +++ b/agent/agent.h @@ -54,6 +54,7 @@ struct { const char *scdaemon_program; int no_grab; /* don't let the pinentry grab the keyboard */ unsigned long def_cache_ttl; + unsigned long max_cache_ttl; int running_detached; /* we are running detached from the tty. */ diff --git a/agent/cache.c b/agent/cache.c index b6ab55085..8017b1414 100644 --- a/agent/cache.c +++ b/agent/cache.c @@ -103,10 +103,11 @@ housekeeping (void) that the user has to enter it from time to time. We do this every hour */ for (r=thecache; r; r = r->next) { - if (!r->lockcount && r->pw && r->created + 60*60 < current) + if (!r->lockcount && r->pw && r->created + opt.max_cache_ttl < current) { if (DBG_CACHE) - log_debug (" expired `%s' (1h after creation)\n", r->key); + log_debug (" expired `%s' (%lus after creation)\n", + r->key, opt.max_cache_ttl); release_data (r->pw); r->pw = NULL; r->accessed = current; diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c index f7e701bbc..6aa3e6d67 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c @@ -77,8 +77,9 @@ enum cmd_and_opt_values oLCctype, oLCmessages, oScdaemonProgram, - oDefCacheTTL, oDisablePth, + oDefCacheTTL, + oMaxCacheTTL, oIgnoreCacheForSigning, oAllowMarkTrusted, @@ -127,6 +128,7 @@ static ARGPARSE_OPTS opts[] = { { oDefCacheTTL, "default-cache-ttl", 4, N_("|N|expire cached PINs after N seconds")}, + { oMaxCacheTTL, "max-cache-ttl", 4, "@" }, { oIgnoreCacheForSigning, "ignore-cache-for-signing", 0, N_("do not use the PIN cache when signing")}, { oAllowMarkTrusted, "allow-mark-trusted", 0, @@ -135,7 +137,8 @@ static ARGPARSE_OPTS opts[] = { }; -#define DEFAULT_CACHE_TTL (10*60) /* 10 minutes */ +#define DEFAULT_CACHE_TTL (10*60) /* 10 minutes */ +#define MAX_CACHE_TTL (120*60) /* 2 hours */ static volatile int caught_fatal_sig = 0; @@ -342,6 +345,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) opt.pinentry_program = NULL; opt.scdaemon_program = NULL; opt.def_cache_ttl = DEFAULT_CACHE_TTL; + opt.max_cache_ttl = MAX_CACHE_TTL; opt.ignore_cache_for_signing = 0; opt.allow_mark_trusted = 0; return 1; @@ -372,6 +376,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) case oScdaemonProgram: opt.scdaemon_program = pargs->r.ret_str; break; case oDefCacheTTL: opt.def_cache_ttl = pargs->r.ret_ulong; break; + case oMaxCacheTTL: opt.max_cache_ttl = pargs->r.ret_ulong; break; case oIgnoreCacheForSigning: opt.ignore_cache_for_signing = 1; break;