Hello, again, Thanks for your further testing.
"Lucas Mulling" <[email protected]> wrote: > Can confirm that this works. OK. I wrote: > Possible fix to recover the same semantics would be the following. Sorry, it's not mature. > ========================== > - if (maxttl) > + if (no_maxttl) > + next = 0; > + else > { > if (r->created + maxttl < current) This should have been <=. And... I modified the implementation, so that it will be easier to maintain. Attached a updated patch with documentation update. The behavior/semantics of gpg-agent with 'max-cache-ttl 0' is a bit difficult (for me). It currently means that it pushes an entry which will be immediately expired. Thus, I am going to update the documentation for default-cache-ttl==0. --
>From 78c82c939f6d0904490841175fed63196629d0e5 Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka <[email protected]> Date: Fri, 9 May 2025 11:30:23 +0900 Subject: [PATCH] agent: Recover the old behavior with max-cache-ttl=0. * agent/cache.c (compute_expiration): Expire newly created entry when max-cache-ttl is zero. -- Fixes-commit: 92de0387f04b1e87a4a49ed063323624f25ac3ef GnuPG-bug-id: 6681 Signed-off-by: NIIBE Yutaka <[email protected]> --- agent/cache.c | 42 +++++++++++++++++++----------------------- doc/gpg-agent.texi | 15 ++++++--------- 2 files changed, 25 insertions(+), 32 deletions(-) diff --git a/agent/cache.c b/agent/cache.c index e8544205f..0a4a6fbbc 100644 --- a/agent/cache.c +++ b/agent/cache.c @@ -330,45 +330,41 @@ compute_expiration (ITEM r) return 1; } - switch (r->cache_mode) + if (r->cache_mode == CACHE_MODE_DATA) { - case CACHE_MODE_DATA: - case CACHE_MODE_PIN: - maxttl = 0; /* No MAX TTL here. */ - break; - case CACHE_MODE_SSH: maxttl = opt.max_cache_ttl_ssh; break; - default: maxttl = opt.max_cache_ttl; break; - } - - if (maxttl) - { - if (r->created + maxttl < current) + /* No MAX TTL here. */ + if (r->ttl >= 0) { - r->t.tv_sec = 0; + r->t.tv_sec = r->ttl; r->t.reason = CACHE_EXPIRE_CREATION; return 1; } - - next = r->created + maxttl - current; + else + return 0; } + else if (r->cache_mode == CACHE_MODE_SSH) + maxttl = opt.max_cache_ttl_ssh; else - next = 0; + maxttl = opt.max_cache_ttl; - if (r->ttl >= 0 && (next == 0 || r->ttl < next)) + if (r->created + maxttl <= current) { - r->t.tv_sec = r->ttl; - r->t.reason = CACHE_EXPIRE_LAST_ACCESS; + r->t.tv_sec = 0; + r->t.reason = CACHE_EXPIRE_CREATION; return 1; } - if (next) + next = r->created + maxttl - current; + if (r->ttl >= 0 && r->ttl < next) { - r->t.tv_sec = next; - r->t.reason = CACHE_EXPIRE_CREATION; + r->t.tv_sec = r->ttl; + r->t.reason = CACHE_EXPIRE_LAST_ACCESS; return 1; } - return 0; + r->t.tv_sec = next; + r->t.reason = CACHE_EXPIRE_CREATION; + return 1; } static void diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi index f207ceef4..71b767569 100644 --- a/doc/gpg-agent.texi +++ b/doc/gpg-agent.texi @@ -404,19 +404,16 @@ control this behavior but this command line option takes precedence. @item --default-cache-ttl @var{n} @opindex default-cache-ttl Set the time a cache entry is valid to @var{n} seconds. The default -is 600 seconds. Each time a cache entry is accessed, the entry's -timer is reset. To set an entry's maximum lifetime, use -@command{max-cache-ttl}. Note that a cached passphrase may not be -evicted immediately from memory if no client requests a cache -operation. This is due to an internal housekeeping function which is -only run every few seconds. +is 600 seconds. A value of 0 disables caching. Each time a cache +entry is accessed, the entry's timer is reset. To set an entry's +maximum lifetime, use @command{max-cache-ttl}. @item --default-cache-ttl-ssh @var{n} @opindex default-cache-ttl Set the time a cache entry used for SSH keys is valid to @var{n} -seconds. The default is 1800 seconds. Each time a cache entry is -accessed, the entry's timer is reset. To set an entry's maximum -lifetime, use @command{max-cache-ttl-ssh}. +seconds. The default is 1800 seconds. A value of 0 disables caching. +Each time a cache entry is accessed, the entry's timer is reset. To +set an entry's maximum lifetime, use @command{max-cache-ttl-ssh}. @item --max-cache-ttl @var{n} @opindex max-cache-ttl -- 2.47.2
_______________________________________________ Gnupg-devel mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-devel
