agent: Also evict cached items via a timer.

* agent/cache.c (agent_cache_housekeeping): New func. * agent/gpg-agent.c (handle_tick): Call it. -- This change mitigates the risk of having cached items in a post mortem dump. GnuPG-bug-id: 3829 Signed-off-by: Werner Koch <wk@gnupg.org>
author: Werner Koch <wk@gnupg.org> 2018-03-06 16:22:42 +0100
committer: Werner Koch <wk@gnupg.org> 2018-03-06 16:22:42 +0100
commit: f060cb5c63923d6caec784f65f3bb0aadf52f795 (patch)
tree: 01c8cfb212800be36311b66d9899e607168641db /doc/gpg-agent.texi
parent: gpg: Fix regression in last --card-status patch (diff)
download: gnupg2-f060cb5c63923d6caec784f65f3bb0aadf52f795.tar.xz
gnupg2-f060cb5c63923d6caec784f65f3bb0aadf52f795.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi
index 3e8bd894d..4781bbdca 100644
--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@@ -403,7 +403,10 @@ control this behavior but this command line option takes precedence.
 Set the time a cache entry is valid to @var{n} seconds.  The default
 is 600 seconds.  Each time a cache entry is accessed, the entry's
 timer is reset.  To set an entry's maximum lifetime, use
-@command{max-cache-ttl}.
+@command{max-cache-ttl}.  Note that a cached passphrase may not
+evicted immediately from memory if no client requests a cache
+operation.  This is due to an internal housekeeping function which is
+only run every few seconds.
 
 @item --default-cache-ttl-ssh @var{n}
 @opindex default-cache-ttl
author	Werner Koch <wk@gnupg.org>	2018-03-06 16:22:42 +0100
committer	Werner Koch <wk@gnupg.org>	2018-03-06 16:22:42 +0100
commit	f060cb5c63923d6caec784f65f3bb0aadf52f795 (patch)
tree	01c8cfb212800be36311b66d9899e607168641db /doc/gpg-agent.texi
parent	gpg: Fix regression in last --card-status patch (diff)
download	gnupg2-f060cb5c63923d6caec784f65f3bb0aadf52f795.tar.xz gnupg2-f060cb5c63923d6caec784f65f3bb0aadf52f795.zip