Page MenuHome GnuPG
Create Task
Maniphest T2390

gpg-agent not expiring passphrase
Closed, ResolvedPublic
Actions

Description

Gpg-agent is ignoring default-cache-ttl, max-cache-ttl and SIGHUP.

$ cat .gnupg/gpg-agent.conf
default-cache-ttl 300
max-cache-ttl 300
$ env | grep GPG_AGENT
GPG_AGENT_INFO=/tmp/gpg-ZxAMdu/S.gpg-agent:1391:1
$ pidof gpg-agent
1391
$ gpg2 -q --decrypt foo.gpg
blah
$ echo $?
0
$ kill -HUP 1391
$ gpg2 -q --decrypt foo.gpg
blah
$ echo $?
0

After I send SIGHUP I am not prompted for my passphrase. I am using scdaemon to talk to a Yubikey4.

$ gpg2 --version
gpg (GnuPG) 2.0.26
libgcrypt 1.6.2
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA, RSA, ELG, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,

CAMELLIA128, CAMELLIA192, CAMELLIA256

Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

Details

Version
2.0.26

Related Objects

Event Timeline

gvs added projects: gnupg, Bug Report.Jun 18 2016, 4:11 AM
gvs added a subscriber: gvs.

This issue may be related to: T2054

gvs added a comment.Jun 18 2016, 4:29 AM

This shows default-cache-ttl and max-cache-ttl being ignored:

$ eval gpg-agent --daemon
$ env | grep GPG
GPG_AGENT_INFO=/tmp/gpg-NFU8a4/S.gpg-agent:17812:1
$ gpg2 -q --decrypt foo.gpg
blah
$ kill -HUP 17812
$ gpg2 -q --decrypt foo.gpg
blah
$ date
Sat Jun 18 11:15:24 JST 2016
$ cat .gnupg/gpg-agent.conf
default-cache-ttl 300
max-cache-ttl 300
$ date
Sat Jun 18 11:24:06 JST 2016
$ gpg2 -q --decrypt foo.gpg
blah

gvs set Version to 2.0.26.Jun 18 2016, 4:29 AM
werner added a subscriber: werner.Jun 19 2016, 11:12 PM

Please first test with a current version - 2.0.30 was released in March, your
2.0.26 is close to 2 years old.

werner added a comment.Aug 18 2016, 12:52 PM

ping

werner added a project: Info Needed.Aug 18 2016, 12:52 PM
gvs added a comment.Sep 8 2016, 8:44 AM

I tested with 2.0.22 on Ubuntu 14.04.5 LTS and SIGHUP expired the cached
passphrase. I'll have to find some time to test 2.0.30.

marcus closed this task as Resolved.Jul 24 2017, 4:49 PM
marcus claimed this task.
marcus added a subscriber: marcus.

This works in recent 2.1.x versions, so let's close this here. 2.0.x is going EOL soon and won't get non-critical changes.