From 18af15249de5f826c3fa8d1d40e876734adcd0cf Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 24 Nov 2017 10:30:25 +0100 Subject: agent: New option --auto-expand-secmem. * agent/gpg-agent.c (oAutoExpandSecmem): New enum value. (opts): New option --auto-expand-secmem. (main): Implement that option. -- Note that this option has an effect only if Libgcrypt >= 1.8.2 is used. GnuPG-bug-id: 3530 --- doc/gpg-agent.texi | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'doc') diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi index afe280462..10f8900ca 100644 --- a/doc/gpg-agent.texi +++ b/doc/gpg-agent.texi @@ -652,6 +652,17 @@ Select the digest algorithm used to compute ssh fingerprints that are communicated to the user, e.g. in pinentry dialogs. OpenSSH has transitioned from using MD5 to the more secure SHA256. + +@item --auto-expand-secmem @var{n} +@opindex auto-expand-secmem +gAllow Libgcrypt to expand its secure memory area as required. The +optional value @var{n} is a non-negative integer with a suggested size +in bytes of each additionally allocated secure memory area. The value +is rounded up to the next 32 KiB; usual C style prefixes are allowed. +For an heavy loaded gpg-agent with many concurrent connection this +option avoids sign or decrypt errors due to out of secure memory error +returns. + @item --s2k-count @var{n} @opindex s2k-count Specify the iteration count used to protect the passphrase. This -- cgit v1.2.3