[git] GnuPG - branch, scd-backport-2-0, created. gnupg-2.0.19-15-ga3ae211
by NIIBE Yutaka
cvs at cvs.gnupg.org
Wed Jun 13 08:34:25 CEST 2012
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, scd-backport-2-0 has been created
at a3ae21162ae14a6a1661ef1a6937601f6914528b (commit)
- Log -----------------------------------------------------------------
commit a3ae21162ae14a6a1661ef1a6937601f6914528b
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Tue Jun 12 14:51:52 2012 +0900
scd fixes on error.
* scd/apdu.c (open_pcsc_reader_wrapped): Show error number.
* scd/command.c (get_reader_slot): Return -1 on error.
diff --git a/scd/apdu.c b/scd/apdu.c
index b8bfcec..541dd05 100644
--- a/scd/apdu.c
+++ b/scd/apdu.c
@@ -1728,7 +1728,8 @@ open_pcsc_reader_wrapped (const char *portstr)
| (msgbuf[7] << 8 ) | msgbuf[8]);
if (err)
{
- log_error ("PC/SC OPEN failed: %s\n", pcsc_error_string (err));
+ log_error ("PC/SC OPEN failed: %s (0x%08x)\n",
+ pcsc_error_string (err), err);
/*sw = pcsc_error_to_sw (err);*/
goto command_failed;
}
diff --git a/scd/command.c b/scd/command.c
index be05977..5ef6540 100644
--- a/scd/command.c
+++ b/scd/command.c
@@ -414,18 +414,19 @@ get_reader_slot (void)
int no_service_flag;
ss->slot = apdu_open_reader (opt.reader_port, &no_service_flag);
+ if (no_service_flag)
+ {
+ log_info ("no card services - disabling scdaemon\n");
+ reader_disabled = 1;
+ }
+
/* If we still don't have a slot, we have no readers.
Invalidate for now until a reader is attached. */
if(ss->slot == -1)
{
ss->valid = 0;
+ return -1;
}
-
- if (no_service_flag)
- {
- log_info ("no card services - disabling scdaemon\n");
- reader_disabled = 1;
- }
}
/* Return the slot_table index. */
commit 31584d3659497c0fff26f129c8c16a57a9e2330b
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Fri Jun 8 13:18:06 2012 +0900
scd: Fix the changes of scd/command.c
* scd/command.c (do_reset): Assign slot after setting slot_table.
diff --git a/scd/command.c b/scd/command.c
index 7865869..be05977 100644
--- a/scd/command.c
+++ b/scd/command.c
@@ -321,7 +321,7 @@ do_reset (ctrl_t ctrl, int send_reset)
break;
default:
apdu_close_reader (slot);
- slot_table[slot].slot = slot = -1;
+ slot = slot_table[slot].slot = -1;
break;
}
}
commit ffd7ebf62963adb044ee56f0e1b87be837b8f179
Author: Werner Koch <wk at gnupg.org>
Date: Wed Dec 14 10:30:01 2011 +0100
scd: Fix resetting and closing of the reader. (Backported by gniibe)
* scd/command.c (update_card_removed): Do no act on an invalid VRDR.
(do_reset): Ignore apdu_reset error codes for no and inactive card.
Close the reader before setting the slot to -1.
(update_reader_status_file): Notify the application before closing the
reader.
--
With this change the scd now works as it did in the past. In
particular there is no more endless loop trying to open the reader by
the update_reader_status_file ticker function. That bug basically
blocked all card operations until the scdaemon was killed.
diff --git a/scd/command.c b/scd/command.c
index ccb25f1..7865869 100644
--- a/scd/command.c
+++ b/scd/command.c
@@ -181,6 +181,9 @@ update_card_removed (int slot, int value)
{
struct server_local_s *sl;
+ if (slot == -1)
+ return;
+
for (sl=session_list; sl; sl = sl->next_session)
if (sl->ctrl_backlink
&& sl->ctrl_backlink->reader_slot == slot)
@@ -308,11 +311,19 @@ do_reset (ctrl_t ctrl, int send_reset)
tell the application layer about it. */
if (slot != -1 && send_reset && !IS_LOCKED (ctrl) )
{
- if (apdu_reset (slot))
- {
- slot_table[slot].valid = 0;
- }
application_notify_card_reset (slot);
+ switch (apdu_reset (slot))
+ {
+ case 0:
+ break;
+ case SW_HOST_NO_CARD:
+ case SW_HOST_CARD_INACTIVE:
+ break;
+ default:
+ apdu_close_reader (slot);
+ slot_table[slot].slot = slot = -1;
+ break;
+ }
}
/* If we hold a lock, unlock now. */
@@ -1671,10 +1682,7 @@ cmd_getinfo (assuan_context_t ctx, char *line)
ss = &slot_table[slot];
- if (!ss->valid)
- BUG ();
-
- if (ss->any && (ss->status & 1))
+ if (ss->valid && ss->any && (ss->status & 1))
flag = 'u';
}
rc = assuan_send_data (ctx, &flag, 1);
@@ -2213,6 +2221,7 @@ update_reader_status_file (int set_card_removed_flag)
if (sw_apdu == SW_HOST_NO_READER)
{
/* Most likely the _reader_ has been unplugged. */
+ application_notify_card_reset (ss->slot);
apdu_close_reader (ss->slot);
ss->valid = 0;
status = 0;
commit fae87058eac21b41e6ec0ad6dca1f4b4f806ab73
Author: Werner Koch <wk at gnupg.org>
Date: Mon Dec 12 21:02:54 2011 +0100
scd: Retry command SERIALNO for an inactive card.
* scd/command.c (cmd_serialno): Retry once for an inactive card.
diff --git a/scd/command.c b/scd/command.c
index 0a1f785..ccb25f1 100644
--- a/scd/command.c
+++ b/scd/command.c
@@ -518,8 +518,10 @@ cmd_serialno (assuan_context_t ctx, char *line)
char *serial_and_stamp;
char *serial;
time_t stamp;
+ int retries = 0;
/* Clear the remove flag so that the open_card is able to reread it. */
+ retry:
if (!reader_disabled && ctrl->server_local->card_removed)
{
if ( IS_LOCKED (ctrl) )
@@ -528,7 +530,12 @@ cmd_serialno (assuan_context_t ctx, char *line)
}
if ((rc = open_card (ctrl, *line? line:NULL)))
- return rc;
+ {
+ /* In case of an inactive card, retry once. */
+ if (gpg_err_code (rc) == GPG_ERR_CARD_RESET && retries++ < 1)
+ goto retry;
+ return rc;
+ }
rc = app_get_serial_and_stamp (ctrl->app_ctx, &serial, &stamp);
if (rc)
commit 775a5f4b92fde3151d0faa88fae2b8ccfbea2928
Author: Werner Koch <wk at gnupg.org>
Date: Mon Dec 12 20:34:12 2011 +0100
Fix detection of card removal and insertion.
* scd/apdu.c (apdu_connect): Return status codes for no card available
and inactive card.
* scd/command.c (TEST_CARD_REMOVAL): Also test for GPG_ERR_CARD_RESET.
(open_card): Map apdu_connect status to GPG_ERR_CARD_RESET.
diff --git a/scd/apdu.c b/scd/apdu.c
index b68cd71..b8bfcec 100644
--- a/scd/apdu.c
+++ b/scd/apdu.c
@@ -2596,11 +2596,14 @@ apdu_enum_reader (int slot, int *used)
/* Connect a card. This is used to power up the card and make sure
- that an ATR is available. */
+ that an ATR is available. Depending on the reader backend it may
+ return an error for an inactive card or if no card is
+ available. */
int
apdu_connect (int slot)
{
int sw;
+ unsigned int status;
if (slot < 0 || slot >= MAX_READER || !reader_table[slot].used )
return SW_HOST_NO_DRIVER;
@@ -2625,7 +2628,15 @@ apdu_connect (int slot)
scdaemon is fired up and apdu_get_status has not yet been called.
Without that we would force a reset of the card with the next
call to apdu_get_status. */
- apdu_get_status_internal (slot, 1, 1, NULL, NULL);
+ apdu_get_status_internal (slot, 1, 1, &status, NULL);
+ if (sw)
+ ;
+ else if (!(status & APDU_CARD_PRESENT))
+ sw = SW_HOST_NO_CARD;
+ else if (((status & APDU_CARD_PRESENT) && !(status & APDU_CARD_ACTIVE))
+ || !reader_table[slot].atrlen)
+ sw = SW_HOST_CARD_INACTIVE;
+
return sw;
}
diff --git a/scd/command.c b/scd/command.c
index 52b22c6..0a1f785 100644
--- a/scd/command.c
+++ b/scd/command.c
@@ -60,6 +60,7 @@
int _r = (r); \
if (gpg_err_code (_r) == GPG_ERR_CARD_NOT_PRESENT \
|| gpg_err_code (_r) == GPG_ERR_CARD_REMOVED \
+ || gpg_err_code (_r) == GPG_ERR_CARD_RESET \
|| gpg_err_code (_r) == GPG_ERR_ENODEV ) \
update_card_removed ((c)->reader_slot, 1); \
} while (0)
@@ -420,9 +421,8 @@ get_reader_slot (void)
return 0;
}
-/* If the card has not yet been opened, do it. Note that this
- function returns an Assuan error, so don't map the error a second
- time. */
+
+/* If the card has not yet been opened, do it. */
static gpg_error_t
open_card (ctrl_t ctrl, const char *apptype)
{
@@ -477,6 +477,8 @@ open_card (ctrl_t ctrl, const char *apptype)
{
if (sw == SW_HOST_NO_CARD)
err = gpg_error (GPG_ERR_CARD_NOT_PRESENT);
+ else if (sw == SW_HOST_CARD_INACTIVE)
+ err = gpg_error (GPG_ERR_CARD_RESET);
else
err = gpg_error (GPG_ERR_CARD);
}
commit 08178d1e130a856622c0b938a34eb109bde79262
Author: Werner Koch <wk at gnupg.org>
Date: Fri Dec 2 18:09:58 2011 +0100
Support the Cherry ST-2000 card reader.
* scd/ccid-driver.c (SCM_SCR331, SCM_SCR331DI, SCM_SCR335)
(SCM_SCR3320, SCM_SPR532, CHERRY_ST2000): New constants.
(parse_ccid_descriptor): Use them.
(scan_or_find_usb_device, ccid_transceive_secure): Handle Cherry
ST-2000. Suggested by Matthias-Christian Ott.
Conflicts:
scd/ccid-driver.c
diff --git a/THANKS b/THANKS
index 10e8631..7a87406 100644
--- a/THANKS
+++ b/THANKS
@@ -165,6 +165,7 @@ Martin Schulte schulte at thp.uni-koeln.de
Matt Kraai kraai at alumni.carnegiemellon.edu
Matthew Skala mskala at ansuz.sooke.bc.ca
Matthew Wilcox matthew at wil.cx
+Matthias-Christian Ott ott at mirix.org
Matthias Urlichs smurf at noris.de
Max Valianskiy maxcom at maxcom.ml.org
Michael Engels michael.engels at uni-duesseldorf.de
diff --git a/scd/ccid-driver.c b/scd/ccid-driver.c
index 3d66f10..9a07c79 100644
--- a/scd/ccid-driver.c
+++ b/scd/ccid-driver.c
@@ -209,9 +209,19 @@ enum {
VENDOR_SCM = 0x04e6,
VENDOR_OMNIKEY= 0x076b,
VENDOR_GEMPC = 0x08e6,
- VENDOR_KAAN = 0x0d46
+ VENDOR_KAAN = 0x0d46,
+ VENDOR_FSIJ = 0x234B
};
+/* Some product ids. */
+#define SCM_SCR331 0xe001
+#define SCM_SCR331DI 0x5111
+#define SCM_SCR335 0x5115
+#define SCM_SCR3320 0x5117
+#define SCM_SPR532 0xe003
+#define CHERRY_ST2000 0x003e
+
+
/* A list and a table with special transport descriptions. */
enum {
TRANSPORT_USB = 0, /* Standard USB transport. */
@@ -951,12 +961,12 @@ parse_ccid_descriptor (ccid_driver_t handle,
*/
if (handle->id_vendor == VENDOR_SCM
- && handle->max_ifsd > 48
- && ( (handle->id_product == 0xe001 && handle->bcd_device < 0x0516)
- ||(handle->id_product == 0x5111 && handle->bcd_device < 0x0620)
- ||(handle->id_product == 0x5115 && handle->bcd_device < 0x0514)
- ||(handle->id_product == 0xe003 && handle->bcd_device < 0x0504)
- ||(handle->id_product == 0x5117 && handle->bcd_device < 0x0522)
+ && handle->max_ifsd > 48
+ && ( (handle->id_product == SCM_SCR331 && handle->bcd_device < 0x0516)
+ ||(handle->id_product == SCM_SCR331DI && handle->bcd_device < 0x0620)
+ ||(handle->id_product == SCM_SCR335 && handle->bcd_device < 0x0514)
+ ||(handle->id_product == SCM_SPR532 && handle->bcd_device < 0x0504)
+ ||(handle->id_product == SCM_SCR3320 && handle->bcd_device < 0x0522)
))
{
DEBUGOUT ("enabling workaround for buggy SCM readers\n");
@@ -1136,16 +1146,20 @@ scan_or_find_usb_device (int scan_mode,
{
ifcdesc = (interface->altsetting + set_no);
/* The second condition is for older SCM SPR 532 who did
- not know about the assigned CCID class. Instead of
- trying to interpret the strings we simply check the
- product ID. */
+ not know about the assigned CCID class. The third
+ condition does the same for a Cherry SmartTerminal
+ ST-2000. Instead of trying to interpret the strings
+ we simply check the product ID. */
if (ifcdesc && ifcdesc->extra
&& ((ifcdesc->bInterfaceClass == 11
&& ifcdesc->bInterfaceSubClass == 0
&& ifcdesc->bInterfaceProtocol == 0)
|| (ifcdesc->bInterfaceClass == 255
&& dev->descriptor.idVendor == VENDOR_SCM
- && dev->descriptor.idProduct == 0xe003)))
+ && dev->descriptor.idProduct == SCM_SPR532)
+ || (ifcdesc->bInterfaceClass == 255
+ && dev->descriptor.idVendor == VENDOR_CHERRY
+ && dev->descriptor.idProduct == CHERRY_ST2000)))
{
idev = usb_open (dev);
if (!idev)
@@ -3080,7 +3094,8 @@ ccid_transceive_secure (ccid_driver_t handle,
Lc byte to the APDU. It seems that it will be replaced with
the actual length instead of being appended before the APDU
is send to the card. */
- cherry_mode = 1;
+ if (handle->id_product != CHERRY_ST2000)
+ cherry_mode = 1;
break;
default:
return CCID_DRIVER_ERR_NOT_SUPPORTED;
commit dafa7aa621dfe36c5c6cf462d3ec0d6c614ab105
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Thu Jan 13 16:38:31 2011 +0900
fix wLangId in ccid-driver.c
This is not a part of pin pad support series of mine.
As I found the bug while I am preparing the patches, I report this.
As CCID protocol is little endian, wLangId of US English = 0x0409
is represented as two bytes of 0x09 then 0x04.
It is really confusing that the code like following is floating
around:
pin_verify -> wLangId = HOST_TO_CCID_16(0x0904);
But, it is 0x0409 (not 0x0904). It is defined in the documentation:
http://www.usb.org/developers/docs/USB_LANGIDs.pdf
and origin of this table is Microsoft. We can see it at:
http://msdn.microsoft.com/en-us/library/bb165625%28VS.80%29.aspx
Yes, it would be better not to hard-code 0x0409. It would be better
to try current locale of the user, or to use the first entry of string
descriptor. I don't have time to implement such a thing...
diff --git a/scd/ccid-driver.c b/scd/ccid-driver.c
index 8c362d7..3d66f10 100644
--- a/scd/ccid-driver.c
+++ b/scd/ccid-driver.c
@@ -3133,8 +3133,8 @@ ccid_transceive_secure (ccid_driver_t handle,
if (pinlen_min && pinlen_max && pinlen_min == pinlen_max)
msg[17] |= 0x01; /* Max size reached. */
msg[18] = 0xff; /* bNumberMessage: Default. */
- msg[19] = 0x04; /* wLangId-High. */
- msg[20] = 0x09; /* wLangId-Low: English FIXME: use the first entry. */
+ msg[19] = 0x09; /* wLangId-Low: English FIXME: use the first entry. */
+ msg[20] = 0x04; /* wLangId-High. */
msg[21] = 0; /* bMsgIndex. */
/* bTeoProlog follows: */
msg[22] = handle->nonnull_nad? ((1 << 4) | 0): 0;
-----------------------------------------------------------------------
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list