AW: Re: Smartcard power-down
the2nd
the2nd at otpme.org
Sat Sep 12 20:05:50 CEST 2015
Thanks for your help. This works great! :)
<div>-------- Ursprüngliche Nachricht --------</div><div>Von: NIIBE Yutaka <gniibe at fsij.org> </div><div>Datum:09.10.2015 03:13 (GMT+01:00) </div><div>An: gnupg-users at gnupg.org </div><div>Betreff: Re: Smartcard power-down </div><div>
</div>On 09/10/2015 05:57 AM, the2nd at otpme.org wrote:
> pointing out that a "gpgconf --reload scdaemon" should power-down a
> connected smartcard and thus lead to re-asking the PIN. I've tried
> this with a yubikey neo but does not work. I've also tried sending
> SIGHUP to scdaemon as well as gpg-agent but i never get re-asked for
> the PIN when doing a ssh login. After restarting gpg-agent i always
> get asked for the PIN so it seems to work in general. Is there
> anything i can check?
I'm sorry, now, "gpgconf --reload scdaemon" doesn't work in GnuPG 2.0,
because of a bug.
For a while, please do:
$ gpg-connect-agent "SCD KILLSCD" "SCD BYE" /bye
This stops scdaemon.
I've just committed the fix to 2.0 branch.
gpgconf: Fix scdaemon reload.
* tools/gpgconf-comp.c (scdaemon_runtime_change): Add "scd bye".
--
In GnuPG 2.0.x, it doesn't require newer libassuan which has
ASSUAN_FORCE_CLOSE feature. We need to send "scd bye" to let
the control finish from command loop.
diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c
index 2454f93..69d160e 100644
--- a/tools/gpgconf-comp.c
+++ b/tools/gpgconf-comp.c
@@ -1064,7 +1064,7 @@ scdaemon_runtime_change (void)
{
gpg_error_t err;
const char *pgmname;
- const char *argv[6];
+ const char *argv[7];
pid_t pid;
/* We use "GETINFO app_running" to see whether the agent is already
@@ -1077,8 +1077,9 @@ scdaemon_runtime_change (void)
argv[1] = "GETINFO scd_running";
argv[2] = "/if ${! $?}";
argv[3] = "scd killscd";
- argv[4] = "/end";
- argv[5] = NULL;
+ argv[4] = "scd bye";
+ argv[5] = "/end";
+ argv[6] = NULL;
err = gnupg_spawn_process_fd (pgmname, argv, -1, -1, -1, &pid);
if (!err)
--
_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150912/6154ada6/attachment-0001.html>
More information about the Gnupg-users
mailing list