Karsten Ohme wrote:
Roy Keene (Contractor) wrote:All,I have a DoD CAC Card that I have mostly working with MUSCLE, however if the card is removed and re-inserted applications that were already running (using the libmusclepkcs11 module) no longer detect the presence of the card until the application is restarted. I've worked around the issue by recompiling libmusclepkcs11 with the following patch:--- muscleframework-1.1.5.orig/libmusclepkcs11/src/p11x_slot.c 2004-05-31 05:43:11.000000000 -0500+++ muscleframework-1.1.5.orig.rsk/libmusclepkcs11/src/p11x_slot.c 2006-07-11 17:12:46.000000000 -0500 @@ -898,11 +898,11 @@ if (slot->conn.hCard) { + slot->conn.hCard = 0; log_Log(LOG_LOW, "Releasing connection (slot_DisconnectSlot)"); (void)MSC_ERROR(msc_ReleaseConnection(&slot->conn, action)); } - slot->conn.hCard = 0; slot->slot_info.flags = (slot->slot_info.flags & ~CKF_TOKEN_PRESENT); } Are there plans for a better fix ?This does work? Well it does, but, the msc_ReleaseConnection releases a card handle. You set the card handle to 0, meaning, that the call is never successful. I think the library does only check the value of hCard, and if it is not 0 a connection is assumed, which is wrong for a removed card. The problem should be solved by checking the card state, i.e. a separate thread checking the state SCardStateChange or something like this exists in the PC/SC API .... I think a more successful version of pkcs11 exists, so maybe a fix is already contained. KarstenThanks. ------------------------------------------------------------------------ _______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle_______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
Here is a more functional fix:diff -uNr muscleframework-1.1.5.orig/libmusclepkcs11/src/p11x_slot.c muscleframework-1.1.5.orig.rsk/libmusclepkcs11/src/p11x_slot.c --- muscleframework-1.1.5.orig/libmusclepkcs11/src/p11x_slot.c 2004-05-31 05:43:11.000000000 -0500 +++ muscleframework-1.1.5.orig.rsk/libmusclepkcs11/src/p11x_slot.c 2006-07-19 09:54:40.000000000 -0500
@@ -200,7 +200,7 @@
if (slot->conn.hCard)
{
log_Log(LOG_LOW, "Releasing connection (slot_ReleaseConnection)");
- (void)MSC_ERROR(msc_ReleaseConnection(&slot->conn,
MSC_LEAVE_TOKEN));
+ msc_ReleaseConnection(&slot->conn, MSC_LEAVE_TOKEN);
log_Log(LOG_LOW, "Done releasing (slot_ReleaseConnection)");
}
@@ -899,7 +899,8 @@
if (slot->conn.hCard)
{
log_Log(LOG_LOW, "Releasing connection (slot_DisconnectSlot)");
- (void)MSC_ERROR(msc_ReleaseConnection(&slot->conn, action));
+ msc_ReleaseConnection(&slot->conn, action);
+ musclecard_fini();
}
slot->conn.hCard = 0;
The first hunk may not be needed. The first part of the second hunk (delete,
add) may also not be needed. musclecard_fini() releases the "localHContext"
which is invalidated.
There will probably be no more follow-ups to these patches since I've started using CoolKey primarily (since it has fewer dependencies, and requires fewer locally maintained patches).
--
Roy Keene
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
