Hello, On May 6, 2011, at 16:41 , Frank Morgner wrote: >> >> Is there a way to inform opensc-pkcs11.so that a communication is >> already established by Firefox and that SSH should start without using >> pkcs11? > > AFAIK, SCardConnect immediately returns an error if an application wants > to access a reader which is already in exclusive use. Have you tried > switching on exclusive mode in the configuration file of OpenSC? (Note > that this does not completely remove security issues.)
It should be possible and it would be a nice feature to have. Figuring out what will happen when the card *will* be available and what to do when a reader is in use by another application is a tricky question though (not all applications can easily reload tokens) lock_login will not result in exclusive mode access to the reader (controlled by "connect_exclusive" configuration option, shared mode by default) but a transaction with SCardBeginTransaction being called on C_Login Cheers, Martin. -- @MartinPaljak.net +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
