Menu
▾
▴
Re: [Opensc-devel] C_Initialize
|
From: Douglas E. E. <dee...@an...> - 2013-02-18 20:37:19
|
Your solution below might work, but I would like others to comment on your proposal as well. On a different point, your first note says: "This causes quite a problem in gnutls which has transparent smart card support and calls C_Initialize on startup." How transparent is this? How does gnutls find a PKCS#11 implementation? Wll gnutls try and load any and all PKCS#11 modules it finds? Can it load more then one PKCS#11 module? I ask this as just loading another PKCS#11 may include loading more libraries, placing more of a dependency on all these libraries loading correctly even when they are not used. The OpenSC PKCS#11 will include OpenSSL for example. OpenSC will try and use pcscd as well. I am asking this as adding "transparent smart card support" may not be as transparent as you think. I see in: http://www.gnu.org/software/gnutls/manual/gnutls.html#Smart-cards-and-HSMs is using /etc/pkcs11/modules a system wide file? On 2/18/2013 2:11 PM, Nikos Mavrogiannopoulos wrote: > On 02/18/2013 08:16 PM, Douglas E. Engert wrote: > > >> I understand that card_detect may not be needed by C_Initialize, >> and postponing the calling of card_detect till actually needed >> would help in your situation. >> But your patch does not appear to do that, it just removes >> two calls to card_detect, and removes the call to sc_detect_card_presence. > > > The call to sc_detect_card_presence seem superfluous since it is > repeated in card_detect(). > >> We need to make sure there are no code paths that avoid calling > >> the card_detect or rely on the results of one of the removed >> card_detect calls. Either could result in not recogniing >> a card is present, or some segfault if card_detect set some >> values that other code is depending on. > > > So in that case that should be called on every function except > C_Initialize, C_GetSlotList, C_GetFunctionList, C_GetInfo, > C_Finalize. > > However, several functions depend on a session being setup (so they > would be fine if only C_OpenSession was detecting cards) that leaves us > with: > > C_OpenSession, C_GetMechanismList, C_WaitForSlotEvent, C_GetTokenInfo, > C_GetSlotInfo (I hope I'm not missing any here). > > Now: > C_OpenSession, C_GetMechanismList, C_GetTokenInfo: > call slot_get_token() which in turn calls card_detect(). > > C_WaitForSlotEvent calls card_detect_all explicitly. > > C_GetSlotInfo: calls slot_get_slot() which doesn't seem to detect anything. > > So would calling card_detect_all() in C_GetSlotInfo (see patch) fulfill > your concerns? > > regards, > Nikos > > > > ------------------------------------------------------------------------------ > The Go Parallel Website, sponsored by Intel - in partnership with Geeknet, > is your hub for all things parallel software development, from weekly thought > leadership blogs to news, videos, case studies, tutorials, tech docs, > whitepapers, evaluation guides, and opinion stories. Check out the most > recent posts - join the conversation now. http://goparallel.sourceforge.net/ > > > > _______________________________________________ > Opensc-devel mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensc-devel > -- Douglas E. Engert <DEE...@an...> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 |
