aboutsummaryrefslogtreecommitdiffstats
path: root/scd
diff options
context:
space:
mode:
Diffstat (limited to 'scd')
-rw-r--r--scd/app-openpgp.c5
-rw-r--r--scd/app-piv.c42
-rw-r--r--scd/app.c21
-rw-r--r--scd/command.c44
-rw-r--r--scd/scdaemon.c20
5 files changed, 75 insertions, 57 deletions
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index fe0855e77..c2a8d5ffe 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -119,8 +119,8 @@ static struct {
{ 0x00D6, 0, 0x6E, 1, 0, 0, 0, 0, "UIF for Signature"},
{ 0x00D7, 0, 0x6E, 1, 0, 0, 0, 0, "UIF for Decryption"},
{ 0x00D8, 0, 0x6E, 1, 0, 0, 0, 0, "UIF for Authentication"},
- { 0x00F9, 0, 0, 1, 0, 0, 0, 0, "KDF data object"},
- { 0x00FA, 0, 0, 1, 0, 0, 0, 2, "Algorithm Information"},
+ { 0x00F9, 1, 0, 1, 0, 0, 0, 0, "KDF data object"},
+ { 0x00FA, 1, 0, 1, 0, 0, 0, 2, "Algorithm Information"},
{ 0 }
};
@@ -310,6 +310,7 @@ get_manufacturer (unsigned int no)
case 0x000D: return "Dangerous Things";
case 0x000E: return "Excelsecu";
case 0x000F: return "Nitrokey";
+ case 0x0010: return "NeoPGP";
case 0x002A: return "Magrathea";
case 0x0042: return "GnuPG e.V.";
diff --git a/scd/app-piv.c b/scd/app-piv.c
index dc92bd2e2..d7f9acca3 100644
--- a/scd/app-piv.c
+++ b/scd/app-piv.c
@@ -128,45 +128,45 @@ static struct data_object_s data_objects[] = {
"Discovery Object" },
{ 0x5FC10C, 0, 0,1, 0,0, 0, "", "2.96.96", NULL,
"Key History Object" },
- { 0x5FC10D, 0, 0,1, 0,0, 0, "82", "2.16.1", "e",
+ { 0x5FC10D, 0, 0,1, 0,0, 1, "82", "2.16.1", "e",
"Retired Cert Key Mgm 1" },
- { 0x5FC10E, 0, 0,1, 0,0, 0, "83", "2.16.2", "e",
+ { 0x5FC10E, 0, 0,1, 0,0, 1, "83", "2.16.2", "e",
"Retired Cert Key Mgm 2" },
- { 0x5FC10F, 0, 0,1, 0,0, 0, "84", "2.16.3", "e",
+ { 0x5FC10F, 0, 0,1, 0,0, 1, "84", "2.16.3", "e",
"Retired Cert Key Mgm 3" },
- { 0x5FC110, 0, 0,1, 0,0, 0, "85", "2.16.4", "e",
+ { 0x5FC110, 0, 0,1, 0,0, 1, "85", "2.16.4", "e",
"Retired Cert Key Mgm 4" },
- { 0x5FC111, 0, 0,1, 0,0, 0, "86", "2.16.5", "e",
+ { 0x5FC111, 0, 0,1, 0,0, 1, "86", "2.16.5", "e",
"Retired Cert Key Mgm 5" },
- { 0x5FC112, 0, 0,1, 0,0, 0, "87", "2.16.6", "e",
+ { 0x5FC112, 0, 0,1, 0,0, 1, "87", "2.16.6", "e",
"Retired Cert Key Mgm 6" },
- { 0x5FC113, 0, 0,1, 0,0, 0, "88", "2.16.7", "e",
+ { 0x5FC113, 0, 0,1, 0,0, 1, "88", "2.16.7", "e",
"Retired Cert Key Mgm 7" },
- { 0x5FC114, 0, 0,1, 0,0, 0, "89", "2.16.8", "e",
+ { 0x5FC114, 0, 0,1, 0,0, 1, "89", "2.16.8", "e",
"Retired Cert Key Mgm 8" },
- { 0x5FC115, 0, 0,1, 0,0, 0, "8A", "2.16.9", "e",
+ { 0x5FC115, 0, 0,1, 0,0, 1, "8A", "2.16.9", "e",
"Retired Cert Key Mgm 9" },
- { 0x5FC116, 0, 0,1, 0,0, 0, "8B", "2.16.10", "e",
+ { 0x5FC116, 0, 0,1, 0,0, 1, "8B", "2.16.10", "e",
"Retired Cert Key Mgm 10" },
- { 0x5FC117, 0, 0,1, 0,0, 0, "8C", "2.16.11", "e",
+ { 0x5FC117, 0, 0,1, 0,0, 1, "8C", "2.16.11", "e",
"Retired Cert Key Mgm 11" },
- { 0x5FC118, 0, 0,1, 0,0, 0, "8D", "2.16.12", "e",
+ { 0x5FC118, 0, 0,1, 0,0, 1, "8D", "2.16.12", "e",
"Retired Cert Key Mgm 12" },
- { 0x5FC119, 0, 0,1, 0,0, 0, "8E", "2.16.13", "e",
+ { 0x5FC119, 0, 0,1, 0,0, 1, "8E", "2.16.13", "e",
"Retired Cert Key Mgm 13" },
- { 0x5FC11A, 0, 0,1, 0,0, 0, "8F", "2.16.14", "e",
+ { 0x5FC11A, 0, 0,1, 0,0, 1, "8F", "2.16.14", "e",
"Retired Cert Key Mgm 14" },
- { 0x5FC11B, 0, 0,1, 0,0, 0, "90", "2.16.15", "e",
+ { 0x5FC11B, 0, 0,1, 0,0, 1, "90", "2.16.15", "e",
"Retired Cert Key Mgm 15" },
- { 0x5FC11C, 0, 0,1, 0,0, 0, "91", "2.16.16", "e",
+ { 0x5FC11C, 0, 0,1, 0,0, 1, "91", "2.16.16", "e",
"Retired Cert Key Mgm 16" },
- { 0x5FC11D, 0, 0,1, 0,0, 0, "92", "2.16.17", "e",
+ { 0x5FC11D, 0, 0,1, 0,0, 1, "92", "2.16.17", "e",
"Retired Cert Key Mgm 17" },
- { 0x5FC11E, 0, 0,1, 0,0, 0, "93", "2.16.18", "e",
+ { 0x5FC11E, 0, 0,1, 0,0, 1, "93", "2.16.18", "e",
"Retired Cert Key Mgm 18" },
- { 0x5FC11F, 0, 0,1, 0,0, 0, "94", "2.16.19", "e",
+ { 0x5FC11F, 0, 0,1, 0,0, 1, "94", "2.16.19", "e",
"Retired Cert Key Mgm 19" },
- { 0x5FC120, 0, 0,1, 0,0, 0, "95", "2.16.20", "e",
+ { 0x5FC120, 0, 0,1, 0,0, 1, "95", "2.16.20", "e",
"Retired Cert Key Mgm 20" },
{ 0x5FC121, 0, 2,2, 0,0, 0, "", "2.16.21", NULL,
"Cardholder Iris Images" },
@@ -3543,7 +3543,7 @@ do_with_keygrip (app_t app, ctrl_t ctrl, int action,
}
if (capability == GCRY_PK_USAGE_ENCR)
{
- if (strcmp (data_objects[i].keyref, "9D"))
+ if (strcmp (data_objects[i].usage, "e"))
continue;
}
if (capability == GCRY_PK_USAGE_AUTH)
diff --git a/scd/app.c b/scd/app.c
index 2c92201cf..a9591a12c 100644
--- a/scd/app.c
+++ b/scd/app.c
@@ -2385,6 +2385,18 @@ app_check_pin (card_t card, ctrl_t ctrl, const char *keyidstr,
static void
+setup_env (struct spawn_cb_arg *sca)
+{
+#ifdef HAVE_W32_SYSTEM
+ (void)sca; /* Not supported on Windows. */
+#else
+ char *v = sca->arg;
+
+ putenv (v);
+#endif
+}
+
+static void
report_change (int slot, int old_status, int cur_status)
{
char *homestr, *envstr;
@@ -2411,12 +2423,9 @@ report_change (int slot, int old_status, int cur_status)
else
{
gpg_error_t err;
- const char *args[9], *envs[2];
+ const char *args[9];
char numbuf1[30], numbuf2[30], numbuf3[30];
- envs[0] = envstr;
- envs[1] = NULL;
-
sprintf (numbuf1, "%d", slot);
sprintf (numbuf2, "0x%04X", old_status);
sprintf (numbuf3, "0x%04X", cur_status);
@@ -2433,7 +2442,9 @@ report_change (int slot, int old_status, int cur_status)
args[8] = NULL;
fname = make_filename (gnupg_homedir (), "scd-event", NULL);
- err = gnupg_spawn_process_detached (fname, args, envs);
+ err = gnupg_process_spawn (fname, args,
+ GNUPG_PROCESS_DETACHED,
+ setup_env, envstr, NULL);
if (err && gpg_err_code (err) != GPG_ERR_ENOENT)
log_error ("failed to run event handler '%s': %s\n",
fname, gpg_strerror (err));
diff --git a/scd/command.c b/scd/command.c
index 0cf66d08c..a2274f15a 100644
--- a/scd/command.c
+++ b/scd/command.c
@@ -957,7 +957,8 @@ pin_cb (void *opaque, const char *info, char **retstr)
We ignore any value returned. */
if (info)
{
- log_debug ("prompting for pinpad entry '%s'\n", info);
+ if (DBG_IPC)
+ log_debug ("prompting for pinpad entry '%s'\n", info);
rc = gpgrt_asprintf (&command, "POPUPPINPADPROMPT %s", info);
if (rc < 0)
return gpg_error (gpg_err_code_from_errno (errno));
@@ -966,7 +967,8 @@ pin_cb (void *opaque, const char *info, char **retstr)
}
else
{
- log_debug ("dismiss pinpad entry prompt\n");
+ if (DBG_IPC)
+ log_debug ("dismiss pinpad entry prompt\n");
rc = assuan_inquire (ctx, "DISMISSPINPADPROMPT",
&value, &valuelen, MAXLEN_PIN);
}
@@ -976,7 +978,8 @@ pin_cb (void *opaque, const char *info, char **retstr)
}
*retstr = NULL;
- log_debug ("asking for PIN '%s'\n", info);
+ if (DBG_IPC)
+ log_debug ("asking for PIN '%s'\n", info);
rc = gpgrt_asprintf (&command, "NEEDPIN %s", info);
if (rc < 0)
@@ -2942,10 +2945,10 @@ void
send_client_notifications (card_t card, int removal)
{
struct {
- pid_t pid;
#ifdef HAVE_W32_SYSTEM
HANDLE handle;
#else
+ pid_t pid;
int signo;
#endif
} killed[50];
@@ -2965,10 +2968,10 @@ send_client_notifications (card_t card, int removal)
if (sl->ctrl_backlink && sl->ctrl_backlink->card_ctx == card)
{
- pid_t pid;
#ifdef HAVE_W32_SYSTEM
HANDLE handle;
#else
+ pid_t pid;
int signo;
#endif
@@ -2983,32 +2986,33 @@ send_client_notifications (card_t card, int removal)
if (!sl->event_signal || !sl->assuan_ctx)
continue;
- pid = assuan_get_pid (sl->assuan_ctx);
-
#ifdef HAVE_W32_SYSTEM
handle = sl->event_signal;
for (kidx=0; kidx < killidx; kidx++)
- if (killed[kidx].pid == pid
- && killed[kidx].handle == handle)
+ if (killed[kidx].handle == handle)
break;
if (kidx < killidx)
- log_info ("event %p (%p) already triggered for client %d\n",
- sl->event_signal, handle, (int)pid);
+ {
+ if (opt.verbose)
+ log_info ("event %p already triggered for client\n",
+ sl->event_signal);
+ }
else
{
- log_info ("triggering event %p (%p) for client %d\n",
- sl->event_signal, handle, (int)pid);
+ if (opt.verbose)
+ log_info ("triggering event %p for client\n",
+ sl->event_signal);
if (!SetEvent (handle))
log_error ("SetEvent(%p) failed: %s\n",
sl->event_signal, w32_strerror (-1));
if (killidx < DIM (killed))
{
- killed[killidx].pid = pid;
killed[killidx].handle = handle;
killidx++;
}
}
#else /*!HAVE_W32_SYSTEM*/
+ pid = assuan_get_pid (sl->assuan_ctx);
signo = sl->event_signal;
if (pid != (pid_t)(-1) && pid && signo > 0)
@@ -3018,12 +3022,16 @@ send_client_notifications (card_t card, int removal)
&& killed[kidx].signo == signo)
break;
if (kidx < killidx)
- log_info ("signal %d already sent to client %d\n",
- signo, (int)pid);
+ {
+ if (opt.verbose)
+ log_info ("signal %d already sent to client %d\n",
+ signo, (int)pid);
+ }
else
{
- log_info ("sending signal %d to client %d\n",
- signo, (int)pid);
+ if (opt.verbose)
+ log_info ("sending signal %d to client %d\n",
+ signo, (int)pid);
kill (pid, signo);
if (killidx < DIM (killed))
{
diff --git a/scd/scdaemon.c b/scd/scdaemon.c
index 1a8705b18..2a9b0923c 100644
--- a/scd/scdaemon.c
+++ b/scd/scdaemon.c
@@ -284,9 +284,6 @@ static gnupg_fd_t create_server_socket (const char *name,
static void *start_connection_thread (void *arg);
static void handle_connections (gnupg_fd_t listen_fd);
-/* Pth wrapper function definitions. */
-ASSUAN_SYSTEM_NPTH_IMPL;
-
static int active_connections;
@@ -492,7 +489,6 @@ main (int argc, char **argv )
malloc_hooks.free = gcry_free;
assuan_set_malloc_hooks (&malloc_hooks);
assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
- assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
assuan_sock_init ();
setup_libassuan_logging (&opt.debug, NULL);
@@ -782,6 +778,7 @@ main (int argc, char **argv )
npth_init ();
setup_signal_mask ();
gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
+ assuan_control (ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP, NULL);
/* If --debug-allow-core-dump has been given we also need to
switch the working directory to a place where we can actually
@@ -923,6 +920,7 @@ main (int argc, char **argv )
npth_init ();
setup_signal_mask ();
gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
+ assuan_control (ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP, NULL);
/* Detach from tty and put process into a new session. */
if (!nodetach )
@@ -1207,7 +1205,7 @@ start_connection_thread (void *arg)
&& assuan_sock_check_nonce (ctrl->thread_startup.fd, &socket_nonce))
{
log_info (_("error reading nonce on fd %d: %s\n"),
- FD2INT(ctrl->thread_startup.fd), strerror (errno));
+ FD_DBG (ctrl->thread_startup.fd), strerror (errno));
assuan_sock_close (ctrl->thread_startup.fd);
xfree (ctrl);
return NULL;
@@ -1218,7 +1216,7 @@ start_connection_thread (void *arg)
scd_init_default_ctrl (ctrl);
if (opt.verbose)
log_info (_("handler for fd %d started\n"),
- FD2INT(ctrl->thread_startup.fd));
+ FD_DBG (ctrl->thread_startup.fd));
/* If this is a pipe server, we request a shutdown if the command
handler asked for it. With the next ticker event and given that
@@ -1230,7 +1228,7 @@ start_connection_thread (void *arg)
if (opt.verbose)
log_info (_("handler for fd %d terminated\n"),
- FD2INT (ctrl->thread_startup.fd));
+ FD_DBG (ctrl->thread_startup.fd));
scd_deinit_default_ctrl (ctrl);
xfree (ctrl);
@@ -1337,7 +1335,7 @@ handle_connections (gnupg_fd_t listen_fd)
if (listen_fd != GNUPG_INVALID_FD)
{
FD_SET (FD2INT (listen_fd), &fdset);
- nfd = FD2INT (listen_fd);
+ nfd = FD2NUM (listen_fd);
}
for (;;)
@@ -1423,8 +1421,8 @@ handle_connections (gnupg_fd_t listen_fd)
gnupg_fd_t fd;
plen = sizeof paddr;
- fd = INT2FD (npth_accept (FD2INT (listen_fd),
- (struct sockaddr *)&paddr, &plen));
+ fd = assuan_sock_accept (listen_fd,
+ (struct sockaddr *)&paddr, &plen);
if (fd == GNUPG_INVALID_FD)
{
log_error ("accept failed: %s\n", strerror (errno));
@@ -1441,7 +1439,7 @@ handle_connections (gnupg_fd_t listen_fd)
npth_t thread;
snprintf (threadname, sizeof threadname, "conn fd=%d",
- FD2INT (fd));
+ FD_DBG (fd));
ctrl->thread_startup.fd = fd;
ret = npth_create (&thread, &tattr, start_connection_thread, ctrl);
if (ret)
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-27 10:58:25 +0000