diff options
| author | Werner Koch <[email protected]> | 2020-11-09 12:04:38 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2020-11-09 12:41:26 +0000 |
| commit | 8fb0d5e3c775f40e321689b35431d81425406237 (patch) | |
| tree | ca111c2b43df73c16f48e8bc8ab0ae2aa3371de6 /g10/card-util.c | |
| parent | gpg: Do not print rejected digest algo notes with --quiet. (diff) | |
| download | gnupg-8fb0d5e3c775f40e321689b35431d81425406237.tar.gz gnupg-8fb0d5e3c775f40e321689b35431d81425406237.zip | |
card: Run factory-reset in locked stated.
* scd/command.c (reset_notify): Add option --keep-lock.
(do_reset): Add arg keep_lock.
(cmd_lock): Send progress status.
* g10/call-agent.c (agent_scd_apdu): Add more pseudo APDUs.
* g10/card-util.c (send_apdu): Ditto.
(factory_reset): Use lock commands.
--
This is required so that for example Kleopatra does not detect the
RESET and issues a SERIALNO of its own, thus conflicting with our
SERIALNO undefined.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'g10/card-util.c')
| -rw-r--r-- | g10/card-util.c | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/g10/card-util.c b/g10/card-util.c index d43081588..74d49aaf2 100644 --- a/g10/card-util.c +++ b/g10/card-util.c @@ -1859,8 +1859,13 @@ send_apdu (const char *hexapdu, const char *desc, unsigned int ignore) if (err) tty_printf ("sending card command %s failed: %s\n", desc, gpg_strerror (err)); - else if (!hexapdu || !strcmp (hexapdu, "undefined")) - ; + else if (!hexapdu + || !strcmp (hexapdu, "undefined") + || !strcmp (hexapdu, "reset-keep-lock") + || !strcmp (hexapdu, "lock") + || !strcmp (hexapdu, "trylock") + || !strcmp (hexapdu, "unlock")) + ; /* Ignore pseudo APDUs. */ else if (ignore == 0xffff) ; /* Ignore all status words. */ else if (sw != 0x9000) @@ -1889,6 +1894,7 @@ factory_reset (void) char *answer = NULL; int termstate = 0; int i; + int locked = 0; /* The code below basically does the same what this gpg-connect-agent script does: @@ -1950,8 +1956,14 @@ factory_reset (void) goto leave; /* We need to select a card application before we can send APDUs - to the card without scdaemon doing anything on its own. */ - err = send_apdu (NULL, "RESET", 0); + to the card without scdaemon doing anything on its own. We + then lock the connection so that other tools (e.g. Kleopatra) + don't try a new select. */ + err = send_apdu ("lock", "locking connection ", 0); + if (err) + goto leave; + locked = 1; + err = send_apdu ("reset-keep-lock", "reset", 0); if (err) goto leave; err = send_apdu ("undefined", "dummy select ", 0); @@ -1993,7 +2005,7 @@ factory_reset (void) goto leave; /* Finally we reset the card reader once more. */ - err = send_apdu (NULL, "RESET", 0); + err = send_apdu ("reset-keep-lock", "reset", 0); /* Then, connect the card again. */ if (!err) @@ -2005,6 +2017,8 @@ factory_reset (void) } leave: + if (locked) + send_apdu ("unlock", "unlocking connection ", 0); xfree (answer); agent_release_card_info (&info); } |