From 19aa921fd86ee5104e8fcfbebafa776e4da3b4b2 Mon Sep 17 00:00:00 2001
From: DistroBaker <osci-list@redhat.com>
Date: Thu, 1 Apr 2021 07:50:20 +0000
Subject: [PATCH] Merged update from upstream sources

This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/gnupg2.git#240056b3213666bb7dcee6f3732ed98cd40484d4
---
 gnupg-2.2.27-shared.patch | 75 +++++++++++++++++++++++++++++++++++++++
 gnupg2.spec               | 15 ++++++--
 2 files changed, 87 insertions(+), 3 deletions(-)
 create mode 100644 gnupg-2.2.27-shared.patch

diff --git a/gnupg-2.2.27-shared.patch b/gnupg-2.2.27-shared.patch
new file mode 100644
index 0000000..dd0b6c7
--- /dev/null
+++ b/gnupg-2.2.27-shared.patch
@@ -0,0 +1,75 @@
+# Add the option "shared-access" to scdaemon.
+# If set, pcsc_connect is called with PCSC_SHARE_SHARED instead of PCSC_SHARE_EXCLUSIVE.
+
+
+--- a/scd/apdu.c
++++ b/scd/apdu.c
+@@ -816,7 +816,7 @@ connect_pcsc_card (int slot)
+
+   err = pcsc_connect (reader_table[slot].pcsc.context,
+                       reader_table[slot].rdrname,
+-                      PCSC_SHARE_EXCLUSIVE,
++                      opt.shared_access ? PCSC_SHARE_SHARED : PCSC_SHARE_EXCLUSIVE,
+                       PCSC_PROTOCOL_T0|PCSC_PROTOCOL_T1,
+                       &reader_table[slot].pcsc.card,
+                       &reader_table[slot].pcsc.protocol);
+--- a/scd/scdaemon.c
++++ b/scd/scdaemon.c
+@@ -99,6 +99,7 @@ enum cmd_and_opt_values
+   oDenyAdmin,
+   oDisableApplication,
+   oEnablePinpadVarlen,
++  oSharedAccess,
+   oListenBacklog,
+
+   oNoop
+@@ -164,6 +165,8 @@ static ARGPARSE_OPTS opts[] = {
+   /* Stubs for options which are implemented by 2.3 or later.  */
+   ARGPARSE_s_s (oNoop, "application-priority", "@"),
+
++  ARGPARSE_s_n (oSharedAccess, "shared-access", N_("use PCSC_SHARE_SHARED for pcsc_connect")),
++
+   ARGPARSE_end ()
+ };
+
+@@ -629,6 +632,8 @@ main (int argc, char **argv )
+
+         case oNoop: break;
+
++        case oSharedAccess: opt.shared_access = 1; break;
++
+         default:
+           if (configname)
+             pargs.err = ARGPARSE_PRINT_WARNING;
+@@ -727,6 +732,7 @@ main (int argc, char **argv )
+       es_printf ("disable-pinpad:%lu:\n", GC_OPT_FLAG_NONE );
+       es_printf ("card-timeout:%lu:%d:\n", GC_OPT_FLAG_DEFAULT, 0);
+       es_printf ("enable-pinpad-varlen:%lu:\n", GC_OPT_FLAG_NONE );
++      es_printf ("shared-access:%lu:\n", GC_OPT_FLAG_NONE );
+
+       scd_exit (0);
+     }
+--- a/scd/scdaemon.h
++++ b/scd/scdaemon.h
+@@ -62,6 +62,8 @@ struct
+   strlist_t disabled_applications;  /* Card applications we do not
+                                        want to use. */
+   unsigned long card_timeout; /* Disconnect after N seconds of inactivity.  */
++
++  int shared_access;
+ } opt;
+
+
+--- a/tools/gpgconf-comp.c
++++ b/tools/gpgconf-comp.c
+@@ -653,6 +653,9 @@ static gc_option_t gc_options_scdaemon[] =
+    { "card-timeout", GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
+      "gnupg", "|N|disconnect the card after N seconds of inactivity",
+      GC_ARG_TYPE_UINT32, GC_BACKEND_SCDAEMON },
++   { "shared-access", GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
++     "gnupg", "use PCSC_SHARE_SHARED for pcsc_connect",
++     GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
+
+    { "Debug",
+      GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
+
diff --git a/gnupg2.spec b/gnupg2.spec
index a582cda..15be9ca 100644
--- a/gnupg2.spec
+++ b/gnupg2.spec
@@ -7,7 +7,7 @@
 Summary: Utility for secure communication and data storage
 Name:    gnupg2
 Version: 2.2.27
-Release: 2%{?dist}
+Release: 4%{?dist}
 
 License: GPLv3+
 Source0: https://gnupg.org/ftp/gcrypt/%{?pre:alpha/}gnupg/gnupg-%{version}%{?pre}.tar.bz2
@@ -29,6 +29,8 @@ Patch21: gnupg-2.2.18-gpg-allow-import-of-previously-known-keys-even-without-UI.
 Patch22: gnupg-2.2.18-gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch
 # Fixes for issues found in Coverity scan - reported upstream
 Patch30: gnupg-2.2.21-coverity.patch
+# Do not require exclusive access to the pcsc
+Patch31: gnupg-2.2.27-shared.patch
 
 
 URL:     https://www.gnupg.org/
@@ -41,7 +43,7 @@ BuildRequires: docbook-utils
 BuildRequires: gettext
 BuildRequires: libassuan-devel >= 2.1.0
 BuildRequires: libgcrypt-devel >= 1.7.0
-BuildRequires: libgpg-error-devel >= 1.31
+BuildRequires: libgpg-error-devel >= 1.38
 BuildRequires: libksba-devel >= 1.3.0
 BuildRequires: openldap-devel
 BuildRequires: libusb-devel
@@ -55,7 +57,7 @@ BuildRequires: fuse
 BuildRequires: make
 
 Requires: libgcrypt >= 1.7.0
-Requires: libgpg-error >= 1.31
+Requires: libgpg-error >= 1.38
 
 Recommends: pinentry
 
@@ -113,6 +115,7 @@ to the base GnuPG package
 %patch22 -p1 -b .good_revoc
 
 %patch30 -p1 -b .coverity
+%patch31 -p1 -b .shared
 
 # pcsc-lite library major: 0 in 1.2.0, 1 in 1.2.9+ (dlopen()'d in pcsc-wrapper)
 # Note: this is just the name of the default shared lib to load in scdaemon,
@@ -223,6 +226,12 @@ make -k check
 
 
 %changelog
+* Mon Mar 29 2021 Jakub Jelen <jjelen@redhat.com> - 2.2.27-4
+- Add a configuration to not require exclusive access to PCSC
+
+* Thu Feb 18 2021 Jakub Jelen <jjelen@redhat.com> - 2.2.27-3
+- Bump required libgpg-error version (#1930110)
+
 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.27-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild