Do not require exclusive access to PCSC

Based on a patch from https://gpgtools.org/
2021-02-04 17:14:25 +01:00 · 2021-02-04 17:14:25 +01:00 · 3aa1344259
commit 3aa1344259
parent df4c9623c6
2 changed files with 78 additions and 0 deletions
--- a/gnupg-2.2.27-shared.patch
+++ b/gnupg-2.2.27-shared.patch
@ -0,0 +1,75 @@
+# Add the option "shared-access" to scdaemon.
+# If set, pcsc_connect is called with PCSC_SHARE_SHARED instead of PCSC_SHARE_EXCLUSIVE.
+
+
+--- a/scd/apdu.c
+++ b/scd/apdu.c
+@@ -816,7 +816,7 @@ connect_pcsc_card (int slot)
+
+   err = pcsc_connect (reader_table[slot].pcsc.context,
+                       reader_table[slot].rdrname,
+-                      PCSC_SHARE_EXCLUSIVE,
+                      opt.shared_access ? PCSC_SHARE_SHARED : PCSC_SHARE_EXCLUSIVE,
+                       PCSC_PROTOCOL_T0|PCSC_PROTOCOL_T1,
+                       &reader_table[slot].pcsc.card,
+                       &reader_table[slot].pcsc.protocol);
+--- a/scd/scdaemon.c
+++ b/scd/scdaemon.c
+@@ -99,6 +99,7 @@ enum cmd_and_opt_values
+   oDenyAdmin,
+   oDisableApplication,
+   oEnablePinpadVarlen,
+  oSharedAccess,
+   oListenBacklog,
+
+   oNoop
+@@ -164,6 +165,8 @@ static ARGPARSE_OPTS opts[] = {
+   /* Stubs for options which are implemented by 2.3 or later.  */
+   ARGPARSE_s_s (oNoop, "application-priority", "@"),
+
+  ARGPARSE_s_n (oSharedAccess, "shared-access", N_("use PCSC_SHARE_SHARED for pcsc_connect")),
+
+   ARGPARSE_end ()
+ };
+
+@@ -629,6 +632,8 @@ main (int argc, char **argv )
+
+         case oNoop: break;
+
+        case oSharedAccess: opt.shared_access = 1; break;
+
+         default:
+           if (configname)
+             pargs.err = ARGPARSE_PRINT_WARNING;
+@@ -727,6 +732,7 @@ main (int argc, char **argv )
+       es_printf ("disable-pinpad:%lu:\n", GC_OPT_FLAG_NONE );
+       es_printf ("card-timeout:%lu:%d:\n", GC_OPT_FLAG_DEFAULT, 0);
+       es_printf ("enable-pinpad-varlen:%lu:\n", GC_OPT_FLAG_NONE );
+      es_printf ("shared-access:%lu:\n", GC_OPT_FLAG_NONE );
+
+       scd_exit (0);
+     }
+--- a/scd/scdaemon.h
+++ b/scd/scdaemon.h
+@@ -62,6 +62,8 @@ struct
+   strlist_t disabled_applications;  /* Card applications we do not
+                                        want to use. */
+   unsigned long card_timeout; /* Disconnect after N seconds of inactivity.  */
+
+  int shared_access;
+ } opt;
+
+
+--- a/tools/gpgconf-comp.c
+++ b/tools/gpgconf-comp.c
+@@ -653,6 +653,9 @@ static gc_option_t gc_options_scdaemon[] =
+    { "card-timeout", GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
+      "gnupg", "|N|disconnect the card after N seconds of inactivity",
+      GC_ARG_TYPE_UINT32, GC_BACKEND_SCDAEMON },
+   { "shared-access", GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
+     "gnupg", "use PCSC_SHARE_SHARED for pcsc_connect",
+     GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
+
+    { "Debug",
+      GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
+
--- a/gnupg2.spec
+++ b/gnupg2.spec
@ -29,6 +29,8 @@ Patch21: gnupg-2.2.18-gpg-allow-import-of-previously-known-keys-even-without-UI.
 Patch22: gnupg-2.2.18-gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch
 # Fixes for issues found in Coverity scan - reported upstream
 Patch30: gnupg-2.2.21-coverity.patch
+# Do not require exclusive access to the pcsc
+Patch31: gnupg-2.2.27-shared.patch


 URL:     https://www.gnupg.org/
@ -113,6 +115,7 @@ to the base GnuPG package
 %patch22 -p1 -b .good_revoc

 %patch30 -p1 -b .coverity
+%patch31 -p1 -b .shared

 # pcsc-lite library major: 0 in 1.2.0, 1 in 1.2.9+ (dlopen()'d in pcsc-wrapper)
 # Note: this is just the name of the default shared lib to load in scdaemon,