kamal kumar wrote: > I also tried with our proprietry card for which i am > developing the card driver. Error is occuring with it > also. > > I think following is the reason for the error. In XP, > I think the system is not cleanly closing all the CSP > context it acquired. This result in CSP not closing > the all the P11 session it created during first > certificate logon. Since not all the P11 session is > not closed, opensc-pkcs11 module maintains the pc/sc > sesssion it created during the first logon. During > second logon attempt, opensc-pkcs11 module tries to > use the same pc/sc session.
Yes that is what I think I am seeing too. Not sure if this is a Windows or IdAlly problem. And in addition it does not close the opensc-debug.txt file after login indicating it still has open sessions or at least did not call C_Finalize which should close the debug file. > But since we have removed > and inserted the card in the middle for getting PIN > prompt in winlogon, we are getting the error. Yes, and in the normal case the card would be removed after login, and especially after a logout or screen lock as the user may leave the area. I was able to do some testing of 0.11.3-pre2 on XP and it has the same problem. I did find one bug, see ticket #149. > > I may like to work on this issue provided time permit. > But i like some others also to confirm this behaviour > before starting my work. > > Regards, > Kamal. > --- "Douglas E. Engert" <[EMAIL PROTECTED]> wrote: > >> I see you have two theards active on the mailing >> list. >> You have a PIV card, and some other card you are >> trying to >> initialize. What is the other card? >> >> kamal kumar wrote: >>> Hi, >>> Today i tried certificate logon in XP with PIV >> card. >>> As i told you before, first certificate logon >> after >>> reboot succeeded. But the second logon failed. >>> >>> I have attached the opensc log files with this. >> This >>> log file contain entries for first successful >> logon >>> and second failed logon. >>> >>> Please give your opinion. >>> >>> Regards, >>> Kamal. >>> >>> --- "Douglas E. Engert" <[EMAIL PROTECTED]> wrote: >>> >>>> kamal kumar wrote: >>>>> Hi all, >>>>> I tried certificate logon with "Identity >> Alliance >>>> CSP" >>>>> and opensc-pkcs11 module in XP machine. The >>>>> certificate logon works fine for the first time. >>>> But >>>>> if we logoff and again tries to do certificate >>>> logon, >>>>> the logon fails second time. >>>>> >>>>> I want to confirm whether it is a issue. >>>> Works OK for me. >>>> >>>>> I analysed the opensc log files. I think >> following >>>> is >>>>> the reason for the error. In XP, opensc-pkcs11 >>>> module >>>>> maintains the pc/sc smartcard connection during >>>> the >>>>> first certificate logon. And it uses the same >>>> pc/sc >>>>> connection for the second certificate logon >> also. >>>> But >>>>> since we removed and inserted the card in the >>>> middle >>>>> for getting PIN prompt in winlogon, we are >> getting >>>> the >>>>> error. >>>> Sounds like the card failed to do an unlock() at >>>> some time >>>> and so the pcsc connection might still be active. >>>> What type/version of IdAlly, OpenSC, card and >> reader >>>> are >>>> you using? >>>> >>>> I am using IdAlly-1.0, SCB-0.8 ( >>>> PIV card and pcmcia GemPC card. >>>> >>>> Note scb-0.8 is based on OpenSC-0.11.2 but the >>>> version numbers in the opensc-pkcs11.dll says >>>> 0.11.1. >>>> >>>> >>>>> Can any one please tell me whether it is a issue >>>> and >>>>> Is there any way to solve this. >>>>> >>>>> Regards, >>>>> Kamal. >>>>> >>>>> >>>>> >>>>> >>>>> > ____________________________________________________________________________________ >>>>> Sick sense of humor? Visit Yahoo! TV's >>>>> Comedy with an Edge to see what's on, when. >>>>> http://tv.yahoo.com/collections/222 >>>>> _______________________________________________ >>>>> opensc-devel mailing list >>>>> [email protected] >>>>> > http://www.opensc-project.org/mailman/listinfo/opensc-devel >>>> -- >>>> >>>> Douglas E. Engert <[EMAIL PROTECTED]> >>>> Argonne National Laboratory >>>> 9700 South Cass Avenue >>>> Argonne, Illinois 60439 >>>> (630) 252-5444 >>>> >>> >>> >>> >>> > ____________________________________________________________________________________ >>> Be a better Heartthrob. Get better relationship >> answers from someone who knows. Yahoo! Answers - >> Check it out. > http://answers.yahoo.com/dir/?link=list&sid=396545433 >>> >>> > ------------------------------------------------------------------------ >>> _______________________________________________ >>> opensc-devel mailing list >>> [email protected] >>> > http://www.opensc-project.org/mailman/listinfo/opensc-devel >> -- >> >> Douglas E. Engert <[EMAIL PROTECTED]> >> Argonne National Laboratory >> 9700 South Cass Avenue >> Argonne, Illinois 60439 >> (630) 252-5444 >> > > > > > ____________________________________________________________________________________ > Park yourself in front of a world of choices in alternative vehicles. Visit > the Yahoo! Auto Green Center. > http://autos.yahoo.com/green_center/ > > -- Douglas E. Engert <[EMAIL PROTECTED]> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 _______________________________________________ opensc-devel mailing list [email protected] http://www.opensc-project.org/mailman/listinfo/opensc-devel
