ce.
I can create scripts for processing this list, as I need just another
output anyway (modalias supplements for rpm, which will allow automatic
package proposal in openSUSE).
Generic CCID rule is a bit different, as it matches interface class.
I guess that a
Alon Bar-Lev wrote:
> 2009/4/2 Stanislav Brabec :
> > Alon Bar-Lev wrote:
> >> Why aren't they detected by the CCID class attribute?
> >
> > They are detected correctly as "CCID Compatible" even without this
> > patch.
> >
>
> So
Alon Bar-Lev wrote:
> Why aren't they detected by the CCID class attribute?
They are detected correctly as "CCID Compatible" even without this
patch.
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
Attached patch defines two new readers:
OmniKey CardMan 3821
ACS ACR38 with CCID firmware
Both basically work, but I cannot test more, because I have no fully
supported test card.
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
in FDI patches
above instead of guessing the device node name.
- Restricts access to the group. Requires a change in Makefiles to
replace @USER@ and @GROUP@
- Removes deprecated access to /proc/bus/usb.
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
Attached patch prevents creating of temporary orphans
in /var/run/openct/status.lock.{pid}.
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
-
SUSE LINUX, s. r. o. e-mail: sbra
e --force
automake
autoreconf --force --install
(Maybe more steps would be required.)
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
-
SUSE LINUX, s. r. o. e-mail: sbra...@suse.cz
Lih
;& is always kept. The
second argument is skipped, if its evaluation is not needed.
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
-
SUSE LINUX, s. r. o. e-mail: sbra...@suse.c
this! great work!
You are welcome.
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
-
SUSE LINUX, s. r. o. e-mail: sbra...@suse.cz
Lihovarská 1060/12 tel: +420 284 028 966, +49 91
Andreas Jellinghaus wrote:
> Am Mittwoch 28 Januar 2009 19:02:39 schrieb Stanislav Brabec:
> > In case of Smart Cards, it might be GID writability for "scard" group,
> > allowing to run smart card daemon without root privileges.
>
> if pcscd or openct should run as
Andreas Jellinghaus wrote:
> Am Mittwoch 28 Januar 2009 19:30:52 schrieb Stanislav Brabec:
> > How to name the main category "smart_card_reader or crypto_token"?
>
> I think it is easer to explain, that a usb crypto token is a device consisting
> of a reduced smart c
optional.
> (eutron gave me a two in one reader, one
> for sim size and one in credit card size).
Two slots or one slots with two sizes?
> > For cards and token chips:
> I see no reason to put every info we somewhere have into hald.
> sure, we could. but what happe
d daemons don't need to care about it.
> btw: many distributions have a group "scard" that regulates access to smart
> card reader middleware (pcscd and openct). (well, ok, debian and ubuntu have
> that group, not 100% sure about other distributio
Andreas Jellinghaus wrote:
> Am Dienstag 27 Januar 2009 19:14:31 schrieb Stanislav Brabec:
> > Ludovic Rousseau wrote:
> > > 2009/1/23 Stanislav Brabec :
> > > > I don't know, whether multi-slot devices use more USB devices, more USB
> > > > interface
Ludovic Rousseau wrote:
> 2009/1/23 Stanislav Brabec :
> > I don't know, whether multi-slot devices use more USB devices, more USB
> > interfaces or only one interface and multi-slot protocol.
>
> A multi-slot reader is just one USB device. The only difference is the
&g
later.
I don't know, whether multi-slot devices use more USB devices, more USB
interfaces or only one interface and multi-slot protocol.
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
-
SUSE LINUX, s. r. o
an example. But that may be too much and non-CCID reader do not
>report all these values.
I guess we can start with a small number of entries.
We will find, whether it is useful and well defined. Later it should be
possible to extend information in a compatible way.
Several notes are in B
ilar
applications.
I seen several irritating changes in HAL keywords in past. That is why I
want to think twice before dumb creating of few keywords, that will have
to be changed in few months.
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
--
Ludovic Rousseau wrote:
> 2009/1/23 Stanislav Brabec :
> > A separately maintained package would be another possible way to
> > distribute FDI files: Scan all available driver packages, create a list
> > of all known readers, their USB/PCI ids and capabilities (class, card
&g
Andreas Jellinghaus píše v Pá 23. 01. 2009 v 13:27 +0100:
> Am Freitag 23 Januar 2009 12:59:57 schrieb Stanislav Brabec:
> > HAL documentation recommends to discriminate between three types of FDI
> > files:
> > - preprobe: Actions before hal starts to identify the dev
r.pinpad => smart_card_reader.class3
The implication may be specified in FDI syntax:
smart_card_reader.pinpad
> > I expect one another change in near future: Fedora people will say "Use
> > DeviceKit instead of hal."
>
> maybe we can get their devicekit con
f hal."
> I have too little clue about the further developments of hal and policykit
> and what kde and gnome do, so I can't comment on that.
PolicyKit does not communicate with GNOME (with exception of local X
session registration). It only permits local
Andreas Jellinghaus wrote:
> Am Donnerstag 22 Januar 2009 15:54:07 schrieb Stanislav Brabec:
> > > But why do you need to configure PolicyKit? What is the problem
> > > PolicyKit is trying to solve?
> >
> > Grating access to users physically present at the comput
Cards readers are devices just like any others. Most of them can
be identified just by reading USB ID, and even the correct driver can be
identified by USB ID.
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
-
SU
ard.iso
smart_card.class3
smart_card.ccid
smart_card.ccid
ccid
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
-
SUSE LINUX, s. r. o. e-mai
Alon Bar-Lev wrote:
> On 1/22/09, Stanislav Brabec wrote:
> > USB peripheral cannot initiate transfer, so USB requires some type of
> > polling by design.
>
> As far as I know and tried USB support interrupt mode, checkout the
> openct trunk ccid driver.
On the link l
Ludovic Rousseau wrote:
> 2009/1/22 Stanislav Brabec :
> > HAL recognizes Smart Card readers as unknown USB devices
>
> Why is that a problem? Why do you need HAL to know about smart card readers?
HAL detects correctly music players, scanners, fingerprint readers,
UPSes (well
Alon Bar-Lev wrote:
> On 1/22/09, Stanislav Brabec wrote:
> > Alon Bar-Lev wrote:
> > > This is why you have udev, right?
> > Yes, udev supports it as well. But most vendors prefer HAL for this
> > purpose nowadays.
> vendors? You mean Novell, right?
Not only
even syntax like 'reader.card.iso', 'reader.card.sim',
'reader.smart_token'. What about memory card readers capable to read SIM
etc.
Secondary problem:
Primary problem makes impossible to define Smart Card policy to
PolicyKit.
--
Best Regards / S
t's not likely to pan out so well.
As I wrote in other replies, I am not going to launch anything. Only
identify the device as good as possible.
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
-
SUSE LINUX, s.
Ludovic Rousseau wrote:
> 2009/1/21 Stanislav Brabec :
> > Alon Bar-Lev wrote:
> >> I don't understand the motivation.
> >> Why do you care if readers are accessible by all users?
> >
> > 1) There are applications, that need direct access to the reader,
Alon Bar-Lev wrote:
> On 1/21/09, Stanislav Brabec wrote:
> > 1) There are applications, that need direct access to the reader, not
> > using pcsc-lite (example: cyberjack utilities). That is why it should
> > allow to access not only to pcsc daemon, but also to users.
cations: If smart card reader/token is plugged, do
something (e. g. launch banking application).
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
-
SUSE LINUX, s. r. o. e-mail: sbra
/ S pozdravem,
Stanislav Brabec
software developer
-
SUSE LINUX, s. r. o. e-mail: sbra...@suse.cz
Lihovarská 1060/12 tel: +420 284 028 966, +49 911 740538747
190 00 Praha 9
em *derSignedCert, PRBool copyDER, char
*nickname);
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
-
SUSE LINUX, s. r. o. e-mail: [EMAIL PROTECTED]
Lihovarská 1060/12 tel:
Ludovic Rousseau wrote:
> 2008/10/17 Stanislav Brabec <[EMAIL PROTECTED]>:
> "Fixed" in revision 353.
> http://www.opensc-project.org/pam_pkcs11/changeset/353
Not yet completely. This seems to be critical:
ldap_mapper.c: In function 'ldap_get_certificate':
lda
Stanislav Brabec wrote:
> Ludovic Rousseau wrote:
> > But I have two warnings:
> > ldap_mapper.c:874: warning: passing argument 1 of 'X509_cmp' from
> > incompatible pointer type
> > ldap_mapper.c:874: warning: passing argument 2 of 'X509_cmp' fr
ly different, it most probably does not
work.
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
-
SUSE LINUX, s. r. o. e-mail: [EMAIL PROTECTED]
Lihovarská 1060/12 tel: +420 28
his header may vary. In last mail I incorrectly told, that it does not
appear in trunk, because I made test build with different options.
This warning appears only if compiling with LDAP support.
--
Best Regards / S pozdravem,
Stanislav Brabec
software
Ludovic Rousseau wrote:
> 2008/9/25 Stanislav Brabec <[EMAIL PROTECTED]>:
> > pam_pkcs11-implicit-declaration.patch: Fixes implicit declaration and
> > possible crash on 64 bits. More information in the patch header.
>
> I do not have a ssl/x509.h file on my system.
Patch from Jacob Berkman changes
default NSS configuration.
pam_pkcs11-0.6.0-ms-upn-oid.patch: Patch from Jacob Berkman improves
Microsoft UPN OID support.
pam_pkcs11-missing.patch: Adds missing header file to the tarball.
Untested.
--
Best Regards / S pozdravem,
Stanislav Brabec
software
ge will be accepted upstream. I want
to make openSUSE package and upstream package binary compatible.
If I will apply this patch on top of version 0.2.4, then I will need to
allocate a soname slot "libp11.so.1" for the exact version of ABI that
will be used for openSUSE 11.1.
--
Best Rega
++, REVISION=0)
-LIBP11_LT_CURRENT="1"
-LIBP11_LT_OLDEST="0"
-LIBP11_LT_REVISION="2"
+LIBP11_LT_CURRENT="2"
+LIBP11_LT_OLDEST="1"
+LIBP11_LT_REVISION="0"
LIBP11_LT_AGE="$((${LIBP11_LT_CURRENT}-${LIBP11_LT_OLDEST}))"
AC_CONF
abel, unsigned char *id, size_t id_len,
PKCS11_KEY ** ret_key)
{
PKCS11_SLOT *slot = TOKEN2SLOT(token);
--- src/pkcs11.h
+++ src/pkcs11.h
@@ -460,7 +460,7 @@
{
ck_attribute_type_t type;
void *value;
- unsigned long value_len;
+ size_t value_len;
args ? strdup(init_args) : NULL;
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
-
SUSE LINUX, s. r. o. e-mail: [EMAIL PROTECTED]
Lihovarská 1060/12 tel: +420 284 028 966, +49 911 7
ible with
smart card readers, pcsc-lite can handle them, and even an application
exists.
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
-
SUSE LINUX, s. r. o. e-mail: [EMAIL PROTECTED]
Li
from card
SELECT FILE failed: Unknown data received from card
--
Best Regards / S pozdravem,
Stanislav Brabec
software developer
-
SUSE LINUX, s. r. o. e-mail: [EMAIL PROTECTED]
Lihovarská 1060/12
Ludovic Rousseau wrote:
> 2007/11/12, Stanislav Brabec <[EMAIL PROTECTED]>:
> > I am maintaining Smart Card packages in OpenSUSE.
> >
> > To simplify understanding of Smart Card protocols and implementation, I
> > prepared a dependency and protocol diagram.
&
for card to application dependencies.
It currently contains SuSE specific names of packages, but
"desusification" would be trivial. Then it might be included to the
upstream documentation.
--
Best Regards / S pozdravem,
Stanislav Brabec
software
49 matches
Mail list logo
