From: Ray Strode
When a process in a guest uses an emulated smartcard, libcacard running
on the host passes the PIN from the guest to the PK11_Authenticate NSS
function. The first time PK11_Authenticate is called the passed in PIN
is used to unlock the certificate database. Subsequent calls to
From: Ray Strode
commit 57f97834efe0c208ffadc9d2959f3d3d55580e52 cleaned up
the cac_applet_pki_process_apdu function to have a single
exit point. Unfortunately, that commit introduced a bug
where the sign buffer can get free'd and nullified while
it's still being used.
This commit co
From: Ray Strode
vcard_emul_reset currently only logs NSS out, but there is a TODO
for potentially sending insertion/removal events when powering down
or powering up.
For clarity, this commit moves the current guts of vcard_emul_reset to
a new vcard_emul_logout function which will never send
From: Ray Strode
The first two patches are resends from last year that have already
been reviewed and just need to be pulled in.
The third patch is something I ran into a few days ago when trying
to set up kerberos (preauthentication with pkinit) in a guest.
Ray Strode (3):
libcacard
From: Ray Strode
vcard_emul_reset currently only logs NSS out, but there is a TODO
for potentially sending insertion/removal events when powering down
or powering up.
For clarity, this commit moves the current guts of vcard_emul_reset to
a new vcard_emul_logout function which will never send
From: Ray Strode
When a process in a guest uses an emulated smartcard, libcacard running
on the host passes the PIN from the guest to the PK11_Authenticate NSS
function. The first time PK11_Authenticate is called the passed in PIN
is used to unlock the certificate database. Subsequent calls to
This updated patch series includes Reviewed-By lines from Alon Levy and Robert
Relyea,
and also improves the accuracy of the second commit message. This set should be
ready to merge.
Back story is that I started writing a blog post about virtualized smartcards
here:
https://blogs.gnome.org/hal
Hi,
On Mon, Sep 9, 2013 at 2:19 PM, Robert Relyea wrote:
> ack... The original problem is a little worse than ray says. It's not a
> 60 second window, it's pretty much anytime until the card is explicitly
> logged out. Ray's patch will fix this.
Okay, I'll resend the patch series with an improved
From: Ray Strode
vcard_emul_reset currently only logs NSS out, but there is a TODO
for potentially sending insertion/removal events when powering down
or powering up.
For clarity, this commit moves the current guts of vcard_emul_reset to
a new vcard_emul_logout function which will never send
I started writing a blog post yesterday about virtualized smartcards here:
https://blogs.gnome.org/halfline/2013/09/08/another-smartcard-post/
and while testing what I was writing I noticed an invalid PIN worked when
it shouldn't have. It turns out that typing a valid PIN once in one program in
t
From: Ray Strode
When a process in a guest uses an emulated smartcard, libcacard passes
the PIN from the guest to the PK11_Authenticate NSS function. The first
time PK11_Authenticate is called the passed in PIN is used to unlock the
certificate database. Subsequent calls to PK11_Authenticate
11 matches
Mail list logo
