Page MenuHomeFreeBSD

security/gnupg: add the --shared-access option to scdaemon
ClosedPublic

Authored by asomers on Thu, Nov 21, 2:10 AM.

Details

Summary

security/gnupg: add the --shared-access option to scdaemon

gnupg's scdaemon opens smart cards in exclusive mode, which prevents other
applications (such as PKCS#11 libraries) from concurrently accessing the
card). Upstream refuses to fix the problem. This commit adds a
--shared-access option to scdaemon. When enabled, scdaemon will access the
smart card in shared mode, playing nicely with other applications. The
default behavior is unchanged.

See Also:
https://github.com/GPGTools/MacGPG2/commit/d6cb8039a0cdc74b9bdd89a3dfa93248aa2c4100
https://dev.gnupg.org/T3267
https://dev.gnupg.org/D320
https://github.com/OpenSC/OpenSC/issues/953

Obtained-from: GPGTools

Diff Detail

Repository
rP FreeBSD ports repository
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

asomers created this revision.Thu, Nov 21, 2:10 AM
adamw accepted this revision.Thu, Nov 21, 6:21 PM

I haven't tested this (I have no way of actually testing it), so I'm relying on you there. You definitely have my approval to commit this whenever you're ready.

This revision is now accepted and ready to land.Thu, Nov 21, 6:21 PM
adamw added a comment.Thu, Nov 21, 6:23 PM

I guess I should add to please make sure that make -C ${WRKSRC} check completes successfully.

What is the status of this patch? What help can I be of here? I'll hold off on updating to 2.2.18 (just released) so as not to interfere here.

It's ready to go, but I had one more question at https://reviews.freebsd.org/D22492 . I was waiting for your answer, not because it's strictly required but just in case you had something surprising to say.

This revision was automatically updated to reflect the committed changes.