Subject: Re: scb and PuTTY - msg#00120

Previous Message by Date: click to view message preview

Is this a problem?

Hello All. After <openct-control init> on Intel based motherboard OpenCT see my eToken but in system console "ttyv0" & in /var/log/messages : May 13 14:56:00 gate kernel: ugen0: AKS eToken Pro 4254, rev 1.00/1.00, addr 2 May 13 14:56:09 gate login: ROOT LOGIN (root) ON ttyv1 May 13 14:56:14 gate kernel: icmp redirect from 195.138.65.81: 195.138.84.34 => 195.138.84.34 May 13 14:56:17 gate kernel: ugenpoll: no edesc May 13 14:56:17 gate last message repeated 186 times May 13 14:56:17 gate kernel: sc May 13 14:56:17 gate kernel: ugenpoll: no edesc May 13 14:56:17 gate last message repeated 52 times May 13 14:56:17 gate kernel: ugenpoll: no sc May 13 14:56:17 gate kernel: ugenpoll: no edesc May 13 14:56:18 gate last message repeated 3896 times May 13 14:56:18 gate kernel: sc May 13 14:56:18 gate kernel: ugenpoll: no edesc May 13 14:56:18 gate last message repeated 52 times May 13 14:56:18 gate kernel: ugenpoll: no sc May 13 14:56:18 gate kernel: ugenpoll: no edesc May 13 14:56:18 gate last message repeated 1769 times May 13 14:56:18 gate kernel: sc May 13 14:56:18 gate kernel: ugenpoll: no edesc May 13 14:56:18 gate last message repeated 52 times .......cut a lot of lines..... but : gate# less /usr/local/etc/openct.conf # Set debug level debug = 0; # # Enable hot plugging hotplug = yes; # # Path to ifdhandler ifdhandler = /usr/local/sbin/ifdhandler; ..........cut other lines........ gate# openct-tool list 0 Aladdin eToken PRO gate#openct-tool atr Detected Aladdin eToken PRO Card present, status changed ATR: 3b f2 98 00 ff c1 10 31 fe 55 c8 03 15 gate# openct-tool mf Detected Aladdin eToken PRO Card present, status changed Selected MF, response: 0000: 6f 1f 81 02 69 e4 82 06 38 21 00 fe 00 00 83 02 o...i...8!...... 0010: 3f 00 85 03 01 04 00 86 08 00 00 00 00 00 00 ff ?............... 0020: 00 90 00 ... And OpenSC work (may be not good work?) gate# opensc-tool -a 3b:f2:98:00:ff:c1:10:31:fe:55:c8:03:15 gate# opensc-tool -l Readers known about: Nr. Driver Name 0 openct Aladdin eToken PRO 1 openct OpenCT reader (detached) 2 openct OpenCT reader (detached) 3 openct OpenCT reader (detached) 4 openct OpenCT reader (detached) Any idea? Valera TNX ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.

Next Message by Date: click to view message preview

Re: Is this a problem?

Hello Valera, I ran into these messages also, the polling for a disconnect event on a ugen device fails and resuls in a working however spinning ifdhandler proces. Tweeking the ugen kernel module at "no edesc" related if condition in the ugenpoll function, in the ugen.c driver file, just a little did the trick for me: For example: if (!sce->edesc) { if (!(events & POLLHUP)) { printf("ugenpoll: no edesc\n");" return (EIO); } return revents; } More recent versions of the ugen driver do not seem to have this problem. Regards, William Wanders. On Fri, May 13, 2005 at 03:12:32PM +0300, karakurty@xxxxxxxxxxxxxxxxx wrote: > Hello All. > > After <openct-control init> on Intel based motherboard OpenCT see my eToken > but > in system console "ttyv0" & in /var/log/messages : > > May 13 14:56:00 gate kernel: ugen0: AKS eToken Pro 4254, rev 1.00/1.00, addr 2 > May 13 14:56:09 gate login: ROOT LOGIN (root) ON ttyv1 > May 13 14:56:14 gate kernel: icmp redirect from 195.138.65.81: 195.138.84.34 > => > 195.138.84.34 > May 13 14:56:17 gate kernel: ugenpoll: no edesc > May 13 14:56:17 gate last message repeated 186 times > May 13 14:56:17 gate kernel: sc > May 13 14:56:17 gate kernel: ugenpoll: no edesc > May 13 14:56:17 gate last message repeated 52 times > May 13 14:56:17 gate kernel: ugenpoll: no sc > May 13 14:56:17 gate kernel: ugenpoll: no edesc > May 13 14:56:18 gate last message repeated 3896 times > May 13 14:56:18 gate kernel: sc > May 13 14:56:18 gate kernel: ugenpoll: no edesc > May 13 14:56:18 gate last message repeated 52 times > May 13 14:56:18 gate kernel: ugenpoll: no sc > May 13 14:56:18 gate kernel: ugenpoll: no edesc > May 13 14:56:18 gate last message repeated 1769 times > May 13 14:56:18 gate kernel: sc > May 13 14:56:18 gate kernel: ugenpoll: no edesc > May 13 14:56:18 gate last message repeated 52 times > .......cut a lot of lines..... > > > but : > > gate# less /usr/local/etc/openct.conf > # Set debug level > debug = 0; > # > # Enable hot plugging > hotplug = yes; > # > # Path to ifdhandler > ifdhandler = /usr/local/sbin/ifdhandler; > ..........cut other lines........ > > gate# openct-tool list > 0 Aladdin eToken PRO > > gate#openct-tool atr > Detected Aladdin eToken PRO > Card present, status changed > ATR: 3b f2 98 00 ff c1 10 31 fe 55 c8 03 15 > > gate# openct-tool mf > Detected Aladdin eToken PRO > Card present, status changed > Selected MF, response: > 0000: 6f 1f 81 02 69 e4 82 06 38 21 00 fe 00 00 83 02 o...i...8!...... > 0010: 3f 00 85 03 01 04 00 86 08 00 00 00 00 00 00 ff ?............... > 0020: 00 90 00 ... > > And OpenSC work (may be not good work?) > gate# opensc-tool -a > 3b:f2:98:00:ff:c1:10:31:fe:55:c8:03:15 > > gate# opensc-tool -l > Readers known about: > Nr. Driver Name > 0 openct Aladdin eToken PRO > 1 openct OpenCT reader (detached) > 2 openct OpenCT reader (detached) > 3 openct OpenCT reader (detached) > 4 openct OpenCT reader (detached) > > > > Any idea? > > Valera > TNX > > > ---------------------------------------------------------------- > This message was sent using IMP, the Internet Messaging Program. > > _______________________________________________ > opensc-devel mailing list > opensc-devel@xxxxxxxxxx > http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel

Previous Message by Thread: click to view message preview

Re: scb and PuTTY

On Tuesday 10 May 2005 11:14 pm, Peter Stuge wrote: > On Tue, May 10, 2005 at 05:26:52PM -0400, Kevin Stefanik wrote: > > First attempt at a 0.58 patch attached - sorry I missed the scb 0.3 > > release. > > Looks good although I haven't tried it. > > One question, what is the local_run stuff? Is it related to PKCS#11 > in any way or is it just an extra feature that you maintain locally? > > If it is, would you be willing to split the patch into two? I think > we could have better success getting it accepted if it is as small > as possible. That is a nasty hack that could easily be taken out. It's just used, for example, to launch a local web browser after logging in and establishing tunnels. Some users need actual ssh shell access and others don't, so it was easier for me to put both capabilities into putty than use both putty and scripts with plink. It could definitely be removed with about 30 seconds of work if that would help get the patch accepted. > > > > > > A related question; Has there been any contact with the PuTTY > > > > > maintainers with regard to smartcard support? > > > > I sent the original patch to them and they asked that it be > > incorporated into pageant instead. I did so, and forwarded them > > the patch, but that was a year or two ago and I have not heard from > > them since. > > Ok! Thanks for the comment. That certainly was a while ago. Perhaps > I'll try sending them a quick question about it too. > The updating that's been required has all just been a matter of moving some code around... if it were incorporated into the main branch, it really would be next to no burden on them, and much less on us, so I'm all for getting it in. If they mention anything that I can do, just let me know. I do have some preliminary code that even moves most of what's in sshscard.c out into a reusable, dynamically loadable library if that's of help (see libezp11 stuff in /contrib for samples of the library). Thanks, Kevin

Next Message by Thread: click to view message preview

Re: [opensc-user] Signing files with german qualified sig sc's and pkcs15-crypt?

On Sunday 01 May 2005 17:15, od@xxxxxxxxxxxx wrote: > Does somebody know wich parts are missing or if there is another working > solution for cli file signing with german EID Cards. Maybe something based > on pcsc, scez, libchipcard or gpgsm...? > > If there is no known working solution, what would have to be done to > include missing parts in tcos support? To use blank cards we need a card driver (basic card commands etc.) and a pkcs15init driver (that understands the security model and can create the pkcs15 structure with a secure setup). For national id cards we need a card driver, too, and a pkcs15syn driver - those cards are not in pkcs#15 format, so we need an emulation that knows the proprietory format and creates internal structure to hide that stuff. we have code for the basic commands. And there was code for opensc 0.7 for pkcs15init, but after the big pkcs15 rewrite in 0.8 noone ported it forward. I thought we had no pkcs#15 emulation for german eid cards? or are they in pkcs#15 format? strange. I guess everyone knows more about the sitation than I do, can someone add the missing pieces? Andreas p.s. if pkcs15-tool works, please try pkcs15-crypt and/or pkcs11-tool. If those work too, we have a working card :-)