Commit 90403d09 authored by Dimitri Puzin's avatar Dimitri Puzin

add pcsc-lite 1.8.13-1 from testing

parent 35376281
Main authors:
- David Corcoran <corcoran@musclecard.com>
- Ludovic Rousseau <ludovic.rousseau@free.fr>
- Damien Sauveron <sauveron@labri.fr>
Additional code by:
- Carlos Prados <cprados@yahoo.com>
- Antti Tapaninen <aet@cc.hut.fi>
- and some others
Copyright (c) 1999-2003 David Corcoran <corcoran@musclecard.com>
Copyright (c) 2001-2011 Ludovic Rousseau <ludovic.rousseau@free.fr>
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. The name of the author may not be used to endorse or promote products
derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Some files are under GNU GPL v3 or any later version
- doc/example/pcsc_demo.c
- the files in src/spy/
- the files in UnitaryTests/
Copyright (C) 2003-2014 Ludovic Rousseau
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Files src/auth.c and src/auth.h are:
* Copyright (C) 2013 Red Hat
*
* All rights reserved.
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
* OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
* THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
* DAMAGE.
*
* Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Files src/sd-daemon.c and src/sd-daemon.h are:
Copyright 2010 Lennart Poettering
Permission is hereby granted, free of charge, to any person
obtaining a copy of this software and associated documentation files
(the "Software"), to deal in the Software without restriction,
including without limitation the rights to use, copy, modify, merge,
publish, distribute, sublicense, and/or sell copies of the Software,
and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
Files src/simclist.c and src/simclist.h are:
* Copyright (c) 2007,2008,2009,2010,2011 Mij <mij@bitchx.it>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
File src/strlcpy.3, src/strlcat.c and src/strlcpy.c is:
* Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
This diff is collapsed.
This diff is collapsed.
DRIVERS
To install USB drivers, download the driver from
http://musclecard.com/software.html and copy it to a temporary location.
After you have unarchived the files copy the directory to
/usr/local/pcsc/drivers/. If the directory /usr/local/pcsc/drivers/
does not exist create it before copying the driver directory to it.
Example Mac OS X, Linux 2.4:
tar -xzvf driver.bundle-0.1.0.tar.gz
cp -r driver.bundle /usr/local/pcsc/drivers/
cd /usr/local/pcsc/drivers/driver.bundle
build or use Project Builder to build
The /usr/local/pcsc/drivers/ directory should contain bundle directories only.
You must restart pcscd to use the new driver.
All OS's:
For non-USB users, you must edit the /etc/reader.conf file.
You can do this easily by running the installifd program in the utils/
directory of pcsc-lite. Some newer drivers require you to specify 1 as the
port and then make a symlink from /dev/pcsc/1 to /dev/ttyS* so you can
enumerate your ports on any Unix without changing the driver.
Refer to the driver README for more information.
$Id: DRIVERS 6851 2014-02-14 15:43:32Z rousseau $
This diff is collapsed.
General questions:
Contact the mailing list muscle@lists.musclecard.com
(you must subscribe first at http://musclecard.com/list.html)
Contract work:
For interested parties, I am available part time for contract based work
developing drivers, middleware, and applications for a variety of
platforms based upon smart cards and cryptographic tokens.
My current hardware platforms are: Linux, Solaris, BSD,
Mac OS, and HP-UX
This diff is collapsed.
SUBDIRS = src etc doc
fix-rights:
$(MAKE) -C src $@
ACLOCAL_AMFLAGS = -I m4
DISTCHECK_CONFIGURE_FLAGS = \
--with-systemdsystemunitdir=$$dc_install_base/$(systemdsystemunitdir)
EXTRA_DIST = \
GPL-3.0.txt \
bootstrap \
ChangeLog.svn \
DRIVERS SECURITY \
HELP \
m4/ax_pthread.m4 \
m4/as-ac-expand.m4
DISTCLEANFILES = ChangeLog.svn
ChangeLog.svn:
-svn2cl --group-by-day --stdout --include-rev --reparagraph | perl -pe \
's/ corcoran-guest/ David Corcoran/; \
s/ corcoran/ David Corcoran/; \
s/ oznet/ Chris Osgood/; \
s/ cprados/ Carlos Prados/; \
s/ mikeg/ Michael Gile/; \
s/ rousseau/ Ludovic Rousseau/; \
s/ giraud/ Jean-Luc Giraud/; \
s/ aet-guest/ Antti Tapaninen/; \
s/ sauveron-guest/ Damien Sauveron/; \
s+trunk/PCSC/++g;' > $@
This diff is collapsed.
Read the ChangeLog file for news.
Title : PCSC Lite
Authors : David Corcoran, Ludovic Rousseau
Version : 1.2.9-beta10
License : See file COPYING
Document: docs/pcsc-lite.pdf
docs/ifdhandler-3.pdf
Requires: A C compiler
Make, linker tools
Lex (Lexical Analyzer).
Tested Platforms:
Linux 2.4 (Redhat 7.1, Suse 7.1/7.2, Debian 3.0)
Mac OS X 10.2, 10.3
FreeBSD, NetBSD, OpenBSD
Solaris 8 / 9
Tru64 UNIX 5.1B
AIX 4.3, 5.2
HP-UX 11
Welcome to PCSC Lite. The purpose of PCSC Lite is to
provide a Windows(R) SCard interface in a very small form factor for
communicating to smart cards and readers. PCSC Lite can be compiled
directly to a desired reader driver or can be used to dynamically
allocate/deallocate reader drivers at runtime (default).
PCSC Lite uses the same winscard API as used under Windows(R).
For security aware persons please read the SECURITY file on possible
vulnerabilites to pcsclite, how you can fix some, and how some will
be fixed.
For information on how to install driver please read the DRIVERS file.
Memory cards are supported through MCT specifications which is an APDU
like manner sent normally through the SCardTransmit() function. This
functionality is done in the driver.
INSTALLATION:
Installation is simple. Type ./configure and then make and make install.
Options:
./configure
--enable-libusb Enable USB libusb support
(on Linux, *BSD, etc.).
--enable-usbdropdir=DIR directory containing USB drivers
(default /usr/local/pcsc/drivers)
--disable-musclecarddebug Disable MuscleCard debugging messages
--enable-debugatr Enable ATR parsing debug output
--enable-scf use SCF for reader support
--prefix=location Install to <location>
--enable-confdir=DIR Use DIR as the configuration directory
(/etc by default)
--enable-runpid=FILE Store the daemon pid in file FILE
--enable-ipcdir=DIR directory containing IPC files
(default /var/run)
By running pcscd under a priveledged account you can link to
libpcsclite.so and it will act as a client to the pcscd allowing multiple
applications to be run under non-priveledged accounts.
Then type make install to copy etc/reader.conf to
/etc/reader.conf and the libraries to /usr/local/lib. If you choose
not to have your reader.conf in /etc then use --enable-confdir=DIR
You must be root to do make install in the default locations.
Be sure to edit the /etc/reader.conf file to fit your needs and make sure
your IFD Handler driver is located in the path specified as LIBRARYPATH
in reader.conf. If you are using a reader with multiple smart card slots
all you have to do is define a different FRIENDLYNAME in the reader.conf
for each reader. Both will have the same information otherwise.
There is an config file generator in the utils directory. It is called
installifd. You may use this to generate the /etc/reader.conf file.
USB users shall not use /etc/reader.conf. pcscd will give
a warning that the file does not exist or contain anything useful.
There is a test program with this package:
testpcsc: Linked to libpcsclite. Must run /usr/local/pcsc/bin/pcscd
and then ./testpcsc. pcscd must be run as root or a hardware
priveledged user. ./testpcsc can be run under any account.
LIBUSB SUPPORT:
Versions after 1.2.0 support libusb. Available on GNU/Linux and *BSD.
If you do not have libusb (or do not want to use it) on your system you
should use --disable-libusb. If you use --disable-libusb under Linux the
old USB code will be used instead.
In order to use dynamic driver loading, you need to supply a directory
called "XXXX.bundle" in the usb dropdir directory (--enable-usbdropdir=PATH).
Here, the string "XXXX" stands for an arbitrary driver name, like in
"ifd-GemPC430.bundle". An example .bundle-directory can be found in the
source distribution of the ifd-gempc driver
(http://ludovic.rousseau.free.fr/softwares/ifd-GemPC/)
SOLARIS:
Solaris PC/SC applications must link with -lsocket since
the libraries are not statically linked.
QUESTIONS:
The API documentation is provided in PDF format under the docs
directory. For questions, please email me at:
<David Corcoran> corcoran@musclecard.com
On some plateforms (GNU/Linux on mips and mipsel, FreeBSD and possibly
other *BSD suystems) you must use:
$ ./configure LDFLAGS="-lpthread"
$Id: README 6851 2014-02-14 15:43:32Z rousseau $
pcsc-lite
=========
pcsc-lite for devuan
SECURITY
This file discusses security related issues with pcsc-lite and how to
handle them.
Sometimes it is dangerous to run daemons under a root account. If there is
a chance to exploit a buffer overflow you can protect sensitive information
by running it under a different account. It might be useful to create another
user with hardware priveledges and run pcscd as that user. Be sure this user
can manipulate the server sockets.
Application suggestions:
Make sure you Disconnect when you are not using the reader. Also be sure to
ReleaseContext before exiting your program.
- include Apple patches and improvements (if possible/needed)
- allow to have pcscd and libpcsclite on two different machines.
That would be needed to support remote PAM login.
Maybe use unix2tcp (http://dizzy.roedu.net/unix2tcp/)
- manage power suspend/resume (in a laptop for example) and coordinate
with the driver (when/if possible)
April 2011
This diff is collapsed.
#! /bin/sh
# Wrapper for Microsoft lib.exe
me=ar-lib
scriptversion=2012-01-30.22; # UTC
# Copyright (C) 2010, 2012 Free Software Foundation, Inc.
# Written by Peter Rosin <peda@lysator.liu.se>.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# This file is maintained in Automake, please report
# bugs to <bug-automake@gnu.org> or send patches to
# <automake-patches@gnu.org>.
# func_error message
func_error ()
{
echo "$me: $1" 1>&2
exit 1
}
file_conv=
# func_file_conv build_file
# Convert a $build file to $host form and store it in $file
# Currently only supports Windows hosts.
func_file_conv ()
{
file=$1
case $file in
/ | /[!/]*) # absolute file, and not a UNC file
if test -z "$file_conv"; then
# lazily determine how to convert abs files
case `uname -s` in
MINGW*)
file_conv=mingw
;;
CYGWIN*)
file_conv=cygwin
;;
*)
file_conv=wine
;;
esac
fi
case $file_conv in
mingw)
file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'`
;;
cygwin)
file=`cygpath -m "$file" || echo "$file"`
;;
wine)
file=`winepath -w "$file" || echo "$file"`
;;
esac
;;
esac
}
# func_at_file at_file operation archive
# Iterate over all members in AT_FILE performing OPERATION on ARCHIVE
# for each of them.
# When interpreting the content of the @FILE, do NOT use func_file_conv,
# since the user would need to supply preconverted file names to
# binutils ar, at least for MinGW.
func_at_file ()
{
operation=$2
archive=$3
at_file_contents=`cat "$1"`
eval set x "$at_file_contents"
shift
for member
do
$AR -NOLOGO $operation:"$member" "$archive" || exit $?
done
}
case $1 in
'')
func_error "no command. Try '$0 --help' for more information."
;;
-h | --h*)
cat <<EOF
Usage: $me [--help] [--version] PROGRAM ACTION ARCHIVE [MEMBER...]
Members may be specified in a file named with @FILE.
EOF
exit $?
;;
-v | --v*)
echo "$me, version $scriptversion"
exit $?
;;
esac
if test $# -lt 3; then
func_error "you must specify a program, an action and an archive"
fi
AR=$1
shift
while :
do
if test $# -lt 2; then
func_error "you must specify a program, an action and an archive"
fi
case $1 in
-lib | -LIB \
| -ltcg | -LTCG \
| -machine* | -MACHINE* \
| -subsystem* | -SUBSYSTEM* \
| -verbose | -VERBOSE \
| -wx* | -WX* )
AR="$AR $1"
shift
;;
*)
action=$1
shift
break
;;
esac
done
orig_archive=$1
shift
func_file_conv "$orig_archive"
archive=$file
# strip leading dash in $action
action=${action#-}
delete=
extract=
list=
replace=
create=
while test -n "$action"
do
case $action in
d*) delete=yes ;;
x*) extract=yes ;;
t*) list=yes ;;
r*) replace=yes ;;
c*) create=yes ;;
u*) ;; # TODO: don't ignore the update modifier
v*) ;; # TODO: don't ignore the verbose modifier
*)
func_error "unknown action specified"
;;
esac
action=${action#?}
done
case $delete$extract$list$replace in
yes)
;;
yesyes*)
func_error "more than one action specified"
;;
*)
func_error "no action specified"
;;
esac
if test -n "$delete"; then
if test ! -f "$orig_archive"; then
func_error "archive not found"
fi
for member
do
case $1 in
@*)
func_at_file "${1#@}" -REMOVE "$archive"
;;
*)
func_file_conv "$1"
$AR -NOLOGO -REMOVE:"$file" "$archive" || exit $?
;;
esac
done
elif test -n "$extract"; then
if test ! -f "$orig_archive"; then
func_error "archive not found"
fi
if test $# -gt 0; then
for member
do
case $1 in
@*)
func_at_file "${1#@}" -EXTRACT "$archive"
;;
*)
func_file_conv "$1"
$AR -NOLOGO -EXTRACT:"$file" "$archive" || exit $?
;;
esac
done
else
$AR -NOLOGO -LIST "$archive" | sed -e 's/\\/\\\\/g' | while read member
do
$AR -NOLOGO -EXTRACT:"$member" "$archive" || exit $?
done
fi
elif test -n "$replace"; then
if test ! -f "$orig_archive"; then
if test -z "$create"; then
echo "$me: creating $orig_archive"
fi
orig_archive=
else
orig_archive=$archive
fi
for member
do
case $1 in
@*)
func_file_conv "${1#@}"
set x "$@" "@$file"
;;
*)
func_file_conv "$1"
set x "$@" "$file"
;;
esac
shift
shift
done
if test -n "$orig_archive"; then
$AR -NOLOGO -OUT:"$archive" "$orig_archive" "$@" || exit $?
else
$AR -NOLOGO -OUT:"$archive" "$@" || exit $?
fi
elif test -n "$list"; then
if test ! -f "$orig_archive"; then
func_error "archive not found"
fi
$AR -NOLOGO -LIST "$archive" || exit $?
fi
#!/bin/sh
# I use
# - autoconf (GNU Autoconf) 2.64
# - automake (GNU automake) 1.11
# - libtool (GNU libtool) 2.2.6
set -e
set -x
if test -f Makefile; then
make distclean
fi
rm -rf *.cache *.m4 config.guess config.log \
config.status config.sub depcomp ltmain.sh
#(cat m4/*.m4 > acinclude.m4 2> /dev/null)
autoreconf --verbose --install
#! /bin/sh
# Wrapper for compilers which do not understand `-c -o'.
scriptversion=2009-10-06.20; # UTC
# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2009 Free Software
# Foundation, Inc.
# Written by Tom Tromey <tromey@cygnus.com>.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# This file is maintained in Automake, please report
# bugs to <bug-automake@gnu.org> or send patches to
# <automake-patches@gnu.org>.
case $1 in
'')
echo "$0: No command. Try \`$0 --help' for more information." 1>&2
exit 1;
;;
-h | --h*)
cat <<\EOF
Usage: compile [--help] [--version] PROGRAM [ARGS]
Wrapper for compilers which do not understand `-c -o'.
Remove `-o dest.o' from ARGS, run PROGRAM with the remaining
arguments, and rename the output as expected.
If you are trying to build a whole package this is not the