[Pcsclite-muscle] Compatibility of pcscd and libpcsclite

Andreas Schwier andreas.schwier at cardcontact.de
Fri Oct 4 03:53:40 PDT 2024 

Hi Ludovic,

for SmartCard-HSM users that want to use the device in a docker 
container, we usually recommend to pass the pcscd socket into the 
container and use libpcsclite in the container to access the daemon. 
That works quite well.

We now wanted to do the same for an EJBCA image, which is based on 
AlmaLinux (a Redhat derivate). But here we are seeing a compatibility 
issue between the pcscd daemon running on the host (Debian 12 bookworm) 
and libpcsclite installed in the container.

The artifacts are pretty close regarding version numbers:

AlmaLinux release 9.4 (Seafoam Ocelot)
pcsc-lite-libs;1.9.4-1.el9;x86_64;baseos

Debian 12 Bookworm
libpcsclite1/stable,now 1.9.9-2 amd64 [installed,automatic]
pcscd/stable,now 1.9.9-2 amd64 [installed]

If we copy the libpcsclite from Debian 12 into the AlmaLinux container 
it works. If we use the libpcsclite from AlmaLinux, the lib hangs 
immediately after opening the socket:

[pid  2216] openat(AT_FDCWD, 
"/root/tmp/sc-hsm-embedded/pkcs11-2215.log", O_RDWR|O_CREAT|O_APPEND, 
0666) = -1 ENOENT (No such file or directory)
Can't create: '/root/tmp/sc-hsm-embedded/pkcs11-2215.log'.
[pid  2216] readlink("/proc/self/exe", 
"/usr/lib/jvm/java-11-slim/bin/ja"..., 1023) = 34
[pid  2216] newfstatat(AT_FDCWD, "/run/pcscd/pcscd.comm", 
{st_mode=S_IFSOCK|0666, st_size=0, ...}, 0) = 0

The daemon logs:

99999999 [140042913912832] winscard_msg_srv.c:256:ProcessEventsServer() 
Common channel packet arrival
00000022 [140042913912832] winscard_msg_srv.c:267:ProcessEventsServer() 
ProcessCommonChannelRequest detects: 12
00000004 [140042913912832] pcscdaemon.c:133:SVCServiceRunLoop() A new 
context thread creation is requested: 12
00000069 [140042880063168] winscard_svc.c:340:ContextThread() Authorized 
PC/SC client
00000022 [140042880063168] winscard_svc.c:343:ContextThread() Thread is 
started: dwClientID=12, threadContext @0x5580cd0f5ca0
00000004 [140042880063168] winscard_svc.c:361:ContextThread() Received 
command: CMD_VERSION from client 12
00000002 [140042880063168] winscard_svc.c:373:ContextThread() Client is 
protocol version 4:4
00000001 [140042880063168] winscard_svc.c:396:ContextThread() 
CMD_VERSION for client 12, rv=SCARD_S_SUCCESS
00000016 [140042880063168] winscard_svc.c:361:ContextThread() Received 
command: ESTABLISH_CONTEXT from client 12
00000003 [140042880063168] winscard.c:215:SCardEstablishContext() 
Establishing Context: 0x24AC325B
00000001 [140042880063168] winscard_svc.c:465:ContextThread() 
ESTABLISH_CONTEXT for client 12, rv=SCARD_S_SUCCESS
00000008 [140042880063168] winscard_svc.c:361:ContextThread() Received 
command: CMD_GET_READERS_STATE from client 12


Is there any statement of compatibility between daemon and library ? Or 
is this some specific issue with the Redhat compile vs Debian compile ?

Is there any way to further diagnose the issue in libpcsclite ?

Andreas

-- 
     ---------    CardContact Systems GmbH
    |.##> <##.|   Schülerweg 38
    |#       #|   D-32429 Minden, Germany
    |#       #|   Phone +49 571 56149
    |'##> <##'|   http://www.cardcontact.de
     ---------    Registergericht Bad Oeynhausen HRB 14880
                  Geschäftsführer Andreas Schwier

More information about the pcsclite-muscle mailing list