[Pcsclite-muscle] Compatibility of pcscd and libpcsclite
Ludovic Rousseau
ludovic.rousseau at gmail.com
Fri Oct 4 05:44:03 PDT 2024
Le ven. 4 oct. 2024 à 13:07, Andreas Schwier
<andreas.schwier at cardcontact.de> a écrit :
>
> Hi Ludovic,
Hello Andreas,
> for SmartCard-HSM users that want to use the device in a docker
> container, we usually recommend to pass the pcscd socket into the
> container and use libpcsclite in the container to access the daemon.
> That works quite well.
>
> We now wanted to do the same for an EJBCA image, which is based on
> AlmaLinux (a Redhat derivate). But here we are seeing a compatibility
> issue between the pcscd daemon running on the host (Debian 12 bookworm)
> and libpcsclite installed in the container.
>
> The artifacts are pretty close regarding version numbers:
>
> AlmaLinux release 9.4 (Seafoam Ocelot)
> pcsc-lite-libs;1.9.4-1.el9;x86_64;baseos
>
> Debian 12 Bookworm
> libpcsclite1/stable,now 1.9.9-2 amd64 [installed,automatic]
> pcscd/stable,now 1.9.9-2 amd64 [installed]
>
> If we copy the libpcsclite from Debian 12 into the AlmaLinux container
> it works. If we use the libpcsclite from AlmaLinux, the lib hangs
> immediately after opening the socket:
>
> [pid 2216] openat(AT_FDCWD,
> "/root/tmp/sc-hsm-embedded/pkcs11-2215.log", O_RDWR|O_CREAT|O_APPEND,
> 0666) = -1 ENOENT (No such file or directory)
> Can't create: '/root/tmp/sc-hsm-embedded/pkcs11-2215.log'.
> [pid 2216] readlink("/proc/self/exe",
> "/usr/lib/jvm/java-11-slim/bin/ja"..., 1023) = 34
> [pid 2216] newfstatat(AT_FDCWD, "/run/pcscd/pcscd.comm",
> {st_mode=S_IFSOCK|0666, st_size=0, ...}, 0) = 0
>
> The daemon logs:
>
> 99999999 [140042913912832] winscard_msg_srv.c:256:ProcessEventsServer()
> Common channel packet arrival
> 00000022 [140042913912832] winscard_msg_srv.c:267:ProcessEventsServer()
> ProcessCommonChannelRequest detects: 12
> 00000004 [140042913912832] pcscdaemon.c:133:SVCServiceRunLoop() A new
> context thread creation is requested: 12
> 00000069 [140042880063168] winscard_svc.c:340:ContextThread() Authorized
> PC/SC client
> 00000022 [140042880063168] winscard_svc.c:343:ContextThread() Thread is
> started: dwClientID=12, threadContext @0x5580cd0f5ca0
> 00000004 [140042880063168] winscard_svc.c:361:ContextThread() Received
> command: CMD_VERSION from client 12
> 00000002 [140042880063168] winscard_svc.c:373:ContextThread() Client is
> protocol version 4:4
> 00000001 [140042880063168] winscard_svc.c:396:ContextThread()
> CMD_VERSION for client 12, rv=SCARD_S_SUCCESS
> 00000016 [140042880063168] winscard_svc.c:361:ContextThread() Received
> command: ESTABLISH_CONTEXT from client 12
> 00000003 [140042880063168] winscard.c:215:SCardEstablishContext()
> Establishing Context: 0x24AC325B
> 00000001 [140042880063168] winscard_svc.c:465:ContextThread()
> ESTABLISH_CONTEXT for client 12, rv=SCARD_S_SUCCESS
> 00000008 [140042880063168] winscard_svc.c:361:ContextThread() Received
> command: CMD_GET_READERS_STATE from client 12
>
>
> Is there any statement of compatibility between daemon and library ? Or
> is this some specific issue with the Redhat compile vs Debian compile ?
>
> Is there any way to further diagnose the issue in libpcsclite ?
It looks like the problem described in "Fedora, flatpak and pcsc-lite"
https://blog.apdu.fr/posts/2022/02/fedora-flatpak-and-pcsc-lite/
Bye
--
Dr. Ludovic Rousseau
More information about the pcsclite-muscle
mailing list