CVS commit: pkgsrc/security/pcsc-lite

To: pkgsrc-changes%netbsd.org@localhost
Subject: CVS commit: pkgsrc/security/pcsc-lite
From: "Fredrik Pettai" <pettai%netbsd.org@localhost>
Date: Fri, 14 Dec 2012 23:50:37 +0000
Module Name:    pkgsrc
Committed By:   pettai
Date:           Fri Dec 14 23:50:37 UTC 2012

Modified Files:
        pkgsrc/security/pcsc-lite: Makefile PLIST buildlink3.mk distinfo
        pkgsrc/security/pcsc-lite/patches: patch-configure
            patch-src_Makefile.in
Added Files:
        pkgsrc/security/pcsc-lite/patches: patch-src_PCSC_reader.h
            patch-src_utils.c
Removed Files:
        pkgsrc/security/pcsc-lite: DEINSTALL INSTALL options.mk
        pkgsrc/security/pcsc-lite/patches: patch-aa patch-ab patch-ac
            patch-configure.in patch-src_Makefile.am patch-src_thread_unix.c

Log Message:
A major version bump gives a long changelog...

1.7.4:
- Fix a stupid bug from the previous version. T=1 cards were not
  working.

1.7.3:
- COPYING: Add my name as copyright holder
- hotplug libudev: support libudev >= 171
- hotplug libusb: Fix a memory leak
- pcscd: exit immediately in case of SIGTERM
  Closes Debian bug #620305 "pcscd slows down shutdown/restart"
- Send logs to stdout instead of stderr
  It is now possible to use tee(1) to redirect logs in a file without
  first redirecting stderr to stdout
- Add command line option -T, --color: force use of colored logs
  The idea is to have colored logs even if they are redirected to a file
  or a pipe.
- Define g_rgSCardT?Pci as const structures to be more Windows like
  I do not expect a regression or compilation problem in WinSCard API
  users but how knows...
- log at level PCSC_LOG_DEBUG instead of PCSC_LOG_ERROR to avoid filling
  the system log file
- Remove the deprecated define FEATURE_MCT_READERDIRECT (replaced by
  FEATURE_MCT_READER_DIRECT)
- better Hurd support
- some other minor improvements and bug corrections

1.7.2:
- fix a crash if a specific driver fails to work and no class driver is
  available

1.7.1
- use libudev only on Linux and libusb elsewhere. The configuration now
  works by default on GNU/kFreeBSD systems
- Try to use a (CCID) class driver if a specific driver fails to use the
  reader.
- fix a potential crash

1.7.0:
- use libudev instead of (the deprecated) libhal

1.6.7:
- better Mac OS X support
- Fix Alioth bug [#312960] SCardDisconnect when other context has transaction
- add support of multi-interfaces readers with libusb and not just libhal
- add a API tracing feature in the client side (#define DO_TRACE)
- allow the use of tracing and profiling features from different
  application threads
- fix a problem with a multi-slots reader
- fix minor problems detected by the clang tool
- some other minor improvements and bug corrections

1.6.6:
- SCardGetStatusChange(): fix a bug on 64-bits systems
- Fix another bug because of a regression in internal list manager

1.6.5:
- Power on the card _only_ if an application requests a connection.
  You can disable the feature using DISABLE_ON_DEMAND_POWER_ON in
  src/pcscd.h.in
  If DISABLE_AUTO_POWER_ON is defined then do not automatically power on
  the card. The card will be powered on on the first SCardConnect()
  See 
http://ludovicrousseau.blogspot.com/2010/10/card-auto-power-on-and-off.html
- SCardReconnect(): return SCARD_E_NO_SMARTCARD when card is removed and
  SCARD_W_UNRESPONSIVE_CARD when card is unresponsive instead of
  SCARD_E_PROTO_MISMATCH
- Install pcscd as sgid pcscd instead of suid root
  See http://ludovicrousseau.blogspot.com/2010/09/pcscd-auto-start.html
- SCardSetTimeout() is no more provided. This function is not provided
  by Microsoft and is deprecated since 2004 in pcsc-lite.
- SCardCancelTransaction() is no more provided. This function is not
  provided by Microsoft and is deprecated since 2005 in pcsc-lite.
- Parsing the CCID Info.plist (159 readers supported) was, on a i386
  machine, done in 264306 #s and is now done 5547 #s => gain x47 or 4600%
  See 
http://ludovicrousseau.blogspot.com/2010/08/ram-and-cpu-improvements-in-pcsc-lite.html
- It is now possible to configure the local socket name to use using the
  environment variable PCSCLITE_CSOCK_NAME
  See 
http://ludovicrousseau.blogspot.com/2010/11/pcsc-client-and-server-on-two-different.html
- Wait until all connected readers have a chance to power up a possibly
  inserted card before accepting clients.
- restrict pcscd features when not run by root (so using suid): APDU
  logging or setting parameters are disabled for example
- fix compilation problem on kfreebsd-* systems
- PCSC/reader.h: HOST_TO_CCID_16() and HOST_TO_CCID_32() are now
  identity functions
  Since libccid 1.4.1 (revision 5252) the byte order is no more important
- If you want to use IFDHCreateChannel() instead of
  IFDHCreateChannelByName() then do not use any DEVICENAME line in the
  configuration file. IFDHCreateChannel() will then be called with the
  CHANNELID parameter.
- the CHANNELID parameter can also be a decimal number.
- Remove the support of IFDHandler v1 API. I don't know any driver using
  this API.
  See 
http://ludovicrousseau.blogspot.com/2010/10/ifdhandler-version-1-support-removed.html
- avoids a buffer overflow with badly formed ATR
- some other minor improvements and bug corrections

1.6.4:
- Do not use sysconfdir as configuration directory but
  "${sysconfdir}/reader.conf.d" instead.
  Use --enable-confdir=DIR if you want to set a specific value without
  the "reader.conf.d" appended.

1.6.3:
- "/reader.conf.d" is only appended to sysconfdir if no value of
  sysconfdir is provided
- Define LPSCARD_READERSTATE since this is used in the MSDN prototype.
  Use LPSCARD_READERSTATE in winscard.h instead of (SCARD_READERSTATE *)
  to mimic the MSDN API.
- fix a pcscd crash when the application uses a PCSC handle after a
  fork. The crash was with openvpn.
- some other minor improvements and bug corrections

1.6.2:
- implement a "Forced suicide" mechanism.
  After 3 Ctrl-C without much reaction from pcscd (in fact the drivers)
  we force the suicide. Sometimes libusb is blocked in a kind of
  dead-lock and kill -9 was the only option.
- Add support of TAG_IFD_STOP_POLLING_THREAD to request the stop of the
  driver polling function.
- Avoid a division by 0. Closes [#312555] "simclist bug in pcsc-lite"
- if pcscd is stared by libpcsclite then close all file handles except
  stdin, stdout and stderr so that pcscd does not confiscate ressources
  allocated by the application
- in case of auto exit create a new session so that Ctrl-C on the
  application will not also quit pcscd
- src/hotplug_libusb.c: port from libusb-0.1 to libusb-1.0
- default configuration is now $sysconfdir/reader.conf.d
- fix crash with empty config dir
- src/PCSC/winscard.h: Remove definitions of SCARD_READERSTATE_A
  PSCARD_READERSTATE_A and LPSCARD_READERSTATE_A types
- some other minor improvements and bug corrections

1.6.1:
- SCardControl(): do not check for card events since we are talking to
  the reader not the card. A smart card removal should not make
  SCardControl() fail with SCARD_W_REMOVED_CARD
- pcscd do not timeout any more after 2 minutes of inactivity. If the
  other side of the socket dies we will get an error from the kernel.
  The problem was that if a client does nothing during
  PCSCLITE_READ_TIMEOUT (120 seconds by default) then pcscd considers it
  as a dead client and closes the connection. I guess this problem was
  present since the first version of pcsc-lite but nobody complained
  before.
- pcscd: do not return before most of the initialisation are done
  correctly. The idea is that pcscd can return an error code if the
  daemon fails to start correctly (hald not started for example).
  Before the patch pcscd became a daemon, then returned 0 (success) and
  then continued with the initialisation. If the initialisation failed
  it was too late to return an error code. The /etc/init.d/pcscd script
  was not aware of the failure.
  Closes https://bugzilla.redhat.com/show_bug.cgi?id=580321
  "/usr/sbin/pcscd exit codes broken"
- src/hotplug_libusb.c: Add a synchronisation so that if pcscd is auto
  started the initial reader list is available before the server takes
  commands from clients.
  Before the change early calls of SCardListReaders() returned an empty
  list of readers even if a reader was connected.
- SCardConnect() & SCardReconnect(): do not reset the cardProtocol in
  SCARD_SHARE_DIRECT case since the card have _not_ been reseted. A new
  PPS negociation would fail.
- Do not install files in /etc any more. Serial drivers are rare now.
- Avoids a crash if a client sends a unknown command.
- some other minor improvements and bug corrections

1.6.0:
- redesign the client/server communication:
  * no more shared memory used (allow pcscd and libpcsclite1.so to be on
  different computer and talk over a network)
  * no more difference between short and extended APDU
  * no more use of a /var/run/pcscd/pcscd.events/ directory. events are
  sent through the socket
  * simpler command format between client and server
  The side effect is that you are not able to mix an old pcscd with a
  new libpcsclite1.so or the reverse. SCardEstablishContext() will fail
  unless you update both sides of the communication.
- Use lists instead of fixed size arrays to store handles.
  It is now possible to have:
  - 200 simultaneous PC/SC clients instead of 16
  - 200 SCardConnect per client instead of 16
  - 200 clients per reader instead of 16
  The default value of 200 can be changed by giving an argument to pcscd
  --max-thread --max-card-handle-per-thread --max-card-handle-per-reader
- Make SCardReconnect(), SCardStatus() and SCardTransmit() block instead
  of returning SCARD_E_SHARING_VIOLATION immediately. These functions
  will then behave like on Windows.
  This can happen if these functions are called when the reader is
  locked by a PCSC transaction
  (SCardBeginTransaction/SCardEndTransaction).
  You can define the environment variable PCSCLITE_NO_BLOCKING to use
  the old behavior.
  http://archives.neohapsis.com/archives/dev/muscle/2010-q1/0041.html
- SCardEstablishContext(): try to start the pcscd daemon if not already
  running.
  . pcscd will suicide itself after 60 seconds of inactivity if it is
  started using --auto-exit. This is the default behavior when pcscd is
  started by libpcsclite
  . Set PCSCLITE_PCSCD_ARGS with the argument you want to pass to pcscd in
  autostart Only one argument is passed. The space character is not a
  separator. example: export PCSCLITE_PCSCD_ARGS=-dfa
- SCardListReaders(): can use SCARD_AUTOALLOCATE
- SCardGetAttrib(): return SCARD_E_INSUFFICIENT_BUFFER if the driver
  returns IFD_ERROR_INSUFFICIENT_BUFFER
  . add support of SCARD_ATTR_DEVICE_FRIENDLY_NAME as it is better
  implemented in pcscd (it knows the friendly name)
- SCardGetStatusChange(): Calling with cReaders == 0 will now just
  return SCARD_S_SUCCESS
  . Use the special reader name "\\?PnP?\Notification" to wait for a
  reader event notification
- SCardTransmit(): do not limit the minimum size of an APDU to 4 bytes.
  non ISO 7816-4 compliant cards (like Mifare DESFIRE) may use shorter
  commands
- SCardStatus(): returns SCARD_E_SHARING_VIOLATION if the reader is
  already used More conform to Windows
- PCSC/reader.h: update sruct PIN_PROPERTIES_STRUCTURE to be conform
  with Revision 2.02.06, April 2009 of PCSCv2 part 10 Fields
  wLcdMaxCharacters and wLcdMaxLines have been removed
  . rename FEATURE_MCT_READERDIRECT in FEATURE_MCT_READER_DIRECT to be
  conform with ch. 2.3 of PCSC v2 part 10
  . add FEATURE_GET_TLV_PROPERTIES and FEATURE_CCID_ESC_COMMAND from
  PC/SC part 10 v2.02.07 March 2010
  . Add PCSCv2_PART10_PROPERTY_* defines
- SCardControl() return SCARD_E_UNSUPPORTED_FEATURE if the driver
  returned IFD_ERROR_NOT_SUPPORTED or IFD_NOT_SUPPORTED This is used to
  separate an unsupported value of ControlCode from a general error
- Use the standard --sysconfdir=DIR ($prefix/etc by default) instead of
  --enable-confdir=DIR for defining the directory containing reader.conf
- remove SCF support (PC/SC over Smart Card Framework). I never used
  this feature and SCF is now dead and replaced by JSR 268
  (javax.smartcardio)
- Better handling of PCSCLITE_STATIC_DRIVER as can be used on platforms
  using #Clinux (without dynamic loader).  This is used to statically
  link the reader driver to pcscd. Since the link is static you must
  define the IFDHandler API version at compilation time. Either define
  IFDHANDLERv1, IFDHANDLERv2 or IFDHANDLERv3
- Use dynamic instead of static allocation for the driver library
  filename. The filename is no more limited to 100 characters.
  Closes: [#312332] MAX_LIBNAME too short?
- force the return codes SCARD_* to be long since the SCard* functions
  return a LONG type
- Add the ability to parse all the configuration files of a directory
  instead of just one configuration file. update-reader.conf is then now
  obsolete.
- Add --enable-embedded (default is no) to build pcsc-lite for an
  embedded system. This will activate the NO_LOG option to disable
  logging and limit RAM and disk consumption.
- If NO_LOG is defined then no log are displayed. The idea is to limit
  the binaries size on disk and RAM consumption at execution time.
  With NO_LOG defined we gain 26% (17 kB) for the .text segment of pcscd
  and 15% (4 kB) for the .text segment of libpcsclite.so (for i386)
- Define a minimal pcsc_stringify_error() if NO_LOG is defined. Only the
  error code in hex is displayed in this case.
  Gain: 2kB of .text (10%) for libpcsclite
- Add --disable-serial and --disable-usb options
  --disable-serial removes support of /etc/reader.conf gain: 8.0kB of
  .text (12%) and 160 bytes of .bss (4%) for pcscd
  --disable-usb removes support of USB hotplug gain: 9.7kB of .text
  (14%) and 960 bytes of .bss (23%) for pcscd
  If you use both options (and use a static driver configuration) gain:
  17.7kB of .text (26%) and 1152 bytes of .bss (28%) for pcscd
- Better support of Android
- some other minor improvements and bug corrections


To generate a diff of this commit:
cvs rdiff -u -r1.1 -r0 pkgsrc/security/pcsc-lite/DEINSTALL \
    pkgsrc/security/pcsc-lite/INSTALL
cvs rdiff -u -r1.12 -r1.13 pkgsrc/security/pcsc-lite/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/security/pcsc-lite/PLIST \
    pkgsrc/security/pcsc-lite/buildlink3.mk
cvs rdiff -u -r1.11 -r1.12 pkgsrc/security/pcsc-lite/distinfo
cvs rdiff -u -r1.1.1.1 -r0 pkgsrc/security/pcsc-lite/options.mk
cvs rdiff -u -r1.3 -r0 pkgsrc/security/pcsc-lite/patches/patch-aa \
    pkgsrc/security/pcsc-lite/patches/patch-ab
cvs rdiff -u -r1.5 -r0 pkgsrc/security/pcsc-lite/patches/patch-ac
cvs rdiff -u -r1.1 -r1.2 pkgsrc/security/pcsc-lite/patches/patch-configure
cvs rdiff -u -r1.1 -r0 pkgsrc/security/pcsc-lite/patches/patch-configure.in \
    pkgsrc/security/pcsc-lite/patches/patch-src_Makefile.am
cvs rdiff -u -r1.2 -r1.3 \
    pkgsrc/security/pcsc-lite/patches/patch-src_Makefile.in
cvs rdiff -u -r0 -r1.1 \
    pkgsrc/security/pcsc-lite/patches/patch-src_PCSC_reader.h \
    pkgsrc/security/pcsc-lite/patches/patch-src_utils.c
cvs rdiff -u -r1.2 -r0 \
    pkgsrc/security/pcsc-lite/patches/patch-src_thread_unix.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Prev by Date: CVS commit: pkgsrc/math/R
Next by Date: CVS commit: pkgsrc/net/rdist6
Previous by Thread: CVS commit: pkgsrc/math/R
Next by Thread: CVS commit: pkgsrc/net/rdist6
Indexes:
Home | Main Index | Thread Index | Old Index