Check-in [b5af3ab373]
Overview
Comment:Merged in trunk
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | protected-auth-path
Files: files | file ages | folders
SHA1:b5af3ab373045c8e96477bc2a8511e3dac4b93f7
User & Date: rkeene on 2014-01-17 13:42:24
Other Links: manifest | tags
Context
2014-03-14
14:25
Updated to reset the card if a retry is required check-in: ad6536ceb0 user: rkeene tags: protected-auth-path
2014-01-17
13:42
Merged in trunk check-in: b5af3ab373 user: rkeene tags: protected-auth-path
13:35
Work towards fixing listing of slots to not list redundant slots check-in: afd6df445d user: rkeene tags: trunk
2013-09-14
04:11
Merged in changes from piv check-in: 5f8f3e59a7 user: rkeene tags: protected-auth-path
Changes

Modified build/cackey_osx_build/Template_pmbuild/index.xml.in from [7d02eca4b2] to [6bfcbad535].

    30     30   {\fonttbl\f0\fnil\fcharset0 LucidaGrande;}
    31     31   {\colortbl;\red255\green255\blue255;}
    32     32   \pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\ql\qnatural\pardirnatural
    33     33   
    34     34   \f0\fs26 \cf0 Release information:\
    35     35       pkg: CACKey\
    36     36    author: US Army Corps of Engineers\
    37         -Mac build contact: Kenneth Van Alstyne <DC1SAN_SUPPORT@hq.dhs.gov>\
           37  +Mac build contact: Kenneth Van Alstyne <Kenneth.VanAlstyne@associates.hq.dhs.gov>\
    38     38                      US Department of Homeland Security\
    39     39   contact: Roy Keene <DC1-UNIX@hq.dhs.gov>\
    40     40   ------------------------------------------------\
    41     41   \
    42     42   The PKCS11.tokend connector module included in this package is licensed under\
    43     43   the APSL. See: http://devel.kvanals.org/PKCS11_Tokend\
    44     44   \
................................................................................
    75     75   To use, be sure to import the certificate authorities into Keychain Access.\
    76     76   \
    77     77   A debug version, /Library/CACKey/libcackey_g.dylib is provided if debug output is necessary.}]]>
    78     78   			</resource>
    79     79   		</locale>
    80     80   	</resources>
    81     81   	<requirements>
    82         -		<requirement id="tosv" operator="lt" value="'@@NEXTOSXVER@@'">
    83         -			<message>This CACKey release requires Mac OS X @@CUROSXVER@@.</message>
    84         -		</requirement>
    85     82   		<requirement id="tosv" operator="ge" value="'@@CUROSXVER@@'">
    86     83   			<message>This CACKey release requires Mac OS X @@CUROSXVER@@.</message>
    87     84   		</requirement>
    88     85   	</requirements>
    89     86   	<flags/>
    90     87   	<item type="file">01libcackey.xml</item>
    91     88   	<item type="file">02libcackey.xml</item>

Modified build/cackey_osx_build/build_osx.sh from [c66d1aadeb] to [361c9900ba].

    12     12   # Usage function
    13     13   usage() {
    14     14   	echo "Usage: build_osx.sh <target>"
    15     15   	echo Where target is one of:
    16     16   	echo "    leopard  - (Builds Universal 10.5 Library for PPCG4/i386)"
    17     17   	echo "    snowleopard  - (Builds Universal 10.6 Library for i386/x86_64)"
    18     18   	echo "    lion  - (Builds Universal 10.7 Library for i386/x86_64)"
    19         -	echo "    sltoml - (Builds Universal 10.6/10.7/10.8 Library for i386/x86_64)"
           19  +	echo "    sltomav - (Builds Universal 10.6/10.7/10.8/10.9 Library for i386/x86_64)"
    20     20   	echo "    all - (Builds for all supported targets)"
    21     21   	echo "    clean - (Cleans up)"
    22     22   	echo "Run from CACKey Build Root."
    23     23   	exit $?
    24     24   }
    25     25   
    26     26   # Clean up function
................................................................................
    41     41   		LIBTOOLDIR=/Developer/usr/share/libtool/config
    42     42   	fi
    43     43   	if [ ! -d macbuild ]; then
    44     44   		mkdir macbuild
    45     45   		mkdir macbuild/Leopard
    46     46   		mkdir macbuild/Snowleopard
    47     47   		mkdir macbuild/Lion
    48         -		mkdir macbuild/Sltoml
           48  +		mkdir macbuild/Sltomav
    49     49   		mkdir macbuild/pkg
    50     50   	fi
    51     51   	if [ ! -f config.guess ]; then
    52     52   		cp ${LIBTOOLDIR}/config.guess .
    53     53   	fi
    54     54   	if [ ! -f config.sub ]; then
    55     55   		cp ${LIBTOOLDIR}/config.sub .
................................................................................
    66     66   	LIBRARY=/Developer/SDKs/MacOSX10.5.sdk/System/Library/Frameworks/PCSC.framework/PCSC
    67     67   	LIB=""
    68     68   	ARCHLIST=""
    69     69   	DLIB=""
    70     70   	DARCHLIST=""
    71     71   	OSX=Leopard
    72     72   	PKTARGETOS=3
    73         -	NEXTOSXVER=10.6
    74     73   	CUROSXVER=10.5
    75     74   	for HOST in powerpc-apple-darwin9 i386-apple-darwin9; do
    76     75   		genbuild
    77     76   	done
    78     77   	libbuild
    79     78   	pkgbuild
    80     79   }
................................................................................
    86     85   	LIBRARY=/Developer/SDKs/MacOSX10.6.sdk/System/Library/Frameworks/PCSC.framework/PCSC
    87     86   	LIB=""
    88     87   	ARCHLIST=""
    89     88   	DLIB=""
    90     89   	DARCHLIST=""
    91     90   	OSX=Snowleopard
    92     91   	PKTARGETOS=3
    93         -	NEXTOSXVER=10.7
    94     92   	CUROSXVER=10.6
    95     93   	for HOST in i386-apple-darwin10 x86_64-apple-darwin10; do
    96     94   		genbuild
    97     95   	done
    98     96   	libbuild
    99     97   	pkgbuild
   100     98   }
................................................................................
   106    104   	LIBRARY=/Developer/SDKs/MacOSX10.7.sdk/System/Library/Frameworks/PCSC.framework/PCSC
   107    105   	LIB=""
   108    106   	ARCHLIST=""
   109    107   	DLIB=""
   110    108   	DARCHLIST=""
   111    109   	OSX=Lion
   112    110   	PKTARGETOS=3
   113         -	NEXTOSXVER=10.8
   114    111   	CUROSXVER=10.7
   115    112   	for HOST in i386-apple-darwin11 x86_64-apple-darwin11; do
   116    113   		genbuild
   117    114   	done
   118    115   	libbuild
   119    116   	pkgbuild
   120    117   }
   121    118   
   122    119   # Build function for Snow Leopard/Lion/Mountain Lion
   123         -sltoml() {
          120  +sltomav() {
   124    121   	makedir
   125    122   	HEADERS=/Developer/SDKs/MacOSX10.6.sdk/System/Library/Frameworks/PCSC.framework/Versions/A/Headers/
   126    123   	LIBRARY=/Developer/SDKs/MacOSX10.6.sdk/System/Library/Frameworks/PCSC.framework/PCSC
   127    124   	LIB=""
   128    125   	ARCHLIST=""
   129    126   	DLIB=""
   130    127   	DARCHLIST=""
   131         -	OSX=Sltoml
          128  +	OSX=Sltomav
   132    129   	PKTARGETOS=3
   133         -	NEXTOSXVER=10.9
   134    130   	CUROSXVER=10.6
   135    131   	for HOST in i386-apple-darwin10 x86_64-apple-darwin10; do
   136    132   		genbuild
   137    133   	done
   138    134   	libbuild
   139    135   	pkgbuild
   140    136   }
   141    137   
   142    138   # Build function for Snow Leopard/Lion/Mountain Lion
   143         -sltoml() {
          139  +sltomav() {
   144    140   	makedir
   145    141   	HEADERS=/Developer/SDKs/MacOSX10.6.sdk/System/Library/Frameworks/PCSC.framework/Versions/A/Headers/
   146    142   	LIBRARY=/Developer/SDKs/MacOSX10.6.sdk/System/Library/Frameworks/PCSC.framework/PCSC
   147    143   	LIB=""
   148    144   	ARCHLIST=""
   149    145   	DLIB=""
   150    146   	DARCHLIST=""
   151         -	OSX=Sltoml
          147  +	OSX=Sltomav
   152    148   	PKTARGETOS=3
   153         -	NEXTOSXVER=10.9
   154    149   	CUROSXVER=10.6
   155    150   	for HOST in i386-apple-darwin10 x86_64-apple-darwin10; do
   156    151   		genbuild
   157    152   	done
   158    153   	libbuild
   159    154   	pkgbuild
   160    155   }
................................................................................
   223    218   		PMDOC="`echo "${PMDOC}" | sed 's|l.in|l|g' | sed 's|build/cackey_osx_build/Template_pmbuild/||g'`"
   224    219   		UUID="`python -c 'import uuid; print uuid.uuid1()' | dd conv=ucase 2>/dev/null`"
   225    220   		mkdir -p build/cackey_osx_build/${OSX}_pmbuild.pmdoc
   226    221   		sed "s|@@BUILDROOTDIR@@|$(pwd)|g" build/cackey_osx_build/Template_pmbuild/${PMDOC}.in > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}
   227    222   		sed "s|@@OSXVERSION@@|${OSX}|g" build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC} > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}.1
   228    223   		sed "s|@@UUID@@|${UUID}|g" build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}.1 > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}
   229    224   		sed "s|@@TARGETOS@@|${PKTARGETOS}|g" build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC} > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}.1
   230         -		sed "s|@@NEXTOSXVER@@|${NEXTOSXVER}|g" build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}.1 > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}
   231    225   		sed "s|@@CUROSXVER@@|${CUROSXVER}|g" build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC} > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}.1
   232    226   		sed "s|@@LIBCACKEYG@@|${LIBCACKEYG}|g" build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}.1 > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}
   233    227   		cp build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC} build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}.1
   234    228   		mv build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}.1 build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}
   235    229   	done
   236    230   	EXT=pkg
   237    231   	if [ ${OSX} == "Snowleopard" ]; then
   238    232   		cat build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml | sed 's|for Mac OS X Snowleopard|for Mac OS X SnowLeopard|g' > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml.new
   239    233   		mv build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml.new build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml
   240    234   	fi
   241         -	if [ ${OSX} == "Sltoml" ]; then
   242         -		cat build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml | sed 's|for Mac OS X Sltoml|for Mac OS X SLtoML|g' > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml.new
          235  +	if [ ${OSX} == "Sltomav" ]; then
          236  +		cat build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml | sed 's|for Mac OS X Sltomav|for Mac OS X SLtoMav|g' > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml.new
   243    237   		mv build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml.new build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml
   244    238   	fi
   245    239   	/Developer/Applications/Utilities/PackageMaker.app/Contents/MacOS/PackageMaker -d build/cackey_osx_build/${OSX}_pmbuild.pmdoc -o macbuild/pkg/CACKey_${CACKEY_VERSION}_${OSX}.${EXT}
   246    240   	tar --create --directory macbuild/pkg/ --file macbuild/pkg/CACKey_${CACKEY_VERSION}_${OSX}.${EXT}.tar CACKey_${CACKEY_VERSION}_${OSX}.${EXT}
   247    241   	gzip -9 macbuild/pkg/CACKey_${CACKEY_VERSION}_${OSX}.${EXT}.tar
   248    242   	rm -rf macbuild/pkg/CACKey_${CACKEY_VERSION}_${OSX}.${EXT}
   249    243   	rm -f build/cackey_osx_build/cackey.dylib
................................................................................
   272    266   	
   273    267   	"lion")
   274    268   		./autogen.sh
   275    269   		lion
   276    270   		exit $?
   277    271   	;;
   278    272   	
   279         -	"sltoml")
          273  +	"sltomav")
   280    274   		./autogen.sh
   281         -		sltoml
          275  +		sltomav
   282    276   		exit $?
   283    277   	;;
   284    278   
   285    279   	"all")
   286    280   		./autogen.sh
   287    281   		leopard
   288         -		sltoml
          282  +		sltomav
   289    283   		echo ""
   290    284   		echo "All builds complete."
   291    285   		exit $?
   292    286   	;;
   293    287   
   294    288   	"clean")
   295    289   		clean

Modified build/cackey_win32_build/build.sh from [716f40add4] to [fbfa3a5bbe].

     1      1   #! /bin/bash
     2      2   
     3      3   make distclean
     4      4   
     5         -./configure --with-pcsc-headers="$(pwd)/build/cackey_win32_build/include" --with-pcsc-libs="-L$(pwd)/build/cackey_win32_build/lib -lwinscard" --host=i586-mingw32msvc  CPPFLAGS="-I$(pwd)/build/cackey_win32_build/include" || exit 1
            5  +./configure --with-pcsc-headers="$(pwd)/build/cackey_win32_build/include" --with-pcsc-libs="-L$(pwd)/build/cackey_win32_build/lib -lwinscard" --host=i586-mingw32msvc  CPPFLAGS="-I$(pwd)/build/cackey_win32_build/include" "$@" || exit 1
     6      6   
     7      7   make || exit 1
     8      8   
     9      9   exit 0

Modified cackey.c from [5ad2713a20] to [8c591e3548].

  2869   2869   				}
  2870   2870   			}
  2871   2871   
  2872   2872   			/* End transaction */
  2873   2873   			cackey_end_transaction(slot);
  2874   2874   
  2875   2875   			if (respcode == 0x6982 || respcode == 0x6e00) {
  2876         -				CACKEY_DEBUG_PRINTF("Security status not satisified (respcode = 0x%04x).  Returning NEEDLOGIN", (int) respcode);
         2876  +				if (respcode == 0x6E00) {
         2877  +					CACKEY_DEBUG_PRINTF("Got \"WRONG CLASS\", this means we are talking to the wrong object (likely because the card went away) -- resetting");
         2878  +				} else {
         2879  +					CACKEY_DEBUG_PRINTF("Security status not satisified (respcode = 0x%04x).  Returning NEEDLOGIN", (int) respcode);
         2880  +				}
  2877   2881   
  2878   2882   				cackey_mark_slot_reset(slot);
  2879   2883   
  2880   2884   				return(CACKEY_PCSC_E_NEEDLOGIN);
  2881   2885   			}
  2882   2886   
  2883   2887   			if (send_ret == CACKEY_PCSC_E_TOKENABSENT) {
................................................................................
  3072   3076   	}
  3073   3077   
  3074   3078   	/* PIV authentication uses a "key_reference" of 0x80 */
  3075   3079   	pcsc_identities = cackey_read_certs(slot, NULL, &num_certs);
  3076   3080   	if (num_certs > 0 && pcsc_identities != NULL) {
  3077   3081   		switch (pcsc_identities[0].id_type) {
  3078   3082   			case CACKEY_ID_TYPE_PIV:
  3079         -				CACKEY_DEBUG_PRINTF("We recently had a PIV card, so we will attempt to authenticate using the PIV Application key reference");
         3083  +				CACKEY_DEBUG_PRINTF("We have PIV card, so we will attempt to authenticate using the PIV Application key reference");
  3080   3084   
  3081   3085   				key_reference = 0x80;
  3082   3086   				break;
  3083   3087   			default:
  3084   3088   				break;
  3085   3089   		}
  3086   3090   
................................................................................
  4424   4428   
  4425   4429   					if (currslot >= (sizeof(cackey_slots) / sizeof(cackey_slots[0]))) {
  4426   4430   						CACKEY_DEBUG_PRINTF("Found more readers than slots are available!");
  4427   4431   
  4428   4432   						break;
  4429   4433   					}
  4430   4434   
  4431         -					CACKEY_DEBUG_PRINTF("Found reader: %s", pcsc_readers);
         4435  +					CACKEY_DEBUG_PRINTF("Found reader: %s (currslot = %lu)", pcsc_readers, (unsigned long) currslot);
  4432   4436   
  4433   4437   					/* Only update the list of slots if we are actually being asked supply the slot information */
  4434   4438   					if (pSlotList) {
  4435   4439   						if (slot_reset) {
  4436   4440   							cackey_slots[currslot].active = 1;
  4437   4441   							cackey_slots[currslot].internal = 0;
  4438   4442   							cackey_slots[currslot].pcsc_reader = strdup(pcsc_readers);
................................................................................
  4445   4449   								cackey_slots[currslot].token_flags = 0;
  4446   4450   							}
  4447   4451   							cackey_slots[currslot].label = NULL;
  4448   4452   
  4449   4453   							cackey_mark_slot_reset(&cackey_slots[currslot]);
  4450   4454   						}
  4451   4455   					} else {
  4452         -						/* Artificially increase the number of active slots by what will become active */
  4453         -						slot_count++;
         4456  +						if (!cackey_slots[currslot].active) {
         4457  +							/* Artificially increase the number of active slots by what will become active */
         4458  +							CACKEY_DEBUG_PRINTF("Found in-active slot %lu, but it will be active after a reset -- marking as active for accounting purposes", (unsigned long) currslot);
         4459  +
         4460  +							slot_count++;
         4461  +						}
  4454   4462   					}
  4455   4463   					currslot++;
  4456   4464   
  4457   4465   					pcsc_readers += curr_reader_len + 1;
  4458   4466   				}
  4459   4467   
  4460   4468   				for (currslot = 0; currslot < (sizeof(cackey_slots) / sizeof(cackey_slots[0])); currslot++) {
  4461   4469   					if (cackey_slots[currslot].active) {
  4462         -						CACKEY_DEBUG_PRINTF("Found active slot %lu", (unsigned long) currslot);
         4470  +						CACKEY_DEBUG_PRINTF("Found active slot %lu, reader = %s", (unsigned long) currslot, cackey_slots[currslot].pcsc_reader);
  4463   4471   
  4464   4472   						slot_count++;
  4465   4473   					}
  4466   4474   				}
  4467   4475   			} else {
  4468   4476   				CACKEY_DEBUG_PRINTF("Second call to SCardListReaders failed, return %s/%li", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_listreaders_ret), (long) scard_listreaders_ret);
  4469   4477   			}

Modified configure.ac from [8333de68f9] to [b130174bba].

     1         -AC_INIT(cackey, 0.6.8) 
            1  +AC_INIT(cackey, 0.7.0) 
     2      2   AC_CONFIG_HEADERS(config.h)
     3      3   
     4      4   dnl Locate standard tools
     5      5   AC_PROG_CC
     6      6   AC_PROG_MAKE_SET
     7      7   AC_PROG_INSTALL
     8      8   AC_AIX