Index: cackey.c ================================================================== --- cackey.c +++ cackey.c @@ -869,17 +869,14 @@ struct cackey_pcsc_identity extra_certs[] = { #include "cackey_builtin_certs.h" }; /* Protected Authentication Path command */ -#ifdef CACKEY_PIN_COMMAND_DEFAULT -# define CACKEY_PIN_COMMAND_DEFAULT_XSTR(str) CACKEY_PIN_COMMAND_DEFAULT_STR(str) -# define CACKEY_PIN_COMMAND_DEFAULT_STR(str) #str -static char *cackey_pin_command = CACKEY_PIN_COMMAND_DEFAULT_XSTR(CACKEY_PIN_COMMAND_DEFAULT); -#else +#define CACKEY_PIN_COMMAND_DEFAULT_XSTR(str) CACKEY_PIN_COMMAND_DEFAULT_STR(str) +#define CACKEY_PIN_COMMAND_DEFAULT_STR(str) #str static char *cackey_pin_command = NULL; -#endif +static char *cackey_pin_command_xonly = NULL; /* PCSC Global Handles */ static LPSCARDCONTEXT cackey_pcsc_handle = NULL; static unsigned long cackey_getversion(void) { @@ -4133,10 +4130,25 @@ cackey_biglock_init = 1; } /* Define a command to prompt user for a PIN */ +#ifdef CACKEY_PIN_COMMAND_DEFAULT + cackey_pin_command = CACKEY_PIN_COMMAND_DEFAULT_XSTR(CACKEY_PIN_COMMAND_DEFAULT); +#endif +#ifdef CACKEY_PIN_COMMAND_XONLY_DEFAULT + cackey_pin_command_xonly = CACKEY_PIN_COMMAND_DEFAULT_XSTR(CACKEY_PIN_COMMAND_XONLY_DEFAULT); +#endif + + if (getenv("DISPLAY") != NULL) { + cackey_pin_command = cackey_pin_command_xonly; + } + + if (getenv("CACKEY_PIN_COMMAND_XONLY") != NULL && getenv("DISPLAY") != NULL) { + cackey_pin_command = getenv("CACKEY_PIN_COMMAND_XONLY"); + } + if (getenv("CACKEY_PIN_COMMAND") != NULL) { cackey_pin_command = getenv("CACKEY_PIN_COMMAND"); } CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); Index: configure.ac ================================================================== --- configure.ac +++ configure.ac @@ -158,14 +158,24 @@ AC_ARG_WITH(pin-command, AC_HELP_STRING([--with-pin-command=], [Specify a command to run to request a PIN from the user. The user may override this with the CACKEY_PIN_COMMAND environment variable.]), [ pincommand="${withval}" ], [ pincommand="no" ]) + +AC_ARG_WITH(pin-command-x, AC_HELP_STRING([--with-pin-command-x=], [Same as --with-pin-command, but only sets Protected Authentication Path if the DISPLAY environment variable is set]), [ + pincommandxonly="${withval}" +], [ + pincommandxonly="no" +]) if ! test "${pincommand}" = 'no'; then AC_DEFINE_UNQUOTED(CACKEY_PIN_COMMAND_DEFAULT, [$pincommand], [Command to run to prompt user for PIN]) fi + +if ! test "${pincommandxonly}" = 'no'; then + AC_DEFINE_UNQUOTED(CACKEY_PIN_COMMAND_XONLY_DEFAULT, [$pincommandxonly], [Command to run to prompt user for PIN only if DISPLAY environment variable is set]) +fi dnl Set version script, to limit the scope of symbols DC_SETVERSIONSCRIPT(libcackey.vers, libcackey.syms) dnl Upate LDFLAGS to include setting the run-time linker path to the same as our compile-time linker