card: Run factory-reset in locked stated.

* scd/command.c (reset_notify): Add option --keep-lock. (do_reset): Add arg keep_lock. (cmd_lock): Send progress status. * g10/call-agent.c (agent_scd_apdu): Add more pseudo APDUs. * g10/card-util.c (send_apdu): Ditto. (factory_reset): Use lock commands. -- This is required so that for example Kleopatra does not detect the RESET and issues a SERIALNO of its own, thus conflicting with our SERIALNO undefined. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-07-02 22:46:30 +02:00 · 2020-11-09 13:04:38 +01:00 · 2020-11-09 13:04:38 +01:00 · 7f765a98fd
commit 7f765a98fd
parent 21d5323f5d
4 changed files with 58 additions and 17 deletions
--- a/scd/command.c
+++ b/scd/command.c
@ -138,9 +138,10 @@ hex_to_buffer (const char *string, size_t *r_length)

 /* Reset the card and free the application context.  With SEND_RESET
   set to true actually send a RESET to the reader; this is the normal
-   way of calling the function.  */
+   way of calling the function.  If KEEP_LOCK is set and the session
+   is locked that lock wil not be released.  */
 static void
-do_reset (ctrl_t ctrl, int send_reset)
+do_reset (ctrl_t ctrl, int send_reset, int keep_lock)
 {
  app_t app = ctrl->app_ctx;

@ -148,7 +149,7 @@ do_reset (ctrl_t ctrl, int send_reset)
    app_reset (app, ctrl, IS_LOCKED (ctrl)? 0: send_reset);

  /* If we hold a lock, unlock now. */
-  if (locked_session && ctrl->server_local == locked_session)
+  if (!keep_lock && locked_session && ctrl->server_local == locked_session)
    {
      locked_session = NULL;
      log_info ("implicitly unlocking due to RESET\n");
@ -160,9 +161,7 @@ reset_notify (assuan_context_t ctx, char *line)
 {
  ctrl_t ctrl = assuan_get_pointer (ctx);

-  (void) line;
-
-  do_reset (ctrl, 1);
+  do_reset (ctrl, 1, has_option (line, "--keep-lock"));
  return 0;
 }

@ -1340,9 +1339,10 @@ cmd_lock (assuan_context_t ctx, char *line)
      npth_sleep (1); /* Better implement an event mechanism. However,
                         for card operations this should be
                         sufficient. */
-      /* FIXME: Need to check that the connection is still alive.
-         This can be done by issuing status messages. */
-      goto retry;
+      /* Send a progress so that we can detect a connection loss.  */
+      rc = send_status_printf (ctrl, "PROGRESS", "scd_locked . 0 0");
+      if (!rc)
+        goto retry;
    }
 #endif /*USE_NPTH*/

@ -1814,7 +1814,7 @@ scd_command_handler (ctrl_t ctrl, int fd)
    }

  /* Cleanup.  We don't send an explicit reset to the card.  */
-  do_reset (ctrl, 0);
+  do_reset (ctrl, 0, 0);

  /* Release the server object.  */
  if (session_list == ctrl->server_local)