Page MenuHome GnuPG

scdaemon over pcsclite holds the card even with "--card-timeout 5"
Closed, DuplicatePublic

Description

I use OpenPGP card functionality of Yubikey NEO over NFC. I need to access other
OpenPlatform app on the Yubikey (non-pkcs#11) using pcsclite API.

After I run gnupg for the first time, and scdaemon is started, my other
application get an error "Sharing violation" (SCARD_E_SHARING_VIOLATION) when it
tries SCardConnect() (FWIW, I use mode SCARD_SHARE_SHARED).

Starting scdaemon with non-zero --card-timeout does not change the behaviour.

I believe that scdaemon ought to disconnect from the card after all its clients
are gone, maybe after a few seconds timeout.

Details

Version
2.1.16

Event Timeline

crosser added projects: gnupg, Bug Report.
crosser added a subscriber: crosser.

Changing PCSC_SHARE_EXCLUSIVE to PCSC_SHARE_SHARED in scd/apdu.c:1560 fixes my
problem *and* has no ill effects on Yubikey operation: gnupg --card-status
interleaved with my application running in a loop at the same time work just
fine, both applications get their proper responses from the card.

This may or may not work with OpenPGP cards other than Yubikey, I have no way to
check...

A year later on a new computer I had to troubleshoot this problem again, and
found my own bug report. So I am including the patch this time. Please consider
including the proposed change (or some other fix) into mainstream.

crosser changed Version from 2.1.3 to 2.1.16.Oct 18 2016, 10:15 PM