Hide Forgot
Leaving the original title for now. I don't have a reproducer without remote-viewer. Actually just using firefox should do the trick, I guess something like this: ((((---- Suggestion only 1. add libcoolkey.so provider 2. insert reader while firefox is running, and the "view certificates" dialog is open. Results: no card detected. Expected: see the card (get logging dialog). End Suggestion only ----)))) +++ This bug was initially created as a clone of Bug #802435 +++ Steps to reproduce + environment are the same as in cloned bug, just the client cli is a bit different: remote-viewer --spice-smartcard spice://<host>/?port=<port> Actual results: from user POV: nothing happens debug console output (no matter if card is pre-inserted or not or how many times it is reinserted): (remote-viewer:23596): GSpice-DEBUG: usb-device-manager.c:598 device added 0xb92ff0 (remote-viewer:23596): GSpice-DEBUG: smartcard-manager.c:273 smartcard: reader-added (remote-viewer:23596): GSpice-DEBUG: channel-smartcard.c:314 smartcard: send message 3, queued Expected results: remote-viewer recognizes the reader and offers authentication once the card is inserted. Additional info: debug output when the reader is plugged in before client start: (remote-viewer:24142): GSpice-DEBUG: usb-device-manager.c:598 device added 0x20258b0 (remote-viewer:24142): GSpice-DEBUG: usb-device-manager.c:598 device added 0x2025810 (remote-viewer:24142): GSpice-DEBUG: usb-device-manager.c:598 device added 0x20256d0 (remote-viewer:24142): GSpice-DEBUG: usb-device-manager.c:598 device added 0x2025950 (remote-viewer:24142): GSpice-DEBUG: spice-channel.c:124 smartcard-8:0: spice_channel_constructed (remote-viewer:24142): GSpice-DEBUG: spice-channel.c:2086 Started background coroutine 0x209d998 for smartcard-8:0 (remote-viewer:24142): GSpice-DEBUG: spice-channel.c:1660 smartcard-8:0: spice_channel_recv_link_msg: 1 caps (remote-viewer:24142): GSpice-DEBUG: spice-channel.c:1084 smartcard-8:0: channel up, state 5 (remote-viewer:24142): GSpice-DEBUG: smartcard-manager.c:424 smartcard_manager_init (remote-viewer:24142): GSpice-DEBUG: smartcard-manager.c:459 vcard_emul_init (remote-viewer:24142): GSpice-DEBUG: smartcard-manager.c:470 smartcard_manager_init end: 1 (remote-viewer:24142): GSpice-DEBUG: smartcard-manager.c:273 smartcard: reader-added (remote-viewer:24142): GSpice-DEBUG: channel-smartcard.c:314 smartcard: send message 3, queued (remote-viewer:24142): GSpice-DEBUG: smartcard-manager.c:518 smartcard_manager_finish (remote-viewer:24142): GSpice-DEBUG: channel-smartcard.c:484 smartcard: handle msg 2 (remote-viewer:24142): GSpice-DEBUG: channel-smartcard.c:488 smartcard: in flight 3 // card insert (remote-viewer:24142): GSpice-DEBUG: smartcard-manager.c:292 smartcard: card-inserted (remote-viewer:24142): GSpice-DEBUG: channel-smartcard.c:314 smartcard: send message 5, queued (remote-viewer:24142): GSpice-DEBUG: channel-smartcard.c:484 smartcard: handle msg 2 (remote-viewer:24142): GSpice-DEBUG: channel-smartcard.c:488 smartcard: in flight 5 (remote-viewer:24142): GSpice-DEBUG: channel-smartcard.c:484 smartcard: handle msg 7 (remote-viewer:24142): GSpice-DEBUG: channel-smartcard.c:314 smartcard: send message 7, now // guest's gdm (last two messages repeated many times) +++ This bug was initially created as a clone of Bug #801854 +++ Created attachment 568960 [details] backtrace Description of problem: spicec crashes (segfaults) when smartcard is plugged while guest expects smartcard auth Version-Release number of selected component (if applicable): spice-client-0.8.2-13.el6.x86_64 coolkey-1.1.0-19.el6.x86_64 pcsc-lite-1.5.2-6.el6.x86_64 How reproducible: always Steps to Reproduce: 0. unplug the reader from the client 1. boot up the RHEL guest to smartcard-enabled gdm 2. (optional: select "smartcard authentication") 3. run spicec --smartcard <other opts> 4. plug the smartcard reader Actual results: spicec crashes with segmentation fault Expected results: spicec continues running Additional info: * does not happen when sc reader is already plugged in at the launch of spicec * messages in log (with DEBUG level) from reader insertion to the crash: 1331309793 INFO [23904:23916] SmartCardChannel::cac_card_events_thread_main: VEVENT_READER_INSERT 1331309793 INFO [23904:23904] SmartCardChannel::add_unallocated_reader: adding unallocated reader 0x960dc0 * log messages when reader is plugged at spicec launch and spiced does not crash: 1331310580 INFO [2326:2338] SmartCardChannel::cac_card_events_thread_main: VEVENT_READER_INSERT 1331310580 INFO [2326:2326] SmartCardChannel::add_unallocated_reader: adding unallocated reader 0x28bae60 1331310580 INFO [2326:2338] SmartCardChannel::cac_card_events_thread_main: VEVENT_CARD_INSERT 1331310580 INFO [2326:2326] SmartCardChannel::add_reader: adding 0x28bae60->0 * log messages when user removes and re-inserts smartcard: 1331310684 INFO [2326:2338] SmartCardChannel::cac_card_events_thread_main: VEVENT_CARD_REMOVE 1331310691 INFO [2326:2338] SmartCardChannel::cac_card_events_thread_main: VEVENT_CARD_INSERT 1331310692 DEBUG [2326:2326] SmartCardChannel::send_atr: ATR: 1331310692 DEBUG [2326:2326] VSCMessageEvent::response: 31: recv APDU: 1331310692 DEBUG [2326:2326] VSCMessageEvent::response: sent APDU: --- Additional comment from djasa@redhat.com on 2012-03-09 17:43:29 CET --- Created attachment 568961 [details] pcscd debug output from card insertion to client segfault --- Additional comment from alevy@redhat.com on 2012-03-13 11:44:07 EDT --- Please provide debug information from qemu side by passing the debug flag to ccid-card-passthru: -device ccid-card-passthru,debug=10 # I don't remember the maximum value for debug, 10 should do Thanks, Alon --- Additional comment from alevy@redhat.com on 2012-03-13 12:28:00 EDT --- Maybe usbredir took the device? can you try adding "--spice-disable-usbredir" to remote-viewer invocation? Thanks, Alon --- Additional comment from djasa@redhat.com on 2012-03-16 05:32:52 EDT --- Clearing needinfo, all info requested was provided in a debugging session. --- Additional comment from alevy@redhat.com on 2012-03-19 09:43:35 EDT --- Managed to reproduce locally, thanks for the help. Alon --- Additional comment from alevy@redhat.com on 2012-03-22 13:51:25 EDT --- The bug is not in virt-viewer, it's in libcoolkey and libcacard: coolkey creates a default fake reader and then passes it on to pcscd, confusing it, causing no notifications of new readers. libcacard stops the per-module event blocking thread when there are no slots (caused by removing last reader) Changing component and cloning, have patches for both upstream, will post and start the process of rebasing them. Alon
Created attachment 572809 [details] patch 1/3 for proposed fix
Created attachment 572810 [details] patch 2/3 for propsed fix
Created attachment 572811 [details] patch 3/4 for propsed fix (previous two should be 1/4 and 2/4 respectively)
Created attachment 572812 [details] patch 4/4 for propsed fix
Development Management has reviewed and declined this request. You may appeal this decision by reopening this request.
fixed in coolkey-1.1.0-27.el6
I am using OmniKey CardMan 3121 00 00 with Gemalto 64K card. I remove the smart card reader, start firefox, go to Security Devices - Nothing is listed under the Coolkey Module. I plugin the reader but card is not inserted - still nothing is list under the Module. I insert the card - The card is detected and displayed under the Module. I remove the card - The card reader is displayed under the module.
errata updated.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1699.html