+++ This bug was initially created as a clone of Bug #811314 +++ +++ This bug was initially created as a clone of Bug #806038 +++ Leaving the original title for now. I don't have a reproducer without remote-viewer. Actually just using firefox should do the trick, I guess something like this: ((((---- Suggestion only 1. add libcoolkey.so provider 2. insert reader while firefox is running, and the "view certificates" dialog is open. Results: no card detected. Expected: see the card (get logging dialog). End Suggestion only ----)))) +++ This bug was initially created as a clone of Bug #802435 +++ Steps to reproduce + environment are the same as in cloned bug, just the client cli is a bit different: remote-viewer --spice-smartcard spice://<host>/?port=<port> Actual results: from user POV: nothing happens debug console output (no matter if card is pre-inserted or not or how many times it is reinserted): (remote-viewer:23596): GSpice-DEBUG: usb-device-manager.c:598 device added 0xb92ff0 (remote-viewer:23596): GSpice-DEBUG: smartcard-manager.c:273 smartcard: reader-added (remote-viewer:23596): GSpice-DEBUG: channel-smartcard.c:314 smartcard: send message 3, queued Expected results: remote-viewer recognizes the reader and offers authentication once the card is inserted. Additional info: debug output when the reader is plugged in before client start: (remote-viewer:24142): GSpice-DEBUG: usb-device-manager.c:598 device added 0x20258b0 (remote-viewer:24142): GSpice-DEBUG: usb-device-manager.c:598 device added 0x2025810 (remote-viewer:24142): GSpice-DEBUG: usb-device-manager.c:598 device added 0x20256d0 (remote-viewer:24142): GSpice-DEBUG: usb-device-manager.c:598 device added 0x2025950 (remote-viewer:24142): GSpice-DEBUG: spice-channel.c:124 smartcard-8:0: spice_channel_constructed (remote-viewer:24142): GSpice-DEBUG: spice-channel.c:2086 Started background coroutine 0x209d998 for smartcard-8:0 (remote-viewer:24142): GSpice-DEBUG: spice-channel.c:1660 smartcard-8:0: spice_channel_recv_link_msg: 1 caps (remote-viewer:24142): GSpice-DEBUG: spice-channel.c:1084 smartcard-8:0: channel up, state 5 (remote-viewer:24142): GSpice-DEBUG: smartcard-manager.c:424 smartcard_manager_init (remote-viewer:24142): GSpice-DEBUG: smartcard-manager.c:459 vcard_emul_init (remote-viewer:24142): GSpice-DEBUG: smartcard-manager.c:470 smartcard_manager_init end: 1 (remote-viewer:24142): GSpice-DEBUG: smartcard-manager.c:273 smartcard: reader-added (remote-viewer:24142): GSpice-DEBUG: channel-smartcard.c:314 smartcard: send message 3, queued (remote-viewer:24142): GSpice-DEBUG: smartcard-manager.c:518 smartcard_manager_finish (remote-viewer:24142): GSpice-DEBUG: channel-smartcard.c:484 smartcard: handle msg 2 (remote-viewer:24142): GSpice-DEBUG: channel-smartcard.c:488 smartcard: in flight 3 // card insert (remote-viewer:24142): GSpice-DEBUG: smartcard-manager.c:292 smartcard: card-inserted (remote-viewer:24142): GSpice-DEBUG: channel-smartcard.c:314 smartcard: send message 5, queued (remote-viewer:24142): GSpice-DEBUG: channel-smartcard.c:484 smartcard: handle msg 2 (remote-viewer:24142): GSpice-DEBUG: channel-smartcard.c:488 smartcard: in flight 5 (remote-viewer:24142): GSpice-DEBUG: channel-smartcard.c:484 smartcard: handle msg 7 (remote-viewer:24142): GSpice-DEBUG: channel-smartcard.c:314 smartcard: send message 7, now // guest's gdm (last two messages repeated many times) +++ This bug was initially created as a clone of Bug #801854 +++ Created attachment 568960 [details] backtrace Description of problem: spicec crashes (segfaults) when smartcard is plugged while guest expects smartcard auth Version-Release number of selected component (if applicable): spice-client-0.8.2-13.el6.x86_64 coolkey-1.1.0-19.el6.x86_64 pcsc-lite-1.5.2-6.el6.x86_64 How reproducible: always Steps to Reproduce: 0. unplug the reader from the client 1. boot up the RHEL guest to smartcard-enabled gdm 2. (optional: select "smartcard authentication") 3. run spicec --smartcard <other opts> 4. plug the smartcard reader Actual results: spicec crashes with segmentation fault Expected results: spicec continues running Additional info: * does not happen when sc reader is already plugged in at the launch of spicec * messages in log (with DEBUG level) from reader insertion to the crash: 1331309793 INFO [23904:23916] SmartCardChannel::cac_card_events_thread_main: VEVENT_READER_INSERT 1331309793 INFO [23904:23904] SmartCardChannel::add_unallocated_reader: adding unallocated reader 0x960dc0 * log messages when reader is plugged at spicec launch and spiced does not crash: 1331310580 INFO [2326:2338] SmartCardChannel::cac_card_events_thread_main: VEVENT_READER_INSERT 1331310580 INFO [2326:2326] SmartCardChannel::add_unallocated_reader: adding unallocated reader 0x28bae60 1331310580 INFO [2326:2338] SmartCardChannel::cac_card_events_thread_main: VEVENT_CARD_INSERT 1331310580 INFO [2326:2326] SmartCardChannel::add_reader: adding 0x28bae60->0 * log messages when user removes and re-inserts smartcard: 1331310684 INFO [2326:2338] SmartCardChannel::cac_card_events_thread_main: VEVENT_CARD_REMOVE 1331310691 INFO [2326:2338] SmartCardChannel::cac_card_events_thread_main: VEVENT_CARD_INSERT 1331310692 DEBUG [2326:2326] SmartCardChannel::send_atr: ATR: 1331310692 DEBUG [2326:2326] VSCMessageEvent::response: 31: recv APDU: 1331310692 DEBUG [2326:2326] VSCMessageEvent::response: sent APDU:
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux release for currently deployed products. This request is not yet committed for inclusion in a release.
Regarding testing, I have marked it as fixed in nss-3.14.3-11.el5 as this is the latest build. I could have marked it as nss-3.14.3-1.el5 as this was the first build with the rebase which is where the fix appears.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1318.html