From cb5ccfb1a1796e92646cd10584ebe485cb0e7568 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 8 Nov 2022 01:45:51 -0500 Subject: [PATCH] import esc-1.1.2-24.el8 --- .esc.metadata | 2 + .gitignore | 2 + SOURCES/esc | 64 + SOURCES/esc-1.1.2-fix1.patch | 33 + SOURCES/esc-1.1.2-fix10.patch | 291 +++ SOURCES/esc-1.1.2-fix11.patch | 104 + SOURCES/esc-1.1.2-fix2.patch | 103 + SOURCES/esc-1.1.2-fix3.patch | 300 +++ SOURCES/esc-1.1.2-fix4.patch | 3722 +++++++++++++++++++++++++++++++++ SOURCES/esc-1.1.2-fix5.patch | 12 + SOURCES/esc-1.1.2-fix6.patch | 250 +++ SOURCES/esc-1.1.2-fix7.patch | 343 +++ SOURCES/esc-1.1.2-fix8.patch | 60 + SOURCES/esc-1.1.2-fix9.patch | 41 + SOURCES/esc.desktop | 8 + SPECS/esc.spec | 394 ++++ 16 files changed, 5729 insertions(+) create mode 100644 .esc.metadata create mode 100644 .gitignore create mode 100755 SOURCES/esc create mode 100644 SOURCES/esc-1.1.2-fix1.patch create mode 100644 SOURCES/esc-1.1.2-fix10.patch create mode 100644 SOURCES/esc-1.1.2-fix11.patch create mode 100644 SOURCES/esc-1.1.2-fix2.patch create mode 100644 SOURCES/esc-1.1.2-fix3.patch create mode 100644 SOURCES/esc-1.1.2-fix4.patch create mode 100644 SOURCES/esc-1.1.2-fix5.patch create mode 100644 SOURCES/esc-1.1.2-fix6.patch create mode 100644 SOURCES/esc-1.1.2-fix7.patch create mode 100644 SOURCES/esc-1.1.2-fix8.patch create mode 100644 SOURCES/esc-1.1.2-fix9.patch create mode 100644 SOURCES/esc.desktop create mode 100644 SPECS/esc.spec diff --git a/.esc.metadata b/.esc.metadata new file mode 100644 index 0000000..63d7bb8 --- /dev/null +++ b/.esc.metadata @@ -0,0 +1,2 @@ +2750a5e0bc3221503f44a33c9f59aef5a6901203 SOURCES/esc-1.1.2.tar.bz2 +115da701c784ea3fc89d2cb1bb0539011d246a1a SOURCES/esc.png diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..2879a9c --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +SOURCES/esc-1.1.2.tar.bz2 +SOURCES/esc.png diff --git a/SOURCES/esc b/SOURCES/esc new file mode 100755 index 0000000..77cdb51 --- /dev/null +++ b/SOURCES/esc @@ -0,0 +1,64 @@ +#!/bin/sh +# +# BEGIN COPYRIGHT BLOCK +# This Program is free software; you can redistribute it and/or modify it under +# the terms of the GNU General Public License as published by the Free Software +# Foundation; version 2 of the License. +# +# This Program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS +# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along with +# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple +# Place, Suite 330, Boston, MA 02111-1307 USA. +# +# Copyright (C) 2005 Red Hat, Inc. +# All rights reserved. +# END COPYRIGHT BLOCK + + +function processArgs { + + for arg in $1 + do + + if [ $arg == "--version" ] + then + echo "" + echo "Smart Card Manager: Version: $VERSION ." + echo "" + exit 0 + fi + + if [ $arg == "--help" ] + then + echo "" + echo "Smart Card Manager: GUI tool to manage smart cards." + echo "Run by selecting from the system menu or by typing , esc at the terminal." + echo "" + exit 0 + fi + + done +} + +processArgs $* + + +ESC_PATH=$LIBDIR/esc-1.1.2 +ESC_BIN=esc.js +ESC_EXEC=gjs + +export OPENSC_CONF=$ESC_PATH/opensc.esc.conf +export GI_TYPELIB_PATH=$ESC_PATH/lib/girepository-1.0 +export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$ESC_PATH/lib + +cd $ESC_PATH + +$ESC_EXEC --include-path $ESC_PATH ./$ESC_BIN & + +exit 0 + + + diff --git a/SOURCES/esc-1.1.2-fix1.patch b/SOURCES/esc-1.1.2-fix1.patch new file mode 100644 index 0000000..be282e8 --- /dev/null +++ b/SOURCES/esc-1.1.2-fix1.patch @@ -0,0 +1,33 @@ +diff -up ./esc/src/lib/coolkey/Makefile.am.fix1 ./esc/src/lib/coolkey/Makefile.am +--- ./esc/src/lib/coolkey/Makefile.am.fix1 2018-10-08 14:04:44.963523599 -0700 ++++ ./esc/src/lib/coolkey/Makefile.am 2018-10-08 14:06:18.605022660 -0700 +@@ -54,6 +54,7 @@ lib_LTLIBRARIES += libCoolkey-1.0.la + libCoolkey_1_0_la_CFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -I ../nss-http-client + libCoolkey_1_0_la_CPPFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -I ../nss-http-client + libCoolkey_1_0_la_LIBADD = $(COOLKEY_LIBS) ++libCoolkey_1_0_la_LDFLAGS = -Wl,-z,now + libCoolkey_1_0_la_SOURCES = $(source_c) $(source_cpp) + + coolkeyincludedir = $(includedir)/src/lib/coolkey +diff -up ./esc/src/lib/coolkey-mgr/Makefile.am.fix1 ./esc/src/lib/coolkey-mgr/Makefile.am +--- ./esc/src/lib/coolkey-mgr/Makefile.am.fix1 2018-10-08 14:04:30.132602938 -0700 ++++ ./esc/src/lib/coolkey-mgr/Makefile.am 2018-10-08 14:05:38.265238463 -0700 +@@ -59,6 +59,7 @@ source_cpp = \ + + lib_LTLIBRARIES += libcoolkeymgr-1.0.la + libcoolkeymgr_1_0_la_LIBADD = $(COOLKEY_MGR_LIBS) $(ESC_LIBS) $(OTHER_LIBS) ++libcoolkeymgr_1_0_la_LDFLAGS = -Wl,-z,now + libcoolkeymgr_1_0_la_SOURCES = $(source_c) $(source_cpp) $(source_h) + + coolkeymgrincludedir = $(includedir)/coolkey-mgr +diff -up ./esc/src/lib/nss-http-client/Makefile.am.fix1 ./esc/src/lib/nss-http-client/Makefile.am +--- ./esc/src/lib/nss-http-client/Makefile.am.fix1 2018-10-08 14:04:57.302457592 -0700 ++++ ./esc/src/lib/nss-http-client/Makefile.am 2018-10-08 14:06:44.701883050 -0700 +@@ -52,6 +52,7 @@ lib_LTLIBRARIES += libNssHttpClient-1.0. + #libNssHttpClient_1_0_la_CFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -DLINUX -I ../coolkey + libNssHttpClient_1_0_la_CPPFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -I ../coolkey @DEFS@ + libNssHttpClient_1_0_la_LIBADD = $(COOLKEY_LIBS) ++libNssHttpClient_1_0_la_LDFLAGS = -Wl,-z,now + libNssHttpClient_1_0_la_SOURCES = $(source_c) $(source_cpp) $(source_h) + + coolkeyincludedir = $(includedir)/src/lib/coolkey diff --git a/SOURCES/esc-1.1.2-fix10.patch b/SOURCES/esc-1.1.2-fix10.patch new file mode 100644 index 0000000..7678b5a --- /dev/null +++ b/SOURCES/esc-1.1.2-fix10.patch @@ -0,0 +1,291 @@ +diff -up ./esc/esc-1.1.2/esc/src/app/esc.js.fix10 ./esc/esc-1.1.2/esc/src/app/esc.js +--- ./esc/src/app/esc.js.fix10 2020-12-02 15:47:00.688951279 -0800 ++++ ./esc/src/app/esc.js 2020-12-02 15:47:00.690951273 -0800 +@@ -370,12 +370,20 @@ class ESC { + let nick = ""; + if(certObj.token == null) + token = "internal"; +- else ++ else { + token = certObj.token; ++ } + + nick = certObj.nick; +- +- certDetail = this._execProgram(['/usr/bin/certutil','-L','-d', this._getConfigPath(), '-h', token, '-f' , pFileName, '-n', token + ":" + nick]); ++ ++ let tokenNick = '"' + token + ":" + nick + '"' ; ++ token = '"' + token + '"'; ++ let argv1 = ['/usr/bin/certutil','-L','-d', this._getConfigPath(), '-h', token, '-f' , pFileName, '-n', tokenNick]; ++ ++ print("argv1: " + argv1); ++ ++ ++ certDetail = this._execProgram(argv1); + + return certDetail; + } +@@ -475,7 +483,7 @@ class ESC { + result = -1; + return result; + } +- ++ + result = stdoutb.toString(); + + } catch (e) { +@@ -792,19 +800,18 @@ class ESC { + let status = this._selectedTokenInfo.status; + + if(status == 4 /* enrolled */) { +- this._pinMgr = new PinDialog.pinDialog(this); +- this._pinMgr.launchPinPrompt(this._promptPinDone.bind(this)); ++ let coolkey_token = this._selectedTokenInfo; ++ ++ this._tokenInfoBuffer.text += ++ this.mgr.get_certs_info(coolkey_token); ++ + } + + } +- _promptPinDone(tempFileName) { +- +- let coolkey_token = this._selectedTokenInfo; +- +- this._tokenInfoBuffer.text += +- this._getCertList(coolkey_token,tempFileName) + "\n"; + ++ _promptPinDone(tempFileName) { + } ++ + _response_cb() { + if(this._messageDialog) { + this._messageDialog.destroy(); +diff -up ./esc/src/app/opensc.esc.conf.fix10 ./esc/src/app/opensc.esc.conf +--- ./esc/src/app/opensc.esc.conf.fix10 2020-12-02 15:51:05.812283690 -0800 ++++ ./esc/src/app/opensc.esc.conf 2020-12-02 15:51:30.835215539 -0800 +@@ -94,6 +94,7 @@ app default { + module_path = /usr/lib64; + } + framework pkcs15 { ++ use_file_caching = true; + builtin_emulators = coolkey, cac, cac1, PIV-II; + } + } +diff -up ./esc/src/app/pinDialog.js.fix10 ./esc/src/app/pinDialog.js +--- ./esc/src/app/pinDialog.js.fix10 2020-12-02 15:47:00.683951293 -0800 ++++ ./esc/src/app/pinDialog.js 2020-12-02 15:47:00.691951271 -0800 +@@ -94,7 +94,6 @@ pinDialog.prototype = { + if(this.notify) { + this.notify(this.tempFileName); + } +- + this.clearTempFile(); + this.dialog.destroy(); + this.dialog = null; +diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix10 ./esc/src/lib/coolkey/CoolKeyHandler.cpp +--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix10 2020-12-02 16:25:29.075670723 -0800 ++++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-12-02 16:30:53.310789119 -0800 +@@ -46,6 +46,7 @@ + + static const char *cac_manu_id= "Common Access Card"; + static const char *piv_manu_id= "piv II "; ++static const char *piv_manu_id_1= "piv_II"; + + //static char *test_extended_login = "s=325&msg_type=13&invalid_login=0&blocked=0&error=&required_parameter0=id%3DUSER%5FID%26name%3DUser+ID%26desc%3DUser+ID%26type%3Dstring%26option%3Doption1%2Coption2%2Coption3&required_parameter1=id%3DUSER%5FPWD%26name%3DUser+Password%26desc%3DUser+Password%26type%3Dpassword%26option%3D&required_parameter2=id%3DUSER%5FPIN%26name%3DPIN%26desc%3DOne+time+PIN+received+via+mail%26type%3Dpassword%26option%3D"; + +@@ -2300,7 +2301,9 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + if(!memcmp( tokenInfo.manufacturerID,cac_manu_id,strlen(cac_manu_id ))) { + isACAC = 1; + } else if(!memcmp(tokenInfo.manufacturerID, piv_manu_id, strlen(piv_manu_id))) { +- isAPIV = 1; ++ isAPIV = 1; ++ } else if(!memcmp(tokenInfo.manufacturerID, piv_manu_id_1, strlen(piv_manu_id_1))) { ++ isAPIV = 1; + } else { + isACOOLKey = 1; + } +diff -up ./esc/src/lib/coolkey-mgr/coolkey-api.cpp.fix10 ./esc/src/lib/coolkey-mgr/coolkey-api.cpp +--- ./esc/src/lib/coolkey-mgr/coolkey-api.cpp.fix10 2020-12-02 15:47:00.673951320 -0800 ++++ ./esc/src/lib/coolkey-mgr/coolkey-api.cpp 2020-12-02 15:47:00.691951271 -0800 +@@ -17,6 +17,8 @@ + + #include "coolkey-api.h" + #include "rhCoolKey.h" ++#include ++ + + static rhCoolKey *coolkey = NULL; + static const char * coolkeyDbusName = NULL; +@@ -79,6 +81,54 @@ char *coolkey_get_phone_home(char *url) + } + } + ++/* get a string with all the certs detail for a token */ ++ ++char *coolkey_get_certs_info(int keyType, const char *keyID) { ++ ++ string str_result; ++ if (coolkey == NULL) { ++ return NULL; ++ } ++ ++ char *result = NULL; ++ char **names = NULL; ++ PRUint32 count = 0; ++ HRESULT res = coolkey->GetCoolKeyCertNicknames(keyType, keyID, &count, &names); ++ ++ if(count > 0 && res == S_OK) { ++ for(int i = 0 ; i < count ; i++) { ++ char *curName = names[i]; ++ ++ if(curName) { ++ char *certDetail = NULL; ++ str_result = str_result + curName + "\n" ; ++ res = coolkey->GetCoolKeyCertInfo(keyType, keyID, curName, &certDetail); ++ if(res == S_OK && certDetail != NULL) { ++ str_result = str_result + certDetail + "\n"; ++ PL_strfree(certDetail); ++ certDetail = NULL; ++ } ++ } ++ } ++ } ++ ++ if(str_result.c_str()) { ++ result = PL_strdup((char *) str_result.c_str()); ++ } ++ ++ for(int i = 0 ; i < count ; i++) { ++ if(names[i]) { ++ PL_strfree(names[i]); ++ names[i] = NULL; ++ } ++ } ++ ++ PR_Free(names); ++ names = NULL; ++ ++ return result; ++} ++ + + /* get a block of data about a token in a structure format */ + tokenInfo *coolkey_get_token_info(int keyType, const char *keyID) { +diff -up ./esc/src/lib/coolkey-mgr/coolkey-api.h.fix10 ./esc/src/lib/coolkey-mgr/coolkey-api.h +--- ./esc/src/lib/coolkey-mgr/coolkey-api.h.fix10 2020-12-02 15:47:00.673951320 -0800 ++++ ./esc/src/lib/coolkey-mgr/coolkey-api.h 2020-12-02 15:47:00.691951271 -0800 +@@ -43,6 +43,8 @@ void coolkey_init(const char *db_dir, co + void coolkey_destroy(); + + char *coolkey_get_phone_home(char *url); ++char *coolkey_get_certs_info(int keyType, const char *keyID); ++ + tokenInfo *coolkey_get_token_info(int keyType,const char *keyID); + void coolkey_free_token_info(tokenInfo *tInfo); + +diff -up ./esc/src/lib/coolkey-mgr/coolkey-mgr.c.fix10 ./esc/src/lib/coolkey-mgr/coolkey-mgr.c +--- ./esc/src/lib/coolkey-mgr/coolkey-mgr.c.fix10 2020-12-02 15:47:00.673951320 -0800 ++++ ./esc/src/lib/coolkey-mgr/coolkey-mgr.c 2020-12-02 15:47:00.691951271 -0800 +@@ -346,6 +346,36 @@ cleanup: + } + + ++gchar* ++coolkey_mgr_get_certs_info(CoolkeyMgr *self, CoolkeyToken* token) { ++ ++ gchar *cuid = NULL; ++ gchar *keyType = NULL; ++ int keyTypeInt = 0; ++ gchar *certInfo = NULL; ++ ++ g_object_get(token,"key_type", &keyType,NULL); ++ g_object_get(token,"cuid", &cuid, NULL); ++ ++ if(keyType == NULL || cuid == NULL) { ++ goto cleanup; ++ } ++ ++ keyTypeInt = atoi(keyType); ++ ++ if(keyType == NULL || cuid == NULL) { ++ goto cleanup; ++ } ++ ++ certInfo = coolkey_get_certs_info(keyTypeInt, cuid); ++ ++cleanup: ++ ++ g_free (keyType); ++ g_free (cuid); ++ ++ return certInfo; ++} + + void + coolkey_mgr_get_token_info(CoolkeyMgr* self, CoolkeyToken* token) { +diff -up ./esc/src/lib/coolkey-mgr/coolkey-mgr.h.fix10 ./esc/src/lib/coolkey-mgr/coolkey-mgr.h +--- ./esc/src/lib/coolkey-mgr/coolkey-mgr.h.fix10 2020-12-02 15:47:00.673951320 -0800 ++++ ./esc/src/lib/coolkey-mgr/coolkey-mgr.h 2020-12-02 15:47:00.691951271 -0800 +@@ -46,6 +46,8 @@ int coolkey_mgr_cancel_token_operation(C + + void coolkey_mgr_get_token_info(CoolkeyMgr* self, CoolkeyToken* token); + ++gchar * coolkey_mgr_get_certs_info(CoolkeyMgr*self, CoolkeyToken* token); ++ + gchar * coolkey_mgr_phone_home(CoolkeyMgr* self, gchar *url); + + gchar * coolkey_mgr_speak (CoolkeyMgr* self, gchar *words); +diff -up ./esc/src/lib/coolkey/NSSManager.cpp.fix10 ./esc/src/lib/coolkey/NSSManager.cpp +--- ./esc/src/lib/coolkey/NSSManager.cpp.fix10 2020-12-02 15:47:00.680951301 -0800 ++++ ./esc/src/lib/coolkey/NSSManager.cpp 2020-12-02 15:47:00.691951271 -0800 +@@ -41,7 +41,7 @@ + + #include + #include +- ++#include + #include "SlotUtils.h" + + static PRLogModuleInfo *coolKeyLogNSS = PR_NewLogModule("coolKeyNSS"); +@@ -314,7 +314,10 @@ NSSManager::GetKeyCertNicknames( const C + CERTCertificate *cert = node->cert; + if(cert) + { +- if(cert->slot != slot) ++ char *certSlotName = PK11_GetSlotName(cert->slot); ++ char *slotName = PK11_GetSlotName(slot); ++ ++ if(strcmp(certSlotName, slotName)) + { + CERT_RemoveCertListNode(node); + } +@@ -346,7 +349,10 @@ NSSManager::GetKeyCertNicknames( const C + PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetCertKeyNicknames name %s \n",GetTStamp(tBuff,56),curName)); + + string str = curName; +- aStrings.push_back (str); ++ ++ if (find(aStrings.begin(), aStrings.end(), str) == aStrings.end()) { ++ aStrings.push_back (str); ++ } + } + + CERT_FreeNicknames(nicknames); +@@ -691,6 +697,16 @@ HRESULT NSSManager::GetKeyCertInfo(const + aCertInfo = issuedToCNStr + "\n" + issuerCNStr + "\n" + + notBeforeStr + "\n" + notAfterStr + "\n" + serialStr ; + PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyCertInfo issuerCN %s issuedToCN %s \n",GetTStamp(tBuff,56),issuerCN, issuedToCN)); ++ ++ if(nBefore) { ++ PORT_Free(nBefore); ++ nBefore = NULL; ++ } ++ ++ if(nAfter) { ++ PORT_Free(nAfter); ++ nAfter = NULL; ++ } + + break; + } diff --git a/SOURCES/esc-1.1.2-fix11.patch b/SOURCES/esc-1.1.2-fix11.patch new file mode 100644 index 0000000..e2e8de0 --- /dev/null +++ b/SOURCES/esc-1.1.2-fix11.patch @@ -0,0 +1,104 @@ +diff -up ./esc/src/app/esc.js.fix11 ./esc/src/app/esc.js +--- ./esc/src/app/esc.js.fix11 2022-06-15 19:12:43.974710780 -0400 ++++ ./esc/src/app/esc.js 2022-06-15 19:12:54.657664269 -0400 +@@ -581,7 +581,6 @@ class ESC { + this._configFile = new GLib.KeyFile(); + + this._configPath = GLib.get_user_config_dir() + "/esc"; +- + let configDir = Gio.File.new_for_path(this._configPath); + + try { +@@ -606,6 +605,9 @@ class ESC { + this._configFile.save_to_file(this._configFileName); + } + } ++ _initConfigTokenManuIDs() { ++ this._setConfigValue("esc.token.manu_id.0","Volkswagen AG"); ++ } + + _buildUI() { + // Create the application window +@@ -637,6 +639,7 @@ class ESC { + + + this._initConfig(); ++ this._initConfigTokenManuIDs(); + this._initProperties(); + + this._statusMessages = null; +diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix11 ./esc/src/lib/coolkey/CoolKeyHandler.cpp +--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix11 2022-06-15 19:10:26.278310248 -0400 ++++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2022-06-15 19:10:46.824220800 -0400 +@@ -63,6 +63,7 @@ static const char *piv_manu_id_1= "piv_ + static PRLogModuleInfo *coolKeyLogHN = PR_NewLogModule("coolKeyHandler"); + + void NotifyEndResult(CoolKeyHandler* context, int operation, int result, int description); ++bool isTokenTypeOtherKnownType(CK_TOKEN_INFO *tokenInfo); + + struct AutoCKYBuffer : public CKYBuffer + { +@@ -2246,6 +2247,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + int isACOOLKey = 0; + int isACAC = 0; + int isAPIV = 0; ++ bool isOtherKey = false; + + int hasApplet = 0; + int isPersonalized = 0; +@@ -2306,6 +2308,12 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + isAPIV = 1; + } else { + isACOOLKey = 1; ++ isOtherKey = isTokenTypeOtherKnownType(&tokenInfo); ++ if(isOtherKey == true && hasApplet == 0 && isPersonalized == 0) { ++ isACOOLKey = 0; ++ } else { ++ isOtherKey = false; ++ } + } + + // OK, we have everything we need, now build the COOLKEYInfo structure. +@@ -2336,7 +2344,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + tokenInfo.firmwareVersion.major = 1; + } + +- if(isPersonalized == 1 || isACAC == 1 || isAPIV == 1) { ++ if(isPersonalized == 1 || isACAC == 1 || isAPIV == 1 || isOtherKey == true) { + tokenInfo.flags |= CKF_TOKEN_INITIALIZED; + } + +@@ -2407,3 +2415,33 @@ failed: + + return NULL; + } ++ ++bool isTokenTypeOtherKnownType(CK_TOKEN_INFO *tokenInfo) ++{ ++ char tBuff[56]; ++ bool res = false; ++ ++ if(tokenInfo == NULL) { ++ return res; ++ } ++ string curManuCfg; ++ string num; ++ for(int i = 0;;i++) { ++ num = to_string(i); ++ curManuCfg = "esc.token.manu_id." + num; ++ const char *curManu = CoolKeyGetConfig(curManuCfg.c_str()); ++ ++ if(curManu == NULL) { ++ break; ++ } ++ ++ int match = memcmp(tokenInfo->manufacturerID, curManu, strlen(curManu)); ++ CoolKeyFreeConfig(curManu); ++ if(match == 0) { ++ res = true; ++ break; ++ } ++ } ++ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("%s CoolKeyHandler::isTokenTypeOtherKnownType: result: %d .\n",GetTStamp(tBuff,56), res)); ++ return res; ++} diff --git a/SOURCES/esc-1.1.2-fix2.patch b/SOURCES/esc-1.1.2-fix2.patch new file mode 100644 index 0000000..904ab66 --- /dev/null +++ b/SOURCES/esc-1.1.2-fix2.patch @@ -0,0 +1,103 @@ +diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix2 ./esc/src/lib/coolkey/CoolKey.cpp +--- ./esc/src/lib/coolkey/CoolKey.cpp.fix2 2018-10-11 18:34:34.622987227 -0700 ++++ ./esc/src/lib/coolkey/CoolKey.cpp 2018-10-11 18:36:11.918476971 -0700 +@@ -492,13 +492,11 @@ HRESULT CoolKeyGetCUIDDirectly(char *aBu + } + + cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER); +- assert(cardCtxt); + if (!cardCtxt) { + goto done; + } + + conn = CKYCardConnection_Create(cardCtxt); +- assert(conn); + if (!conn) { + goto done; + } +@@ -559,13 +557,11 @@ HRESULT CoolKeyGetATRDirectly(char *aBuf + } + + cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER); +- assert(cardCtxt); + if (!cardCtxt) { + goto done; + } + + conn = CKYCardConnection_Create(cardCtxt); +- assert(conn); + if (!conn) { + goto done; + } +@@ -629,13 +625,11 @@ HRESULT CoolKeyGetLifeCycleDirectly(CKYB + } + + cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER); +- assert(cardCtxt); + if (!cardCtxt) { + goto done; + } + + conn = CKYCardConnection_Create(cardCtxt); +- assert(conn); + if (!conn) { + goto done; + } +@@ -691,13 +685,11 @@ HRESULT CoolKeyGetCPLCDataDirectly(CKYAp + } + + cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER); +- assert(cardCtxt); + if (!cardCtxt) { + goto done; + } + + conn = CKYCardConnection_Create(cardCtxt); +- assert(conn); + if (!conn) { + goto done; + } +@@ -752,19 +744,16 @@ static void PR_CALLBACK BlinkTimer(void + const char *readerName = NULL; + + CKYCardContext *cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER); +- assert(cardCtxt); + if (!cardCtxt) { + goto done; + } + + conn = CKYCardConnection_Create(cardCtxt); +- assert(conn); + if (!conn) { + goto done; + } + + readerName = GetReaderNameForKeyID(¶ms->mKey); +- assert(readerName); + if (!readerName) { + goto done; + } +@@ -1336,7 +1325,6 @@ HRESULT CoolKeyGetIssuerInfo(const CoolK + + CKYCardContext *cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER); + +- assert(cardCtxt); + if (!cardCtxt) { + CoolKeyLogMsg( PR_LOG_ERROR, "%s Attempting to get key issuer info. Can't create Card Context !.\n",GetTStamp(tBuff,56)); + result = E_FAIL; +@@ -1344,7 +1332,6 @@ HRESULT CoolKeyGetIssuerInfo(const CoolK + } + + conn = CKYCardConnection_Create(cardCtxt); +- assert(conn); + if (!conn) { + CoolKeyLogMsg( PR_LOG_ERROR, "%s Attempting to get key issuer info. Can't create Card Connection!\n",GetTStamp(tBuff,56)); + result = E_FAIL; +@@ -1352,7 +1339,6 @@ HRESULT CoolKeyGetIssuerInfo(const CoolK + } + + readerName = GetReaderNameForKeyID(aKey); +- assert(readerName); + if (!readerName) { + CoolKeyLogMsg( PR_LOG_ERROR, "%s Attempting to get key issuer info. Can't get reader name!\n",GetTStamp(tBuff,56)); + result = E_FAIL; diff --git a/SOURCES/esc-1.1.2-fix3.patch b/SOURCES/esc-1.1.2-fix3.patch new file mode 100644 index 0000000..579156f --- /dev/null +++ b/SOURCES/esc-1.1.2-fix3.patch @@ -0,0 +1,300 @@ +diff -up ./esc/configure.ac.fix3 ./esc/configure.ac +--- ./esc/configure.ac.fix3 2018-07-30 14:51:37.000000000 -0700 ++++ ./esc/configure.ac 2018-10-12 14:06:48.349544811 -0700 +@@ -56,8 +56,6 @@ AM_PROG_AR + AM_SILENT_RULES([yes]) + LT_INIT + +-SCARD_LIB_NAME="libpcsclite.so.1" +- + # Versioning + ESC_MAJOR_VERSION=esc_major_version + ESC_MINOR_VERSION=esc_minor_version +@@ -75,6 +73,7 @@ GOBJECT_INTROSPECTION_CHECK(1.56.1) + # Output + AC_DEFINE([DLL_SUFFIX], ["so"], [Description]) + AC_DEFINE([LINUX], [1], [Description]) ++AC_DEFINE([SCARD_LIB_NAME],["libpcsclite.so.1"], [Description]) + AC_SUBST(ESC_CFLAGS) + AC_SUBST(ESC_LIBS) + AC_CONFIG_FILES([Makefile src/app/Makefile src/lib/coolkey/Makefile src/lib/nss-http-client/Makefile src/lib/coolkey-mgr/Makefile]) +diff -up ./esc/src/app/esc.js.fix3 ./esc/src/app/esc.js +--- ./esc/src/app/esc.js.fix3 2018-10-12 17:59:36.790939337 -0700 ++++ ./esc/src/app/esc.js 2018-10-12 19:26:51.847470201 -0700 +@@ -44,13 +44,16 @@ const CoolKeyNotify = new Lang.Class({ + this._unique_name = "Unknown"; + this._dbusImpl = Gio.DBusExportedObject.wrapJSObject(CoolKeyNotifyIface, this); + this._dbusImpl.export(Gio.DBus.session, '/com/jmagne/CoolKeyNotify'); +- this._dbusId = Gio.DBus.session.own_name( 'com.rm5248', Gio.BusNameOwnerFlags.NONE, this._nameAcquired.bind(this), this._nameLost); ++ this._dbusId = Gio.DBus.session.own_name( 'com.rm5248', Gio.BusNameOwnerFlags.NONE, this._nameAcquired.bind(this), this._nameLost.bind(this)); + }, + _nameAcquired: function( name ) { + this._unique_name = name.unique_name; + this._client._createCoolKeyMgr(this._unique_name); + }, + _nameLost: function( name ) { ++ if(this._client._window) { ++ this._client._window.destroy(); ++ } + }, + + notifyCoolKeyEvent: function(aKeyType, aKeyID, aKeyState, aData, strData) { +@@ -76,6 +79,7 @@ class ESC { + this._window.present(); + } + _onStartup() { ++ this.mgr = null; + this._buildUI(); + this.notify = new CoolKeyNotify(this); + } +@@ -95,8 +99,10 @@ class ESC { + this.notify._dbusImpl.unexport(); + this.notify = null; + } +- this.mgr.cleanup(); +- this.mgr = null; ++ if(this.mgr) { ++ this.mgr.cleanup(); ++ this.mgr = null; ++ } + this._window.destroy(); + } + +@@ -212,9 +218,7 @@ class ESC { + + if (res == false) { + this._configFile.set_string("ESC","name","Smart Card Utility"); +- print("attmpeting to create: " + config_name); + res = this._configFile.save_to_file(config_name); +- print("res: " + res); + } + } + +diff -up ./esc/src/lib/coolkey/cky_card.c.fix3 ./esc/src/lib/coolkey/cky_card.c +--- ./esc/src/lib/coolkey/cky_card.c.fix3 2018-05-03 14:03:07.000000000 -0700 ++++ ./esc/src/lib/coolkey/cky_card.c 2018-10-12 14:06:48.350544806 -0700 +@@ -139,21 +139,15 @@ typedef struct _SCard { + goto fail; \ + } + +-#ifdef WIN32 +-#define SCARD_LIB_NAME "winscard.dll" +-#else +-#ifdef MAC +-#define SCARD_LIB_NAME "PCSC.Framework/PCSC" +-#else + #ifdef LINUX +-#define SCARD_LIB_NAME "libpcsclite.so" ++#ifndef SCARD_LIB_NAME ++#define SCARD_LIB_NAME "libpcsclite.so.1" + #else + #ifndef SCARD_LIB_NAME + #error "define wincard library for this platform" + #endif + #endif + #endif +-#endif + + static SCard * + ckySCard_Init(void) +diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix3 ./esc/src/lib/coolkey/CoolKey.cpp +diff -up ./esc/src/lib/coolkey-mgr/coolkey-api.cpp.fix3 ./esc/src/lib/coolkey-mgr/coolkey-api.cpp +--- ./esc/src/lib/coolkey-mgr/coolkey-api.cpp.fix3 2018-10-12 15:12:59.937348875 -0700 ++++ ./esc/src/lib/coolkey-mgr/coolkey-api.cpp 2018-10-12 18:28:34.674060797 -0700 +@@ -71,6 +71,12 @@ tokenInfo *coolkey_get_token_info(int ke + if(tInfo == NULL) { + exit(1); + } ++ ++ tInfo ->atr = NULL; ++ tInfo->issuerInfo = NULL; ++ tInfo->issuer = NULL; ++ tInfo->issuedTo = NULL; ++ tInfo->status = 0; + + coolkey->GetCoolKeyATR(keyType, keyID, &tInfo->atr); + +diff -up ./esc/src/lib/coolkey-mgr/rhCoolKey.cpp.fix3 ./esc/src/lib/coolkey-mgr/rhCoolKey.cpp +--- ./esc/src/lib/coolkey-mgr/rhCoolKey.cpp.fix3 2018-10-12 14:22:05.938864628 -0700 ++++ ./esc/src/lib/coolkey-mgr/rhCoolKey.cpp 2018-10-12 19:15:26.447926406 -0700 +@@ -1053,17 +1053,19 @@ HRESULT rhCoolKey::GetCoolKeyCertInfo(PR + HRESULT rhCoolKey::GetCoolKeyATR(PRUint32 aKeyType, const char *aKeyID, char **_retval) + { + char tBuff[56]; ++ if(aKeyID == NULL || _retval == NULL) { ++ return E_FAIL; ++ } + *_retval = NULL; + AutoCoolKey key(aKeyType, aKeyID); +- char atr[128]; +- HRESULT res = CoolKeyGetATR(&key, (char *)&atr,sizeof(atr)); +- PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s Attempting to get the key's ATR: Key: %s, ATR %s. \n",GetTStamp(tBuff,56),aKeyID, (char *) atr)); +- if(res == S_OK) +- { +- char *temp = (char *) PL_strdup(atr); +- *_retval = temp; ++ char atr[128] = {}; ++ HRESULT res = CoolKeyGetATR(&key, (char *)&atr,sizeof(atr)); ++ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s Attempting to get the key's ATR: Key: %s, ATR %s. \n",GetTStamp(tBuff,56),aKeyID, (char *) atr)); ++ ++ if(res == S_OK) { ++ *_retval = (char *) PL_strdup(atr); + } +- return NS_OK; ++ return res; + } + + /* string GetCoolKeyTokenName (in unsigned long aKeyType, in string aKeyID); */ +@@ -1097,24 +1099,25 @@ HRESULT rhCoolKey::GetCoolKeyTokenName(P + HRESULT rhCoolKey::GetCoolKeyIssuerInfo(PRUint32 aKeyType, const char *aKeyID, char **_retval) + { + char tBuff[56]; ++ ++ if(aKeyID == NULL || _retval == NULL) { ++ return E_FAIL; ++ } + *_retval = NULL; + + AutoCoolKey key(aKeyType, aKeyID); + +- char issuerInfo[256]; ++ char issuerInfo[256] = {}; + + HRESULT res = CoolKeyGetIssuerInfo(&key, (char *)&issuerInfo,256); + + ::CoolKeyLogMsg( 1, "%s Attempting to get the key's Issuer: Key: %s, Issuer %s. \n",GetTStamp(tBuff,56),aKeyID, (char *) issuerInfo); + +- if(res == S_OK) +- { +- char *temp = (char *) PL_strdup(issuerInfo); +- *_retval = temp; +- ++ if(res == S_OK) { ++ *_retval = (char *) PL_strdup(issuerInfo); + } +- return NS_OK; + ++ return res; + } + + /* void rhGetCoolKeyPolicy (in unsigned long aKeyType, in string aKeyID, out string policy); */ +@@ -1153,28 +1156,22 @@ HRESULT rhCoolKey::GetCoolKeyPolicy(PRUi + HRESULT rhCoolKey::GetCoolKeyUID(PRUint32 aKeyType, const char *aKeyID, char **uid) + { + char tBuff[56]; +- if (!aKeyID) { +- return NS_ERROR_FAILURE; ++ if (aKeyID == NULL || uid == NULL) { ++ return E_FAIL; + } + + AutoCoolKey key(aKeyType, ( char *)aKeyID); + +- char buff[512]; ++ char buff[512] = {}; + int bufLength = 512; +- buff[0] = 0; + +- CoolKeyGetUID(&key, (char *) buff, bufLength); +- +- if(!buff[0]) +- { +- return NS_OK; +- } ++ HRESULT res = CoolKeyGetUID(&key, (char *) buff, bufLength); + + PR_LOG(coolKeyLog,PR_LOG_DEBUG,("%s rhCoolKey::RhGetCoolKeyGetUID %s \n",GetTStamp(tBuff,56),(char *) buff)); + +- char *temp = (char *) PL_strdup(buff); +- +- *uid = temp; ++ if(res == S_OK) { ++ char *uid = (char *) PL_strdup(buff); ++ } + + return NS_OK; + +@@ -1185,32 +1182,25 @@ HRESULT rhCoolKey::GetCoolKeyUID(PRUint3 + HRESULT rhCoolKey::GetCoolKeyIssuedTo(PRUint32 aKeyType, const char *aKeyID, char **issuedTo) + { + char tBuff[56]; +- if (!aKeyID) { +- return NS_ERROR_FAILURE; ++ if (aKeyID == NULL || issuedTo == NULL) { ++ return E_FAIL; + } + ++ *issuedTo = NULL; + AutoCoolKey key(aKeyType, ( char *)aKeyID); + +- // const char *keyName = CoolKeyGetTokenName(&key); +- +- char buff[512]; ++ char buff[512] = {}; + int bufLength = 512; +- buff[0] = 0; + +- CoolKeyGetIssuedTo(&key, (char *) buff, bufLength); +- +- if(!buff[0]) +- { +- return NS_OK; +- } ++ HRESULT res = CoolKeyGetIssuedTo(&key, (char *) buff, bufLength); + + PR_LOG(coolKeyLog,PR_LOG_DEBUG,("%s rhCoolKey::RhGetCoolKeyGetIssuedTo %s \n",GetTStamp(tBuff,56),(char *) buff)); + +- char *temp = (char *) PL_strdup(buff); +- +- *issuedTo = temp; ++ if(res == S_OK) { ++ *issuedTo = (char *) PL_strdup(buff); ++ } + +- return NS_OK; ++ return res; + + } + +@@ -1218,32 +1208,24 @@ HRESULT rhCoolKey::GetCoolKeyIssuedTo(PR + HRESULT rhCoolKey::GetCoolKeyIssuer(PRUint32 aKeyType, const char *aKeyID, char **issuer) + { + char tBuff[56]; +- if (!aKeyID) { +- return NS_ERROR_FAILURE; ++ if (!aKeyID || !issuer) { ++ return E_FAIL; + } + + AutoCoolKey key(aKeyType, ( char *)aKeyID); + +- // const char *keyName = CoolKeyGetTokenName(&key); +- +- char buff[512]; ++ char buff[512] = {}; + int bufLength = 512; +- buff[0] = 0; + +- CoolKeyGetIssuer(&key, (char *) buff, bufLength); +- +- if(!buff[0]) +- { +- return NS_OK; +- } ++ HRESULT res = CoolKeyGetIssuer(&key, (char *) buff, bufLength); + + PR_LOG(coolKeyLog,PR_LOG_DEBUG,("%s rhCoolKey::RhGetCoolKeyGetIssuer %s \n",GetTStamp(tBuff,56),(char *) buff)); + +- char *temp = (char *) PL_strdup(buff); +- +- *issuer = temp; ++ if(res == S_OK) { ++ *issuer = (char *) PL_strdup(buff); ++ } + +- return NS_OK; ++ return res; + + } + +diff -up ./esc/src/lib/coolkey-mgr/rhCoolKey.h.fix3 ./esc/src/lib/coolkey-mgr/rhCoolKey.h diff --git a/SOURCES/esc-1.1.2-fix4.patch b/SOURCES/esc-1.1.2-fix4.patch new file mode 100644 index 0000000..a8c1681 --- /dev/null +++ b/SOURCES/esc-1.1.2-fix4.patch @@ -0,0 +1,3722 @@ +diff -up ./esc/src/app/esc.js.fix4 ./esc/src/app/esc.js +--- ./esc/src/app/esc.js.fix4 2019-01-10 16:19:14.676953557 -0800 ++++ ./esc/src/app/esc.js 2019-01-10 16:19:22.530914751 -0800 +@@ -23,7 +23,14 @@ const Gio = imports.gi.Gio; + const GObject = imports.gi.GObject; + const Pango = imports.gi.Pango; + const GLib = imports.gi.GLib; ++const PhoneHome = imports.phoneHome; ++const OperationDialog = imports.operationDialog; ++const PinDialog = imports.pinDialog; ++const ESC_CONFIG_FILE_NAME = "esc.conf"; ++const ESC_CONFIG_GROUP = "ESC"; ++const ESC_PWORD_FILE = "pword"; + ++const UNKNOWN_LABEL = "unknown"; + const CoolKeyNotifyIface = ' \ + \ + \ +@@ -36,6 +43,25 @@ const CoolKeyNotifyIface = ' \ + \ + '; + ++ ++// Get application folder and add it into the imports path ++function getAppFileInfo() { ++ let stack = (new Error()).stack, ++ stackLine = stack.split('\n')[1], ++ coincidence, path, file; ++ ++ if (!stackLine) throw new Error('Can not find path!'); ++ ++ coincidence = new RegExp('@(.+):\\d+').exec(stackLine); ++ if (!coincidence) throw new Error('Could not find current file!'); ++ ++ path = coincidence[1]; ++ file = Gio.File.new_for_path(path); ++ return [file.get_path(), file.get_parent().get_path(), file.get_basename()]; ++} ++const path = getAppFileInfo()[1]; ++ ++ + const CoolKeyNotify = new Lang.Class({ + Name: 'CoolKeyNotify', + +@@ -73,8 +99,20 @@ class ESC { + this.application = new Gtk.Application(); + this.application.connect('activate', this._onActivate.bind(this)); + this.application.connect('startup', this._onStartup.bind(this)); ++ this._selectedTokenInfo = null; ++ this._notifyCallback = null; ++ this._currentDir = path; + } + ++ _setNotifyCallback(cb) { ++ this._notifyCallback = cb; ++ ++ } ++ ++ _clearNotifyCallback() { ++ this._notifyCallback = null; ++ } ++ + _onActivate() { + this._window.present(); + } +@@ -94,6 +132,28 @@ class ESC { + } + } + ++ _onCertDetail() { ++ this._promptPin(); ++ } ++ ++ _onFormat() { ++ this._operationMgr = new OperationDialog.operationDialog(this); ++ this._operationMgr.launchOperation(this._selectedTokenInfo,OperationDialog.OP_FORMAT); ++ } ++ ++ _onEnroll() { ++ this._operationMgr = new OperationDialog.operationDialog(this); ++ this._operationMgr.launchOperation(this._selectedTokenInfo,OperationDialog.OP_ENROLL); ++ } ++ ++ _onResetPin() { ++ this._operationMgr = new OperationDialog.operationDialog(this); ++ this._operationMgr.launchOperation(this._selectedTokenInfo,OperationDialog.OP_PIN_RESET); ++ } ++ ++ _onPhoneHome() { ++ this._phoneHomeMgr.getPhoneHomeInfo(this._selectedTokenInfo,true); ++ } + _onExit() { + if(this.notify) { + this.notify._dbusImpl.unexport(); +@@ -115,6 +175,9 @@ class ESC { + this._removeCoolkey(aKeyType, aKeyID, aKeyState, aData, strData); + break; + default: ++ if(this._notifyCallback) { ++ this._notifyCallback(aKeyType, aKeyID,aKeyState, aData,strData); ++ } + break; + } + } +@@ -126,10 +189,10 @@ class ESC { + break; + + case 2: +- return "unitialized"; ++ return "uninitialized"; + break; + case 1: +- return "no applet"; ++ return "unknown"; + break; + default: + return "unknown"; +@@ -137,8 +200,12 @@ class ESC { + } + } + +- _insertCoolkey(aKeyType, aKeyID, aKeyState, aData, strData) { ++ _phoneHome(url) { ++ let info = this.mgr.phone_home(url); ++ return info; ++ } + ++ _insertCoolkey(aKeyType, aKeyID, aKeyState, aData, strData) { + if(aKeyType && aKeyID) { + + let inserted = new Coolkey.Token({ key_type: String(aKeyType) , +@@ -146,8 +213,68 @@ class ESC { + + this.mgr.get_token_info(inserted); + ++ let issuer = inserted.issuer; ++ let issuedTo = inserted.issued_to; ++ ++ if(issuer == null || issuer.length == 0) { ++ issuer = "unknown"; ++ } ++ if(issuedTo == null || issuedTo.length == 0) { ++ issuedTo = "unknown"; ++ } + this._tokenStore.set (this._tokenStore.append(), [0, 1, 2, 3, 4], +- [inserted.issuer, inserted.issued_to, this._getStatusString(inserted.status), aKeyID,aKeyType]); ++ [issuer, issuedTo, this._getStatusString(inserted.status), aKeyID,aKeyType]); ++ ++ let [ isSelected, iter] = this._tokenStore.get_iter_first(); ++ ++ while(isSelected) { ++ if(aKeyID == this._tokenStore.get_value(iter,3)) { ++ this.selection.select_iter(iter); ++ break; ++ } ++ isSelected = this._tokenStore.iter_next(iter); ++ } ++ ++ } ++ } ++ ++ _updateCoolkey(originalKey) { ++ if(originalKey) { ++ this._removeCoolkey(originalKey.key_type, originalKey.cuid,null, null, null); ++ this._insertCoolkey(originalKey.key_type, originalKey.cuid,null, null, null); ++ } ++ ++ } ++ _updateOperationsArea(insertedToken, doReset) { ++ if(!insertedToken && !doReset) { ++ return; ++ } ++ ++ if(doReset) { ++ this._operationsGrid.remove(this._phoneHomeButton); ++ this._operationsGrid.remove(this._enrollButton); ++ this._operationsGrid.remove(this._resetPinButton); ++ this._operationsGrid.remove(this._formatButton); ++ this._operationsGrid.remove(this._certDetailButton); ++ this._operationsGrid.show_all(); ++ return; ++ } ++ ++ if(insertedToken.is_a_cool_key) { ++ this._operationsGrid.add(this._phoneHomeButton); ++ this._operationsGrid.add(this._formatButton); ++ if(insertedToken.status == 2 ) { ++ this._operationsGrid.add(this._enrollButton); ++ } ++ ++ // if enrolled ++ if(insertedToken.status == 4) { ++ this._operationsGrid.add(this._enrollButton); ++ this._operationsGrid.add(this._resetPinButton); ++ this._operationsGrid.add(this._certDetailButton); ++ } ++ ++ this._operationsGrid.show_all(); + } + } + +@@ -158,10 +285,13 @@ class ESC { + if(aKeyID == this._tokenStore.get_value(iter,3)) { + this._tokenStore.remove(iter); + this._tokenInfoBuffer.text = ""; ++ this._updateOperationsArea(null,true); + return; + } + isSelected = this._tokenStore.iter_next(iter); + } ++ ++ this._updateOperationsArea(null,true); + } + + _updateTokenInfoTextView(coolkey_token) { +@@ -172,9 +302,160 @@ class ESC { + let atr = coolkey_token.atr; + let issuer_info = coolkey_token.issuer_info; + +- this._tokenInfoBuffer.text = "Token ID: " + cuid + "\n" ++ this._tokenInfoBuffer.text = "Token ID: " + cuid + "\n" + + "ATR: " + atr + "\n" +- + "Token Issuer URL: " + issuer_info + "\n"; ++ + "Token Issuer URL: " + issuer_info + "\n" ++ + "Token is a CoolKey: " + coolkey_token.is_a_cool_key + "\n\n\n " ; ++ ++ } ++ ++ _getCertListDetail(certsList,pFileName) { ++ ++ let i = 0; ++ let detail = "\n\nCerts In Detail \n\n"; ++ let curDetail = ""; ++ if(certsList == null) { ++ return null; ++ } ++ ++ //right now for some reason specifying a nickname will list all certs ++ for(i = 0 ; i < 1; i++ ) { ++ curDetail = this._getCertDetail(certsList[i],pFileName); ++ ++ if(curDetail.length < 100) { ++ detail += "Error finding cert detail."; ++ } else { ++ detail += curDetail + "\n"; ++ } ++ } ++ ++ return detail; ++ ++ } ++ ++ _getCertDetail(certObj, pFileName) { ++ if(certObj == null || pFileName == null) { ++ return null; ++ } ++ ++ let certDetail = ""; ++ let token = ""; ++ let nick = ""; ++ if(certObj.token == null) ++ token = "internal"; ++ else ++ token = certObj.token; ++ ++ nick = certObj.nick; ++ ++ certDetail = this._execProgram(['/usr/bin/certutil','-L','-d', this._getConfigPath(), '-h', token, '-f' , pFileName, '-n', token + ":" + nick]); ++ ++ return certDetail; ++ } ++ ++ _getCertList(coolkey_token,pFileName) { ++ ++ let certInfo = ""; ++ ++ certInfo = this._execProgram(['/usr/bin/certutil','-L','-d', this._getConfigPath(), '-h', 'all', '-f' , pFileName]); ++ ++ let certs = this._parseCertList(certInfo); ++ ++ let i = 0; ++ let certsInfo = "Certificate List\n"; ++ ++ if(certs.length == 0 ) { ++ certsInfo = certsInfo + "No Certificates Found\n"; ++ return certsInfo; ++ } ++ ++ for(i = 0 ; i < certs.length; i++ ) { ++ certsInfo += "\n" + certs[i].token + " : " + certs[i].nick + "\n"; ++ } ++ ++ certsInfo += this._getCertListDetail(certs,pFileName) + "\n"; ++ ++ return certsInfo; ++ } ++ ++ _parseCertList(listStr) { ++ ++ if(!listStr) ++ return; ++ ++ let lines = listStr.split('\n'); ++ ++ let line = ""; ++ let i = 0; ++ let token = ""; ++ let nick = ""; ++ ++ let certlist = []; ++ for(i = 3 ; i < lines.length; i++) { ++ ++ token = ""; ++ nick = ""; ++ let index = lines[i].search(/,/i); ++ ++ if(index > 0) { ++ line = lines[i]; ++ index -= 2; ++ line = line.substring(0,index); ++ line = line.trim(); ++ ++ let sepIndex = line.indexOf(":"); ++ ++ if(sepIndex > 0 ) { ++ ++ let res = line.split(":"); ++ ++ if(res.length == 2) { ++ token = res[0]; ++ nick = res[1]; ++ } else { ++ token = ""; ++ nick = line; ++ } ++ ++ certlist.push({ ++ token: token, ++ nick: nick, ++ certDetail: "" ++ }); ++ } ++ } ++ ++ ++ } ++ ++ return certlist; ++ } ++ ++ _execProgram(args) { ++ ++ let result = -1; ++ try { ++ let proc = new Gio.Subprocess({ ++ argv: args , ++ flags: Gio.SubprocessFlags.STDOUT_PIPE ++ }); ++ ++ proc.init(null); ++ ++ let [res,stdoutb,stderrb] = proc.communicate_utf8(null,null); ++ ++ if(res == false) { ++ result = -1; ++ return result; ++ } ++ ++ result = stdoutb.toString(); ++ ++ } catch (e) { ++ return result; ++ } ++ ++ return result; + } + + _onTokenTreeViewSelectionChanged() { +@@ -188,9 +469,78 @@ class ESC { + cuid: this._tokenStore.get_value(iter,3) } ); + + this.mgr.get_token_info(selected); ++ this._updateOperationsArea(selected,true); ++ this._updateOperationsArea(selected,false); ++ this._selectedTokenInfo = selected; + this._updateTokenInfoTextView(selected); + } + ++ _configValueWithKeyID(aKeyID,configValue) { ++ if(!configValue || !aKeyID) ++ return null; ++ ++ return configValue + "-" + aKeyID; ++ ++ } ++ ++ _setConfigValue(name,value) { ++ if(!this._configFile) { ++ return; ++ } ++ ++ try { ++ this._configFile.set_string(ESC_CONFIG_GROUP,name,value); ++ this._configFile.save_to_file(this._configFileName); ++ } catch(e) { ++ return; ++ } ++ } ++ ++ _getConfigValue(name) { ++ if(!this._configFile) { ++ return null; ++ } ++ ++ let value = null; ++ try { ++ value = this._configFile.get_string(ESC_CONFIG_GROUP,name); ++ } catch(e) { ++ return null; ++ } ++ ++ return value; ++ } ++ ++ _getPropertyValue(name) { ++ if(!this._propFile) { ++ return null; ++ } ++ ++ let value = null; ++ try { ++ value = this._propFile.get_string(ESC_CONFIG_GROUP,name); ++ } catch(e) { ++ return null; ++ } ++ ++ return value; ++ } ++ ++ _initProperties() { ++ ++ this._propFile = new GLib.KeyFile(); ++ ++ this._propFileName = this._currentDir + "/esc.properties"; ++ let res = false; ++ try { ++ res = this._propFile.load_from_file (this._propFileName, 0 ); ++ } catch(e) { ++ this._onExitClicked(); ++ //IO error ++ } ++ ++ ++ } + _initConfig() { + // See if it exists already, otherwise create + this._configFile = new GLib.KeyFile(); +@@ -208,17 +558,17 @@ class ESC { + } + } + +- let config_name = this._configPath + "/esc.conf"; ++ this._configFileName = this._configPath + "/esc.conf"; + let res = false; + try { +- res = this._configFile.load_from_file (config_name, 0 ); ++ res = this._configFile.load_from_file (this._configFileName, 0 ); + } catch(e) { + // need to create config file + } + + if (res == false) { + this._configFile.set_string("ESC","name","Smart Card Utility"); +- res = this._configFile.save_to_file(config_name); ++ this._configFile.save_to_file(this._configFileName); + } + } + +@@ -235,24 +585,30 @@ class ESC { + this._window.set_icon_name('application-x-executable'); + } + +- this._hb = new Gtk.HeaderBar(); ++ this._hb = new Gtk.HeaderBar({spacing: 10 }); + this._hb.set_title("Smart Card Manager"); + this._hb.set_show_close_button(true); +- this._window.set_titlebar(this._hb); + +- this._headerTokenBox = new Gtk.Box({orientation: Gtk.Orientation.HORIZONTAL,halign: Gtk.Align.CENTER}); +- this._headerInfoBox = new Gtk.Box({orientation: Gtk.Orientation.HORIZONTAL,halign: Gtk.Align.CENTER}); ++ this._window.set_titlebar(this._hb); + + this._infoLabel = new Gtk.Label({label: "Token Information",use_markup: true}); + this._tokenLabel = new Gtk.Label({label: "Tokens",use_markup: true}); + +- this._headerInfoBox.add(this._infoLabel); ++ this._vSep = new Gtk.VSeparator(); ++ ++ this._hb.add(this._tokenLabel); ++ this._hb.pack_end(this._infoLabel); ++ //this._hb.add(this._vSep); + +- this._headerTokenBox.add(this._tokenLabel); + + this._initConfig(); ++ this._initProperties(); ++ ++ this._statusMessages = null; ++ this._getStatusMessages(); ++ + this._outerGrid = new Gtk.Grid({orientation: Gtk.Orientation.HORIZONTAL, border_width: 0}); +- this._tokenFrame = new Gtk.Frame({hexpand: true}); ++ this._tokenFrame = new Gtk.Frame({hexpand: false, width_request: 300}); + this._infoFrame = new Gtk.Frame({border_width: 0}); + + this._tokenBox = new Gtk.Grid({orientation: Gtk.Orientation.VERTICAL, border_width: 0,hexpand: true}); +@@ -280,33 +636,33 @@ class ESC { + + // Create the treeview + this._tokenTreeView = new Gtk.TreeView ({ +- expand: true, ++ hexpand: true, ++ vexpand: true, + model: this._tokenStore }); + + let issuer = new Gtk.TreeViewColumn ({ title: "Issuer" }); + let issuedTo = new Gtk.TreeViewColumn ({ title: "Issued To" }); + let status = new Gtk.TreeViewColumn ({ title: "Status" }); +- let tokenId = new Gtk.TreeViewColumn({ title: "Token Id"}); ++ //let tokenId = new Gtk.TreeViewColumn({ title: "Token Id"}); + + let bold = new Gtk.CellRendererText ({ +- weight: Pango.Weight.BOLD }); +- ++ weight: Pango.Weight.BOLD}); + let normal = new Gtk.CellRendererText (); + + issuer.pack_start (bold, true); + issuedTo.pack_start (normal, true); + status.pack_start (normal, true); +- tokenId.pack_start(normal,true); ++ //tokenId.pack_start(normal,true); + + issuer.add_attribute (bold, "text", 0); + issuedTo.add_attribute (normal, "text", 1); + status.add_attribute (normal, "text", 2); +- tokenId.add_attribute(normal,"text",3); ++ //tokenId.add_attribute(normal,"text",3); + + this._tokenTreeView.insert_column (issuer, 0); + this._tokenTreeView.insert_column (issuedTo, 1); + this._tokenTreeView.insert_column (status, 2); +- this._tokenTreeView.insert_column (tokenId, 3); ++ //this._tokenTreeView.insert_column (tokenId, 3); + + // Connect view slection to a method + this._label = new Gtk.Label ({ label: "" }); +@@ -329,37 +685,175 @@ class ESC { + hscrollbar_policy: Gtk.PolicyType.AUTOMATIC, + vscrollbar_policy: Gtk.PolicyType.AUTOMATIC, + shadow_type: Gtk.ShadowType.ETCHED_IN, +- height_request: 400, +- width_request: 400, }); ++ height_request: 500, ++ width_request: 400 }); + + this._scrolledTokenInfoWindow.add_with_viewport (this._tokenInfoTextView); +- this._infoBox.add(this._headerInfoBox); ++ //this._infoBox.add(this._headerInfoBox); ++ ++ //this._escImage = new Gtk.Image({file: this._currentDir + "/" + "enrolled-keyx2.png"}); ++ //this._infoBox.add(this._escImage); + this._infoBox.add(this._scrolledTokenInfoWindow); +- this._operationsGrid = new Gtk.Grid({orientation: Gtk.Orientation.VERTICAL, ++ ++ this._operationsGrid = new Gtk.Grid({orientation: Gtk.Orientation.HORIZONTAL, + halign: Gtk.Align.CENTER, + valign: Gtk.Align.CENTER, +- row_spacing: 20, +- border_width: 0}); ++ row_spacing: 10, ++ column_spacing: 6, ++ border_width: 6}); + + this._operationsLabel = new Gtk.Label({label: "Operations", use_markup: true}); ++ ++ this._certDetailButton = new Gtk.Button({ label: "Cert Info" }); ++ this._certDetailButton.connect("clicked", this._onCertDetail.bind(this)); ++ ++ + this._infoBox.add(this._operationsGrid); +- this._operationsGrid.add(this._operationsLabel); + + this._exitButton = new Gtk.Button({ label: "Exit" }); + this._exitButton.connect("clicked", this._onExit.bind(this)); ++ + this._operationsGrid.add(this._exitButton); +- +- this._tokenBox.add(this._headerTokenBox); ++ ++ this._operationsGrid.add(this._operationsLabel); ++ // operations buttons ++ ++ ++ this._phoneHomeButton = new Gtk.Button({ label: "Phone Home" }); ++ this._phoneHomeButton.connect("clicked", this._onPhoneHome.bind(this)); ++ ++ this._formatButton = new Gtk.Button({ label: "Format" }); ++ this._formatButton.connect("clicked", this._onFormat.bind(this)); ++ ++ this._enrollButton = new Gtk.Button({ label: "Enroll" }); ++ this._enrollButton.connect("clicked", this._onEnroll.bind(this)); ++ ++ this._resetPinButton = new Gtk.Button({ label: "Reset Pin" }); ++ this._resetPinButton.connect("clicked", this._onResetPin.bind(this)); ++ + this._tokenBox.add(this._tokenTreeView); + +- this._window.set_default_size(750, 550); ++ this._window.set_default_size(950, 500); + this._window.connect('destroy',this._onWindowDestroy.bind(this)); + this._window.show_all(); ++ + } + _createCoolKeyMgr(dbusName) { +- this.mgr = new Coolkey.Mgr({ dbusUniqueName: dbusName, config_dir: this._configPath}); +- //this.mgr.speak("Welcome to ESC..."); ++ this.mgr = new Coolkey.Mgr({ dbusUniqueName: dbusName, config_dir: this._configPath, config_file_name: ESC_CONFIG_FILE_NAME }); ++ ++ this._phoneHomeMgr = new PhoneHome.phoneHome(this); ++ ++ if(!this.mgr || !this._phoneHomeMgr) { ++ this._onExitClicked(); ++ } + } ++ ++ _alert(msg) { ++ this._messageDialog = new Gtk.MessageDialog ({ ++ transient_for: this._window, ++ modal: true, ++ buttons: Gtk.ButtonsType.OK, ++ message_type: Gtk.MessageType.WARNING, ++ text: msg }); ++ ++ this._messageDialog.connect ('response', Lang.bind(this, this._response_cb)); ++ this._messageDialog.show(); ++ } ++ ++ _promptPin() { ++ ++ let status = this._selectedTokenInfo.status; ++ ++ if(status == 4 /* enrolled */) { ++ this._pinMgr = new PinDialog.pinDialog(this); ++ this._pinMgr.launchPinPrompt(this._promptPinDone.bind(this)); ++ } ++ ++ } ++ _promptPinDone(tempFileName) { ++ ++ let coolkey_token = this._selectedTokenInfo; ++ ++ this._tokenInfoBuffer.text += ++ this._getCertList(coolkey_token,tempFileName) + "\n"; ++ ++ } ++ _response_cb() { ++ if(this._messageDialog) { ++ this._messageDialog.destroy(); ++ } ++ this._messageDialog = null; ++ } ++ _getConfigPath() { ++ return this._configPath; ++ } ++ ++ _getStatusMessages() { ++ ++ this._statusMessages = new Array( ++ this._getPropertyValue("errorNone"), ++ this._getPropertyValue("errorInternalServer"), ++ this._getPropertyValue("errorInternalServer"), ++ this._getPropertyValue("errorProblemCommToken"), ++ this._getPropertyValue("errorProblemResetTokenPin"), ++ this._getPropertyValue("errorInternalServer"), ++ this._getPropertyValue("errorLifeCyclePDU"), ++ this._getPropertyValue("errorTokenEnrollment"), ++ this._getPropertyValue("errorProblemCommToken"), ++ this._getPropertyValue("errorInternalServer"), ++ this._getPropertyValue("errorInternalServer"), ++ this._getPropertyValue("errorInternalServer"), ++ this._getPropertyValue("errorInternalServer"), ++ this._getPropertyValue("errorTermSecureConn"), ++ this._getPropertyValue("errorAuthFailure"), ++ this._getPropertyValue("errorInternalServer"), ++ this._getPropertyValue("errorTokenDisabled"), ++ this._getPropertyValue("errorSecureChannel"), ++ this._getPropertyValue("errorServerMisconfig"), ++ this._getPropertyValue("errorTokenUpgrade"), ++ this._getPropertyValue("errorInternalServer"), ++ this._getPropertyValue("errorExternalAuth"), ++ this._getPropertyValue("errorInvalidTokenType"), ++ this._getPropertyValue("errorInvalidTokenTypeParams"), ++ this._getPropertyValue("errorCannotPublish"), ++ this._getPropertyValue("errorCommTokenDB"), ++ this._getPropertyValue("errorTokenSuspended"), ++ this._getPropertyValue("errorPinResetable"), ++ this._getPropertyValue("errorConnLost"), ++ this._getPropertyValue("errorEntryTokenDB"), ++ this._getPropertyValue("errorNoTokenState"), ++ this._getPropertyValue("errorInvalidLostTokenReason"), ++ this._getPropertyValue("errorTokenUnusable"), ++ this._getPropertyValue("errorNoInactiveToken"), ++ this._getPropertyValue("errorProcessMultiTokens"), ++ this._getPropertyValue("errorTokenTerminated"), ++ this._getPropertyValue("errorInternalServer"), ++ this._getPropertyValue("errorKeyRecoveryFailed"), ++ this._getPropertyValue("errorInternalServer"), ++ this._getPropertyValue("errorKeyArchival"), ++ this._getPropertyValue("errorConnTKS"), ++ this._getPropertyValue("errorFailUpdateTokenDB"), ++ this._getPropertyValue("errorCertRevocation"), ++ this._getPropertyValue("errorNotOwnToken"), ++ this._getPropertyValue("errorESCMisconfigured"), ++ this._getPropertyValue("errorESCNoCommCardReader"), ++ this._getPropertyValue("errorESCNoTokenSession"), ++ this._getPropertyValue("errorESCNoTalkTPS"), ++ this._getPropertyValue("errorESCNoTalkTokenReader") ++ ); ++ ++ } ++ ++ _getErrorMessage(status_code) { ++ let result = this._getPropertyValue("errorInternalServer"); ++ ++ if(status_code < 0 && status_code >= this._statusMessages.length) ++ { ++ return result; ++ } ++ ++ return this._statusMessages[status_code]; ++ } + } + + let app = new ESC(); +diff -up ./esc/src/app/esc.properties.fix4 ./esc/src/app/esc.properties +--- ./esc/src/app/esc.properties.fix4 2019-01-10 16:19:56.456747125 -0800 ++++ ./esc/src/app/esc.properties 2019-01-10 16:20:47.731493781 -0800 +@@ -0,0 +1,217 @@ ++# ***** BEGIN COPYRIGHT BLOCK ***** ++# This Program is free software; you can redistribute it and/or modify it under ++# the terms of the GNU General Public License as published by the Free Software ++# Foundation; version 2 of the License. ++# ++# This Program is distributed in the hope that it will be useful, but WITHOUT ++# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS ++# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.# ++# You should have received a copy of the GNU General Public License along with ++# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple ++# Place, Suite 330, Boston, MA 02111-1307 USA. ++# ++# Copyright (C) 2005 Red Hat, Inc. ++# All rights reserved. ++# ***** END COPYRIGHT BLOCK ++ ++#ESC strings used in Javascript ++#Strings for ESC.js ++[ESC] ++escTitle=Smart Card Manager ++smartCard=smart card ++smartCardU=Smart Card ++enrolledKey=Enrolled ++noKeysPresent=No Cards Present ++blankKey=Blank ++uninitializedKey=Uninitialized ++statusEnrolled=Enrolled ++statusUnavailable=Unavailable ++statusNoApplet=Unformatted ++statusUninitialized=Formatted ++statusLoggedIn=Logged In ++statusUnknown=Unknown ++statusBusy=Busy ++unknownIssuer=Unknown ++redHatUser=User ++statusUnknown=Unknown ++appletVersion = Smart Card Applet Version: ++operationPINReset=Resetting Key Password.. ++operationEnrollment=Enrolling Key.. ++operationFormat=Formatting Key.. ++tokenInformation=CARD INFORMATION ++advancedInformation=Diagnostics Information ++keyID=Key ID: ++tpsURI=Smart Card Server URL: ++tpsUI=Enrollment UI URL: ++tpsPhoneHomeURL=Phone Home URL: ++status=Status: ++issuer=Issuer: ++atr=Atr: ++escLogEntries=Smart Card Activity ++noLogFileOrData=No log file or log file has no data. ++dataCopiedToClipboard=Diagnostics information copied to the clipboard. ++diagnosticsReport=SMART CARD DIAGNOSTICS REPORT ++diagnosticsSystemInfo=Software Version Information ++diagnosticsSoftVersioInfo=System Versions: ++diagnosticsDetails=Active Smart Card Details ++secCard=Card ++certsOnToken=Certificates on Smart Card ++certificateNickname=Certificate Nickname: ++certIssuedTo=Issued to; ++certIssuedBy=Issued by; ++certValidityFrom=Validity from: ++certValidityTo=Validity to: ++certSerialNumber=Serial number: ++coolkeyComponentVersion=Smart Card Manager Version: ++coolkeyDetectedNumberKeys=Number of Smart Cards Detected: ++enrolledDetected=Enrolled Smart Card Detected ++enrolledDetectedMessage=Smart Card Manager has detected an already enrolled card. If you do not wish to re-enroll, press the "Close" button. ++enrolledDetectedMessageGeneric=Smart Card Manager has detected an already enrolled card. Click Proceed to continue. ++unenrolledDetectedMessage=Smart Card Manager has detected that you have entered a new and un-enrolled smart card. Before you can use this smart card, you have to enroll it. Enrolling your smart card personalizes it so only you can use it for secure operations. ++enrollAnyway=If you would like to re-enroll anyway, click Enroll My Smart Card Now. ++readyToProceed=When you are ready to begin the process,click Enroll My Smart Card Now. ++formatingToken=Formatting... ++enrollingToken=Enrolling... ++resettingTokenPIN=Password Reset.. ++cancellingOperation=Cancelling.. ++blinkingToken=Blinking.. ++keyInserted=Smart Card Inserted! ++keyRemoved=Smart Card Removed! ++keyInsertedComputer=smart card inserted. ++keyRemovedComputer=smart card removed. ++diagnosticsMessage=The information below is diagnostic information that your system generates as you use your smart card. If you are having smart card problems, you may be asked by your support engineer to send this information for analysis. ++ ++menuManageKeys=Manage Smart Cards... ++menuExit=Quit ++#ESC Error Messages from TPS ++errorNone=Operation Completed Successfully. ++serverError=Smart Card Server error. ++errorProblemResetTokenPin=The Smart Card Server cannot reset your smart card's password. ++errorTokenEnrollment=The Smart Card Server cannot import the required certificates into your smart card. ++errorLifeCyclePDU=The Smart Card Server cannot finalize the enrollment of your smart card. ++errorCommCA=Error communicating with the Certification Authority. ++errorInternalServer=Internal Smart Card Server error. ++errorResetPin=Error resetting the smart card's password. ++errorInternalServer=Internal Smart Card Server error. ++errorAuthFailure=The Smart Card Server cannot validate your credentials. Please try again with the correct credentials. ++errorTokenDisabled=The Smart Card Server does not know about your smart card. ++errorSecureChannel=The Smart Card Server cannot establish a secure channel with the smart card. ++errorServerMisconfig=The Smart Card Server has not been configured correctly. ++errorProblemCommToken=Your smart card can not perform the operation requested by the Smart Card Server. ++errorExternalAuth=Your smart card cannot correctly identify the Smart Card Server. ++errorTokenUpgrade=The Smart Card Server cannot upgrade the software on your smart card. ++errorTermSecureConn=The Smart Card Server can not terminate the secure cummunications channel with the smart card. ++errorInvalidTokenType=The Smart Card Server does not recognize the requested type of card enrollment. ++errorInvalidTokenTypeParams=The Smart Card Server cannot process the requested type of enrollment due to a misconfiguration. ++errorCannotPublish=The Smart Card Server cannot publish your card's certificates to the certificate directory. ++errorCommTokenDB=The Smart Card Server cannot connect to its internal database. ++errorTokenSuspended=You are not allowed to perform this operation with this smart card. ++errorPinResetable=You are not allowed to reset the password of this smart card. ++errorConnLost=The Smart Card Manager has lost the connection to the Smart Card Server. ++errorEntryTokenDB=The Smart Card Server cannot add your smart card to its internal database. ++errorNoTokenState=The Smart Card server does not recognize your smart card's current status. ++errorInvalidLostTokenReason=The Smart Card server cannot process your smart card which has been reported lost. ++errorTokenUnusable=The Smart Card Server cannot process your smart card which has been reported stolen. ++errorNoInactiveToken=The Smart Card Server cannot restore your smart card's security keys. ++errorProcessMultiTokens=The Smart Card Server has detected that you already have one enrolled smart card. The server only allows one enrolled card per user. ++errorTokenTerminated=The Smart Card Server can not process your smart card which is marked as terminated. ++errorKeyRecoveryProcessed=Smart card key recovery has been processed. ++errorKeyRecoveryFailed=The Smart Card Server can not restore the security keys onto your smart card. ++errorNoOperateLostToken=Cannot process this smart card, which has been reported lost. ++errorKeyArchival=The Smart Card Server can not restore the security keys onto your smart card due to a server misconfiguration. ++errorConnTKS=The Smart Card server cannot contact its security key server,which is required for processing. ++errorFailUpdateTokenDB=The Smart Card Server cannot reset the status of your smart card. ++errorCertRevocation=The Smart Card Server cannot mark the security keys on your smart card as revoked. ++errorNotOwnToken=The Smart Card Server cannot process a smart card which you do not own. ++errorESCMisconfigured=The Smart Card Manager has been misconfigured. ++errorESCNoCommCardReader=The Smart Card Manager cannot initiate communications with the smart card. ++errorESCNoTokenSession=The Smart Card Manager cannot establish a communications session with the smart card. ++errorESCNoTalkTPS=The Smart Card Manager cannot initiate communications with the Smart Card Server. ++errorESCNoTalkTokenReader=The Smart Card Manager cannot finalize communications with the smart card. ++#ESC text in general Alert messages ++errorCoolKeyIsAuth=coolkey.GetCoolKeyIsAuthenticated() failed! ++errorAuthCoolKey=coolkey.AuthenticateCoolKey failed! ++errorJsNotifyInterface=Can't find jsNotify interface. ++errorUniversalXPConnect=Can't get UniversalXPConnect. ++errorConfigValue=Error obtaining issuer info for key. ++errorConfigValue=Error Getting Config Value: ++errorSetConfigValue=Error SettingConfig Value: ++errorBlankTPSURI=Blank Tps Uri submitted. ++noTpsConfigUrl=You must provide a Url to test! ++aboutToTestTPSURI=About to test Smart Card Server URI: ++errorSelectKey=Please select a Smart card. ++tpsURLContacted=Smart Card Server URL has been successfully contacted. ++errorContactTPSURL=Error contacting Smart Card Server URL, reconfigure and try again. ++errorBlankEnrollURI=Blank Enroll Uri submitted. ++aboutToTestEnrollURI=About to test Enroll URI: ++enrollURLContacted=x Enrollment URL has been successfully contacted. ++errorContactEnrollURL=Error contacting Enroll URL, reconfigure and try again. ++tpsConfigSuccess=Smart Card Server config information successfully obtained! ++tpsConfigError=Error obtaining Smart Card Server config information! ++tpsConfigTest=About to test the Smart Card Server Phone Home Url : ++tpsNoConfigUrl=Provide a valid Smart Card Server config URL! ++tpsURIMustHaveValue=Smart Card Server URL item must have a value! ++errorSetConfigValue=Error setting config value!: ++configChangesSubmitted=Configuration changes submitted. ++errorSetDataValue=Error Setting data values: ++errorCoolKeyGetStatus=coolkey.GetCoolKeyStatus() failed! ++errorCoolKeyGetPolicy=coolkey.GetCoolKeyPolicy() failed! ++errorCoolKeyRequiresAuth=coolkey.GetCoolKeyRequiresAuthentication() failed! ++errorCoolKeyIsAuth=coolkey.GetCoolKeyIsAuthenticated() failed! ++errorCoolKeyCertNicknames=coolkey.GetCoolKeyCertNicknames() failed! ++errorAuthCoolKey=coolkey.AuthenticateCoolKey failed! ++errorCoolKeyCertInfo=coolkey.GetCoolKeyCertInfo() failed! ++errorGetAvailCoolKeys=coolkey.GetAvailableCoolKeys() failed! ++errorEnollCoolKey=coolkey.EnrollCoolKey() failed! ++errorCoolKeyIsEnrolled=coolkey.GetCoolKeyIsEnrolled failed! ++errorResetCoolKeyPIN=coolkey.ResestCoolKeyPASSWORD() failed! Make sure smart card is enrolled. ++errorFormatCoolKey=coolkey.FormatCoolKey() failed! ++errorCancelCoolKey=coolkeyCancelCoolKeyOperation() failed! ++errorBlinkCoolKey=coolkey.BlinkCoolKey() failes! ++noCurrentlySelectedToken=No currently selected smart card! ++errorProvideScreenName=You must provide a valid screen name! ++errorProvideTokenPIN=You must provide a valid card password! ++errorMatchPinValues=The Password values you entered don't match! ++errorValidUserPassword=You must provide a valid user password! ++errorSelectKey=Please select a smart card. ++errorEnrolledFirst=Smart card must be enrolled first! Enroll card and try again. ++enrollmentFor=Enrollment of your ++errorNeedKeyForSecMode=Please insert enrolled smart card before attempting secure mode. ++errorEnrollmentUI=Problem loading Enrollment UI, check your network connection, re-insert the card, and try again! ++errorPhoneHomeInfo=Problem loading Phone Home Information, check your network connection, re-insert the card, and try again! ++wasSuccessful=was successful. ++pinResetSuccessful=Password Reset was successfull! ++formatOf=Format of ++error=Error ++serverResponse= Server Response: ++enrollmentOfKey=Enrollment of smart card ++formatingOfKey=Formatting of smart card ++pinResetOfKey=Password Reset for smart card ++operationForKey=Operation for smart card ++failed=failed. ++cancelled=cancelled. ++errorFindESCPlatform=Unable to determine Smart Card Manager platform. ++errorIssuerInfo=Error obtaining Issuer Info for key. ++ ++escUsage1=Usage: ++escUsage2=esc ++escUsage3=esc -secmode SECURITY_URL ++escUsage4=Ex: esc -secmode http://test.host.com ++escUsage5=esc -usage ++ ++#Strings for TRAY.j ++errorTrayIsInitialized=Can't determine if Icon component is already intialized! ++errorShowAllWindows=Error Showing All Windows: ++errorHideAllWindows=Error Hiding all Windows: ++errorShowWindow=Error Showing Window: ++errorHideWindow=Error Hiding Window: ++errorRemoveWindow=Error Removing Window: ++errorTrayNotification=Error Sending Tray notification: ++#Strings for GenericAuth.js ++value=Value ++mustMatch=must match ++mustHaveValue=Must have value set for field: ++noParentWindow=No parent window. ++authDialogNoParent=Auth dialog has no parent! ++authSubmit=Submit ++authSubmitAccessKey=S +diff -up ./esc/src/app/Makefile.am.fix4 ./esc/src/app/Makefile.am +--- ./esc/src/app/Makefile.am.fix4 2019-01-10 17:44:13.841523700 -0800 ++++ ./esc/src/app/Makefile.am 2019-01-10 17:44:45.545372112 -0800 +@@ -15,4 +15,4 @@ + # All rights reserved. + # END COPYRIGHT BLOCK + +-dist_bin_SCRIPTS = esc.js opensc.esc.conf ++dist_bin_SCRIPTS = esc.js opensc.esc.conf phoneHome.js operationDialog.js pinDialog.js esc.properties +diff -up ./esc/src/app/opensc.esc.conf.fix4 ./esc/src/app/opensc.esc.conf +--- ./esc/src/app/opensc.esc.conf.fix4 2019-01-10 16:28:07.169377285 -0800 ++++ ./esc/src/app/opensc.esc.conf 2019-01-10 16:29:24.545004705 -0800 +@@ -18,6 +18,15 @@ + app default { + enable_default_driver = true; + ++ #debug = 9; ++ ++ # The file to which debug output will be written ++ # ++ # Special values 'stdout' and 'stderr' are recognized. ++ # Default: stderr ++ # ++ #debug_file = /tmp/opensc.log; ++ + card_atr + 3B:FF:14:00:FF:81:31:FE:45:80:25:A0:00:00:00:56:57:53:43:36:35:30:03:03:38 { + pkcs11_enable_InitToken = yes; +@@ -32,6 +41,24 @@ app default { + 3B:FF:14:00:FF:81:31:FE:45:80:25:A0:00:00:00:56:57:53:43:36:35:30:03:00:3B { + pkcs11_enable_InitToken = yes; + } ++ ++ card_atr ++ 3B:FB:96:00:00:80:31:FE:45:00:31:C0:64:77:E3:02:00:82:90:00:76 { ++ pkcs11_enable_InitToken = yes; ++ } ++ ++ card_atr ++ 3B:65:00:00:9C:02:02:01:02 { ++ pkcs11_enable_InitToken = yes; ++ } ++ ++ ++ card_atr ++ 3B:FE:18:00:00:80:31:FE:45:53:43:45:36:30:2D:43:44:30:38:31:2D:6E:46:A9 { ++ pkcs11_enable_InitToken = yes; ++ } ++ ++ + reader_driver ctapi { + } + reader_driver pcsc { +diff -up ./esc/src/app/operationDialog.js.fix4 ./esc/src/app/operationDialog.js +--- ./esc/src/app/operationDialog.js.fix4 2019-01-10 16:20:30.353579643 -0800 ++++ ./esc/src/app/operationDialog.js 2019-01-10 16:51:54.600521629 -0800 +@@ -0,0 +1,333 @@ ++/** BEGIN COPYRIGHT BLOCK ++ * This Program is free software; you can redistribute it and/or modify it under ++ * the terms of the GNU General Public License as published by the Free Software ++ * Foundation; version 2 of the License. ++ * ++ * This Program is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS ++ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License along with ++ * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple ++ * Place, Suite 330, Boston, MA 02111-1307 USA. ++ * ++ * Copyright (C) 2005 Red Hat, Inc. ++ * All rights reserved. ++ * END COPYRIGHT BLOCK **/ ++ ++imports.gi.versions.Gtk = '3.0' ++const Gtk = imports.gi.Gtk; ++const Lang = imports.lang; ++const Gio = imports.gi.Gio; ++const GObject = imports.gi.GObject; ++const GLib = imports.gi.GLib; ++ ++var OP_FORMAT = 0; ++var OP_ENROLL = 1; ++var OP_PIN_RESET = 2; ++ ++const DEF_TOKEN_TYPE = "userKey"; ++ ++ ++var OpLabels = new Array("Format", "Enroll", "ResetPin" ); ++ ++ ++const TOKEN_OPERATION = "Token Operation"; ++ ++function operationDialog(app) { ++ if(!app) ++ return; ++ this.app = app; ++ ++} ++ ++operationDialog.prototype = { ++ launchOperation: function(tokenInfo,operation) { ++ ++ if(tokenInfo == null) { ++ this.app_alert("Invalid Token!"); ++ } ++ this.dialog = new Gtk.Dialog ({ transient_for: this.app._window, ++ modal: true,deletable: false, ++ title: TOKEN_OPERATION, border_width: 10 }); ++ ++ this.operation = operation; ++ this.tokenInfo = tokenInfo; ++ ++ let opMessage = ""; ++ if(this.operation == OP_FORMAT) { ++ opMessage = "Format Smart Card"; ++ ++ } else if(this.operation == OP_ENROLL) { ++ opMessage = "Enroll Smart Card"; ++ } else if(this.operation == OP_PIN_RESET) { ++ opMessage = "Reset Smart Card Pin"; ++ } else { ++ this.app._alert("operationdDialog: Invalid operation!"); ++ return; ++ } ++ ++ this.area = this.dialog.get_content_area(); ++ this.grid = new Gtk.Grid ({row_spacing: 20, column_spacing: 20}); ++ ++ this.message = new Gtk.Label ({label: opMessage}); ++ this.area.add (this.message); ++ ++ //this.throbberImage = new Gtk.Image({file: this.app._currentDir + "/" + "throbber-anim5.gif"}); ++ ++ this.progressBar = new Gtk.ProgressBar ({ valign: Gtk.Align.CENTER }); ++ this.progressBar.set_fraction(0.0); ++ ++ this.progressLabel = new Gtk.Label({label: "Progress:"}); ++ this.actionArea = this.dialog.get_action_area(); ++ ++ this.actionArea.add(this.grid); ++ ++ this.ldapUserLabel = new Gtk.Label({label: "Ldap User:"}); ++ this.ldapUserBox = new Gtk.Entry(); ++ ++ this.grid.attach(this.ldapUserLabel, 0, 0, 1,1); ++ this.grid.attach(this.ldapUserBox,1, 0,1,1); ++ ++ this.ldapPasswordLabel = new Gtk.Label({label: "Ldap Password:"}); ++ this.ldapPasswordBox = new Gtk.Entry(); ++ this.ldapPasswordBox.set_visibility(false); ++ ++ this.grid.attach(this.ldapPasswordLabel,2,0,1,1); ++ this.grid.attach(this.ldapPasswordBox,3,0,1,1); ++ ++ if(this.operation != OP_FORMAT ) { ++ ++ this.newpinLabel = new Gtk.Label({label: "New Pin:"}); ++ this.newpinBox = new Gtk.Entry(); ++ this.newpinBox.set_visibility(false); ++ ++ this.confirmPinLabel = new Gtk.Label({label: "Confirm Pin:"}); ++ this.confirmPinBox = new Gtk.Entry(); ++ this.confirmPinBox.set_visibility(false); ++ ++ this.grid.attach(this.newpinLabel, 0,1,1,1); ++ this.grid.attach(this.newpinBox,1,1,1,1); ++ this.grid.attach(this.confirmPinLabel,2,1,1,1); ++ this.grid.attach(this.confirmPinBox,3,1,1,1); ++ } ++ ++ this.oKButton = new Gtk.Button ({label: OpLabels[this.operation]}); ++ ++ this.dismissButton = new Gtk.Button({label: "Cancel" }); ++ ++ //this.grid.attach(this.throbberImage,0,2,1,1); ++ this.grid.attach(this.progressLabel, 0,2,1,1); ++ //this.throbberImage.hide(); ++ this.grid.attach(this.progressBar, 1,2,1,1); ++ this.grid.attach (this.oKButton,2,2,1,1); ++ this.grid.attach (this.dismissButton,3,2,1,1); ++ ++ // Connect the button to the function that handles what it does ++ this.oKButton.connect ("clicked", this.oKHandler.bind(this)); ++ ++ this.dismissButton.connect("clicked", this.cancelHandler.bind(this)); ++ this.dialog.show_all(); ++ this.hideThrobberImage(); ++ this.inProgress = false; ++ }, ++ ++ hideThrobberImage() { ++ //this.throbberImage.hide(); ++ }, ++ ++ showThrobberImage() { ++ //this.throbberImage.show(); ++ }, ++ ++ updateUI(state) { ++ }, ++ ++ checkSanity: function() { ++ ++ if(this.operation == OP_ENROLL || this.operation == OP_PIN_RESET) { ++ ++ let pin = this.newpinBox.get_text(); ++ let confirm = this.confirmPinBox.get_text(); ++ ++ if( pin && confirm) { ++ ++ if(pin != confirm) { ++ ++ this.app._alert("Pins must match!"); ++ return false; ++ } ++ ++ } else { ++ this.app._alert("Must provide token pin!"); ++ return false; ++ } ++ ++ } ++ ++ // Now check the ldap user info ++ ++ ++ let ldapUser = this.ldapUserBox.get_text(); ++ let ldapPin = this.ldapPasswordBox.get_text(); ++ ++ if(!ldapUser || !ldapPin) { ++ this.app._alert("Must provide user name and password!"); ++ return false; ++ } ++ ++ return true; ++ }, ++ ++ cancelHandler() { ++ if(this.inProgress == false) { ++ this.dialog.destroy(); ++ } else { ++ this.app.mgr.cancel_token_operation(this.tokenInfo); ++ } ++ }, ++ oKHandler: function() { ++ ++ if(this.inProgress) { ++ return; ++ } ++ ++ if(!this.checkSanity()) { ++ return; ++ } ++ ++ let res = 0; ++ this.app._setNotifyCallback(this.notify.bind(this)); ++ ++ if(this.operation == OP_FORMAT) { ++ this.inProgress = 1; ++ this.showThrobberImage(); ++ res = this.app.mgr.format_token(this.tokenInfo, DEF_TOKEN_TYPE, this.ldapUserBox.get_text(), "" /* pin */ ,this.ldapPasswordBox.get_text(),"" ++ ); ++ ++ } else if(this.operation == OP_ENROLL) { ++ this.inProgress = true; ++ this.showThrobberImage(); ++ res = this.app.mgr.enroll_token(this.tokenInfo, DEF_TOKEN_TYPE, this.ldapUserBox.get_text(), this.newpinBox.get_text() /* pin */ ,this.ldapPasswordBox.get_text(),"" ++ ); ++ ++ } else if(this.operation == OP_PIN_RESET) { ++ this.inProgress = true; ++ this.showThrobberImage(); ++ res = this.app.mgr.reset_token_pin(this.tokenInfo, DEF_TOKEN_TYPE, this.ldapUserBox.get_text(), this.newpinBox.get_text() /* pin */ ,this.ldapPasswordBox.get_text(),"" ++ ); ++ ++ } else { ++ this.app_alert("Invalid token operation!"); ++ } ++ }, ++ ++ notify: function(aKeyType, aKeyID, aKeyState, aData, strData) { ++ ++ this.onCoolKeyStateChange(aKeyType, aKeyID, aKeyState, aData, strData); ++ //print("notify: aKeyType: " + aKeyType + " aKeyID: " + aKeyID + " aKeyState: " + aKeyState + " aData: " + aData + " strDAta: " + strData); ++ }, ++ ++ onCoolKeyStateChange: function(keyType, keyID, keyState, data,strData) { ++ ++ //this.app._alert("KeyID: " + keyID + "\n" + ++ // "KeyState: " + keyState + "\n" + ++ // "Data: " + data); ++ //this.app._alert("State Change ="+keyState); ++ ++ switch(keyState) ++ { ++ case 1000: // KeyInserted ++ break; ++ case 1001: // KeyRemoved ++ break; ++ case 1002: // EnrollmentStart ++ this.inProgress = true; ++ break; ++ case 1003: // EnrollmentComplete ++ this.onCoolKeyEnrollmentComplete(keyType, keyID); ++ this.inProgress = false; ++ break; ++ case 1004: // EnrollmentError ++ this.inProgress = false; ++ this.onCoolKeyStateError(keyType, keyID, keyState, data); ++ break; ++ case 1008: // PINResetStart ++ this.inProgress = true; ++ break; ++ case 1009: // PINResetComplete ++ this.onCoolKeyPINResetComplete(keyType, keyID); ++ this.inProgress = false; ++ break; ++ case 1010: // PINResetError ++ this.onCoolKeyStateError(keyType, keyID, keyState, data); ++ this.inProgress = false; ++ break; ++ case 1014: // FormatStart ++ this.inProgress = true; ++ break; ++ case 1015: // FormatComplete ++ this.onCoolKeyFormatComplete(keyType, keyID); ++ this.inProgress = false; ++ break; ++ case 1016: // FormatError ++ this.onCoolKeyStateError(keyType, keyID, keyState, data); ++ this.inProgress = false; ++ break; ++ case 1017: // BlinkStatus Update? ++ break; ++ case 1018: ++ break; ++ case 1020: // OperationCancelled ++ this.onCoolKeyStateError(keyType, keyID, keyState, data); ++ this.inProgress = false; ++ break; ++ case 1021: // OperationStatusUpdate ++ this.onCoolKeyStatusUpdate(keyType, keyID, data); ++ break; ++ ++ case 1022: //Need Auth ++ inProgress = false; ++ break; ++ } ++ }, ++ ++ onCoolKeyEnrollmentComplete: function(keyType, keyID) { ++ this.hideThrobberImage(); ++ this.app._alert("Enrollment Succesfully Complete!"); ++ this.app._updateCoolkey( this.tokenInfo); ++ this.dialog.destroy(); ++ ++ }, ++ ++ onCoolKeyStateError: function(keyType, keyID, keyState, data) { ++ this.hideThrobberImage(); ++ this.app._alert(OpLabels[this.operation] + " Error: " + this.app._getErrorMessage(data)); ++ ++ this.app._updateCoolkey( this.tokenInfo ); ++ this.dialog.destroy(); ++ }, ++ ++ onCoolKeyPINResetComplete: function(keyType, keyID) { ++ this.hideThrobberImage(); ++ this.app._alert("Pin Reset Successfully Completed!"); ++ this.dialog.destroy(); ++ }, ++ ++ onCoolKeyFormatComplete: function(keyType, keyID) { ++ this.hideThrobberImage(); ++ this.app._alert("Format Succesfully Completed!"); ++ this.app._updateCoolkey(this.tokenInfo); ++ this.dialog.destroy(); ++ }, ++ ++ onCoolKeyStatusUpdate: function(keyType, keyID, data) { ++ ++ if(data) { ++ let percent = parseFloat(data); ++ ++ this.progressBar.set_fraction( percent / 100); ++ } ++ } ++} ++ +diff -up ./esc/src/app/phoneHome.js.fix4 ./esc/src/app/phoneHome.js +--- ./esc/src/app/phoneHome.js.fix4 2019-01-10 16:25:23.036167620 -0800 ++++ ./esc/src/app/phoneHome.js 2019-01-10 16:25:43.978066779 -0800 +@@ -0,0 +1,260 @@ ++/** BEGIN COPYRIGHT BLOCK ++ * This Program is free software; you can redistribute it and/or modify it under ++ * the terms of the GNU General Public License as published by the Free Software ++ * Foundation; version 2 of the License. ++ * ++ * This Program is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS ++ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License along with ++ * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple ++ * Place, Suite 330, Boston, MA 02111-1307 USA. ++ * ++ * Copyright (C) 2005 Red Hat, Inc. ++ * All rights reserved. ++ * END COPYRIGHT BLOCK **/ ++ ++imports.gi.versions.Gtk = '3.0' ++const Gtk = imports.gi.Gtk; ++const Lang = imports.lang; ++const Gio = imports.gi.Gio; ++const GObject = imports.gi.GObject; ++const GLib = imports.gi.GLib; ++ ++//Phone Home related Constants ++ ++const KEY_ISSUER_URL = "keyIssuerUrl"; ++const KEY_ISSUER = "keyIssuer"; ++const TPS_URL = "Operation"; ++const TPS_UI = "UI"; ++const SERVICES_TAG = "Services"; ++const ISSUER_TAG = "IssuerName"; ++const SERVICE_INFO_TAG = "ServiceInfo"; ++const ENROLLED_TOKEN_BROWSER_URL = "EnrolledTokenBrowserURL"; ++const ENROLLED_TOKEN_URL = "EnrolledTokenURL"; ++const TOKEN_TYPE = "TokenType"; ++const RESET_PHONE_HOME = "ResetPhoneHome"; ++ ++const PHONE_HOME_CONFIG_INFO = "Phone Home Configuration Information"; ++ ++ ++function phoneHome(app) { ++ if(!app) ++ return; ++ this.app = app; ++ this.url = ""; ++ this.tokenType = ""; ++ this.operationUrl = ""; ++ this.enrolledTokenBrowserURL = ""; ++ this.issuerName = ""; ++} ++ ++phoneHome.prototype = { ++ getPhoneHomeInfo: function(tokenInfo,forceUserInput) { ++ if(!tokenInfo && !forceUserInput) { ++ return null; ++ } ++ ++ this.tokenInfo = tokenInfo; ++ ++ if(!forceUserInput && this.tokenInfo.issuer_info != null) { ++ this.url = this.tokenInfo.issuerInfo; ++ this.getPhoneHomeFromServer(tokenInfo); ++ } else { ++ this.promptPhoneHomeURL(); ++ } ++ ++ }, ++ ++ getPhoneHomeFromServer: function(tokenInfo) { ++ if(!this.url || !tokenInfo) { ++ return; ++ } ++ ++ this.phoneHomeInfo = this.app._phoneHome(this.url); ++ if(this.phoneHomeInfo) { ++ this.parse(this.phoneHomeInfo,tokenInfo); ++ this.app._alert("Phone Home Info Successfully Obtained!"); ++ } else { ++ this.app._alert("Unable to obtain phone home info!"); ++ } ++ ++ }, ++ ++ promptPhoneHomeURL: function() { ++ this.createPhoneHomeDialog(); ++ }, ++ ++ createPhoneHomeDialog: function() { ++ this.phDialog = new Gtk.Dialog ({ transient_for: this.app._window, ++ modal: true, ++ title: PHONE_HOME_CONFIG_INFO, border_width: 20 }); ++ ++ this.phArea = this.phDialog.get_content_area(); ++ this.phMessage = new Gtk.Label ({label: "Enter url: ex: http://test.host.com:8080/tps/phoneHome"}); ++ this.phArea.add (this.phMessage); ++ ++ this.phActionArea = this.phDialog.get_action_area(); ++ this.phUrlBox = new Gtk.Entry({width_chars: 35}); ++ this.phGrid = new Gtk.Grid ({halign: Gtk.Align.CENTER, ++ valign: Gtk.Align.CENTER, ++ row_spacing: 10, column_spacing: 10}); ++ ++ if(this.tokenInfo.issuer_info) { ++ this.phUrlBox.set_text(this.tokenInfo.issuer_info); ++ } ++ ++ this.phActionArea.add(this.phGrid); ++ ++ this.phOKButton = Gtk.Button.new_from_stock (Gtk.STOCK_OK); ++ ++ this.phGrid.attach(this.phUrlBox, 0, 0, 1,1); ++ this.phGrid.attach(this.phOKButton,1, 0,1,1); ++ ++ // Connect the button to the function that handles what it does ++ this.phOKButton.connect ("clicked", this.phoneHomeOKHandler.bind(this)); ++ ++ this.phDialog.show_all(); ++ }, ++ ++ phoneHomeOKHandler: function() { ++ ++ this.url = this.phUrlBox.get_text(); ++ ++ this.getPhoneHomeFromServer(this.tokenInfo); ++ ++ if(this.phDialog) { ++ this.phDialog.destroy(); ++ this.phDialog = null; ++ } ++ }, ++ ++ parse: function(info,tokenInfo) { ++ if(!info) { ++ return; ++ } ++ //Find tokenType ++ ++ this.tokenType = this.findValue(info,"",""); ++ this.operationUrl = this.findValue(info,"",""); ++ this.enrolledTokenBrowserURL = this.findValue(info,""); ++ this.issuerName = this.findValue(info,"",""); ++ ++ let key_issuer_url = this.app._configValueWithKeyID(tokenInfo.cuid,KEY_ISSUER_URL); ++ this.app._setConfigValue(key_issuer_url,this.url); ++ ++ let key_issuer = this.app._configValueWithKeyID(tokenInfo.cuid,KEY_ISSUER); ++ this.app._setConfigValue(key_issuer,this.issuerName); ++ ++ let operation_url = this.app._configValueWithKeyID(tokenInfo.cuid,TPS_URL); ++ this.app._setConfigValue(operation_url,this.operationUrl); ++ ++ let enrolled_token_browser_url = this.app._configValueWithKeyID(tokenInfo.cuid,ENROLLED_TOKEN_BROWSER_URL); ++ this.app._setConfigValue(enrolled_token_browser_url, this.enrolledTokenBrowserURL); ++ ++ let token_type = this.app._configValueWithKeyID(tokenInfo.cuid,TOKEN_TYPE); ++ this.app._setConfigValue(token_type, this.tokenType); ++ }, ++ ++ findValue: function(fullString, startTag, endTag) { ++ if(!fullString || !startTag || !endTag) { ++ return null; ++ } ++ ++ let spos = fullString.search(startTag) + startTag.length; ++ let epos = fullString.search(endTag); ++ ++ let value = fullString.slice(spos,epos); ++ ++ if(value) { ++ return value.trim(); ++ } ++ ++ return null; ++ }, ++ ++ getTokenType: function() { ++ return this.tokenType; ++ }, ++ ++ getOperationURL: function() { ++ return this.operationURL; ++ }, ++ ++ getEnrolledTokenBrowserURL: function() { ++ return this.enrolledTokenBrowserURL; ++ }, ++ ++ getIssuerName: function() { ++ return this.issuerName; ++ }, ++ ++ getCachedPhoneHomeValue: function(aKeyID,aValue) { ++ var retValue = null; ++ ++ if(!aKeyID || ! aValue) ++ return null; ++ ++ var theValue = this.app._configValueWithKeyID(aKeyID,aValue); ++ ++ if(!theValue) ++ return null; ++ ++ retValue = this.app._getConfigValue(theValue); ++ ++ return retValue; ++ }, ++ ++ getCachedPhoneHomeURL: function(aKeyID) { ++ var url = null; ++ ++ if(!aKeyID) ++ return null; ++ ++ var urlValue = this.app._configValueWithKeyID(aKeyID,KEY_ISSUER_URL); ++ ++ if(!urlValue) ++ return null; ++ ++ url = this.app._getConfigValue(urlValue); ++ ++ return url; ++ }, ++ ++ getCachedIssuer: function(aKeyID) { ++ var issuer = null; ++ ++ if(!aKeyID) ++ return null; ++ ++ var issuerValue = this.app._configValueWithKeyID(aKeyID,KEY_ISSUER); ++ ++ if(!issuerValue) ++ return null; ++ ++ issuer = this.app._getConfigValue(issuerValue); ++ ++ return issuer; ++ }, ++ ++ getCachedTPSURL: function(aKeyID) { ++ var url = null; ++ ++ if(!aKeyID) ++ return null; ++ ++ var urlValue = this.app_.configValueWithKeyID(aKeyID,TPS_URL); ++ ++ if(!urlValue) ++ return null; ++ ++ url = this.app._getConfigValue(urlValue); ++ ++ return url; ++ }, ++ ++ getCachedTokenType: function(aKeyID) { ++ return getCachedPhoneHomeValue(aKeyID,TOKEN_TYPE); ++ } ++} +diff -up ./esc/src/app/pinDialog.js.fix4 ./esc/src/app/pinDialog.js +--- ./esc/src/app/pinDialog.js.fix4 2019-01-10 16:26:01.510982356 -0800 ++++ ./esc/src/app/pinDialog.js 2019-01-10 16:26:11.322935109 -0800 +@@ -0,0 +1,109 @@ ++/** BEGIN COPYRIGHT BLOCK ++ * This Program is free software; you can redistribute it and/or modify it under ++ * the terms of the GNU General Public License as published by the Free Software ++ * Foundation; version 2 of the License. ++ * ++ * This Program is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS ++ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License along with ++ * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple ++ * Place, Suite 330, Boston, MA 02111-1307 USA. ++ * ++ * Copyright (C) 2005 Red Hat, Inc. ++ * All rights reserved. ++ * END COPYRIGHT BLOCK **/ ++ ++imports.gi.versions.Gtk = '3.0' ++const Gtk = imports.gi.Gtk; ++const Lang = imports.lang; ++const Gio = imports.gi.Gio; ++const GObject = imports.gi.GObject; ++const GLib = imports.gi.GLib; ++ ++ ++const TMP_FILE_NAME = "v135tr"; ++const PIN_OPERATION = "Password"; ++ ++function pinDialog(app) { ++ if(!app) ++ return; ++ this.app = app; ++} ++ ++pinDialog.prototype = { ++ launchPinPrompt: function(notify) { ++ ++ this.notify = notify; ++ this.dialog = new Gtk.Dialog ({ transient_for: this.app._window, ++ modal: true, ++ expand: false, ++ title: PIN_OPERATION ,border_width: 20, deletable: false }); ++ ++ this.area = this.dialog.get_content_area(); ++ this.grid = new Gtk.Grid ({row_spacing: 10, column_spacing: 20}); ++ ++ this.message = new Gtk.Label ({label: "Enter Token Pin"}); ++ this.area.add (this.message); ++ ++ this.actionArea = this.dialog.get_action_area(); ++ this.pinBox = new Gtk.Entry(); ++ this.pinBox.set_visibility(false); ++ this.grid.add(this.pinBox); ++ this.oKButton = Gtk.Button.new_from_stock (Gtk.STOCK_OK); ++ this.grid.add (this.oKButton); ++ ++ this.actionArea.add(this.grid); ++ ++ // Connect the button to the function that handles what it does ++ this.oKButton.connect ("clicked", this.oKHandler.bind(this)); ++ ++ this.dialog.show_all(); ++ }, ++ ++ clearTempFile() { ++ this.saveToTempFile(this.tempFileName,true); ++ }, ++ ++ saveToTempFile(name,clear) { ++ ++ if (name == null) { ++ return null; ++ } ++ ++ let contents = ""; ++ ++ if(clear == false) ++ contents = this.pinBox.get_text(); ++ else ++ contents = ""; ++ ++ try { ++ GLib.file_set_contents(name , contents); ++ } catch(e) { ++ return null; ++ } ++ ++ ++ }, ++ ++ oKHandler: function() { ++ if(this.dialog) { ++ this.tempFileName = this.app._getConfigPath() + "/" + TMP_FILE_NAME; ++ this.saveToTempFile(this.tempFileName,false); ++ if(this.notify) { ++ this.notify(this.tempFileName); ++ } ++ ++ this.clearTempFile(); ++ this.dialog.destroy(); ++ this.dialog = null; ++ } ++ }, ++ getTempFileName() { ++ return this.tempFileName; ++ ++ } ++} ++ +diff -up ./esc/src/lib/coolkey/cky_base.h.fix4 ./esc/src/lib/coolkey/cky_base.h +--- ./esc/src/lib/coolkey/cky_base.h.fix4 2019-01-10 16:32:37.132077352 -0800 ++++ ./esc/src/lib/coolkey/cky_base.h 2019-01-10 16:32:51.426008523 -0800 +@@ -19,7 +19,6 @@ + + #ifndef CKY_BASE_H + #define CKY_BASE_H 1 +- + /* + * Common types and structs + */ +@@ -34,19 +33,15 @@ typedef unsigned char CKYBool; + + typedef unsigned long CKYBitFlags; + +-#define CKYBUFFER_PUBLIC \ +- unsigned long reserved1;\ +- unsigned long reserved2;\ +- void *reserved3;\ +- void *reserved4; +- +-#define CKYAPDU_PUBLIC \ +- unsigned long reserved1;\ +- unsigned long reserved2;\ +- void *reserved3;\ +- void *reserved4; \ +- void *reserved5; +- ++#define CKYBUFFER_PRIVATE \ ++ CKYSize len; \ ++ CKYSize size; \ ++ CKYByte *data; \ ++ void *reserved; ++ ++#define CKYAPDU_PRIVATE \ ++ CKYBuffer apduBuf; \ ++ void *reserved; + + typedef struct _CKYBuffer { + #ifdef CKYBUFFER_PRIVATE +diff -up ./esc/src/lib/coolkey/cky_basei.h.fix4 ./esc/src/lib/coolkey/cky_basei.h +--- ./esc/src/lib/coolkey/cky_basei.h.fix4 2019-01-10 16:33:28.080832022 -0800 ++++ ./esc/src/lib/coolkey/cky_basei.h 2019-01-10 16:33:48.463733874 -0800 +@@ -21,15 +21,18 @@ + #ifndef CKY_BASEI_H + #define CKY_BASEI_H 1 + +-#define CKYBUFFER_PRIVATE \ +- CKYSize len; \ +- CKYSize size; \ +- CKYByte *data; \ +- void *reserved; ++#define CKYBUFFER_PUBLIC \ ++ unsigned long reserved1;\ ++ unsigned long reserved2;\ ++ void *reserved3;\ ++ void *reserved4; + +-#define CKYAPDU_PRIVATE \ +- CKYBuffer apduBuf; \ +- void *reserved; ++#define CKYAPDU_PUBLIC \ ++ unsigned long reserved1;\ ++ unsigned long reserved2;\ ++ void *reserved3;\ ++ void *reserved4; \ ++ void *reserved5; + + #endif /* CKY_BASE_H */ + #endif /* CKY_BASEI_H */ +diff -up ./esc/src/lib/coolkey/cky_card.c.fix4 ./esc/src/lib/coolkey/cky_card.c +--- ./esc/src/lib/coolkey/cky_card.c.fix4 2019-01-10 16:34:10.863626014 -0800 ++++ ./esc/src/lib/coolkey/cky_card.c 2019-01-10 16:34:31.326527479 -0800 +@@ -973,6 +973,24 @@ CKYCardConnection_Disconnect(CKYCardConn + return CKYSUCCESS; + } + ++CKYStatus ++CKYCardConnection_Eject(CKYCardConnection *conn) ++{ ++ unsigned long rv; ++ if (conn->cardHandle == 0) { ++ return CKYSUCCESS; ++ } ++ rv = conn->scard->SCardDisconnect( conn->cardHandle, SCARD_EJECT_CARD); ++ conn->cardHandle = 0; ++ if (rv != SCARD_S_SUCCESS) { ++ conn->lastError = rv; ++ return CKYSCARDERR; ++ } ++ return CKYSUCCESS; ++} ++ ++ ++ + CKYBool + CKYCardConnection_IsConnected(const CKYCardConnection *conn) + { +@@ -988,8 +1006,8 @@ CKYCardConnection_GetProtocol(const CKYC + CKYStatus + ckyCardConnection_reconnectRaw(CKYCardConnection *conn, unsigned long init) + { +- unsigned long rv; +- unsigned long protocol; ++ unsigned long rv = CKYSUCCESS; ++ unsigned long protocol = 0; + + rv = conn->scard->SCardReconnect(conn->cardHandle, + SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1 , init, &protocol); +@@ -1120,11 +1138,11 @@ CKYCardConnection_GetStatus(CKYCardConne + unsigned long *state, CKYBuffer *ATR) + { + unsigned long readerLen = 0; +- unsigned long protocol; +- unsigned long rv; +- CKYSize atrLen; +- char *readerStr; +- CKYStatus ret; ++ unsigned long protocol = 0; ++ unsigned long rv = 0; ++ CKYSize atrLen = 0; ++ char *readerStr = NULL; ++ CKYStatus ret = CKYSUCCESS; + + + /* +diff -up ./esc/src/lib/coolkey/cky_card.h.fix4 ./esc/src/lib/coolkey/cky_card.h +--- ./esc/src/lib/coolkey/cky_card.h.fix4 2019-01-10 16:35:49.381151632 -0800 ++++ ./esc/src/lib/coolkey/cky_card.h 2019-01-10 16:35:54.632126347 -0800 +@@ -116,6 +116,7 @@ CKYStatus CKYCardConnection_ExchangeAPDU + CKYStatus CKYCardConnection_Connect(CKYCardConnection *connection, + const char *readerName); + CKYStatus CKYCardConnection_Disconnect(CKYCardConnection *connection); ++CKYStatus CKYCardConnection_Eject(CKYCardConnection *connection); + unsigned long CKYCardConnection_GetProtocol(const CKYCardConnection *conn); + CKYBool CKYCardConnection_IsConnected(const CKYCardConnection *connection); + CKYStatus CKYCardConnection_Reconnect(CKYCardConnection *connection); +diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix4 ./esc/src/lib/coolkey/CoolKey.cpp +--- ./esc/src/lib/coolkey/CoolKey.cpp.fix4 2019-01-10 16:36:29.910956473 -0800 ++++ ./esc/src/lib/coolkey/CoolKey.cpp 2019-01-10 16:36:44.046888406 -0800 +@@ -257,6 +257,7 @@ static CoolKeyReference g_Reference = NU + static CoolKeyRelease g_Release = NULL; + static CoolKeyGetConfigValue g_GetConfigValue = NULL; + static CoolKeySetConfigValue g_SetConfigValue = NULL; ++static CoolKeyFreeConfigValue g_FreeConfigValue = NULL; + static CoolKeyBadCertHandler g_BadCertHandler = NULL; + + char* CoolKeyVerifyPassword(PK11SlotInfo *,PRBool,void *); +@@ -264,6 +265,7 @@ char* CoolKeyVerifyPassword(PK11SlotInfo + COOLKEY_API HRESULT CoolKeySetCallbacks(CoolKeyDispatch dispatch, + CoolKeyReference reference, CoolKeyRelease release, + CoolKeyGetConfigValue getconfigvalue,CoolKeySetConfigValue setconfigvalue, ++ CoolKeyFreeConfigValue freeconfigvalue, + CoolKeyBadCertHandler badcerthandler) + { + char tBuff[56]; +@@ -271,6 +273,7 @@ COOLKEY_API HRESULT CoolKeySetCallbacks( + g_Reference = reference; + g_Release = release; + g_GetConfigValue = getconfigvalue; ++ g_FreeConfigValue = freeconfigvalue; + g_SetConfigValue = setconfigvalue; + g_BadCertHandler = badcerthandler; + +@@ -293,7 +296,7 @@ COOLKEY_API HRESULT CoolKeySetCallbacks( + + #define RELEASE_LISTENER(list) \ + if (list) { \ +- (*g_Reference)(list); \ ++ (*g_Release)(list); \ + } + + char *CoolKeyVerifyPassword(PK11SlotInfo *slot,PRBool retry,void *arg) +@@ -728,6 +731,30 @@ HRESULT CoolKeyGetCPLCDataDirectly(CKYAp + return result; + } + ++char *CoolKeyGetPhoneHomeData(const char *url) { ++ ++ string host_port = ""; ++ string urlOffset = ""; ++ string hostName = ""; ++ int isSSL = 0; ++ ++ NSS_HTTP_HANDLE http_handle = httpAllocateClient(); ++ ++ string fullUrl = url; ++ ++ int portNum = 80; ++ ++ CoolKeyHandler::ExtractFromUrl(fullUrl, host_port, urlOffset, hostName, ++ &isSSL, &portNum); ++ ++ char *result = httpSend((char *) host_port.c_str(), url, (char *) "GET", ++ NULL, http_handle,/* mSSL */ ++ PR_FALSE, 30); ++ ++ httpDestroyClient(http_handle); ++ return result; ++} ++ + + static std::list g_ActiveKeyList; + +@@ -990,7 +1017,7 @@ HRESULT CoolKeyEnrollToken(const CoolKey + return hres; + } + +- CoolKeyNotify(aKey, eCKState_EnrollmentStart, aScreenName ? 1 : 0); ++ //CoolKeyNotify(aKey, eCKState_EnrollmentStart, aScreenName ? 1 : 0); + + return S_OK; + } +@@ -1040,7 +1067,7 @@ HRESULT CoolKeyResetTokenPIN(const CoolK + return hres; + } + +- CoolKeyNotify(aKey, eCKState_PINResetStart, aScreenName ? 1 : 0); ++ //CoolKeyNotify(aKey, eCKState_PINResetStart, aScreenName ? 1 : 0); + + return S_OK; + } +@@ -1091,7 +1118,7 @@ HRESULT CoolKeyFormatToken(const CoolKey + return hres; + } + +- CoolKeyNotify(aKey, eCKState_FormatStart, 0); ++ //CoolKeyNotify(aKey, eCKState_FormatStart, 0); + + return S_OK; + } +@@ -1568,6 +1595,16 @@ const char *CoolKeyGetConfig(const char + return res; + } + ++void CoolKeyFreeConfig(const char *aValue) ++{ ++ if(!g_FreeConfigValue || ! aValue) ++ { ++ return; ++ } ++ ++ (*g_FreeConfigValue)(aValue); ++} ++ + HRESULT CoolKeySetConfig(const char *aName,const char *aValue) + { + if( !aName || !aValue) +diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix4 ./esc/src/lib/coolkey/CoolKeyHandler.cpp +--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix4 2019-01-10 16:37:47.556582593 -0800 ++++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2019-01-10 16:37:56.118541366 -0800 +@@ -378,8 +378,8 @@ CoolKeyHandler::~CoolKeyHandler() + if(mCharScreenNamePwd) + { + PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("%s CoolKeyHandler::~CoolKeyHandler: attempt to free mCharScreenNamePwd\n",GetTStamp(tBuff,56))); +- mCharScreenNamePwd = NULL; + free(mCharScreenNamePwd); ++ mCharScreenNamePwd = NULL; + + PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("%s CoolKeyHandler::~CoolKeyHandler: done free mCharScreenNamePwd\n",GetTStamp(tBuff,56))); + +@@ -570,6 +570,104 @@ HRESULT CoolKeyHandler::Init(const CoolK + return S_OK; + } + ++void CoolKeyHandler::ExtractFromUrl(string &fullUrl, string &host_port, string &url, string &hostName, int *isSSL, ++ int *portNum) { ++ ++ if (isSSL == NULL || portNum == NULL) { ++ return; ++ } ++ ++ char tBuff[56]; ++ string ssl_str = "https://"; ++ string non_ssl_str = "http://"; ++ ++ size_t pos = fullUrl.find(ssl_str, 0); ++ ++ *isSSL = 0; ++ ++ if (pos == 0) { ++ pos += ssl_str.length(); ++ *isSSL = 1; ++ } else { ++ pos = fullUrl.find(non_ssl_str, 0); ++ if (pos == string::npos) { ++ return; ++ } ++ ++ pos += non_ssl_str.length(); ++ ++ } ++ ++ // Now grab the host name and host port from the tps url ++ ++ string host_name_port_str = ""; ++ string slash_str = "/"; ++ ++ size_t end_host_port_pos = fullUrl.find(slash_str, pos); ++ size_t end_host_port_count = 0; ++ ++ if (end_host_port_pos == string::npos) { ++ end_host_port_count = fullUrl.length() - pos; ++ } else { ++ end_host_port_count = end_host_port_pos - pos; ++ } ++ ++ string tps_url_offset = fullUrl.substr(end_host_port_pos); ++ ++ if (!tps_url_offset.length()) { ++ PR_LOG(coolKeyLogHN, PR_LOG_DEBUG, ++ ("%s CoolKeyHandler::ExtractFromUrl NULL tps_url_offset string!.\n",GetTStamp(tBuff,56))); ++ return; ++ } ++ ++ url = tps_url_offset; ++ ++ PR_LOG(coolKeyLogHN, PR_LOG_DEBUG, ++ ("%s CoolKeyHandler::ExtractFromUrl tps_url_offset string! %s.\n",GetTStamp(tBuff,56),tps_url_offset.c_str())); ++ ++ host_port = fullUrl.substr(pos, end_host_port_count); ++ ++ if (!host_port.length()) { ++ CoolKeyLogMsg(PR_LOG_ERROR, ++ "%s ExtractFromUrl. Bad hostname and port value!.\n", ++ GetTStamp(tBuff, 56)); ++ return; ++ } ++ ++ PR_LOG(coolKeyLogHN, PR_LOG_DEBUG, ++ ("%s CoolKeyHandler::ExtractFromUrl host_name_port %s.\n",GetTStamp(tBuff,56),host_port.c_str())); ++ ++ string delim = ":"; ++ string port_num_str = ""; ++ ++ size_t delimPos = host_port.find(delim, 0); ++ ++ if (delimPos == string::npos) { ++ *portNum = 80; ++ hostName = host_port; ++ PR_LOG(coolKeyLogHN, PR_LOG_DEBUG, ++ ("%s CoolKeyHandler::ExtractFromUrl no port number assuming 80!.\n",GetTStamp(tBuff,56))); ++ } else { ++ port_num_str = host_port.substr(delimPos + 1); ++ hostName = host_port.substr(0, delimPos); ++ PR_LOG(coolKeyLogHN, PR_LOG_DEBUG, ++ ("%s CoolKeyHandler::ExtractFromUrl mCharHostName %s!.\n",hostName.c_str(),GetTStamp(tBuff,56))); ++ ++ } ++ ++ if (port_num_str.length()) { ++ *portNum = atoi(port_num_str.c_str()); ++ ++ ++ PR_LOG(coolKeyLogHN, PR_LOG_DEBUG, ++ ("%s CoolKeyHandler::ExtractFromUrl port_num_str %s.\n",GetTStamp(tBuff,56),port_num_str.c_str())); ++ } ++ ++ PR_LOG(coolKeyLogHN, PR_LOG_DEBUG, ++ ("%s CoolKeyHandler::ExtractFromUrl port number %d.\n",GetTStamp(tBuff,56),*portNum)); ++ ++} ++ + void CoolKeyHandler::CollectPreferences() + { + char tBuff[56]; +@@ -590,12 +688,15 @@ void CoolKeyHandler::CollectPreferences( + + //Quickly grab the configurable http message timeout + ++ const char *tps_url = NULL; + const char *msg_timeout = CoolKeyGetConfig("esc.tps.message.timeout"); + + if(msg_timeout) + { + httpMessageTimeout = atoi(msg_timeout); + ++ CoolKeyFreeConfig(msg_timeout); ++ + PR_LOG( coolKeyLogHN, PR_LOG_DEBUG,("%s CoolKeyHandler::CollectPreferences! Message timeout %d\n",GetTStamp(tBuff,56),httpMessageTimeout)); + + } +@@ -611,7 +712,7 @@ void CoolKeyHandler::CollectPreferences( + const char *tps_url_for_key_str = tps_url_for_key.c_str(); + + PR_LOG( coolKeyLogHN, PR_LOG_DEBUG,("%s CoolKeyHandler::CollectPreferences! tps_url %s\n",GetTStamp(tBuff,56),tps_url_for_key_str)); +- const char *tps_url = CoolKeyGetConfig(tps_url_for_key_str); ++ tps_url = CoolKeyGetConfig(tps_url_for_key_str); + + if(!tps_url) + { +@@ -625,12 +726,15 @@ void CoolKeyHandler::CollectPreferences( + + return; + } ++ + } + + PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("%s CoolKeyHandler::CollectPreferences esc.tps.url %s\n",GetTStamp(tBuff,56),tps_url)); + + string tps_url_str = tps_url; + ++ CoolKeyFreeConfig(tps_url); ++ + // determine whether or not we are SSL + + string ssl_str = "https://"; +@@ -926,7 +1030,7 @@ HRESULT CoolKeyHandler::Format( const ch + HRESULT res = S_OK; + + PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("%s CoolKeyHandler::Format:\n",GetTStamp(tBuff,56))); +- ++ + if(aTokenType) + mCharTokenType = strdup(aTokenType); + +@@ -1986,7 +2090,7 @@ CoolKeyHandler::DisconnectFromReader() + char tBuff[56]; + PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("%s CoolKeyHandler::DisconnectFromReader:\n",GetTStamp(tBuff,56))); + if (mCardConnection) { +- CKYCardConnection_Disconnect(mCardConnection); ++ CKYCardConnection_Eject(mCardConnection); + CKYCardConnection_Destroy(mCardConnection); + mCardConnection = 0; + } +@@ -2164,9 +2268,9 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + // Since we are configured to only be notified of coolkey's, cac's and piv's + // non blank coolkeys will be identified by NOT being cac or piv in the manu id field. + +- if(!strcmp((const char *) tokenInfo.manufacturerID,cac_manu_id)) { ++ if(!memcmp( tokenInfo.manufacturerID,cac_manu_id,strlen(cac_manu_id ))) { + isACAC = 1; +- } else if(!strcmp((const char *) tokenInfo.manufacturerID, piv_manu_id)) { ++ } else if(!memcmp(tokenInfo.manufacturerID, piv_manu_id, strlen(piv_manu_id))) { + isAPIV = 1; + } else { + isACOOLKey = 1; +diff -up ./esc/src/lib/coolkey/CoolKeyHandler.h.fix4 ./esc/src/lib/coolkey/CoolKeyHandler.h +--- ./esc/src/lib/coolkey/CoolKeyHandler.h.fix4 2019-01-10 16:38:36.918345731 -0800 ++++ ./esc/src/lib/coolkey/CoolKeyHandler.h 2019-01-10 16:38:44.109311258 -0800 +@@ -154,6 +154,7 @@ eCKMessage *AllocateMessage(eCKMessage:: + HRESULT SetPassword(const char *password); + HRESULT SetTokenPin(const char *pin); + ++ static void ExtractFromUrl(string &fullUrl, string &host_port, string &url, string &hostName,int *isSSL, int *portNum); + + nsNKeyREQUIRED_PARAMETERS_LIST *GetAuthParametersList() { return &mReqParamList;} + +diff -up ./esc/src/lib/coolkey/CoolKey.h.fix4 ./esc/src/lib/coolkey/CoolKey.h +--- ./esc/src/lib/coolkey/CoolKey.h.fix4 2019-01-10 16:37:11.893754318 -0800 ++++ ./esc/src/lib/coolkey/CoolKey.h 2019-01-10 16:37:17.142729043 -0800 +@@ -95,6 +95,7 @@ typedef HRESULT (*CoolKeyRelease)(CoolKe + + typedef HRESULT (*CoolKeySetConfigValue)(const char *name,const char *value); + typedef const char * (*CoolKeyGetConfigValue)(const char *name); ++typedef void (*CoolKeyFreeConfigValue)(const char *name); + typedef SECStatus (*CoolKeyBadCertHandler)(void *arg, PRFileDesc *fd); + + class CoolKeyListener { +@@ -104,7 +105,7 @@ public: + + CoolKeyListener() { + clientNotify = NULL; +- client = NULL;}; ++ client = NULL; notify = NULL;}; + CoolKeyListener(CoolKeyDispatch theListener, CoolKeyDispatch internalListener) { + clientNotify = NULL; + client = NULL; +@@ -144,6 +145,7 @@ COOLKEY_API HRESULT CoolKeyUnregisterLis + COOLKEY_API HRESULT CoolKeySetCallbacks(CoolKeyDispatch dispatch, + CoolKeyReference reference, CoolKeyRelease release, + CoolKeyGetConfigValue getconfigvalue,CoolKeySetConfigValue setconfigvalue, ++ CoolKeyFreeConfigValue freeconfigvalue, + CoolKeyBadCertHandler badcerthandler=NULL); + + COOLKEY_API bool CoolKeyRequiresAuthentication(const CoolKey *aKey); +@@ -210,6 +212,8 @@ COOLKEY_API HRESULT CoolKeyGetATR(const + + COOLKEY_API int CoolKeyGetAppletVer(const CoolKey *aKey, const bool isMajor); + ++COOLKEY_API char *CoolKeyGetPhoneHomeData(const char *url); ++ + COOLKEY_API HRESULT CoolKeyInitializeLog(char *logFileName, int maxNumLines); + + COOLKEY_API HRESULT CoolKeyLogMsg(int logLevel, const char *fmt, ...); +@@ -289,6 +293,7 @@ const char *CoolKeyGetTokenName(const Co + const char *CoolKeyGetKeyID(const char *tokenName, int *aKeyType); + + const char *CoolKeyGetConfig(const char *aName); ++void CoolKeyFreeConfig(const char *aValue); + HRESULT CoolKeySetConfig(const char *aName,const char *aValue); + CoolKeyBadCertHandler CoolKeyGetBadCertHandler(); + HRESULT CoolKeyGetATRDirectly(char *aBuff, int aBuffLen, const char *readerName); +diff -up ./esc/src/lib/coolkey/CoolKey_Message.cpp.fix4 ./esc/src/lib/coolkey/CoolKey_Message.cpp +--- ./esc/src/lib/coolkey/CoolKey_Message.cpp.fix4 2019-01-10 16:39:21.887130153 -0800 ++++ ./esc/src/lib/coolkey/CoolKey_Message.cpp 2019-01-10 16:39:33.879072661 -0800 +@@ -181,7 +181,7 @@ string eCKMessage::intToString(int aInt) + sprintf(temp,"%d",aInt); + + result = temp; +- delete temp; ++ delete [] temp; + + return result; + } +@@ -241,7 +241,7 @@ void eCKMessage::setBinValue(string &aK + + mTokenMap[aKey] = data; + +- delete encode_output; ++ delete [] encode_output; + + } + +@@ -1002,7 +1002,7 @@ void URLDecode_str(const string &data,st + //printf("output %s \n",decode_output); + output = (char *) decode_output; + +- delete decode_output; ++ delete []decode_output; + } + void URLDecode(char *data, unsigned char *buf, int *ret_len, int buff_len) + { +@@ -1065,7 +1065,7 @@ void URLEncode_str(const string &data,st + output = encode_output; + + //printf("output %s \n",encode_output); +- delete encode_output; ++ delete [] encode_output; + } + + +diff -up ./esc/src/lib/coolkey-mgr/coolkey-api.cpp.fix4 ./esc/src/lib/coolkey-mgr/coolkey-api.cpp +--- ./esc/src/lib/coolkey-mgr/coolkey-api.cpp.fix4 2019-01-10 16:41:27.076529992 -0800 ++++ ./esc/src/lib/coolkey-mgr/coolkey-api.cpp 2019-01-10 16:41:46.470437015 -0800 +@@ -20,99 +20,179 @@ + + static rhCoolKey *coolkey = NULL; + static const char * coolkeyDbusName = NULL; ++static const char * configFilePathName = NULL; ++static CoolKeyListener *listener = NULL; + +-int notify( CoolKeyListener *listener, +- unsigned long keyType, const char *keyID, unsigned long keyState, +- unsigned long data, const char *strData +- ) +-{ +- CoolKeyDispatch clientListener = listener->GetClientListener(); +- +- /* notify our instance of rhCoolKey */ +- +- coolkey->RhNotifyKeyStateChange(keyType,keyID,keyState,data,strData); +- +- if(clientListener) { +- (clientListener )((CoolKeyListener *) listener->GetClient(),keyType, keyID, keyState, +- data, strData); +- } +- return S_OK; ++#define DEF_TOKEN_TYPE "userKey" ++ ++ ++int notify(CoolKeyListener *listener, unsigned long keyType, const char *keyID, ++ unsigned long keyState, unsigned long data, const char *strData) { ++ CoolKeyDispatch clientListener = listener->GetClientListener(); ++ ++ /* notify our instance of rhCoolKey */ ++ ++ coolkey->RhNotifyKeyStateChange(keyType, keyID, keyState, data, strData); ++ ++ if (clientListener) { ++ (clientListener)((CoolKeyListener *) listener->GetClient(), keyType, ++ keyID, keyState, data, strData); ++ } ++ return S_OK; + } + + void coolkey_destroy() { +- if(coolkey != NULL) { +- coolkey->ShutDownInstance(); +- delete coolkey; +- coolkey = NULL; +- } ++ if (coolkey != NULL) { ++ if(listener) { ++ coolkey->UnregisterCoolKeyListener(listener); ++ } ++ coolkey->ShutDownInstance(); ++ delete coolkey; ++ coolkey = NULL; ++ } + } + +-void coolkey_init(const char *db_dir,CoolKeyNotifyCallback cb,void* notifyClient,const char* dbusUniqueName) { ++void coolkey_init(const char *db_dir, const char *configFileName, CoolKeyNotifyCallback cb, ++ void* notifyClient, const char* dbusUniqueName) { + +- coolkeyDbusName = dbusUniqueName; +- if(coolkey == NULL) { +- coolkey = new rhCoolKey(db_dir); ++ coolkeyDbusName = dbusUniqueName; ++ if (coolkey == NULL) { ++ coolkey = new rhCoolKey(db_dir,configFileName); ++ ++ listener = new CoolKeyListener(); ++ listener->SetListener((CoolKeyDispatch) cb, (CoolKeyDispatch) notify); ++ listener->SetClient(notifyClient); ++ coolkey->RegisterCoolKeyListener(listener); ++ } ++} + +- CoolKeyListener *listener = new CoolKeyListener(); +- listener->SetListener((CoolKeyDispatch) cb,(CoolKeyDispatch) notify); +- listener->SetClient(notifyClient); +- coolkey->RegisterCoolKeyListener(listener); +- } ++char *coolkey_get_phone_home(char *url) { ++ if(!url) { ++ return NULL; ++ } ++ if (coolkey != NULL) { ++ char *_retval = NULL; ++ coolkey->GetCoolKeyPhoneHomeData(url, &_retval); ++ return _retval; ++ } else { ++ return NULL; ++ } + } + ++ + /* get a block of data about a token in a structure format */ +-tokenInfo *coolkey_get_token_info(int keyType,const char *keyID) { ++tokenInfo *coolkey_get_token_info(int keyType, const char *keyID) { ++ ++ if (coolkey == NULL) { ++ return NULL; ++ } ++ tokenInfo *tInfo = (tokenInfo *) malloc(sizeof(tokenInfo)); ++ ++ if (tInfo == NULL) { ++ exit(1); ++ } ++ ++ tInfo->atr = NULL; ++ tInfo->issuerInfo = NULL; ++ tInfo->issuer = NULL; ++ tInfo->issuedTo = NULL; ++ tInfo->status = 0; ++ tInfo->isACoolKey = 0; ++ ++ coolkey->GetCoolKeyATR(keyType, keyID, &tInfo->atr); ++ ++ coolkey->GetCoolKeyIssuerInfo(keyType, keyID, &tInfo->issuerInfo); ++ ++ coolkey->GetCoolKeyIssuer(keyType, keyID, &tInfo->issuer); ++ ++ coolkey->GetCoolKeyIssuedTo(keyType, keyID, &tInfo->issuedTo); ++ ++ coolkey->GetCoolKeyStatus(keyType, keyID, &tInfo->status); ++ ++ bool isACoolKey = false; ++ coolkey->GetCoolKeyIsReallyCoolKey(keyType, keyID, &isACoolKey); ++ tInfo->isACoolKey = (int) isACoolKey; ++ ++ return tInfo; ++} ++ ++int coolkey_cancel_token_operation(int keyType, const char *keyId) { + + if(coolkey == NULL) { +- return NULL; ++ return E_FAIL; + } +- tokenInfo *tInfo = (tokenInfo *) malloc(sizeof(tokenInfo)); + +- if(tInfo == NULL) { +- exit(1); ++ int ret = E_FAIL; ++ ret = coolkey->CancelCoolKeyOperation(keyType, keyId); ++ ++ return S_OK; ++} ++ ++int coolkey_format_token(int keyType, const char *keyId, const char *screenName, const char *pin, const char *screenNamePin, const char *tokenCode) { ++ ++ if (coolkey == NULL) { ++ return E_FAIL; ++ } ++ ++ int ret = E_FAIL; ++ ++ ret = coolkey->FormatCoolKey(keyType, keyId, DEF_TOKEN_TYPE, screenName, pin, screenNamePin, tokenCode); ++ ++ return S_OK; ++ ++} ++ ++int coolkey_enroll_token(int keyType, const char *keyId, const char *screenName, const char *pin, const char *screenNamePin, const char *tokenCode ) { ++ ++ if (coolkey == NULL) { ++ return E_FAIL; + } + +- tInfo ->atr = NULL; +- tInfo->issuerInfo = NULL; +- tInfo->issuer = NULL; +- tInfo->issuedTo = NULL; +- tInfo->status = 0; +- +- coolkey->GetCoolKeyATR(keyType, keyID, &tInfo->atr); ++ int ret = E_FAIL; + +- coolkey->GetCoolKeyIssuerInfo(keyType, keyID, &tInfo->issuerInfo); ++ ret = coolkey->EnrollCoolKey(keyType, keyId, DEF_TOKEN_TYPE, screenName, pin, screenNamePin, tokenCode); + +- coolkey->GetCoolKeyIssuer(keyType, keyID, &tInfo->issuer); + +- coolkey->GetCoolKeyIssuedTo(keyType, keyID, &tInfo->issuedTo); ++ return S_OK; ++} ++ ++int coolkey_reset_token_pin(int keyType, const char *keyId, const char *screenName, const char *pin, const char *screenNamePin, const char *tokenCode) { + +- coolkey->GetCoolKeyStatus(keyType, keyID, &tInfo->status); + +- return tInfo; ++ if (coolkey == NULL) { ++ return E_FAIL; ++ } ++ ++ int ret = E_FAIL; ++ ++ ret = coolkey->ResetCoolKeyPIN(keyType, keyId, screenName, pin, screenNamePin); ++ ++ ++ return S_OK; + } + + void coolkey_free_token_info(tokenInfo *tInfo) { +- if(tInfo) { +- if(tInfo->atr) { +- PL_strfree(tInfo->atr); +- tInfo->atr = NULL; +- } +- +- if(tInfo->issuerInfo) { +- PL_strfree(tInfo->issuerInfo); +- tInfo->issuerInfo = NULL; +- } +- +- if(tInfo->issuer) { +- PL_strfree(tInfo->issuer); +- tInfo->issuer = NULL; +- } +- +- if(tInfo->issuedTo) { +- PL_strfree(tInfo->issuedTo); +- tInfo->issuedTo = NULL; +- } ++ if (tInfo) { ++ if (tInfo->atr) { ++ PL_strfree(tInfo->atr); ++ tInfo->atr = NULL; ++ } ++ ++ if (tInfo->issuerInfo) { ++ PL_strfree(tInfo->issuerInfo); ++ tInfo->issuerInfo = NULL; ++ } ++ ++ if (tInfo->issuer) { ++ PL_strfree(tInfo->issuer); ++ tInfo->issuer = NULL; ++ } ++ ++ if (tInfo->issuedTo) { ++ PL_strfree(tInfo->issuedTo); ++ tInfo->issuedTo = NULL; ++ } + +- free(tInfo); +- } ++ free(tInfo); ++ } + } +diff -up ./esc/src/lib/coolkey-mgr/coolkey-api.h.fix4 ./esc/src/lib/coolkey-mgr/coolkey-api.h +--- ./esc/src/lib/coolkey-mgr/coolkey-api.h.fix4 2019-01-10 16:42:11.556316752 -0800 ++++ ./esc/src/lib/coolkey-mgr/coolkey-api.h 2019-01-10 16:42:21.254270258 -0800 +@@ -19,7 +19,6 @@ + #ifndef __COOLKEY_API_H__ + #define __COOLKEY_API_H__ + +- + typedef struct tokenInfo { + int keyType; + char* cuid; +@@ -28,6 +27,7 @@ typedef struct tokenInfo { + char* issuer; + char* issuedTo; + unsigned int status; ++ unsigned int isACoolKey; + } tokenInfo; + + #ifdef __cplusplus +@@ -38,13 +38,20 @@ typedef int (*CoolKeyNotifyCallback)(voi + unsigned long aKeyType, const char *aKeyID, unsigned long aKeyState, + unsigned long aData, const char *aStrData); + +-void coolkey_init(const char *db_dir,CoolKeyNotifyCallback cb, void *notifyClient,const char *dbusUniqueName); ++void coolkey_init(const char *db_dir, const char *configFileName, CoolKeyNotifyCallback cb, void *notifyClient,const char *dbusUniqueName); + + void coolkey_destroy(); + ++char *coolkey_get_phone_home(char *url); + tokenInfo *coolkey_get_token_info(int keyType,const char *keyID); + void coolkey_free_token_info(tokenInfo *tInfo); + ++int coolkey_cancel_token_operation(int keyType, const char *keyId); ++int coolkey_format_token(int keyType, const char *keyId, const char *screenName, const char *pin, const char *screenNamePin, const char *tokenCode); ++int coolkey_enroll_token(int keyType, const char *keyId, const char *screenName, const char *pin, const char *screenNamePin, const char *tokenCode); ++int coolkey_reset_token_pin(int keyType, const char *keyId, const char *screenName, const char *pin, const char *screenNamePin, const char *tokenCode); ++ ++ + #ifdef __cplusplus + } + #endif +diff -up ./esc/src/lib/coolkey-mgr/coolkey-mgr.c.fix4 ./esc/src/lib/coolkey-mgr/coolkey-mgr.c +--- ./esc/src/lib/coolkey-mgr/coolkey-mgr.c.fix4 2019-01-10 16:42:49.189136339 -0800 ++++ ./esc/src/lib/coolkey-mgr/coolkey-mgr.c 2019-01-10 16:42:55.436106392 -0800 +@@ -26,11 +26,15 @@ + #include + #include + ++#define SUCCESS 1 ++#define FAIL 0 ++ + enum + { + PROP_0, + PROP_DBUS_UNIQUE_NAME, + PROP_CONFIG_DIR, ++ PROP_CONFIG_FILE_NAME, + N_PROPERTIES + }; + +@@ -43,6 +47,7 @@ struct _CoolkeyMgrPrivate { + CoolKeyNotifyCallback cb; + char *dbusUniqueName; + char *configDir; ++ char *configFileName; + DBusConnection* dbusConn; + }; + +@@ -101,6 +106,11 @@ coolkey_mgr_set_property (GObject * + priv->configDir = g_value_dup_string(value); + break; + ++ case PROP_CONFIG_FILE_NAME: ++ g_free(priv->configFileName); ++ priv->configFileName = g_value_dup_string(value); ++ break; ++ + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec); + break; +@@ -123,6 +133,9 @@ coolkey_mgr_get_property (GObject *ob + case PROP_CONFIG_DIR: + g_value_set_string(value,priv->configDir); + break; ++ case PROP_CONFIG_FILE_NAME: ++ g_value_set_string(value,priv->configFileName); ++ break; + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec); + break; +@@ -137,6 +150,7 @@ coolkey_mgr_finalize (GObject *object) + if(priv) { + g_free (priv->dbusUniqueName); + g_free(priv->configDir); ++ g_free(priv->configFileName); + if(priv->dbusConn) { + dbus_connection_unref(priv->dbusConn); + priv->dbusConn = NULL; +@@ -150,7 +164,7 @@ static void + coolkey_mgr_constructed (GObject *object) + { + CoolkeyMgrPrivate *priv = COOLKEY_MGR_GET_PRIVATE (object); +- coolkey_init(priv->configDir,priv->cb,(void *) object,priv->dbusUniqueName); ++ coolkey_init(priv->configDir,priv->configFileName,priv->cb,(void *) object,priv->dbusUniqueName); + } + + // class initialization +@@ -174,13 +188,22 @@ coolkey_mgr_class_init (CoolkeyMgrClass + G_PARAM_CONSTRUCT); + + obj_properties[PROP_CONFIG_DIR] = +- g_param_spec_string ("config_dir", ++ g_param_spec_string ("config_dir", + "Config_dir", + "User config directory path", + "World", + G_PARAM_READWRITE | + G_PARAM_CONSTRUCT); + ++ obj_properties[PROP_CONFIG_FILE_NAME] = ++ g_param_spec_string ("config_file_name", ++ "Config_file_name", ++ "User config file name", ++ "World", ++ G_PARAM_READWRITE | ++ G_PARAM_CONSTRUCT); ++ ++ + g_object_class_install_properties (object_class, + N_PROPERTIES, + obj_properties); +@@ -206,6 +229,124 @@ coolkey_mgr_new (void) + return mgr; + } + ++int coolkey_mgr_cancel_token_operation(CoolkeyMgr* self, CoolkeyToken* token) { ++ ++ gchar *cuid = NULL; ++ gchar *keyType = NULL; ++ ++ int ret = FAIL; ++ ++ if(token == NULL) { ++ return ret; ++ } ++ ++ g_object_get(token,"key_type", &keyType,NULL); ++ ++ g_object_get(token,"cuid", &cuid, NULL); ++ ++ if(keyType == NULL || cuid == NULL) { ++ goto cleanup; ++ } ++ ++ int res = coolkey_cancel_token_operation(atoi( keyType), cuid); ++cleanup: ++ ++ g_free (keyType); ++ g_free (cuid); ++ ++ return ret; ++ ++} ++ ++ ++int coolkey_mgr_format_token(CoolkeyMgr* self, CoolkeyToken* token, gchar *tokenType, gchar *userId, gchar* pin, gchar *userPwd, gchar *tokenCode) { ++ ++ gchar *cuid = NULL; ++ gchar *keyType = NULL; ++ ++ int ret = FAIL; ++ ++ if(token == NULL || userId == NULL || userPwd == NULL ) { ++ return ret; ++ } ++ ++ g_object_get(token,"key_type", &keyType,NULL); ++ ++ g_object_get(token,"cuid", &cuid, NULL); ++ ++ if(keyType == NULL || cuid == NULL) { ++ goto cleanup; ++ } ++ ++ int res = coolkey_format_token(atoi( keyType), cuid, userId, pin, userPwd, tokenCode); ++cleanup: ++ ++ g_free (keyType); ++ g_free (cuid); ++ ++ return ret; ++} ++ ++int coolkey_mgr_enroll_token(CoolkeyMgr* self, CoolkeyToken* token,gchar *tokenType, gchar *userId, gchar *pin,gchar *userPwd, gchar *tokenCode) { ++ ++ gchar *cuid = NULL; ++ gchar *keyType = NULL; ++ ++ int ret = FAIL; ++ ++ if(token == NULL || userId == NULL || userPwd == NULL || pin == NULL) { ++ return ret; ++ } ++ ++ g_object_get(token,"key_type", &keyType,NULL); ++ ++ g_object_get(token,"cuid", &cuid, NULL); ++ ++ int res = coolkey_enroll_token(atoi( keyType), cuid, userId, pin, userPwd, tokenCode); ++ ++ if(keyType == NULL || cuid == NULL) { ++ goto cleanup; ++ } ++ ++cleanup: ++ ++ g_free (keyType); ++ g_free (cuid); ++ ++ return ret; ++} ++ ++int coolkey_mgr_reset_token_pin(CoolkeyMgr* self, CoolkeyToken* token, gchar *tokenType, gchar *userId,gchar *pin, gchar *userPwd, gchar *tokenCode) { ++ ++ gchar *cuid = NULL; ++ gchar *keyType = NULL; ++ ++ int ret = FAIL; ++ ++ if(token == NULL || userId == NULL || userPwd == NULL || pin == NULL) { ++ return ret; ++ } ++ ++ g_object_get(token,"key_type", &keyType,NULL); ++ ++ g_object_get(token,"cuid", &cuid, NULL); ++ ++ if(keyType == NULL || cuid == NULL) { ++ goto cleanup; ++ } ++ ++ int res = coolkey_reset_token_pin(atoi( keyType), cuid, userId, pin, userPwd, tokenCode); ++ ++cleanup: ++ ++ g_free (keyType); ++ g_free (cuid); ++ ++ return ret; ++} ++ ++ ++ + void + coolkey_mgr_get_token_info(CoolkeyMgr* self, CoolkeyToken* token) { + +@@ -218,7 +359,7 @@ coolkey_mgr_get_token_info(CoolkeyMgr* s + + g_object_get(token,"cuid", &cuid, NULL); + +- if(keyType == NULL) { ++ if(keyType == NULL || cuid == NULL) { + goto cleanup; + } + +@@ -231,7 +372,7 @@ coolkey_mgr_get_token_info(CoolkeyMgr* s + "issuer_info", tInfo->issuerInfo, + "issuer",tInfo->issuer, + "issued_to", tInfo->issuedTo, +- "status", tInfo->status,NULL); ++ "status", tInfo->status,"is_a_cool_key", tInfo->isACoolKey,NULL); + } + + cleanup: +@@ -239,10 +380,25 @@ cleanup: + coolkey_free_token_info(tInfo); + g_free (keyType); + g_free (cuid); +- +- + } + ++/** ++* coolkey_mgr_phone_home: ++* @url: phone home url to query ++* ++* Returns: raw phone home xml text. ++* ++*/ ++ ++gchar * ++coolkey_mgr_phone_home(CoolkeyMgr* self,gchar *url) ++{ ++ gchar *phoneInfo = NULL; ++ ++ phoneInfo = coolkey_get_phone_home(url); ++ ++ return phoneInfo; ++} + + /** + * coolkey_mgr_speak: +@@ -256,8 +412,6 @@ coolkey_mgr_speak (CoolkeyMgr* self, gch + { + gchar *retval= 0; + +- printf("Coolkey says: %s \n", words); +- + return retval; + } + +diff -up ./esc/src/lib/coolkey-mgr/coolkey-mgr.h.fix4 ./esc/src/lib/coolkey-mgr/coolkey-mgr.h +--- ./esc/src/lib/coolkey-mgr/coolkey-mgr.h.fix4 2019-01-10 16:43:15.341010967 -0800 ++++ ./esc/src/lib/coolkey-mgr/coolkey-mgr.h 2019-01-10 16:43:22.355977338 -0800 +@@ -23,7 +23,6 @@ + + typedef struct _CoolkeyMgrPrivate CoolkeyMgrPrivate; + +- + // Declare CoolkeyMgr as a final (non-derivable) class inherited from GObject + #define COOLKEY_TYPE_MGR coolkey_mgr_get_type () + G_DECLARE_FINAL_TYPE (CoolkeyMgr, coolkey_mgr, COOLKEY, MGR, GObject) +@@ -35,8 +34,20 @@ CoolkeyMgr * coolkey_mgr_new (void); + * CoolkeyMgr method declarations. + */ + ++ ++int coolkey_mgr_format_token(CoolkeyMgr* self, CoolkeyToken* token, gchar *tokenType, gchar *userId,gchar *pin, gchar *userPwd, gchar *tokenCode); ++ ++int coolkey_mgr_enroll_token(CoolkeyMgr* self, CoolkeyToken* token, gchar *tokenType, gchar *userId, gchar *pin, gchar *userPwd, gchar *tokenCode); ++ ++int coolkey_mgr_reset_token_pin(CoolkeyMgr* self, CoolkeyToken* token, gchar *tokenType, gchar *userId, gchar *pin, gchar *userPwd, gchar *tokenCode); ++ ++int coolkey_mgr_cancel_token_operation(CoolkeyMgr* self, CoolkeyToken* token); ++ ++ + void coolkey_mgr_get_token_info(CoolkeyMgr* self, CoolkeyToken* token); + ++gchar * coolkey_mgr_phone_home(CoolkeyMgr* self, gchar *url); ++ + gchar * coolkey_mgr_speak (CoolkeyMgr* self, gchar *words); + void coolkey_mgr_cleanup(CoolkeyMgr *self); + +diff -up ./esc/src/lib/coolkey-mgr/coolkey-token.c.fix4 ./esc/src/lib/coolkey-mgr/coolkey-token.c +--- ./esc/src/lib/coolkey-mgr/coolkey-token.c.fix4 2019-01-10 16:43:53.652827301 -0800 ++++ ./esc/src/lib/coolkey-mgr/coolkey-token.c 2019-01-10 16:44:00.252795662 -0800 +@@ -35,6 +35,7 @@ enum + PROP_ISSUER, + PROP_ISSUEDTO, + PROP_STATUS, ++ PROP_IS_COOLKEY, + N_PROPERTIES + }; + +@@ -51,6 +52,7 @@ struct _CoolkeyTokenPrivate { + gchar* issuer; + gchar* issued_to; + int status; ++ int is_a_cool_key; + }; + + +@@ -82,6 +84,7 @@ coolkey_token_init (CoolkeyToken *self) + priv->issuer_info = NULL; + priv->issuer = NULL; + priv->issued_to = NULL; ++ priv->is_a_cool_key = 0; + } + + static void +@@ -128,6 +131,9 @@ coolkey_token_set_property (GObject + priv->status = g_value_get_int(value); + break; + ++ case PROP_IS_COOLKEY: ++ priv->is_a_cool_key = g_value_get_int(value); ++ break; + + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec); +@@ -170,13 +176,16 @@ coolkey_token_get_property (GObject * + case PROP_STATUS: + g_value_set_int(value, priv->status); + break; ++ ++ case PROP_IS_COOLKEY: ++ g_value_set_int(value, priv->is_a_cool_key); ++ break; + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec); + break; + } + } + +- + static void + coolkey_token_finalize (GObject *object) + { +@@ -267,6 +276,13 @@ coolkey_token_class_init (CoolkeyTokenCl + 0, INT_MAX,0, + G_PARAM_READWRITE); + ++ obj_properties[PROP_IS_COOLKEY] = ++ g_param_spec_int ("is_a_cool_key", ++ "Is_a_cool_key", ++ "Is the token a CoolKey", ++ 0, INT_MAX,0, ++ G_PARAM_READWRITE); ++ + + g_object_class_install_properties (object_class, + N_PROPERTIES, +@@ -292,3 +308,19 @@ coolkey_token_new (void) + token = g_object_new(COOLKEY_TYPE_TOKEN, NULL); + return token; + } ++ ++/** ++ * coolkey_token_phone_home: ++ * @url: url of smart card server to phone home ++ * ++ * Returns: Text of the phone home xml file ++ * ++ */ ++gchar * ++coolkey_token_phone_home (CoolkeyToken* self, gchar *url) ++{ ++ gchar *retval= 0; ++ ++ return retval; ++} ++ +diff -up ./esc/src/lib/coolkey-mgr/coolkey-token.h.fix4 ./esc/src/lib/coolkey-mgr/coolkey-token.h +--- ./esc/src/lib/coolkey-mgr/coolkey-token.h.fix4 2019-01-10 16:44:25.228675926 -0800 ++++ ./esc/src/lib/coolkey-mgr/coolkey-token.h 2019-01-10 16:44:30.212652031 -0800 +@@ -29,4 +29,8 @@ G_DECLARE_FINAL_TYPE (CoolkeyToken, cool + // constructor + CoolkeyToken * coolkey_token_new (void); + ++//Methods ++ ++gchar *coolkey_token_phone_home(CoolkeyToken *self,gchar *url); ++ + #endif /* __COOLKEY_TOKEN_H__ */ +diff -up ./esc/src/lib/coolkey-mgr/rhCoolKey.cpp.fix4 ./esc/src/lib/coolkey-mgr/rhCoolKey.cpp +--- ./esc/src/lib/coolkey-mgr/rhCoolKey.cpp.fix4 2019-01-10 16:45:08.109470350 -0800 ++++ ./esc/src/lib/coolkey-mgr/rhCoolKey.cpp 2019-01-10 16:45:15.508434880 -0800 +@@ -28,6 +28,7 @@ + #include + #include + #include ++#include + + #define STRINGIFY(x) #x + #define GETSTRING(x) STRINGIFY(x) +@@ -50,6 +51,7 @@ static PRLogModuleInfo *coolKeyLog = PR_ + + static rhCoolKey *single = NULL; + ++char *rhCoolKey::configFilePathName = NULL; + + class CoolKeyShutdownObserver + { +@@ -179,15 +181,15 @@ ASCCalcBase64EncodedLength(unsigned int + return ((aDataLength + 2) / 3) * 4; + } + +-rhCoolKey::rhCoolKey(const char* dbDir) ++rhCoolKey::rhCoolKey(const char* dbDir, const char* configFileName) + { + char tBuff[56]; + PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s rhCoolKey::rhCoolKey: %p \n",GetTStamp(tBuff,56),this)); + ++ rhCoolKey::configFilePathName = NULL; + if(!single) + { + single = this; +- + } + else + { +@@ -217,6 +219,12 @@ rhCoolKey::rhCoolKey(const char* dbDir) + exit(1); + } + ++ res = InitConfig(dbDir,configFileName); ++ ++ if(res == PR_FALSE) { ++ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s ESC InitConfig failed,exiting. CoolKey instance %p\n",GetTStamp(tBuff,56),single)); ++ } ++ + /* member initializers and constructor code */ + } + +@@ -227,6 +235,11 @@ rhCoolKey::~rhCoolKey() + char tBuff[56]; + PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s rhCoolKey::~rhCoolKey: %p \n",GetTStamp(tBuff,56),this)); + ++ if(rhCoolKey::configFilePathName != NULL) { ++ delete [] rhCoolKey::configFilePathName; ++ rhCoolKey::configFilePathName = NULL; ++ } ++ + if(certCBLock) { + PR_DestroyLock(certCBLock); + } +@@ -241,7 +254,7 @@ void rhCoolKey::ShutDownInstance() + char tBuff[56]; + PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s rhCoolKey::ShutDownInstance. %p \n",GetTStamp(tBuff,56),this)); + +- //ClearNotifyKeyList(); ++ ClearAvailableList(); + + CoolKeyShutdown(); + } +@@ -270,6 +283,9 @@ HRESULT rhCoolKey::Reference( CoolKeyLis + + HRESULT rhCoolKey::Release( CoolKeyListener *listener ) + { ++ if(listener) { ++ delete listener; ++ } + return S_OK; + } + +@@ -366,25 +382,57 @@ SECStatus rhCoolKey::badCertHandler(void + HRESULT rhCoolKey::doSetCoolKeyConfigValue(const char *aName, const char *aValue) + { + +- if(!aName || !aValue) +- { +- return E_FAIL; +- } ++ //Unimplimented + +- +- return S_OK; ++ return E_FAIL; + + } + ++void rhCoolKey::doFreeCoolKeyConfigValue(const char *aValue) { ++ ++ if(!aValue) ++ return; ++ ++ g_free((gchar *)aValue); ++ ++} + const char *rhCoolKey::doGetCoolKeyConfigValue(const char *aName ) + { ++ ++ char tBuff[56]; + const char* prefValue = NULL; + if(!aName) + { + return NULL; + } + +- return (const char *) prefValue; ++ g_autoptr(GError) error = NULL; ++ g_autoptr(GKeyFile) key_file = g_key_file_new (); ++ ++ if (!g_key_file_load_from_file (key_file, rhCoolKey::configFilePathName,G_KEY_FILE_NONE, &error)) ++ { ++ if (!g_error_matches (error, G_FILE_ERROR, G_FILE_ERROR_NOENT)) { ++ ++ PR_LOG(coolKeyLog, PR_LOG_DEBUG, ++ ("%s rhCoolKey::doGetCoolKeyConfigValue error opening key file.", ++ GetTStamp(tBuff,56))); ++ return NULL; ++ } ++ } ++ ++ gchar *val = g_key_file_get_string (key_file, "ESC", aName, &error); ++ if (val == NULL) ++ { ++ PR_LOG(coolKeyLog, PR_LOG_DEBUG, ++ ("%s rhCoolKey::doGetCoolKeyConfigValue error can't get value for: %s.", ++ GetTStamp(tBuff,56), aName)); ++ ++ return NULL; ++ } ++ ++ prefValue = (const char*) val; ++ ++ return prefValue; + } + + void rhCoolKey::RegisterCoolKeyListener(CoolKeyListener *listener) { +@@ -393,6 +441,14 @@ void rhCoolKey::RegisterCoolKeyListener( + } + } + ++void rhCoolKey::UnregisterCoolKeyListener(CoolKeyListener *listener) { ++ ++ if(listener) { ++ CoolKeyUnregisterListener(listener); ++ } ++} ++ ++ + PRBool rhCoolKey::InitInstance(const char* dbDir) + { + char tBuff[56]; +@@ -400,9 +456,7 @@ PRBool rhCoolKey::InitInstance(const cha + + PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s rhCoolKey::InitInstance %p \n",GetTStamp(tBuff,56),this)); + +- CoolKeySetCallbacks(Dispatch,Reference, Release,doGetCoolKeyConfigValue ,doSetCoolKeyConfigValue,badCertHandler); +- +- //CoolKeyRegisterListener(); ++ CoolKeySetCallbacks(Dispatch,Reference, Release,doGetCoolKeyConfigValue,doSetCoolKeyConfigValue,doFreeCoolKeyConfigValue,badCertHandler); + + // Now setup CoolKey. + +@@ -411,6 +465,37 @@ PRBool rhCoolKey::InitInstance(const cha + return ret; + } + ++PRBool rhCoolKey::InitConfig(const char *dbDir,const char* configFileName) ++{ ++ char tBuff[56]; ++ PRBool ret = PR_TRUE; ++ ++ if(!dbDir || !configFileName) { ++ ret = PR_FALSE; ++ return ret; ++ } ++ ++ int size = strlen(dbDir) + strlen(configFileName) + 2; ++ ++ //sanity ++ ++ if(size > 200) { ++ ret = PR_FALSE; ++ return ret; ++ } ++ ++ if(rhCoolKey::configFilePathName == NULL) { ++ rhCoolKey::configFilePathName = new char[size]; ++ } ++ ++ snprintf(rhCoolKey::configFilePathName,200,"%s/%s",dbDir,configFileName); ++ ++ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s rhCoolKey::InitConfig full file Name: %s \n",GetTStamp(tBuff,56),configFilePathName)); ++ ++ return ret; ++ ++} ++ + CoolKeyNode* rhCoolKey::GetCoolKeyInfo(unsigned long aKeyType, const char * aKeyID) + { + char tBuff[56]; +@@ -456,8 +541,9 @@ HRESULT rhCoolKey::ASCGetAvailableCoolK + std::list::const_iterator it; + for(it=gASCAvailableKeys.begin(); it!=gASCAvailableKeys.end(); ++it) { + if (aIndex-- == 0) { +- *aKeyType = (*it)->mKeyType; +- *aKeyID = (char *) (*it)->mKeyID; ++ CoolKeyNode *node = (*it); ++ *aKeyType = node->mKeyType; ++ *aKeyID = (char *) node->mKeyID; + return S_OK; + } + } +@@ -1359,3 +1445,18 @@ HRESULT rhCoolKey::GetCoolKeyVersion(cha + + return NS_OK; + } ++ ++HRESULT rhCoolKey::GetCoolKeyPhoneHomeData(const char *url, char **_retval) { ++ char *phoneHomeData = NULL; ++ ++ *_retval = NULL; ++ ++ phoneHomeData = CoolKeyGetPhoneHomeData(url); ++ ++ if (phoneHomeData) { ++ *_retval = PL_strdup(phoneHomeData); ++ phoneHomeData = NULL; ++ } ++ ++ return NS_OK; ++} +diff -up ./esc/src/lib/coolkey-mgr/rhCoolKey.h.fix4 ./esc/src/lib/coolkey-mgr/rhCoolKey.h +--- ./esc/src/lib/coolkey-mgr/rhCoolKey.h.fix4 2019-01-10 16:45:36.015336570 -0800 ++++ ./esc/src/lib/coolkey-mgr/rhCoolKey.h 2019-01-10 16:45:45.896289201 -0800 +@@ -74,18 +74,20 @@ class rhCoolKey + { + public: + +- rhCoolKey(const char* dbDir); ++ rhCoolKey(const char* dbDir, const char* configFileName); + + void ShutDownInstance(); + ~rhCoolKey(); + public: + static void RegisterCoolKeyListener(CoolKeyListener *listener); ++ static void UnregisterCoolKeyListener(CoolKeyListener *listener); + static HRESULT Dispatch( CoolKeyListener *listener, + unsigned long keyType, const char *keyID, unsigned long keyState, + unsigned long data, const char *strData); + static HRESULT Reference( CoolKeyListener *listener ); + static HRESULT Release( CoolKeyListener *listener ); + ++ static void doFreeCoolKeyConfigValue(const char *aValue); + static HRESULT doSetCoolKeyConfigValue(const char *aName, const char *aValue); + static const char *doGetCoolKeyConfigValue(const char *aName ); + static SECStatus badCertHandler(void *arg, PRFileDesc *fd); +@@ -121,8 +123,7 @@ public: + HRESULT AuthenticateCoolKey(PRUint32 aKeyType, const char *aKeyID, const char *aPIN, bool *_retval); + HRESULT SetCoolKeyDataValue(PRUint32 aKeyType, const char *aKeyID, const char *name, const char *value); + HRESULT GetCoolKeyVersion(char **_retval); +- +- //nsCOMPtr mJsNotify; ++ HRESULT GetCoolKeyPhoneHomeData(const char *url, char **_retval); + + static std::list gASCAvailableKeys; + +@@ -132,8 +133,8 @@ public: + + static PRBool gAutoEnrollBlankTokens; + +- //nsCOMPtr nssComponent; + PRBool InitInstance(const char* dbDir); ++ PRBool InitConfig(const char *dbDir,const char* configFileName); + + HRESULT ASCSetCoolKeyPin(unsigned long aKeyType, const char * aKeyID, const char * aPin); + PRBool ASCCoolKeyIsAvailable(unsigned long aKeyType, char * aKeyID); +@@ -151,15 +152,11 @@ public: + + void RemoveKeyFromAvailableList(unsigned long aKeyType, const char * aKeyID); + +- //rhIKeyNotify* GetNotifyKeyListener(rhIKeyNotify *listener); +- +- //int GetNotifyKeyListenerListSize(); +- //void AddNotifyKeyListener(rhIKeyNotify *listener); +- //void RemoveNotifyKeyListener(rhIKeyNotify *listener); +- //void ClearNotifyKeyList(); +- + void ClearAvailableList(); + ++ private: ++ ++ static char *configFilePathName; + + }; + #endif +diff -up ./esc/src/lib/coolkey/NSSManager.cpp.fix4 ./esc/src/lib/coolkey/NSSManager.cpp +--- ./esc/src/lib/coolkey/NSSManager.cpp.fix4 2019-01-10 16:40:09.075903931 -0800 ++++ ./esc/src/lib/coolkey/NSSManager.cpp 2019-01-10 16:40:20.324850003 -0800 +@@ -154,6 +154,10 @@ void NSSManager::Shutdown() + // Logout all tokens. + PK11_LogoutAll(); + ++ if(userModule) { ++ SECMOD_UnloadUserModule(userModule); ++ } ++ + if(systemCertDB) + { + SECMOD_CloseUserDB(systemCertDB); +@@ -162,9 +166,6 @@ void NSSManager::Shutdown() + systemCertDB = NULL; + } + +- if(userModule) { +- SECMOD_UnloadUserModule(userModule); +- } + NSS_Shutdown(); + } + +diff -up ./esc/src/lib/nss-http-client/httpClientNss.cpp.fix4 ./esc/src/lib/nss-http-client/httpClientNss.cpp +--- ./esc/src/lib/nss-http-client/httpClientNss.cpp.fix4 2019-01-10 16:46:22.792112323 -0800 ++++ ./esc/src/lib/nss-http-client/httpClientNss.cpp 2019-01-10 16:46:35.788050020 -0800 +@@ -57,6 +57,48 @@ HttpClientNss::~HttpClientNss() + } + } + ++PSHttpResponse *HttpClientNss::httpSend(char *host_port,const char *uri, ++ char *method, char *body, PRBool doSSL, int messageTimeout) { ++ ++ int family = PR_AF_INET; ++ char hostName[512] = { 0 }; ++ ++ extractHost(host_port, hostName, 512); ++ family = this->getFamily(hostName); ++ ++ PSHttpServer server(host_port, family); ++ ++ PSHttpRequest request(&server, uri, HTTP11, 0); ++ _request = &request; ++ ++ int timeout = 30; ++ ++ if (messageTimeout >= 0) { ++ timeout = messageTimeout; ++ ++ } ++ ++ request.setSSL(doSSL); ++ ++ request.addHeader( "Content-Type", "text/plain" ); ++ ++ _engine = new HttpEngine(); ++ ++ if (!_engine) ++ return NULL; ++ ++ PSHttpResponse *resp = _engine->makeRequest(request, server, ++ timeout /*_timeout*/, PR_FALSE /* expect chunked*/, ++ PR_FALSE /* process streamed */); ++ ++ _response = resp; ++ ++ if (resp && resp->getStatus() != 200) { ++ return NULL; ++ } ++ ++ return resp; ++} + /* + Send a http message with a persistant transfer chunked encoded message type + +@@ -67,7 +109,7 @@ PSHttpResponse *HttpClientNss::httpSendC + char *pPort = NULL; + char *pPortActual = NULL; + +- char hostName[512]; ++ char hostName[512] = {0}; + + /* + * Isolate the host name, account for IPV6 numeric addresses. +@@ -101,7 +143,7 @@ PSHttpResponse *HttpClientNss::httpSendC + + ai = PR_GetAddrInfoByName(hostName, PR_AF_UNSPEC, PR_AI_ADDRCONFIG); + if (ai) { +- printf("%s\n", PR_GetCanonNameFromAddrInfo(ai)); ++ //printf("%s\n", PR_GetCanonNameFromAddrInfo(ai)); + iter = NULL; + while ((iter = PR_EnumerateAddrInfo(iter, ai, 0, &addr)) != NULL) { + family = PR_NetAddrFamily(&addr); +@@ -211,4 +253,51 @@ PRBool HttpClientNss::sendChunkedEntityD + } + } + ++int HttpClientNss::getFamily(char *hostName) { ++ ++ PRAddrInfo *ai; ++ void *iter; ++ PRNetAddr addr; ++ int family = PR_AF_INET; ++ ++ ai = PR_GetAddrInfoByName(hostName, PR_AF_UNSPEC, PR_AI_ADDRCONFIG); ++ if (ai) { ++ //printf("%s\n", PR_GetCanonNameFromAddrInfo(ai)); ++ iter = NULL; ++ while ((iter = PR_EnumerateAddrInfo(iter, ai, 0, &addr)) != NULL) { ++ family = PR_NetAddrFamily(&addr); ++ break; ++ } ++ PR_FreeAddrInfo(ai); ++ } ++ ++ return family; ++} ++ ++void HttpClientNss::extractHost(char *host_port, char *host, int hostLen) { ++ ++ char *pPort = NULL; ++ char *pPortActual = NULL; ++ ++ if(!host_port || !host || hostLen <= 0) ++ return; ++ ++ if(host_port) ++ strncpy(host,host_port,hostLen); ++ ++ pPort = host; ++ while(1) { ++ pPort = strchr(pPort, ':'); ++ if (pPort) { ++ pPortActual = pPort; ++ pPort++; ++ } else ++ break; ++ } ++ ++ if(pPortActual) ++ *pPortActual = '\0'; ++ ++} ++ + +diff -up ./esc/src/lib/nss-http-client/HttpClientNss.h.fix4 ./esc/src/lib/nss-http-client/HttpClientNss.h +--- ./esc/src/lib/nss-http-client/HttpClientNss.h.fix4 2019-01-10 16:47:19.171842036 -0800 ++++ ./esc/src/lib/nss-http-client/HttpClientNss.h 2019-01-10 16:47:37.786752798 -0800 +@@ -33,12 +33,19 @@ public: + PSHttpRequest * _request; + PSHttpResponse* _response; + +- PSHttpResponse *httpSendChunked(char *host_port, char *uri, char *method, char *body,PSChunkedResponseCallback cb,void *uw,PRBool doSSL = PR_FALSE,int messageTimeout =30); +- ++ PSHttpResponse *httpSendChunked(char *host_port, char *uri, char *method, ++ char *body, PSChunkedResponseCallback cb, void *uw, PRBool doSSL = ++ PR_FALSE, int messageTimeout = 30); ++ PSHttpResponse *httpSend(char *host_port,const char *uri, char *method, ++ char *body, PRBool doSSL = PR_FALSE, int messageTimeout = 30); + PRBool sendChunkedEntityData(int body_len,unsigned char * body); + HttpEngine *getEngine() { return _engine;} + + void CloseConnection(); ++ ++private: ++ void extractHost(char *host_port, char *host, int hostLen); ++ int getFamily(char *hostName); + }; + + #endif +diff -up ./esc/src/lib/nss-http-client/NssHttpClient.cpp.fix4 ./esc/src/lib/nss-http-client/NssHttpClient.cpp +--- ./esc/src/lib/nss-http-client/NssHttpClient.cpp.fix4 2019-01-10 16:48:14.117578626 -0800 ++++ ./esc/src/lib/nss-http-client/NssHttpClient.cpp 2019-01-10 16:48:29.082506883 -0800 +@@ -156,46 +156,93 @@ NSS_HTTP_CLIENT_API NSS_HTTP_RESULT http + return 1; + } + +-NSS_HTTP_CLIENT_API NSS_HTTP_RESULT httpSendChunked(char *host_port, char *uri, char *method, char *body,NSChunkedResponseCallback cb,void *cb_uw,NSS_HTTP_HANDLE handle,PRBool doSSL, int messageTimeout ) +-{ +- NSS_HTTP_RESULT res = 0; +- +- if(!clientTableLock) +- { +- return res; +- } +- +- if(!handle) +- { +- return res; +- } +- +- PR_Lock(clientTableLock); +- +- HttpClientNss *client = NULL; +- +- client = client_table[handle]; +- +- if(!client) +- { +- PR_Unlock(clientTableLock); +- return res; +- } +- +- PR_Unlock(clientTableLock); +- +- PSHttpResponse * resp = client->httpSendChunked(host_port,uri,method,body,cb,cb_uw,doSSL,messageTimeout); +- +- if(!resp) +- { +- res = 0; +- } +- else +- { +- res = 1; +- } ++NSS_HTTP_CLIENT_API char * httpSend(char *host_port,const char *uri, ++ char *method, char *body, NSS_HTTP_HANDLE handle, PRBool doSSL, ++ int messageTimeout) { + +- return res; ++ char *res = 0; ++ ++ if(host_port == NULL || uri == NULL) { ++ return NULL; ++ } ++ ++ if (!clientTableLock) { ++ return res; ++ } ++ ++ if (!handle) { ++ return res; ++ } ++ ++ PR_Lock(clientTableLock); ++ ++ HttpClientNss *client = NULL; ++ ++ client = client_table[handle]; ++ ++ if (!client) { ++ PR_Unlock(clientTableLock); ++ return res; ++ } ++ ++ PR_Unlock(clientTableLock); ++ ++ PSHttpResponse *resp = client->httpSend(host_port, uri, method, ++ NULL, doSSL, messageTimeout); ++ ++ int retCode = 0; ++ if (!resp) { ++ res = NULL; ++ } else { ++ retCode = resp->getReturnCode(); ++ ++ if(retCode != 200) { ++ return NULL; ++ } ++ ++ res = resp->getContent(); ++ } ++ ++ return res; ++ ++} ++ ++NSS_HTTP_CLIENT_API NSS_HTTP_RESULT httpSendChunked(char *host_port, char *uri, ++ char *method, char *body, NSChunkedResponseCallback cb, void *cb_uw, ++ NSS_HTTP_HANDLE handle, PRBool doSSL, int messageTimeout) { ++ NSS_HTTP_RESULT res = 0; ++ ++ if (!clientTableLock) { ++ return res; ++ } ++ ++ if (!handle) { ++ return res; ++ } ++ ++ PR_Lock(clientTableLock); ++ ++ HttpClientNss *client = NULL; ++ ++ client = client_table[handle]; ++ ++ if (!client) { ++ PR_Unlock(clientTableLock); ++ return res; ++ } ++ ++ PR_Unlock(clientTableLock); ++ ++ PSHttpResponse * resp = client->httpSendChunked(host_port, uri, method, ++ body, cb, cb_uw, doSSL, messageTimeout); ++ ++ if (!resp) { ++ res = 0; ++ } else { ++ res = 1; ++ } ++ ++ return res; + } + + NSS_HTTP_CLIENT_API NSS_HTTP_RESULT sendChunkedEntityData(int body_len,unsigned char *body,NSS_HTTP_HANDLE handle) +diff -up ./esc/src/lib/nss-http-client/NssHttpClient.h.fix4 ./esc/src/lib/nss-http-client/NssHttpClient.h +--- ./esc/src/lib/nss-http-client/NssHttpClient.h.fix4 2019-01-10 17:28:26.200053405 -0800 ++++ ./esc/src/lib/nss-http-client/NssHttpClient.h 2019-01-10 17:28:49.771941100 -0800 +@@ -28,6 +28,7 @@ + + #include "nspr.h" + ++#include "response.h" + #define NSS_HTTP_CLIENT_API + + #define NSS_HTTP_CHUNK_COMPLETE 1 +@@ -45,9 +46,17 @@ NSS_HTTP_CLIENT_API NSS_HTTP_HANDLE http + + NSS_HTTP_CLIENT_API NSS_HTTP_RESULT httpDestroyClient(NSS_HTTP_HANDLE handle); + +-NSS_HTTP_CLIENT_API NSS_HTTP_RESULT httpSendChunked(char *host_port, char *uri, char *method, char *body,NSChunkedResponseCallback cb,void *cb_uw,NSS_HTTP_HANDLE handle,PRBool doSSL = PR_FALSE,int messageTimeout = 30); ++NSS_HTTP_CLIENT_API NSS_HTTP_RESULT httpSendChunked(char *host_port, char *uri, ++ char *method, char *body, NSChunkedResponseCallback cb, void *cb_uw, ++ NSS_HTTP_HANDLE handle, PRBool doSSL = PR_FALSE, ++ int messageTimeout = 30); ++ ++NSS_HTTP_CLIENT_API char * httpSend(char *host_port,const char *uri, ++ char *method, char *body, NSS_HTTP_HANDLE handle, PRBool doSSL = ++ PR_FALSE, int messageTimeout = 30); + +-NSS_HTTP_CLIENT_API NSS_HTTP_RESULT sendChunkedEntityData(int body_len,unsigned char *body,NSS_HTTP_HANDLE handle); ++NSS_HTTP_CLIENT_API NSS_HTTP_RESULT sendChunkedEntityData(int body_len, ++ unsigned char *body, NSS_HTTP_HANDLE handle); + + NSS_HTTP_CLIENT_API NSS_HTTP_RESULT httpCloseConnection(NSS_HTTP_HANDLE handle); + +diff -up ./esc/src/lib/nss-http-client/response.cpp.fix4 ./esc/src/lib/nss-http-client/response.cpp +--- ./esc/src/lib/nss-http-client/response.cpp.fix4 2019-01-10 16:49:06.754326282 -0800 ++++ ./esc/src/lib/nss-http-client/response.cpp 2019-01-10 16:49:15.049286517 -0800 +@@ -52,6 +52,7 @@ RecvBuf::RecvBuf( const PRFileDesc *sock + _socket = socket; + _allocSize = size; + _buf = (char *)PR_Malloc(size); ++ _buf[size -1 ] = 0; + _curPos = 0; + _curSize = 0; + // sns can't do "chunked", but ca needs "chunked" +@@ -198,7 +199,11 @@ int RecvBuf::getAllContent() { + if (_buf[i+1] == '\n' && _buf[i+2] == '\r' + && _buf[i+3] == '\n') { + // find content length +- char *clen = strstr(_buf, "Content-length:"); ++ char *clen = NULL; ++ clen = strstr(_buf, "Content-length:"); ++ if(!clen) { ++ clen = strstr(_buf,"Content-Length:"); ++ } + if (clen != NULL) { + clen = &clen[16]; + while (1) { +@@ -859,6 +864,7 @@ PRBool PSHttpResponse::processResponse(P + + // Get status string + int index = 0; ++ PRBool inName = PR_TRUE; + do { + char ch = buf.getChar(); + if ( ch != -1 && ch != '\r' ) { +@@ -880,15 +886,14 @@ PRBool PSHttpResponse::processResponse(P + + // loop over response headers + index = 0; +-//#ifdef CHECK + PRBool doneParsing = PR_FALSE; + PRBool atEOL = PR_FALSE; +- PRBool inName = PR_TRUE; ++ inName = PR_TRUE; + char name[2048]; ++ char value[2048]; + int nameLen = sizeof(name); + + while ( !doneParsing ) { +- char value[2048]; + int valueLen = sizeof(value); + char ch = buf.getChar(); + +@@ -901,15 +906,8 @@ PRBool PSHttpResponse::processResponse(P + + nRead = readHeader( buf, value, valueLen ); + if ( nRead < 0 ) { +- +- // return PR_FALSE; +- } else { +- // value[index++] = ch; +- if ( index >= (int)(sizeof(value) - 1 ) ) { +- +- // return PR_FALSE; +- } +- } ++ return PR_FALSE; ++ } + break; + case '\r': + if ( inName && !atEOL ) { +@@ -928,6 +926,7 @@ PRBool PSHttpResponse::processResponse(P + + // return PR_FALSE; + } ++ + value[index] = '\0'; + index = 0; + inName = PR_TRUE; +@@ -936,25 +935,29 @@ PRBool PSHttpResponse::processResponse(P + break; + default: + atEOL = PR_FALSE; +- if (inName) { +- name[index++] = ch; +- } else { +- value[index++] = ch; +- } +- if ( inName && (index >= (nameLen-2)) ) { +- name[index] = '\0'; ++ if (inName == PR_TRUE) { + +- // return PR_FALSE; +- } else if ( !inName && (index >= (valueLen-1)) ) { ++ if(index >= (nameLen -2)) { ++ return false; ++ } else { ++ name[index++] = ch; ++ } ++ } ++ ++ if (inName == PR_FALSE) { ++ ++ if(index >= (valueLen - 1)) { ++ return false; ++ } else { ++ value[index++] = ch; ++ } ++ } + +- // return PR_FALSE; +- } + break; + } + } + + } //while +-//#endif //CHECK + } catch ( RecvBuf::EndOfFile & ) { + if ( !_request->isHangupOk() ) { + diff --git a/SOURCES/esc-1.1.2-fix5.patch b/SOURCES/esc-1.1.2-fix5.patch new file mode 100644 index 0000000..c63a53d --- /dev/null +++ b/SOURCES/esc-1.1.2-fix5.patch @@ -0,0 +1,12 @@ +diff -up ./esc/src/lib/nss-http-client/httpClientNss.cpp.fix5 ./esc/src/lib/nss-http-client/httpClientNss.cpp +--- ./esc/src/lib/nss-http-client/httpClientNss.cpp.fix5 2019-10-29 11:16:36.042807434 -0700 ++++ ./esc/src/lib/nss-http-client/httpClientNss.cpp 2019-10-29 11:18:22.169301918 -0700 +@@ -172,6 +172,8 @@ PSHttpResponse *HttpClientNss::httpSendC + + request.addHeader( "Content-Type", "text/plain" ); + ++ request.setMethod(method); ++ + if(cb) + { + request.setChunkedCallback(cb); diff --git a/SOURCES/esc-1.1.2-fix6.patch b/SOURCES/esc-1.1.2-fix6.patch new file mode 100644 index 0000000..4931566 --- /dev/null +++ b/SOURCES/esc-1.1.2-fix6.patch @@ -0,0 +1,250 @@ +diff -up ./esc/src/app/opensc.esc.conf.fix6 ./esc/src/app/opensc.esc.conf +--- ./esc/src/app/opensc.esc.conf.fix6 2019-11-14 18:19:13.343923930 -0800 ++++ ./esc/src/app/opensc.esc.conf 2019-11-15 11:30:01.967034720 -0800 +@@ -26,6 +26,11 @@ app default { + # Default: stderr + # + #debug_file = /tmp/opensc.log; ++ # sc650 scp01 (older version) ++ card_atr ++ 3B:FF:14:00:FF:81:31:FE:45:80:25:A0:00:00:00:56:57:53:43:36:35:30:03:02:39 { ++ pkcs11_enable_InitToken = yes; ++ } + + card_atr + 3B:FF:14:00:FF:81:31:FE:45:80:25:A0:00:00:00:56:57:53:43:36:35:30:03:03:38 { +@@ -52,12 +57,31 @@ app default { + pkcs11_enable_InitToken = yes; + } + ++ card_atr ++ 3B:95:95:40:FF:AE:01:03:00:00 { ++ pkcs11_enable_InitToken = yes; ++ } ++ ++ ++ #g&d 6.0 smart cafe scp03 + + card_atr + 3B:FE:18:00:00:80:31:FE:45:53:43:45:36:30:2D:43:44:30:38:31:2D:6E:46:A9 { + pkcs11_enable_InitToken = yes; + } + ++ #g&d 7.0 smart cafe scp03 ++ card_atr ++ 3B:F9:96:00:00:80:31:FE:45:53:43:45:37:20:03:00:20:46:42 { ++ pkcs11_enable_InitToken = yes; ++ } ++ ++ #sc650 scp03 ++ ++ card_atr ++ 3B:FF:14:00:FF:81:31:FE:45:80:25:A0:00:00:00:56:57:53:43:36:35:30:04:02:3E { ++ pkcs11_enable_InitToken = yes; ++ } + + reader_driver ctapi { + } +diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix6 ./esc/src/lib/coolkey/CoolKey.cpp +--- ./esc/src/lib/coolkey/CoolKey.cpp.fix6 2019-11-13 18:30:45.454938214 -0800 ++++ ./esc/src/lib/coolkey/CoolKey.cpp 2019-11-14 18:16:49.078377331 -0800 +@@ -542,6 +542,67 @@ done: + + + } ++/* Return the full reader name since nss can't seem to give us the whole name ++ * when the length is longer than 65 chars. ++ * Caller has to free the returned string. ++ */ ++char *CoolKeyGetFullReaderName(const char *nssReaderName) ++{ ++ char* fullReaderName = NULL; ++ CKYReaderNameList readerNames; ++ CKYCardContext *cardCtxt = NULL; ++ CKYStatus ret = CKYSCARDERR; ++ int readerCount = 0; ++ char tBuff[56]; ++ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s CoolKeyGetFullReaderName entering:\n",GetTStamp(tBuff,56))); ++ ++ if(nssReaderName == NULL) { ++ goto done; ++ } ++ ++ cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER); ++ if (!cardCtxt) { ++ goto done; ++ } ++ ++ ret = CKYCardContext_ListReaders(cardCtxt, &readerNames); ++ if (ret != CKYSUCCESS) { ++ goto done; ++ } ++ ++ readerCount = CKYReaderNameList_GetCount(readerNames); ++ ++ /* none found, return success */ ++ if (readerCount == 0) { ++ goto done; ++ } ++ ++ /* step through reader list to match to our possible partial reader name from nss. */ ++ for (int i=0; i < readerCount ; i++) { ++ const char *thisReader = CKYReaderNameList_GetValue(readerNames, i); ++ ++ const char *match = strstr(thisReader, nssReaderName ); ++ if(match == NULL) { ++ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s CoolKeyGetFullReaderName reader: %s not the one. \n",thisReader,GetTStamp(tBuff,56))); ++ ++ } else { ++ fullReaderName = strdup(thisReader); ++ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s CoolKeyGetFullReaderName correct full name: %s \n",fullReaderName,GetTStamp(tBuff,56))); ++ } ++ } ++ ++done: ++ ++ if (cardCtxt) { ++ CKYCardContext_Destroy(cardCtxt); ++ } ++ ++ if(readerNames) { ++ CKYReaderNameList_Destroy(readerNames); ++ } ++ return fullReaderName; ++ ++} + + HRESULT CoolKeyGetATRDirectly(char *aBuff, int aBuffLen,const char *readerName) { + +diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix6 ./esc/src/lib/coolkey/CoolKeyHandler.cpp +--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix6 2019-11-13 18:30:59.934918507 -0800 ++++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2019-11-14 17:16:03.946077277 -0800 +@@ -2209,10 +2209,10 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + SECStatus status; + HRESULT hres,atrRes,cuidRes,cycleRes; + +- CKYBuffer cardATR; +- CKYBuffer_InitEmpty(&cardATR); + char *readerName = PK11_GetSlotName(aSlot); +- ++ ++ char *actualReaderName = CoolKeyGetFullReaderName(readerName); ++ + memset((void *) &tokenInfo,0,sizeof(tokenInfo)); + ATR.data = NULL; // initialize for error processing + label.data = NULL; // initialize for error processing +@@ -2233,6 +2233,11 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + char cuidChar[100]; + memset((void*) cuidChar,0 ,sizeof(cuidChar)); + ++ if(actualReaderName == NULL) { ++ goto failed; ++ } ++ ++ + // get the CUID/Serial number (we *WILL* continue to need it ) + status = PK11_GetTokenInfo(aSlot,&tokenInfo); + if (status != SECSuccess) { +@@ -2242,7 +2247,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + tokenInfo.flags=0; //Ignore what opensc says, get the info ourselves later. + //Get the life cycle state: + +- cycleRes = CoolKeyGetLifeCycleDirectly(&lifeCycle,readerName); ++ cycleRes = CoolKeyGetLifeCycleDirectly(&lifeCycle,actualReaderName); + + if(lifeCycle == 0x7) { // applet only + hasApplet = 1; +@@ -2255,7 +2260,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + + //Let's see if we can get the ATR by force explicitly + +- atrRes = CoolKeyGetATRDirectly(atrChar,100,readerName); ++ atrRes = CoolKeyGetATRDirectly(atrChar,100,actualReaderName); + + if(atrRes == E_FAIL) { + goto failed; +@@ -2310,7 +2315,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + + info->mInfoFlags = MapGetFlags(&tokenInfo); + +- info->mReaderName = strdup(readerName); ++ info->mReaderName = strdup(actualReaderName); + + info->mCUID = (char *)malloc(35); /* should be a define ! */ + +@@ -2361,6 +2366,9 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + + SECITEM_FreeItem(&label,PR_FALSE); + ++ if(actualReaderName) { ++ free(actualReaderName); ++ } + info->mSlot = PK11_ReferenceSlot(aSlot); + info->mSeries = PK11_GetSlotSeries(aSlot); + return info; +@@ -2372,7 +2380,9 @@ failed: + if (info) { + delete info; + } +- +- CKYBuffer_FreeData(&cardATR); ++ if (actualReaderName) { ++ free(actualReaderName); ++ } ++ + return NULL; + } +diff -up ./esc/src/lib/coolkey/CoolKey.h.fix6 ./esc/src/lib/coolkey/CoolKey.h +--- ./esc/src/lib/coolkey/CoolKey.h.fix6 2019-11-13 18:30:37.263949374 -0800 ++++ ./esc/src/lib/coolkey/CoolKey.h 2019-11-14 17:15:23.216143691 -0800 +@@ -300,6 +300,7 @@ HRESULT CoolKeyGetATRDirectly(char *aBuf + HRESULT CoolKeyGetCUIDDirectly(char *aBuff, int aBuffLen, const char *readerName); + HRESULT CoolKeyGetCPLCDataDirectly(CKYAppletRespGetCPLCData *cplc,const char *readerName); + HRESULT CoolKeyGetLifeCycleDirectly(CKYByte *personalized,const char *readerName); ++char *CoolKeyGetFullReaderName(const char *nssReaderName); + + } + +diff -up ./esc/src/lib/coolkey/NSSManager.cpp.fix6 ./esc/src/lib/coolkey/NSSManager.cpp +--- ./esc/src/lib/coolkey/NSSManager.cpp.fix6 2019-11-14 17:21:14.596622085 -0800 ++++ ./esc/src/lib/coolkey/NSSManager.cpp 2019-11-14 18:24:25.461109006 -0800 +@@ -402,7 +402,8 @@ HRESULT NSSManager::GetKeyIssuer(const C + + if(cert) + { +- if(cert->slot == slot) ++ int not_equal = strncmp(PK11_GetSlotName(slot), PK11_GetSlotName(cert->slot),65); ++ if(not_equal == 0) + { + if(IsCACert(cert)) + { +@@ -478,7 +479,8 @@ HRESULT NSSManager::GetKeyUID(const Cool + + if(cert) + { +- if(cert->slot == slot) ++ int not_equal = strncmp(PK11_GetSlotName(slot), PK11_GetSlotName(cert->slot),65); ++ if(not_equal == 0) + { + if(IsCACert(cert)) + { +@@ -557,7 +559,8 @@ HRESULT NSSManager::GetKeyIssuedTo(const + + if(cert) + { +- if(cert->slot == slot) ++ int not_equal = strncmp(PK11_GetSlotName(slot), PK11_GetSlotName(cert->slot),65); ++ if(not_equal == 0) + { + if(IsCACert(cert)) + { +@@ -643,7 +646,8 @@ HRESULT NSSManager::GetKeyCertInfo(const + CERTCertificate *cert = node->cert; + if(cert) + { +- if(cert->slot == slot) ++ int not_equal = strncmp(PK11_GetSlotName(slot), PK11_GetSlotName(cert->slot),65); ++ if(not_equal == 0) + { + if(!strcmp(cert->nickname,aCertNickname)) + { diff --git a/SOURCES/esc-1.1.2-fix7.patch b/SOURCES/esc-1.1.2-fix7.patch new file mode 100644 index 0000000..6150024 --- /dev/null +++ b/SOURCES/esc-1.1.2-fix7.patch @@ -0,0 +1,343 @@ +diff -up ./esc/src/app/esc.js.fix7 ./esc/src/app/esc.js +--- ./esc/src/app/esc.js.fix7 2020-05-30 18:57:40.423388032 -0700 ++++ ./esc/src/app/esc.js 2020-05-30 19:01:40.769955310 -0700 +@@ -30,6 +30,12 @@ const ESC_CONFIG_FILE_NAME = "esc.conf"; + const ESC_CONFIG_GROUP = "ESC"; + const ESC_PWORD_FILE = "pword"; + ++const STATUS_ENROLLED="Enrolled"; ++const STATUS_FORMATTED="Formatted"; ++const STATUS_UNFORMATTED="Unformatted"; ++const STATUS_UNKNOWN="Unknown"; ++const FORMATTED_CODE=2; ++ + const UNKNOWN_LABEL = "unknown"; + const CoolKeyNotifyIface = ' \ + \ +@@ -185,17 +191,17 @@ class ESC { + _getStatusString(intStatus) { + switch(intStatus) { + case 4: +- return "enrolled"; ++ return STATUS_ENROLLED; + break; + + case 2: +- return "uninitialized"; ++ return STATUS_FORMATTED; + break; + case 1: +- return "unknown"; ++ return STATUS_UNFORMATTED; + break; + default: +- return "unknown"; ++ return STATUS_UNKNOWN; + break; + } + } +@@ -216,14 +222,30 @@ class ESC { + let issuer = inserted.issuer; + let issuedTo = inserted.issued_to; + ++ let cachedIssuer = null; ++ ++ if(inserted.is_a_cool_key) { ++ cachedIssuer = this._phoneHomeMgr.getCachedIssuer(aKeyID); ++ } ++ ++ if(cachedIssuer != null) { ++ issuer = cachedIssuer; ++ } ++ + if(issuer == null || issuer.length == 0) { +- issuer = "unknown"; ++ issuer = STATUS_UNKNOWN; + } + if(issuedTo == null || issuedTo.length == 0) { +- issuedTo = "unknown"; ++ issuedTo = STATUS_UNKNOWN; + } ++ let newStatus = inserted.status; ++ ++ if(newStatus == FORMATTED_CODE) { ++ issuedTo = STATUS_UNKNOWN; ++ } ++ + this._tokenStore.set (this._tokenStore.append(), [0, 1, 2, 3, 4], +- [issuer, issuedTo, this._getStatusString(inserted.status), aKeyID,aKeyType]); ++ [issuer, issuedTo, this._getStatusString(newStatus), aKeyID,aKeyType]); + + let [ isSelected, iter] = this._tokenStore.get_iter_first(); + +diff -up ./esc/src/app/opensc.esc.conf.fix7 ./esc/src/app/opensc.esc.conf +--- ./esc/src/app/opensc.esc.conf.fix7 2020-05-30 18:54:14.079618060 -0700 ++++ ./esc/src/app/opensc.esc.conf 2020-05-30 19:02:16.191744158 -0700 +@@ -89,12 +89,12 @@ app default { + } + reader_driver openct { + }; +- card_drivers = coolkey, cac, piv, default; ++ card_drivers = coolkey, cac,cac1, piv, default; + secure_messaging local_authentic { + module_path = /usr/lib64; + } + framework pkcs15 { +- builtin_emulators = coolkey, cac, piv; ++ builtin_emulators = coolkey, cac, cac1, piv; + } + } + app opensc-pkcs11 { +diff -up ./esc/src/app/operationDialog.js.fix7 ./esc/src/app/operationDialog.js +--- ./esc/src/app/operationDialog.js.fix7 2020-05-30 18:54:48.700411683 -0700 ++++ ./esc/src/app/operationDialog.js 2020-05-30 19:03:01.354474940 -0700 +@@ -47,34 +47,32 @@ operationDialog.prototype = { + if(tokenInfo == null) { + this.app_alert("Invalid Token!"); + } +- this.dialog = new Gtk.Dialog ({ transient_for: this.app._window, +- modal: true,deletable: false, +- title: TOKEN_OPERATION, border_width: 10 }); + + this.operation = operation; + this.tokenInfo = tokenInfo; + + let opMessage = ""; + if(this.operation == OP_FORMAT) { +- opMessage = "Format Smart Card"; ++ opMessage = "Format Smart Card:"; + + } else if(this.operation == OP_ENROLL) { +- opMessage = "Enroll Smart Card"; ++ opMessage = "Enroll Smart Card:"; + } else if(this.operation == OP_PIN_RESET) { +- opMessage = "Reset Smart Card Pin"; ++ opMessage = "Reset Smart Card Pin:"; + } else { + this.app._alert("operationdDialog: Invalid operation!"); + return; + } + ++ this.dialog = new Gtk.Dialog ({ transient_for: this.app._window, ++ modal: true,deletable: false, ++ title: TOKEN_OPERATION, border_width: 10 }); ++ + this.area = this.dialog.get_content_area(); + this.grid = new Gtk.Grid ({row_spacing: 20, column_spacing: 20}); + +- this.message = new Gtk.Label ({label: opMessage}); +- this.area.add (this.message); +- + //this.throbberImage = new Gtk.Image({file: this.app._currentDir + "/" + "throbber-anim5.gif"}); +- ++ this.label = new Gtk.Label({label: opMessage}); + this.progressBar = new Gtk.ProgressBar ({ valign: Gtk.Align.CENTER }); + this.progressBar.set_fraction(0.0); + +@@ -86,15 +84,16 @@ operationDialog.prototype = { + this.ldapUserLabel = new Gtk.Label({label: "Ldap User:"}); + this.ldapUserBox = new Gtk.Entry(); + +- this.grid.attach(this.ldapUserLabel, 0, 0, 1,1); +- this.grid.attach(this.ldapUserBox,1, 0,1,1); ++ this.grid.attach(this.label,0,0,1,1); ++ this.grid.attach(this.ldapUserLabel, 0, 1, 1,1); ++ this.grid.attach(this.ldapUserBox,1, 1,1,1); + + this.ldapPasswordLabel = new Gtk.Label({label: "Ldap Password:"}); + this.ldapPasswordBox = new Gtk.Entry(); + this.ldapPasswordBox.set_visibility(false); + +- this.grid.attach(this.ldapPasswordLabel,2,0,1,1); +- this.grid.attach(this.ldapPasswordBox,3,0,1,1); ++ this.grid.attach(this.ldapPasswordLabel,2,1,1,1); ++ this.grid.attach(this.ldapPasswordBox,3,1,1,1); + + if(this.operation != OP_FORMAT ) { + +@@ -106,10 +105,10 @@ operationDialog.prototype = { + this.confirmPinBox = new Gtk.Entry(); + this.confirmPinBox.set_visibility(false); + +- this.grid.attach(this.newpinLabel, 0,1,1,1); +- this.grid.attach(this.newpinBox,1,1,1,1); +- this.grid.attach(this.confirmPinLabel,2,1,1,1); +- this.grid.attach(this.confirmPinBox,3,1,1,1); ++ this.grid.attach(this.newpinLabel, 0,2,1,1); ++ this.grid.attach(this.newpinBox,1,2,1,1); ++ this.grid.attach(this.confirmPinLabel,2,2,1,1); ++ this.grid.attach(this.confirmPinBox,3,2,1,1); + } + + this.oKButton = new Gtk.Button ({label: OpLabels[this.operation]}); +@@ -117,11 +116,11 @@ operationDialog.prototype = { + this.dismissButton = new Gtk.Button({label: "Cancel" }); + + //this.grid.attach(this.throbberImage,0,2,1,1); +- this.grid.attach(this.progressLabel, 0,2,1,1); ++ this.grid.attach(this.progressLabel, 0,3,1,1); + //this.throbberImage.hide(); +- this.grid.attach(this.progressBar, 1,2,1,1); +- this.grid.attach (this.oKButton,2,2,1,1); +- this.grid.attach (this.dismissButton,3,2,1,1); ++ this.grid.attach(this.progressBar, 1,3,1,1); ++ this.grid.attach (this.oKButton,2,3,1,1); ++ this.grid.attach (this.dismissButton,3,3,1,1); + + // Connect the button to the function that handles what it does + this.oKButton.connect ("clicked", this.oKHandler.bind(this)); +diff -up ./esc/src/app/phoneHome.js.fix7 ./esc/src/app/phoneHome.js +--- ./esc/src/app/phoneHome.js.fix7 2020-05-30 18:55:43.223086670 -0700 ++++ ./esc/src/app/phoneHome.js 2020-05-30 19:03:49.787186230 -0700 +@@ -93,7 +93,7 @@ phoneHome.prototype = { + + this.phArea = this.phDialog.get_content_area(); + this.phMessage = new Gtk.Label ({label: "Enter url: ex: http://test.host.com:8080/tps/phoneHome"}); +- this.phArea.add (this.phMessage); ++ //this.phArea.add (this.phMessage); + + this.phActionArea = this.phDialog.get_action_area(); + this.phUrlBox = new Gtk.Entry({width_chars: 35}); +@@ -108,9 +108,9 @@ phoneHome.prototype = { + this.phActionArea.add(this.phGrid); + + this.phOKButton = Gtk.Button.new_from_stock (Gtk.STOCK_OK); +- +- this.phGrid.attach(this.phUrlBox, 0, 0, 1,1); +- this.phGrid.attach(this.phOKButton,1, 0,1,1); ++ this.phGrid.add(this.phMessage); ++ this.phGrid.attach(this.phUrlBox, 0, 1, 1,1); ++ this.phGrid.attach(this.phOKButton,1, 1,1,1); + + // Connect the button to the function that handles what it does + this.phOKButton.connect ("clicked", this.phoneHomeOKHandler.bind(this)); +@@ -228,9 +228,9 @@ phoneHome.prototype = { + if(!aKeyID) + return null; + +- var issuerValue = this.app._configValueWithKeyID(aKeyID,KEY_ISSUER); ++ let issuerValue = this.app._configValueWithKeyID(aKeyID,KEY_ISSUER); + +- if(!issuerValue) ++ if(issuerValue == null) + return null; + + issuer = this.app._getConfigValue(issuerValue); +diff -up ./esc/src/app/pinDialog.js.fix7 ./esc/src/app/pinDialog.js +--- ./esc/src/app/pinDialog.js.fix7 2020-05-30 18:55:09.395288320 -0700 ++++ ./esc/src/app/pinDialog.js 2020-05-30 19:04:51.380819066 -0700 +@@ -36,16 +36,15 @@ pinDialog.prototype = { + launchPinPrompt: function(notify) { + + this.notify = notify; ++ this.message = "Token Pin Entry"; + this.dialog = new Gtk.Dialog ({ transient_for: this.app._window, + modal: true, + expand: false, +- title: PIN_OPERATION ,border_width: 20, deletable: false }); ++ title: this.message ,border_width: 20, deletable: false }); + + this.area = this.dialog.get_content_area(); + this.grid = new Gtk.Grid ({row_spacing: 10, column_spacing: 20}); + +- this.message = new Gtk.Label ({label: "Enter Token Pin"}); +- this.area.add (this.message); + + this.actionArea = this.dialog.get_action_area(); + this.pinBox = new Gtk.Entry(); +diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix7 ./esc/src/lib/coolkey/CoolKey.cpp +--- ./esc/src/lib/coolkey/CoolKey.cpp.fix7 2020-05-30 18:56:35.827773090 -0700 ++++ ./esc/src/lib/coolkey/CoolKey.cpp 2020-05-30 19:05:30.561585507 -0700 +@@ -511,6 +511,11 @@ HRESULT CoolKeyGetCUIDDirectly(char *aBu + + CKYCardConnection_BeginTransaction(conn); + ++ status = CKYApplet_SelectCardManager(conn, &apduRC); ++ if (status != CKYSUCCESS) { ++ goto done; ++ } ++ + status = CKYApplet_GetCUID(conn, &cuid, &apduRC); + if (status != CKYSUCCESS) { + goto done; +@@ -764,7 +769,6 @@ HRESULT CoolKeyGetCPLCDataDirectly(CKYAp + } + + CKYCardConnection_BeginTransaction(conn); +- unsigned long state; + + status = CKYApplet_SelectCardManager(conn, &apduRC); + if (status != CKYSUCCESS) { +diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix7 ./esc/src/lib/coolkey/CoolKeyHandler.cpp +--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix7 2020-05-30 18:56:56.511649792 -0700 ++++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-05-30 19:06:21.955279145 -0700 +@@ -2157,11 +2157,22 @@ copySerialNumber(char *dest, const char + // it will probably have Dashes and store in lower case some time in the + // future. + // +-static HRESULT ++static HRESULT + getCUIDFromTokenInfo(CK_TOKEN_INFO *tokenInfo, char *tokenSerialNumber) + { ++ const int minCUIDLen = 18; ++ + char *cp = tokenSerialNumber; + ++ if( tokenSerialNumber == NULL) { ++ return E_FAIL; ++ } ++ ++ if(tokenInfo == NULL) { ++ *cp = 0; ++ return E_FAIL; ++ } ++ + if (isxdigit(tokenInfo->manufacturerID[0]) && + isxdigit(tokenInfo->manufacturerID[1]) && + isxdigit(tokenInfo->manufacturerID[2]) && +@@ -2181,6 +2192,10 @@ getCUIDFromTokenInfo(CK_TOKEN_INFO *toke + } + *cp=0; + ++ if( strlen(tokenSerialNumber) < minCUIDLen) { ++ return E_FAIL; ++ } ++ + return S_OK; + } + +@@ -2207,7 +2222,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + CK_TOKEN_INFO tokenInfo; + CoolKeyInfo *info = NULL; + SECStatus status; +- HRESULT hres,atrRes,cuidRes,cycleRes; ++ HRESULT hres,atrRes,cycleRes,cuidRes; + + char *readerName = PK11_GetSlotName(aSlot); + +@@ -2327,22 +2342,16 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + goto failed; + } + +- hres = getCUIDFromTokenInfo(&tokenInfo, info->mCUID); +- /* shouldn't the be != S_SUCCESS? */ +- if (hres == E_FAIL) { +- goto failed; +- } +- ++ cuidRes = getCUIDFromTokenInfo(&tokenInfo, info->mCUID); + //Check for blank cuid and put something there + +- if(isACOOLKey && strlen(info->mCUID) == 0 ) +- { ++ if(isACOOLKey && cuidRes == E_FAIL) { + //Let's try to get the cuid directly from the token. + + cuidRes = CoolKeyGetCUIDDirectly(cuidChar, 100, readerName); + + if(cuidRes != S_OK) { +- strcpy(info->mCUID, "blank-token"); ++ strcpy(info->mCUID, "unknown"); + } else { + strcpy(info->mCUID, cuidChar); + } diff --git a/SOURCES/esc-1.1.2-fix8.patch b/SOURCES/esc-1.1.2-fix8.patch new file mode 100644 index 0000000..4231b9b --- /dev/null +++ b/SOURCES/esc-1.1.2-fix8.patch @@ -0,0 +1,60 @@ +diff -up ./esc/src/app/opensc.esc.conf.fix8 ./esc/src/app/opensc.esc.conf +--- ./esc/src/app/opensc.esc.conf.fix8 2020-08-07 16:17:37.464650003 -0700 ++++ ./esc/src/app/opensc.esc.conf 2020-08-07 16:20:21.861957011 -0700 +@@ -89,12 +89,12 @@ app default { + } + reader_driver openct { + }; +- card_drivers = coolkey, cac,cac1, piv, default; ++ card_drivers = coolkey, cac,cac1, PIV-II, default; + secure_messaging local_authentic { + module_path = /usr/lib64; + } + framework pkcs15 { +- builtin_emulators = coolkey, cac, cac1, piv; ++ builtin_emulators = coolkey, cac, cac1, PIV-II; + } + } + app opensc-pkcs11 { +diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix8 ./esc/src/lib/coolkey/CoolKey.cpp +--- ./esc/src/lib/coolkey/CoolKey.cpp.fix8 2020-08-07 12:05:35.982966019 -0700 ++++ ./esc/src/lib/coolkey/CoolKey.cpp 2020-08-07 16:08:16.747602873 -0700 +@@ -593,6 +593,7 @@ char *CoolKeyGetFullReaderName(const cha + } else { + fullReaderName = strdup(thisReader); + PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s CoolKeyGetFullReaderName correct full name: %s \n",fullReaderName,GetTStamp(tBuff,56))); ++ break; + } + } + +diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix8 ./esc/src/lib/coolkey/CoolKeyHandler.cpp +--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix8 2020-08-07 12:05:44.394982245 -0700 ++++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-08-07 16:10:35.504862004 -0700 +@@ -2225,8 +2225,17 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + HRESULT hres,atrRes,cycleRes,cuidRes; + + char *readerName = PK11_GetSlotName(aSlot); ++ int readerNameLen = strlen(readerName); + +- char *actualReaderName = CoolKeyGetFullReaderName(readerName); ++ //Since there is no local support to get a reader name by slot, ++ //Will simply do a partial substring compare, using less characters ++ //to avoid any hard coded trailing chars. ++ ++ char partialReaderName[60]; ++ memset(partialReaderName, 0, 60); ++ ++ strncpy(partialReaderName,readerName, 59); ++ char *actualReaderName = CoolKeyGetFullReaderName(partialReaderName); + + memset((void *) &tokenInfo,0,sizeof(tokenInfo)); + ATR.data = NULL; // initialize for error processing +@@ -2348,7 +2357,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + if(isACOOLKey && cuidRes == E_FAIL) { + //Let's try to get the cuid directly from the token. + +- cuidRes = CoolKeyGetCUIDDirectly(cuidChar, 100, readerName); ++ cuidRes = CoolKeyGetCUIDDirectly(cuidChar, 100, actualReaderName); + + if(cuidRes != S_OK) { + strcpy(info->mCUID, "unknown"); diff --git a/SOURCES/esc-1.1.2-fix9.patch b/SOURCES/esc-1.1.2-fix9.patch new file mode 100644 index 0000000..0ddf203 --- /dev/null +++ b/SOURCES/esc-1.1.2-fix9.patch @@ -0,0 +1,41 @@ +diff -up ./esc/src/app/esc.js.fix9 ./esc/src/app/esc.js +--- ./esc/src/app/esc.js.fix9 2020-08-12 11:15:29.423093856 -0700 ++++ ./esc/src/app/esc.js 2020-08-12 11:43:47.646556310 -0700 +@@ -271,7 +271,6 @@ class ESC { + if(!insertedToken && !doReset) { + return; + } +- + if(doReset) { + this._operationsGrid.remove(this._phoneHomeButton); + this._operationsGrid.remove(this._enrollButton); +@@ -297,6 +296,12 @@ class ESC { + } + + this._operationsGrid.show_all(); ++ } else { ++ if(insertedToken.status == 4) { ++ this._operationsGrid.add(this._certDetailButton); ++ this._operationsGrid.show_all(); ++ ++ } + } + } + +diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix9 ./esc/src/lib/coolkey/CoolKeyHandler.cpp +--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix9 2020-08-12 10:59:24.844704399 -0700 ++++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-08-12 11:11:05.480713407 -0700 +@@ -2329,11 +2329,11 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co + } + + //Massage the tokenInfo so it adhered to when coolkey was doing it. +- if(hasApplet) { ++ if(hasApplet == 1 || isACAC == 1 || isAPIV == 1) { + tokenInfo.firmwareVersion.major = 1; + } + +- if(isPersonalized) { ++ if(isPersonalized == 1 || isACAC == 1 || isAPIV == 1) { + tokenInfo.flags |= CKF_TOKEN_INITIALIZED; + } + diff --git a/SOURCES/esc.desktop b/SOURCES/esc.desktop new file mode 100644 index 0000000..fedee49 --- /dev/null +++ b/SOURCES/esc.desktop @@ -0,0 +1,8 @@ +[Desktop Entry] +Type=Application +Encoding=UTF-8 +Name=Smart Card Manager +Comment=Enterprise Security Client Smart Card Manager +Categories=System;Application;SystemSetup;X-Red-Hat-Base; +Exec=esc +Icon=esc.png diff --git a/SPECS/esc.spec b/SPECS/esc.spec new file mode 100644 index 0000000..d16bf29 --- /dev/null +++ b/SPECS/esc.spec @@ -0,0 +1,394 @@ +Name: esc +Version: 1.1.2 +Release: 24%{?dist} +Summary: Enterprise Security Client Smart Card Client +License: GPL+ +URL: http://directory.fedora.redhat.com/wiki/CoolKey +Group: Applications/Internet + +#Fix to harden linker flags. +Patch1: esc-1.1.2-fix1.patch +Patch2: esc-1.1.2-fix2.patch +Patch3: esc-1.1.2-fix3.patch +Patch4: esc-1.1.2-fix4.patch +Patch5: esc-1.1.2-fix5.patch +Patch6: esc-1.1.2-fix6.patch +Patch7: esc-1.1.2-fix7.patch +Patch8: esc-1.1.2-fix8.patch +Patch9: esc-1.1.2-fix9.patch +Patch10: esc-1.1.2-fix10.patch +Patch11: esc-1.1.2-fix11.patch + + +#BuildRequires: doxygen fontconfig-devel +BuildRequires: glib2-devel atk-devel +BuildRequires: pkgconfig +BuildRequires: nspr-devel nss-devel nss-static +#BuildRequires: libX11-devel libXt-devel + +BuildRequires: pcsc-lite-devel +BuildRequires: desktop-file-utils +BuildRequires: pkgconfig(gconf-2.0) +BuildRequires: dbus-glib-devel +BuildRequires: glib2-devel +BuildRequires: opensc +BuildRequires: gobject-introspection-devel +BuildRequires: gtk3-devel +BuildRequires: gjs-devel + + +Requires: pcsc-lite >= 1.8.23-4.1 +Requires: pcsc-lite-ccid >= 1.4.29-5.1 +Requires: nss nspr +Requires: dbus +Requires: opensc +Requires: gjs +Requires: gobject-introspection +Requires: gtk3 +Requires: glib2 + +AutoReqProv: 0 + +%define debug_build 0 + +%define escname %{name}-%{version} +%define escdir %{_libdir}/%{escname} +%define escbindir %{_bindir} +%define esc_chromepath chrome/content/esc +%define appdir applications +%define icondir %{_datadir}/icons/hicolor/48x48/apps +%define esc_vendor esc +%define autostartdir %{_sysconfdir}/xdg/autostart +%define pixmapdir %{_datadir}/pixmaps +%define docdir %{_defaultdocdir}/%{name} + +Source0: http://pki.fedoraproject.org/pki/sources/%name/%{escname}.tar.bz2 +Source1: http://pki.fedoraproject.org/pki/sources/%name/esc +Source2: http://pki.fedoraproject.org/pki/sources/%name/esc.desktop +Source3: http://pki.fedoraproject.org/pki/sources/%name/esc.png + + +%description +Enterprise Security Client allows the user to enroll and manage their +cryptographic smartcards. + +%prep + +%setup -q -c -n %{escname} + +#patch esc + +%patch1 -p1 -b .fix1 +%patch2 -p1 -b .fix2 +%patch3 -p1 -b .fix3 +%patch4 -p1 -b .fix4 +%patch5 -p1 -b .fix5 +%patch6 -p1 -b .fix6 +%patch7 -p1 -b .fix7 +%patch8 -p1 -b .fix8 +%patch9 -p1 -b .fix9 +%patch10 -p1 -b .fix10 +%patch11 -p1 -b .fix11 + + +%build + +echo $RPM_BUILD_DIR + +echo "build section" $PWD +cd esc + +./autogen.sh +make +%install + +echo "install section" $PWD +cd esc +make DESTDIR=$RPM_BUILD_ROOT install + +mkdir -p $RPM_BUILD_ROOT/%{escbindir} +mkdir -p $RPM_BUILD_ROOT/%{icondir} +mkdir -p $RPM_BUILD_ROOT/%{_datadir}/%{appdir} +mkdir -p $RPM_BUILD_ROOT/%{pixmapdir} +mkdir -p $RPM_BUILD_ROOT/%{docdir} + +echo "dir: " $RPM_BUILD_ROOT/%{escbindir}/%{name} +sed -e 's;\$LIBDIR;'%{_libdir}';g' -e 's;\$VERSION;'%{version}';g' %{SOURCE1} > $RPM_BUILD_ROOT/%{escbindir}/%{name} +chmod 755 $RPM_BUILD_ROOT/%{escbindir}/%{name} + +mkdir -p $RPM_BUILD_ROOT/%{escdir} +mkdir -p $RPM_BUILD_ROOT/%{escdir}/lib + +cp $RPM_BUILD_ROOT/usr/local/bin/* $RPM_BUILD_ROOT/%{escdir} + +cp -rf $RPM_BUILD_ROOT/usr/local/lib $RPM_BUILD_ROOT/%{escdir} + +rm $RPM_BUILD_ROOT/%{escdir}/lib/*.a +rm $RPM_BUILD_ROOT/%{escdir}/lib/*.la + + +rm -rf $RPM_BUILD_ROOT/usr/local + +cp %{SOURCE3} $RPM_BUILD_ROOT/%{icondir} +ln -s $RPMBUILD_ROOT%{icondir}/esc.png $RPM_BUILD_ROOT/%{pixmapdir}/esc.png + +cp %{SOURCE2} $RPM_BUILD_ROOT/%{_datadir}/%{appdir} + +cd %{_builddir} +cp %{escname}/esc/LICENSE $RPM_BUILD_ROOT/%{docdir} + + +%files +%{!?_licensedir:%global license %%doc} +%license %{docdir}/LICENSE + +%{escbindir}/esc +%{escdir}/lib +%{escdir}/esc.js +%{escdir}/esc.properties +%{escdir}/operationDialog.js +%{escdir}/phoneHome.js +%{escdir}/pinDialog.js +%{escdir}/opensc.esc.conf + + +%{icondir}/esc.png +%{pixmapdir}/esc.png +%{_datadir}/%{appdir}/esc.desktop + +%changelog +* Fri Jun 24 2022 Jack Magne - 1.1.2-24 +- Resolves: rhbz#1905691 - Volkswagen Siemens CardOS M4.4 and 5.0 cards display incorrect status in ESC. +* Fri Jul 02 2021 Jack Magne - 1.1.2-23 +- Resolves: rhbz#1970565 - Create explicit pcsc-lite requrement to assure recent pcsc-lite fix [rhel-8.4.0.z], bump release # respin. +- Adjust final pcsc-lite package requirement. +* Fri Jun 25 2021 Jack Magne - 1.1.2-21 +- Resolves: rhbz#1970565 - Create explicit pcsc-lite requrement to assure recent pcsc-lite fix [rhel-8.4.0.z], bump release # respin. +* Thu Jun 24 2021 Jack Magne - 1.1.2-20 +- Resolves: rhbz#1970565 - Create explicit pcsc-lite requrement to assure recent pcsc-lite fix [rhel-8.4.0.z] +* Mon Nov 23 2020 Jack Magne - 1.1.2-15 +- Resolves: rhbz#1870715 - HP Keyboard does not list the certificates on an enrolled smart card. +* Fri Aug 07 2020 Jack Magne - 1.1.2-14 +- Resolves: rhbz#1848629 - Smartcard is not detected by esc. Ammendment to bug fix. +* Fri Aug 07 2020 Jack Magne - 1.1.2-13 +- Resolves: rhbz#1848629 - Smartcard is not detected by esc +* Sat May 30 2020 Jack Magne - 1.1.2-12 +- Resolves: rhbz#1646486 - alt tokens not detected by ESC +- Resolves: rhbz#1774750 - ESC's unusual behavior after formatting a blank Gemalto token +- Resolves: rhbz#1774770 - After formatting a Gemalto/SCP03 token, ESC shows incorrect Issuer, Issued To, Status, and Token ID details +* Wed Nov 13 2019 Jack Magne - 1.1.2-11 +- Resolves: rhbz#1724787 - ESC - HTTP GET Requests incorrectly Being Sent To TPS for Token Operations [8.2] +- Resolves: rhbz#1734117 - ESC does not detect/recognize both clean and formatted (with phone home) smart cards +- Resolves: rhbz#1733645 - Gemalto, CAC, SCP01 cards are not detected by HP keyboard KUS1206 with builtin smartcard reader +* Fri Jun 14 2019 Jack Magne - 1.1.2-10 +- Resolves: rhbz#1679659 - esc changes blocked until gating tests are added. +- Added notification list in yaml file, so entities are notified of changes. +* Thu Apr 25 2019 Jack Magne - 1.1.2-9 +- Resolves: rhbz#1679659 - esc changes blocked until gating tests are added +- Fixed the gating test string to adhere to format. +* Mon Apr 15 2019 Jack Magne - 1.1.2-8 +- Resolves: rhbz#1679659 - esc changes blocked until gating tests are added +* Fri Feb 01 2019 Jack Magne - 1.1.2-7 +- #Related: Bug 1596915 - Remove XULRunner from ESC. Minor launch +- script fix. +* Thu Jan 10 2019 Jack Magne - 1.1.2-6 +- #Resolve: Bug 1638011 - esc docdir should not be versioned in rhel8. +- #Resolve: Bug 1596915 - Remove XULRunner from ESC. +* Fri Oct 12 2018 Jack Magne - 1.1.2-4 +- #Resolve: Bug 1633238 - ESC crashes when smartcard is detected. +* Mon Oct 08 2018 Jack Magne - 1.1.2-4 +- #Resolve: Bug 1630560 - Review annocheck distro flag failures in esc. +* Wed Aug 22 2018 Jack Magne - 1.1.2-3 +- Remove remaining arch exclusions. +* Wed Aug 01 2018 Jack Magne - 1.1.2-1 +- Remove uneeded Requires and no longer put in autostart directory. +* Mon Jul 30 2018 Jack Magne - 1.1.2-1 +- Build bare bones esc, without xulrunner, using gjs / gobject +- introspection. +* Thu Jun 07 2018 Jack Magne - 1.1.1-5 +- Rebuild. +* Mon Apr 23 2018 Jack Magne - 1.1.1-4 +- Remove coolkey dependencies, replace with opensc. +* Wed Feb 07 2018 Fedora Release Engineering - 1.1.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Thu Jan 11 2018 Igor Gnatenko - 1.1.1-2 +- Remove obsolete scriptlets + +* Mon Aug 07 2017 - 1.1.1-1 +- Rebuilt using internally built xulrunner, due to the xulrunner package going away. +* Wed Jul 26 2017 Fedora Release Engineering - 1.1.0-32 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Feb 10 2017 Fedora Release Engineering - 1.1.0-31 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Sun May 8 2016 Peter Robinson 1.1.0-30 +- Secondary arch fixes +- Use %%license + +* Mon Feb 08 2016 Jack Magne 1.1.0-29 +- Apease latest xullrunner api changes. + +* Thu Apr 09 2015 Jack Magne 1.1.0-27 +- More xulrunner adjustments. +* Sat Aug 16 2014 Fedora Release Engineering - 1.1.0-26 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 1.1.0-25 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Wed Apr 23 2014 Jack Magne =1.1.0-24 +- Fix minor http client error. +* Thu Apr 17 2014 Jack Maghe =1.1.0-23 +- Appease more xulrunner changes. +* Sat Aug 03 2013 Fedora Release Engineering - 1.1.0-23 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Sun Jul 7 2013 Ville Skyttä - 1.1.0-22 +- Make buildable with kernels > 3.5. +- %%changelog syntax and bogus date fixes. +- Bump xulrunner version to 22.0. + +* Mon Jun 17 2013 Jack Magne - 1.1.0-21 +- Appease latest compiler errors and build to xulrunner 21.0. +* Wed Nov 28 2012 Jack Magne - 1.1.0-20 +- Gecko no longer supports UniversalXPConnect, remove it. +* Wed Nov 21 2012 Jack Magne - 1.1.0-19 +- Pick up latest fixes. +* Thu Jul 19 2012 Fedora Release Engineering - 1.1.0-18 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Fri Jun 22 2012 Jack Magne - 1.1.0-17 +- Related #688361 - Get ESC to run on Gecko 2.0, again. +* Thu May 10 2012 Jack Magne - 1.1.0-16 +- Related #688361 - Get ESC to run on Gecko 2.0. +* Mon Feb 20 2012 Jack Magne - 1.1.0-15 +- Related #688361 - Get ESC to run on Gecko 2.0. +* Tue Nov 29 2011 Jack Magne - 1.1.0-14 +- Related #688361 - Get ESC to run on Gecko 2.0. +* Thu Apr 15 2010 Jack Magne - 1.1.0-11 +- Adjust for new linking rules. +* Tue Sep 15 2009 Jack Magne - 1.1.0-10 +- Pick up latest improvements. +* Mon Jun 22 2009 Jack Magne - 1.1.0-9 +- Related: #496410, also IPV6 support. +* Fri Jun 19 2009 Jack Magne - 1.1.0-8 +- Related: #496410, SSL Conn fix. +* Mon Jun 8 2009 Jack Magne - 1.1.0-7 +- Releated: #496410. +* Thu Apr 23 2009 Jack Magne - 1.1.0-6 +- Related: #496410. Appease rpmdiff. +* Wed Apr 22 2009 Jack Magne - 1.1.0-5 +- Related: #496410, addresses 494981, better error message. +* Wed Apr 22 2009 Jack Magne - 1.1.0-4 +- Move to latest rebased code. Related #496410. +* Thu Dec 04 2008 Jack Magne - 1.0.0-39 +- Resolves #469202 - Cert Viewer issue +* Tue Nov 11 2008 Jack Magne - 1.0.0-38 +- Resolves #471923 - ESC Connection issue. +* Thu Oct 16 2008 Jack Magne - 1.0.0-37 +- Resolves #467126 - Blank authentication dialog problem. +* Fri Sep 26 2008 Jack Magne - 1.0.0-36 +- Related #200475 - Require the xulrunner package, Resolves #248493 +* Thu Sep 18 2008 Jack Magne - 1.0.0-35 +- Related 200475, make rpmdiff tests happy. +* Tue Sep 16 2008 Jack Magne - 1.0.0-34 +- Resolves #200475 #253081 #437238 +* Thu Jan 10 2008 Jack Magne - 1.0.0-33 +- Resolves #25324a8 #253268 +* Thu Jul 12 2007 Jack Magne - 1.0.0-32 +- Resolves #248071 - ESC RPM unistall failure if daemon not running. +* Fri Jun 22 2007 Jack Magne - 1.0.0-31 +- Related #208038 - Top things to put in diagnostics log +* Wed Jun 20 2007 Jack Magne - 1.0.0-30 +- Related #204021 +* Fri Jun 8 2007 Jack Magne - 1.0-0-29 +- Related #212010 +* Fri Jun 8 2007 Jack Magne - 1.0.0-28 +- Resolves #212010 +* Tue Jun 5 2007 Jack Magne - 1.0.0-27 +- Resolves #203466 Better error message strings. +* Mon May 21 2007 Jack Magne - 1.0.0-26 +- Related: #206783 Fix the launcher script to work with new logging. +* Fri May 11 2007 Jack Magne - 1.0.0-25 +- Resolves: #206783. +* Mon Apr 23 2007 Jack Magne - 1.0.0-24 +- More Desktop appearance fixes. +- Related: #208749 +* Mon Apr 23 2007 Jack Magne - 1.0.0-23 +- Desktop appearance fixes. +- Related: #208749 +* Thu Apr 19 2007 Jack Magne - 1.0.0-22 +- Second drop of 5.1 fixes. +- Resolves: #203934, #203935, #204959, #206780, #206792, #207721 +- Resolves: #207816, #206791 +- Related: #208749 +* Wed Apr 18 2007 Jack Magne - 1.0.0-21 +- First 5.1 fixes. +- Resolves: #203757, #203806, #204661, #205856, #206788, #206791 +- Resolves: #208037, #208333, #210589, #210590, #213912, #226913 +- Resolves: #204021, #205498, #224436 +* Tue Nov 28 2006 Jack Magne - 1.0.0-20 +- fix for bug to commit config changes immediately. Bug #210988 +* Wed Nov 15 2006 Jack Magne - 1.0.0-19 +-fix for escd double free problem. Bug #209882 +* Tue Oct 24 2006 Jack Magne - 1.0.0-18 +-rebuilt on RHEL-5 branch +* Wed Oct 4 2006 Jack Magne - 1.0.0-17 +- Diagnostics display fixes, Mac and Window fixes. + +* Sun Oct 01 2006 Jesse Keating - 1.0.0-16 +- rebuilt for unwind info generation, broken in gcc-4.1.1-21 + +* Fri Sep 22 2006 Jack Magne - 1.0.0-15 +- Fix to the build version + +* Fri Sep 22 2006 Jack Magne = 1.0.0-14 +- Fix to compile error in daemon + +* Fri Sep 22 2006 Jack Magne - 1.0.0-13 +- Fix to include the new esc daemon. + +* Sat Sep 16 2006 Jack Magne - 1.0.0-12 +- Fix for Password Reset and minor UI revision. + +* Fri Sep 15 2006 Jack Magne - 1.0.0-11 +- Further UI enhancement bug fixes + +* Thu Sep 7 2006 Jack Magne - 1.0.0-10 +- Further strings revisions. + +* Wed Aug 30 2006 Jack Magne - 1.0.0-9 +- Revision of the strings used in ESC. + +* Wed Aug 30 2006 Jack Magne - 1.0.0-8 +- Fixes to get libnotify working properly on FC6 systems. + +* Tue Aug 22 2006 Jack Magne - 1.0.0-7 +- Fix for bug #203211, use of system NSS and NSPR for +- Xulrunner ,addressing the problem running on 64 bit. +- Overwriting 5 and 6 due to important bug #203211. + +* Fri Aug 18 2006 Jack Magne - 1.0.0-6 +- Correct problem with Patch #6 + +* Fri Aug 18 2006 Jack Magne - 1.0.0-5 +- Build ESC's xulrunner component using system nss and nspr +- Build process creates run script based on {_libdir} variable, + accounting for differences on 64 bit machines. +- UI enhancements + +* Tue Aug 1 2006 Matthias Clasen - 1.0.0-4 +- Don't auto-generate requires either + +* Mon Jul 31 2006 Matthias Clasen - 1.0.0-3 +- Don't provide mozilla libraries + +* Fri Jul 28 2006 Ray Strode - 1.0.0-2 +- remove bogus gtk+ requires (and some others that will + be automatic) + +* Tue Jun 13 2006 Jack Magne - 1.0.0-1 +- Initial revision for fedora +