On 9/4/24 17:58, Jan Behrens wrote:
I think I may have found the problem. If I'm right, it is an issue of pcsc-lite in combination with FreeBSD.Looking into pcsc-lite's file "src/auth.c", we find: #if defined(HAVE_POLKIT) && defined(SO_PEERCRED) ... #else unsigned IsClientAuthorized(int socket, const char* action, const char* reader) { (void)socket; (void)action; (void)reader; return 1; } #endif See: https://github.com/LudovicRousseau/PCSC/blob/da69dda356dc79300a997631f94efed7190d30a6/src/auth.c#L54 If I'm not mistaken, SO_PEERCRED is not set by the build system and it is not defined on FreeBSD (but only on Linux). Then pcsc-lite defaults to simply assume that any client is always authorized. Not good. I wasn't able to get the build working, so maybe someone can check if my guess is correct. Kind regards, Jan Behrens
Right, that'd be a problem. Something like this might work, but I haven't even build tested it:
https://people.freebsd.org/~kevans/pcsc-auth.diff It could be cleaned up a little bit if it works. Thanks, Kyle Evans
