The needIn some cases you need to control the smart card reader names reported by PC/SC.
For real examples see some requests sent on the Pcsclite-muscle mailing list: "Possibility to disable Reader Interface?", "Deny card access for one application" and "Dynamically disable/enable specific card reader".
Ignore some readersFor example imagine you have a laptop with 2 integrated smart card readers:
- Broadcom Corp 5880 [Contacted SmartCard] (0123456789ABCD)
- Broadcom Corp 5880 [Contactless SmartCard] (0123456789ABCD)
To ease the life of the users you do not want them to have to select the contact reader each time an application has to use a reader and ask the user to select one.
Since the readers are integrated into the laptop you can't easily unplug the reader you don't want to use. You need a solution to ignore unwanted readers at the PC/SC level.
Extend reader namesIn this use case you use a remote desktop solution (RDP) to access a Windows server from your GNU/Linux laptop. Your company has equipped users with the same laptop model. So at the PC/SC level all the readers have the same name and this PC/SC name is forwarded to Windows through RDP.
Now imagine a bogus application on the Windows server (not too hard to imagine a bogus application on Windows ☺) that uses the PC/SC reader name to identify a user. Since every user is using the same laptop model they will all have the same PC/SC reader name in Windows. And the bogus Windows application is broken ☹ and can't be used.
The proposed solutionTo enable these two features you need to configure pcsc-lite with
Ignore some readersIf the environment variable
PCSCLITE_FILTER_IGNORE_READER_NAMESis defined then it contains a list of patterns separated by the character ":".
If a pattern is found in a PC/SC reader name then this reader is ignored and will not be reported by SCardListReaders() or any other PC/SC calls.
In the example described above you would define
Extend reader namesTo differentiate the PC/SC reader names one idea is to use the host name of the system. If the IT department is doing correctly his job every laptop should have a different host name.
If the environment variable
PCSCLITE_FILTER_EXTEND_READER_NAMESis defined then it contains a string that will be added at the end of the PC/SC reader names.
The computer host name is available in the variable
$HOSTNAME. If you want to have a space character between the PC/SC reader name and host name you define
SetupThe Debian init script for pcscd contains:
NAME=pcscd # Read configuration variable file if it is present [ -r /etc/default/$NAME ] && . /etc/default/$NAME
You then just have to create a file /etc/default/pcscd containing:
PCSCLITE_FILTER_IGNORE_READER_NAMES="Contactless" PCSCLITE_FILTER_EXTEND_READER_NAMES=" $HOSTNAME"And you are good to go.
GNU/Linux systems using systemd will need a different configuration. The systemd configuration is left as an exercise for the reader.
ConclusionThese new features will be provided in the next version of pcsc-lite.
If you have another special feature request for pcsc-lite, please do not hesitate to contact me.