Send SIGHUP to yubikey-agent if it's running and the connection fails

`yubikey-agent` is an SSH agent written in Go that uses the PIV module of a YubiKey for SSH[1]. Since it takes a persistent transaction on the YubiKey, using e.g. `ykman` will fail when it's active. I think it's tedious to always send a SIGHUP to it whenever I want to use `ykman`, so I added this small patch that does that for me. Inspired by what `age-plugin-yubikey` is also doing[2]. Not sure about Windows support, but I left it out because `yubikey-agent` doesn't do any Windows AFAIK and SIGHUP isn't supported there. [1] https://github.com/FiloSottile/yubikey-agent [2] str4d/age-plugin-yubikey@1913838
Yubico · Mar 23, 2024 · 03096dd · 03096dd
1 parent e6ab9f8
commit 03096dd
Showing 1 changed file with 16 additions and 1 deletion.
diff --git a/ykman/pcsc/__init__.py b/ykman/pcsc/__init__.py
@@ -41,6 +41,10 @@
 import subprocess  # nosec
 import logging
 
+import os
+import psutil
+import signal
+
 logger = logging.getLogger(__name__)
 
 
@@ -95,7 +99,7 @@ def _open_smartcard_connection(self) -> SmartCardConnection:
         try:
             return ScardSmartCardConnection(self.reader.createConnection())
         except CardConnectionException as e:
-            if kill_scdaemon():
+            if kill_scdaemon() or kill_yubikey_agent():
                 return ScardSmartCardConnection(self.reader.createConnection())
             raise e
 
@@ -152,6 +156,17 @@ def kill_scdaemon():
     return killed
 
 
+def kill_yubikey_agent():
+    killed = False
+    return_code = subprocess.call(["pkill", "-HUP", "yubikey-agent"])
+    if return_code == 0:
+        killed = True
+    if killed:
+        sleep(0.1)
+
+    return killed
+
+
 def list_readers():
     try:
         return System.readers()