www.cendio.com
Bug 4511 - rdesktop distorts SCardGetAttrib()
: rdesktop distorts SCardGetAttrib()
Status: CLOSED FIXED
: ThinLinc
Smart card
: trunk
: PC Unknown
: P2 Normal
: 4.1.1
Assigned To:
:
:
:
: 4732
  Show dependency treegraph
 
Reported: 2012-12-21 11:00 by
Modified: 2013-10-24 10:51 (History)


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From cendio 2012-12-21 11:00:44
The Novell client complains that it cannot find any certificates, and dumps
this in its log:

00000020 [16:06:34 0x00000AD4] [LogonUI.exe]Running Method: 37, esclcm.dll
00000021 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] LCM started
00000022 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Using PC/SC
00000023 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Card Login
Config: Login Required
00000024 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Created PCSC
context
00000025 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Found reader:
Lenovo Integrated Smart Card Reader 0
00000026 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Connecting to
card in reader Lenovo Integrated Smart Card Reader 0
00000027 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Connected to card
00000028 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Error: 0x8010001d
from SCardGetAttrib(SCARD_ATTR_ATR_STRING)
00000029 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Error:
-2146435043, unable to open slot: 0
00000030 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] number of certs
selected: 0


0x8010001d is SCARD_E_NO_SERVICE, indicating that the smart card tunnel is not
properly connected. NetID can communicate with the card just fine though.
------- Comment #2 From cendio 2012-12-21 12:33:10 -------
PCSCTUN log from the same thing:

** (process:23681): DEBUG: PC/SC tunnel library loaded.
** (process:23681): DEBUG: ScardEstablishContext(2)
** (process:23681): DEBUG: Connecting to 127.0.0.1:4916...
** (process:23681): DEBUG: Connected.
** (process:23681): DEBUG: Authenticating...
** (process:23681): DEBUG: Authenticated (server version 2).
** (process:23681): DEBUG: SCardReleaseContext(0x1036890)
** (process:23681): DEBUG: Disconnecting.
Autoselected keyboard map en-us
WARNING: Remote desktop does not support colour depth 24; falling back to 
16
** (process:23681): DEBUG: ScardEstablishContext(2)
** (process:23681): DEBUG: Connecting to 127.0.0.1:4916...
** (process:23681): DEBUG: Connected.
** (process:23681): DEBUG: Authenticating...
** (process:23681): DEBUG: Authenticated (server version 2).
** (process:23681): DEBUG: SCardListReaders(0x7f83b80013e0, 
0x7f83a80008d8, 1024)
** (process:23681): DEBUG: SCardConnect(0x7f83b80013e0, Lenovo Integrated 
Smart Card Reader 0, 2, 3)
** (process:23681): DEBUG: SCardGetAttrib(0x7f83a8001ec0, 771)
** (process:23681): DEBUG: SCardDisconnect(0x7f83a8001ec0, 0)
** (process:23681): DEBUG: SCardReleaseContext(0x7f83b80013e0)
** (process:23681): DEBUG: Disconnecting.
** (process:23681): DEBUG: PC/SC tunnel library unloaded.
------- Comment #3 From cendio 2012-12-21 12:33:30 -------
The problem only happens with a Windows client, not a Linux one.
------- Comment #4 From cendio 2012-12-21 12:39:18 -------
I believe this particular piece of lunacy in rdesktop is to blame:

    dwAttrId = dwAttrId & 0x0000FFFF;

This is just horribly wrong. It happens to work by pure chance in most of the
cases with pcsc-lite, but I'm not even a little surprised it breaks with
Windows. And there's no justification why that crap is in there.

We really need to do bug 3404.
------- Comment #7 From cendio 2013-02-05 13:55:30 -------
We've had reports that the proposed patch in comment #4 did not help or was not
enough to fully solve the problem.
------- Comment #8 From cendio 2013-02-05 13:56:34 -------
Resetting target milestone to '---' to raise this for further discussion at the
next development meeting.
------- Comment #9 From cendio 2013-07-05 16:31:45 -------
Reducing this bug to just the SCardGetAttr() problem. Other issues found will
be handled on other bugs.
------- Comment #10 From cendio 2013-07-05 16:54:56 -------
Fixed in r27622.
------- Comment #11 From cendio 2013-10-21 13:35:55 -------
Basic RDP smart card tests done:

* Against efti.thinlinc.com: Checked certs using NetID

* Against Trouble: Logged in to Apoteket.se using my BankID card. Checked the
BankID application. 

Good enough for me.