Bug 4511 - rdesktop distorts SCardGetAttrib()
Summary: rdesktop distorts SCardGetAttrib()
Alias: None
Product: ThinLinc
Classification: Unclassified
Component: Smart card (show other bugs)
Version: trunk
Hardware: PC Unknown
: P2 Normal
Target Milestone: 4.1.1
Assignee: Pierre Ossman
Keywords: astrand_tester, relnotes
Depends on:
Blocks: 4732
  Show dependency treegraph
Reported: 2012-12-21 11:00 CET by Pierre Ossman
Modified: 2013-10-24 10:51 CEST (History)
1 user (show)

See Also:
Acceptance Criteria:


Description Pierre Ossman cendio 2012-12-21 11:00:44 CET
The Novell client complains that it cannot find any certificates, and dumps this in its log:

00000020 [16:06:34 0x00000AD4] [LogonUI.exe]Running Method: 37, esclcm.dll
00000021 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] LCM started
00000022 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Using PC/SC
00000023 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Card Login Config: Login Required
00000024 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Created PCSC context
00000025 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Found reader: Lenovo Integrated Smart Card Reader 0
00000026 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Connecting to card in reader Lenovo Integrated Smart Card Reader 0
00000027 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Connected to card
00000028 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Error: 0x8010001d from SCardGetAttrib(SCARD_ATTR_ATR_STRING)
00000029 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Error: -2146435043, unable to open slot: 0
00000030 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] number of certs selected: 0

0x8010001d is SCARD_E_NO_SERVICE, indicating that the smart card tunnel is not properly connected. NetID can communicate with the card just fine though.
Comment 2 Pierre Ossman cendio 2012-12-21 12:33:10 CET
PCSCTUN log from the same thing:

** (process:23681): DEBUG: PC/SC tunnel library loaded.
** (process:23681): DEBUG: ScardEstablishContext(2)
** (process:23681): DEBUG: Connecting to
** (process:23681): DEBUG: Connected.
** (process:23681): DEBUG: Authenticating...
** (process:23681): DEBUG: Authenticated (server version 2).
** (process:23681): DEBUG: SCardReleaseContext(0x1036890)
** (process:23681): DEBUG: Disconnecting.
Autoselected keyboard map en-us
WARNING: Remote desktop does not support colour depth 24; falling back to 
** (process:23681): DEBUG: ScardEstablishContext(2)
** (process:23681): DEBUG: Connecting to
** (process:23681): DEBUG: Connected.
** (process:23681): DEBUG: Authenticating...
** (process:23681): DEBUG: Authenticated (server version 2).
** (process:23681): DEBUG: SCardListReaders(0x7f83b80013e0, 
0x7f83a80008d8, 1024)
** (process:23681): DEBUG: SCardConnect(0x7f83b80013e0, Lenovo Integrated 
Smart Card Reader 0, 2, 3)
** (process:23681): DEBUG: SCardGetAttrib(0x7f83a8001ec0, 771)
** (process:23681): DEBUG: SCardDisconnect(0x7f83a8001ec0, 0)
** (process:23681): DEBUG: SCardReleaseContext(0x7f83b80013e0)
** (process:23681): DEBUG: Disconnecting.
** (process:23681): DEBUG: PC/SC tunnel library unloaded.
Comment 3 Pierre Ossman cendio 2012-12-21 12:33:30 CET
The problem only happens with a Windows client, not a Linux one.
Comment 4 Pierre Ossman cendio 2012-12-21 12:39:18 CET
I believe this particular piece of lunacy in rdesktop is to blame:

	dwAttrId = dwAttrId & 0x0000FFFF;

This is just horribly wrong. It happens to work by pure chance in most of the cases with pcsc-lite, but I'm not even a little surprised it breaks with Windows. And there's no justification why that crap is in there.

We really need to do bug 3404.
Comment 7 Karl Mikaelsson cendio 2013-02-05 13:55:30 CET
We've had reports that the proposed patch in comment #4 did not help or was not enough to fully solve the problem.
Comment 8 Karl Mikaelsson cendio 2013-02-05 13:56:34 CET
Resetting target milestone to '---' to raise this for further discussion at the next development meeting.
Comment 9 Pierre Ossman cendio 2013-07-05 16:31:45 CEST
Reducing this bug to just the SCardGetAttr() problem. Other issues found will be handled on other bugs.
Comment 10 Pierre Ossman cendio 2013-07-05 16:54:56 CEST
Fixed in r27622.
Comment 11 Peter Åstrand cendio 2013-10-21 13:35:55 CEST
Basic RDP smart card tests done:

* Against efti.thinlinc.com: Checked certs using NetID

* Against Trouble: Logged in to Apoteket.se using my BankID card. Checked the BankID application. 

Good enough for me.

Note You need to log in before you can comment on or make changes to this bug.