The Novell client complains that it cannot find any certificates, and dumps this in its log: 00000020 [16:06:34 0x00000AD4] [LogonUI.exe]Running Method: 37, esclcm.dll 00000021 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] LCM started 00000022 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Using PC/SC 00000023 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Card Login Config: Login Required 00000024 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Created PCSC context 00000025 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Found reader: Lenovo Integrated Smart Card Reader 0 00000026 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Connecting to card in reader Lenovo Integrated Smart Card Reader 0 00000027 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Connected to card 00000028 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Error: 0x8010001d from SCardGetAttrib(SCARD_ATTR_ATR_STRING) 00000029 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] Error: -2146435043, unable to open slot: 0 00000030 [16:06:34 0x00000AD4] [LogonUI.exe] [Method] [NESCM] number of certs selected: 0 0x8010001d is SCARD_E_NO_SERVICE, indicating that the smart card tunnel is not properly connected. NetID can communicate with the card just fine though.
PCSCTUN log from the same thing: ** (process:23681): DEBUG: PC/SC tunnel library loaded. ** (process:23681): DEBUG: ScardEstablishContext(2) ** (process:23681): DEBUG: Connecting to 127.0.0.1:4916... ** (process:23681): DEBUG: Connected. ** (process:23681): DEBUG: Authenticating... ** (process:23681): DEBUG: Authenticated (server version 2). ** (process:23681): DEBUG: SCardReleaseContext(0x1036890) ** (process:23681): DEBUG: Disconnecting. Autoselected keyboard map en-us WARNING: Remote desktop does not support colour depth 24; falling back to 16 ** (process:23681): DEBUG: ScardEstablishContext(2) ** (process:23681): DEBUG: Connecting to 127.0.0.1:4916... ** (process:23681): DEBUG: Connected. ** (process:23681): DEBUG: Authenticating... ** (process:23681): DEBUG: Authenticated (server version 2). ** (process:23681): DEBUG: SCardListReaders(0x7f83b80013e0, 0x7f83a80008d8, 1024) ** (process:23681): DEBUG: SCardConnect(0x7f83b80013e0, Lenovo Integrated Smart Card Reader 0, 2, 3) ** (process:23681): DEBUG: SCardGetAttrib(0x7f83a8001ec0, 771) ** (process:23681): DEBUG: SCardDisconnect(0x7f83a8001ec0, 0) ** (process:23681): DEBUG: SCardReleaseContext(0x7f83b80013e0) ** (process:23681): DEBUG: Disconnecting. ** (process:23681): DEBUG: PC/SC tunnel library unloaded.
The problem only happens with a Windows client, not a Linux one.
I believe this particular piece of lunacy in rdesktop is to blame: dwAttrId = dwAttrId & 0x0000FFFF; This is just horribly wrong. It happens to work by pure chance in most of the cases with pcsc-lite, but I'm not even a little surprised it breaks with Windows. And there's no justification why that crap is in there. We really need to do bug 3404.
We've had reports that the proposed patch in comment #4 did not help or was not enough to fully solve the problem.
Resetting target milestone to '---' to raise this for further discussion at the next development meeting.
Reducing this bug to just the SCardGetAttr() problem. Other issues found will be handled on other bugs.
Fixed in r27622.
Basic RDP smart card tests done: * Against efti.thinlinc.com: Checked certs using NetID * Against Trouble: Logged in to Apoteket.se using my BankID card. Checked the BankID application. Good enough for me.
