From: Joe K. <jk...@ne...> - 2002-10-30 15:16:01
|
Hi Everyone, I have run into an issue with RDesktop and licensing with Windows 2000, = Service Pack 3. MS changed the way "permanent" TSCAL's work. They now are issued for a = period between 52-89 days, and are supposed to be renewed when the RDP = client presents the license token seven days before of the expiration = date, or after the expiration date. The problem is that since the RDesktop client does not save the TSCAL = token, it can not present it to the server for renewal. Because I am using RDesktop in a commercial product, I can not use the = --built-in-license option, as that would be viewed as slightly less than = legal. So I am looking into implementing proper TSCAL functionality in = RDesktop. I am looking for information regarding this implementation, = specifically, what problems have been encountered saving/sending = licenses, what approaches have been tried, does anyone have patch = attempts? thanks in advance, -joe |
From: Peter F. <ps...@lu...> - 2002-10-30 15:26:50
|
We're seeing the same thing, but I've been blocked from doing much about it by my limited understanding of the way TSCALs work. The current CVS version of rdesktop has some code inside "#ifdef SAVE_LICENCE" that saves the license from the server and (I think) presents it back on successive sessions. I built a version of rdesktop with this option and it works (at least as far as letting me connect/reconnect to the server) but does not renew the license, even when we set the clocks on the server to the 7-day window where licenses are supposed to be renewed. As I said, I'm not an expert on this, but from my reading of the "Licensing Technology White Paper" at http://www.microsoft.com/windows2000/docs/tslicensing.doc it seems that: 1) It should not be necessary for the client to save the TSCAL. If the client presents a valid TSCAL, the terminal server can use it without contacting the license server. Otherwise, there is just a bit more overhead needed to get the TSCAL from the license server. 2) Under "Automatic License Token Reissuance" it says that if license expiration is within 7 days, the *terminal server* contacts the license server to renew. This makes it sound like the client is not involved. But it doesn't explain whe the rdesktop TSCALs aren't getting renewed. -- Peter Fales Lucent Technologies, Room 1C-436 N9IYJ 2000 N Naperville Rd PO Box 3033 internet: ps...@lu... Naperville, IL 60566-7033 work: (630) 979-8031 On Wed, Oct 30, 2002 at 10:15:58AM -0500, Joe Kisela wrote: > Hi Everyone, > > I have run into an issue with RDesktop and licensing with Windows 2000, Service Pack 3. > > MS changed the way "permanent" TSCAL's work. They now are issued for a period between 52-89 days, and are supposed to be renewed when the RDP client presents the license token seven days before of the expiration date, or after the expiration date. > > The problem is that since the RDesktop client does not save the TSCAL token, it can not present it to the server for renewal. > > Because I am using RDesktop in a commercial product, I can not use the --built-in-license option, as that would be viewed as slightly less than legal. > > So I am looking into implementing proper TSCAL functionality in RDesktop. I am looking for information regarding this implementation, specifically, what problems have been encountered saving/sending licenses, what approaches have been tried, does anyone have patch attempts? > > thanks in advance, > > -joe |
From: Joe K. <jk...@ne...> - 2002-10-30 15:45:00
|
I've pretty much narrowed it down to a client side problem when it is supposed to present the license, it doesnt, and the server doesnt renew the license. I've been able to force WinCE clients to behave like RDesktop by getting a permanent license, deleting it from the WinCE registry, setting the server ahead, and then reconnecting. All my experimentation has shown me that in order to renew, that the client MUST present the TSCAL. ----- Original Message ----- From: "Peter Fales" <ps...@lu...> To: "Joe Kisela" <jk...@ne...> Cc: <rde...@li...> Sent: Wednesday, October 30, 2002 10:26 AM Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > We're seeing the same thing, but I've been blocked from doing much about > it by my limited understanding of the way TSCALs work. > > The current CVS version of rdesktop has some code inside > "#ifdef SAVE_LICENCE" that saves the license from the server > and (I think) presents it back on successive sessions. I built > a version of rdesktop with this option and it works (at least as > far as letting me connect/reconnect to the server) but does not > renew the license, even when we set the clocks on the server to the > 7-day window where licenses are supposed to be renewed. > > As I said, I'm not an expert on this, but from my reading of > the "Licensing Technology White Paper" at > http://www.microsoft.com/windows2000/docs/tslicensing.doc > it seems that: > > 1) It should not be necessary for the client to save the TSCAL. If > the client presents a valid TSCAL, the terminal server can use it > without contacting the license server. Otherwise, there is just > a bit more overhead needed to get the TSCAL from the license server. > > 2) Under "Automatic License Token Reissuance" it says that if license > expiration is within 7 days, the *terminal server* contacts the > license server to renew. > > This makes it sound like the client is not involved. But it doesn't > explain whe the rdesktop TSCALs aren't getting renewed. > > -- > Peter Fales Lucent Technologies, Room 1C-436 > N9IYJ 2000 N Naperville Rd PO Box 3033 > internet: ps...@lu... Naperville, IL 60566-7033 > work: (630) 979-8031 > > On Wed, Oct 30, 2002 at 10:15:58AM -0500, Joe Kisela wrote: > > Hi Everyone, > > > > I have run into an issue with RDesktop and licensing with Windows 2000, Service Pack 3. > > > > MS changed the way "permanent" TSCAL's work. They now are issued for a period between 52-89 days, and are supposed to be renewed when the RDP client presents the license token seven days before of the expiration date, or after the expiration date. > > > > The problem is that since the RDesktop client does not save the TSCAL token, it can not present it to the server for renewal. > > > > Because I am using RDesktop in a commercial product, I can not use the --built-in-license option, as that would be viewed as slightly less than legal. > > > > So I am looking into implementing proper TSCAL functionality in RDesktop. I am looking for information regarding this implementation, specifically, what problems have been encountered saving/sending licenses, what approaches have been tried, does anyone have patch attempts? > > > > thanks in advance, > > > > -joe > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > rdesktop-devel mailing list > rde...@li... > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel |
From: Peter F. <ps...@lu...> - 2002-10-30 15:47:58
|
Have you tried compiling rdesktop with -DSAVE_LICENSE? -- Peter Fales Lucent Technologies, Room 1C-436 N9IYJ 2000 N Naperville Rd PO Box 3033 internet: ps...@lu... Naperville, IL 60566-7033 work: (630) 979-8031 On Wed, Oct 30, 2002 at 10:44:58AM -0500, Joe Kisela wrote: > I've pretty much narrowed it down to a client side problem when it is > supposed to present the license, it doesnt, and the server doesnt renew the > license. > > I've been able to force WinCE clients to behave like RDesktop by getting a > permanent license, deleting it from the WinCE registry, setting the server > ahead, and then reconnecting. > > All my experimentation has shown me that in order to renew, that the client > MUST present the TSCAL. > > > ----- Original Message ----- > From: "Peter Fales" <ps...@lu...> > To: "Joe Kisela" <jk...@ne...> > Cc: <rde...@li...> > Sent: Wednesday, October 30, 2002 10:26 AM > Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > > > > We're seeing the same thing, but I've been blocked from doing much about > > it by my limited understanding of the way TSCALs work. > > > > The current CVS version of rdesktop has some code inside > > "#ifdef SAVE_LICENCE" that saves the license from the server > > and (I think) presents it back on successive sessions. I built > > a version of rdesktop with this option and it works (at least as > > far as letting me connect/reconnect to the server) but does not > > renew the license, even when we set the clocks on the server to the > > 7-day window where licenses are supposed to be renewed. > > > > As I said, I'm not an expert on this, but from my reading of > > the "Licensing Technology White Paper" at > > http://www.microsoft.com/windows2000/docs/tslicensing.doc > > it seems that: > > > > 1) It should not be necessary for the client to save the TSCAL. If > > the client presents a valid TSCAL, the terminal server can use it > > without contacting the license server. Otherwise, there is just > > a bit more overhead needed to get the TSCAL from the license server. > > > > 2) Under "Automatic License Token Reissuance" it says that if license > > expiration is within 7 days, the *terminal server* contacts the > > license server to renew. > > > > This makes it sound like the client is not involved. But it doesn't > > explain whe the rdesktop TSCALs aren't getting renewed. > > > > -- > > Peter Fales Lucent Technologies, Room 1C-436 > > N9IYJ 2000 N Naperville Rd PO Box 3033 > > internet: ps...@lu... Naperville, IL 60566-7033 > > work: (630) 979-8031 > > > > On Wed, Oct 30, 2002 at 10:15:58AM -0500, Joe Kisela wrote: > > > Hi Everyone, > > > > > > I have run into an issue with RDesktop and licensing with Windows 2000, > Service Pack 3. > > > > > > MS changed the way "permanent" TSCAL's work. They now are issued for a > period between 52-89 days, and are supposed to be renewed when the RDP > client presents the license token seven days before of the expiration date, > or after the expiration date. > > > > > > The problem is that since the RDesktop client does not save the TSCAL > token, it can not present it to the server for renewal. > > > > > > Because I am using RDesktop in a commercial product, I can not use > the --built-in-license option, as that would be viewed as slightly less than > legal. > > > > > > So I am looking into implementing proper TSCAL functionality in > RDesktop. I am looking for information regarding this implementation, > specifically, what problems have been encountered saving/sending licenses, > what approaches have been tried, does anyone have patch attempts? > > > > > > thanks in advance, > > > > > > -joe > > > > > > ------------------------------------------------------- > > This sf.net email is sponsored by:ThinkGeek > > Welcome to geek heaven. > > http://thinkgeek.com/sf > > _______________________________________________ > > rdesktop-devel mailing list > > rde...@li... > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel |
From: Peter F. <ps...@lu...> - 2002-10-30 15:50:13
|
Sorry, I keep forgetting the British spelling. That should be -DSAVE_LICENCE -- Peter Fales Lucent Technologies, Room 1C-436 N9IYJ 2000 N Naperville Rd PO Box 3033 internet: ps...@lu... Naperville, IL 60566-7033 work: (630) 979-8031 On Wed, Oct 30, 2002 at 09:47:18AM -0600, Peter Fales wrote: > Have you tried compiling rdesktop with -DSAVE_LICENSE? > > -- > Peter Fales Lucent Technologies, Room 1C-436 > N9IYJ 2000 N Naperville Rd PO Box 3033 > internet: ps...@lu... Naperville, IL 60566-7033 > work: (630) 979-8031 > > On Wed, Oct 30, 2002 at 10:44:58AM -0500, Joe Kisela wrote: > > I've pretty much narrowed it down to a client side problem when it is > > supposed to present the license, it doesnt, and the server doesnt renew the > > license. > > > > I've been able to force WinCE clients to behave like RDesktop by getting a > > permanent license, deleting it from the WinCE registry, setting the server > > ahead, and then reconnecting. > > > > All my experimentation has shown me that in order to renew, that the client > > MUST present the TSCAL. > > > > > > ----- Original Message ----- > > From: "Peter Fales" <ps...@lu...> > > To: "Joe Kisela" <jk...@ne...> > > Cc: <rde...@li...> > > Sent: Wednesday, October 30, 2002 10:26 AM > > Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > > > > > > > We're seeing the same thing, but I've been blocked from doing much about > > > it by my limited understanding of the way TSCALs work. > > > > > > The current CVS version of rdesktop has some code inside > > > "#ifdef SAVE_LICENCE" that saves the license from the server > > > and (I think) presents it back on successive sessions. I built > > > a version of rdesktop with this option and it works (at least as > > > far as letting me connect/reconnect to the server) but does not > > > renew the license, even when we set the clocks on the server to the > > > 7-day window where licenses are supposed to be renewed. > > > > > > As I said, I'm not an expert on this, but from my reading of > > > the "Licensing Technology White Paper" at > > > http://www.microsoft.com/windows2000/docs/tslicensing.doc > > > it seems that: > > > > > > 1) It should not be necessary for the client to save the TSCAL. If > > > the client presents a valid TSCAL, the terminal server can use it > > > without contacting the license server. Otherwise, there is just > > > a bit more overhead needed to get the TSCAL from the license server. > > > > > > 2) Under "Automatic License Token Reissuance" it says that if license > > > expiration is within 7 days, the *terminal server* contacts the > > > license server to renew. > > > > > > This makes it sound like the client is not involved. But it doesn't > > > explain whe the rdesktop TSCALs aren't getting renewed. > > > > > > -- > > > Peter Fales Lucent Technologies, Room 1C-436 > > > N9IYJ 2000 N Naperville Rd PO Box 3033 > > > internet: ps...@lu... Naperville, IL 60566-7033 > > > work: (630) 979-8031 > > > > > > On Wed, Oct 30, 2002 at 10:15:58AM -0500, Joe Kisela wrote: > > > > Hi Everyone, > > > > > > > > I have run into an issue with RDesktop and licensing with Windows 2000, > > Service Pack 3. > > > > > > > > MS changed the way "permanent" TSCAL's work. They now are issued for a > > period between 52-89 days, and are supposed to be renewed when the RDP > > client presents the license token seven days before of the expiration date, > > or after the expiration date. > > > > > > > > The problem is that since the RDesktop client does not save the TSCAL > > token, it can not present it to the server for renewal. > > > > > > > > Because I am using RDesktop in a commercial product, I can not use > > the --built-in-license option, as that would be viewed as slightly less than > > legal. > > > > > > > > So I am looking into implementing proper TSCAL functionality in > > RDesktop. I am looking for information regarding this implementation, > > specifically, what problems have been encountered saving/sending licenses, > > what approaches have been tried, does anyone have patch attempts? > > > > > > > > thanks in advance, > > > > > > > > -joe > > > > > > > > > ------------------------------------------------------- > > > This sf.net email is sponsored by:ThinkGeek > > > Welcome to geek heaven. > > > http://thinkgeek.com/sf > > > _______________________________________________ > > > rdesktop-devel mailing list > > > rde...@li... > > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > rdesktop-devel mailing list > rde...@li... > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel |
From: Matt C. <mat...@cs...> - 2002-10-31 01:26:23
|
Yep, sorry about that - we mostly use British spelling in Australia :) SAVE_LICENCE is what you want, but unfortunately it's a bit broken currently. It saves and sends the whole blob which looks like: 0000000: 0500 0e00 0000 6d69 6372 6f73 6f66 742e ......microsoft. 0000010: 636f 6d00 2c00 0000 4d00 6900 6300 7200 com.,...M.i.c.r. 0000020: 6f00 7300 6f00 6600 7400 2000 4300 6f00 o.s.o.f.t. .C.o. 0000030: 7200 7000 6f00 7200 6100 7400 6900 6f00 r.p.o.r.a.t.i.o. 0000040: 6e00 0000 0800 0000 4100 3000 3200 0000 n.......A.0.2... 0000050: b404 0000 3082 04b0 0609 2a86 4886 f70d ....0.....*.H... ... Instead, from what I remember other clients sending, I think it should send just the certificate part, i.e. starting from 3082... To start with you could compile rdesktop with SAVE_LICENCE to grab the certificate (to ~/.rdesktop/licence), use a hex editor (or dd) to remove the header from it, and then see if that works. Matt On Wed, Oct 30, 2002 at 09:49:30AM -0600, Peter Fales wrote: > Sorry, I keep forgetting the British spelling. That should > be -DSAVE_LICENCE > > -- > Peter Fales Lucent Technologies, Room 1C-436 > N9IYJ 2000 N Naperville Rd PO Box 3033 > internet: ps...@lu... Naperville, IL 60566-7033 > work: (630) 979-8031 > > On Wed, Oct 30, 2002 at 09:47:18AM -0600, Peter Fales wrote: > > Have you tried compiling rdesktop with -DSAVE_LICENSE? > > > > -- > > Peter Fales Lucent Technologies, Room 1C-436 > > N9IYJ 2000 N Naperville Rd PO Box 3033 > > internet: ps...@lu... Naperville, IL 60566-7033 > > work: (630) 979-8031 > > > > On Wed, Oct 30, 2002 at 10:44:58AM -0500, Joe Kisela wrote: > > > I've pretty much narrowed it down to a client side problem when it is > > > supposed to present the license, it doesnt, and the server doesnt renew the > > > license. > > > > > > I've been able to force WinCE clients to behave like RDesktop by getting a > > > permanent license, deleting it from the WinCE registry, setting the server > > > ahead, and then reconnecting. > > > > > > All my experimentation has shown me that in order to renew, that the client > > > MUST present the TSCAL. > > > > > > > > > ----- Original Message ----- > > > From: "Peter Fales" <ps...@lu...> > > > To: "Joe Kisela" <jk...@ne...> > > > Cc: <rde...@li...> > > > Sent: Wednesday, October 30, 2002 10:26 AM > > > Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > > > > > > > > > > We're seeing the same thing, but I've been blocked from doing much about > > > > it by my limited understanding of the way TSCALs work. > > > > > > > > The current CVS version of rdesktop has some code inside > > > > "#ifdef SAVE_LICENCE" that saves the license from the server > > > > and (I think) presents it back on successive sessions. I built > > > > a version of rdesktop with this option and it works (at least as > > > > far as letting me connect/reconnect to the server) but does not > > > > renew the license, even when we set the clocks on the server to the > > > > 7-day window where licenses are supposed to be renewed. > > > > > > > > As I said, I'm not an expert on this, but from my reading of > > > > the "Licensing Technology White Paper" at > > > > http://www.microsoft.com/windows2000/docs/tslicensing.doc > > > > it seems that: > > > > > > > > 1) It should not be necessary for the client to save the TSCAL. If > > > > the client presents a valid TSCAL, the terminal server can use it > > > > without contacting the license server. Otherwise, there is just > > > > a bit more overhead needed to get the TSCAL from the license server. > > > > > > > > 2) Under "Automatic License Token Reissuance" it says that if license > > > > expiration is within 7 days, the *terminal server* contacts the > > > > license server to renew. > > > > > > > > This makes it sound like the client is not involved. But it doesn't > > > > explain whe the rdesktop TSCALs aren't getting renewed. > > > > > > > > -- > > > > Peter Fales Lucent Technologies, Room 1C-436 > > > > N9IYJ 2000 N Naperville Rd PO Box 3033 > > > > internet: ps...@lu... Naperville, IL 60566-7033 > > > > work: (630) 979-8031 > > > > > > > > On Wed, Oct 30, 2002 at 10:15:58AM -0500, Joe Kisela wrote: > > > > > Hi Everyone, > > > > > > > > > > I have run into an issue with RDesktop and licensing with Windows 2000, > > > Service Pack 3. > > > > > > > > > > MS changed the way "permanent" TSCAL's work. They now are issued for a > > > period between 52-89 days, and are supposed to be renewed when the RDP > > > client presents the license token seven days before of the expiration date, > > > or after the expiration date. > > > > > > > > > > The problem is that since the RDesktop client does not save the TSCAL > > > token, it can not present it to the server for renewal. > > > > > > > > > > Because I am using RDesktop in a commercial product, I can not use > > > the --built-in-license option, as that would be viewed as slightly less than > > > legal. > > > > > > > > > > So I am looking into implementing proper TSCAL functionality in > > > RDesktop. I am looking for information regarding this implementation, > > > specifically, what problems have been encountered saving/sending licenses, > > > what approaches have been tried, does anyone have patch attempts? > > > > > > > > > > thanks in advance, > > > > > > > > > > -joe > > > > > > > > > > > > ------------------------------------------------------- > > > > This sf.net email is sponsored by:ThinkGeek > > > > Welcome to geek heaven. > > > > http://thinkgeek.com/sf > > > > _______________________________________________ > > > > rdesktop-devel mailing list > > > > rde...@li... > > > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel > > > > > > ------------------------------------------------------- > > This sf.net email is sponsored by:ThinkGeek > > Welcome to geek heaven. > > http://thinkgeek.com/sf > > _______________________________________________ > > rdesktop-devel mailing list > > rde...@li... > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > rdesktop-devel mailing list > rde...@li... > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel |
From: Peter F. <ps...@lu...> - 2002-10-31 18:30:24
|
Success! Good work. I edited the licence file to remove the first 84 bytes prior to the 3082, and connected to our terminal server. The terminal server did not send any traffic to the license server (indicating that the terminal server was happy with the client license it was presented)! Next, we set the clocks on the terminal server and the license server to 1 day prior to the license expiration date. This time when we connected, there was traffic to the license server and the license was renewed for another ~90 days! So, it seems like all we need to do is modify save_licence() to not store the header. But, I'm not quite sure of the right way to do that. Can we assume that the header is always 84 bytes and/or that the license blob always begins with 3082? A related question: Do we need to have multiple licence files corresponding to different terminal servers, or will all terminal servers accept the same license? Thanks for your help. -- Peter Fales Lucent Technologies, Room 1C-436 N9IYJ 2000 N Naperville Rd PO Box 3033 internet: ps...@lu... Naperville, IL 60566-7033 work: (630) 979-8031 On Thu, Oct 31, 2002 at 12:26:02PM +1100, Matt Chapman wrote: > Yep, sorry about that - we mostly use British spelling in Australia :) > > SAVE_LICENCE is what you want, but unfortunately it's a bit broken > currently. It saves and sends the whole blob which looks like: > > 0000000: 0500 0e00 0000 6d69 6372 6f73 6f66 742e ......microsoft. > 0000010: 636f 6d00 2c00 0000 4d00 6900 6300 7200 com.,...M.i.c.r. > 0000020: 6f00 7300 6f00 6600 7400 2000 4300 6f00 o.s.o.f.t. .C.o. > 0000030: 7200 7000 6f00 7200 6100 7400 6900 6f00 r.p.o.r.a.t.i.o. > 0000040: 6e00 0000 0800 0000 4100 3000 3200 0000 n.......A.0.2... > 0000050: b404 0000 3082 04b0 0609 2a86 4886 f70d ....0.....*.H... > ... > > Instead, from what I remember other clients sending, I think it > should send just the certificate part, i.e. starting from 3082... > > To start with you could compile rdesktop with SAVE_LICENCE to grab > the certificate (to ~/.rdesktop/licence), use a hex editor (or dd) > to remove the header from it, and then see if that works. > > Matt > > > On Wed, Oct 30, 2002 at 09:49:30AM -0600, Peter Fales wrote: > > Sorry, I keep forgetting the British spelling. That should > > be -DSAVE_LICENCE > > > > -- > > Peter Fales Lucent Technologies, Room 1C-436 > > N9IYJ 2000 N Naperville Rd PO Box 3033 > > internet: ps...@lu... Naperville, IL 60566-7033 > > work: (630) 979-8031 > > > > On Wed, Oct 30, 2002 at 09:47:18AM -0600, Peter Fales wrote: > > > Have you tried compiling rdesktop with -DSAVE_LICENSE? > > > > > > -- > > > Peter Fales Lucent Technologies, Room 1C-436 > > > N9IYJ 2000 N Naperville Rd PO Box 3033 > > > internet: ps...@lu... Naperville, IL 60566-7033 > > > work: (630) 979-8031 > > > > > > On Wed, Oct 30, 2002 at 10:44:58AM -0500, Joe Kisela wrote: > > > > I've pretty much narrowed it down to a client side problem when it is > > > > supposed to present the license, it doesnt, and the server doesnt renew the > > > > license. > > > > > > > > I've been able to force WinCE clients to behave like RDesktop by getting a > > > > permanent license, deleting it from the WinCE registry, setting the server > > > > ahead, and then reconnecting. > > > > > > > > All my experimentation has shown me that in order to renew, that the client > > > > MUST present the TSCAL. > > > > > > > > > > > > ----- Original Message ----- > > > > From: "Peter Fales" <ps...@lu...> > > > > To: "Joe Kisela" <jk...@ne...> > > > > Cc: <rde...@li...> > > > > Sent: Wednesday, October 30, 2002 10:26 AM > > > > Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > > > > > > > > > > > > > We're seeing the same thing, but I've been blocked from doing much about > > > > > it by my limited understanding of the way TSCALs work. > > > > > > > > > > The current CVS version of rdesktop has some code inside > > > > > "#ifdef SAVE_LICENCE" that saves the license from the server > > > > > and (I think) presents it back on successive sessions. I built > > > > > a version of rdesktop with this option and it works (at least as > > > > > far as letting me connect/reconnect to the server) but does not > > > > > renew the license, even when we set the clocks on the server to the > > > > > 7-day window where licenses are supposed to be renewed. > > > > > > > > > > As I said, I'm not an expert on this, but from my reading of > > > > > the "Licensing Technology White Paper" at > > > > > http://www.microsoft.com/windows2000/docs/tslicensing.doc > > > > > it seems that: > > > > > > > > > > 1) It should not be necessary for the client to save the TSCAL. If > > > > > the client presents a valid TSCAL, the terminal server can use it > > > > > without contacting the license server. Otherwise, there is just > > > > > a bit more overhead needed to get the TSCAL from the license server. > > > > > > > > > > 2) Under "Automatic License Token Reissuance" it says that if license > > > > > expiration is within 7 days, the *terminal server* contacts the > > > > > license server to renew. > > > > > > > > > > This makes it sound like the client is not involved. But it doesn't > > > > > explain whe the rdesktop TSCALs aren't getting renewed. > > > > > > > > > > -- > > > > > Peter Fales Lucent Technologies, Room 1C-436 > > > > > N9IYJ 2000 N Naperville Rd PO Box 3033 > > > > > internet: ps...@lu... Naperville, IL 60566-7033 > > > > > work: (630) 979-8031 > > > > > > > > > > On Wed, Oct 30, 2002 at 10:15:58AM -0500, Joe Kisela wrote: > > > > > > Hi Everyone, > > > > > > > > > > > > I have run into an issue with RDesktop and licensing with Windows 2000, > > > > Service Pack 3. > > > > > > > > > > > > MS changed the way "permanent" TSCAL's work. They now are issued for a > > > > period between 52-89 days, and are supposed to be renewed when the RDP > > > > client presents the license token seven days before of the expiration date, > > > > or after the expiration date. > > > > > > > > > > > > The problem is that since the RDesktop client does not save the TSCAL > > > > token, it can not present it to the server for renewal. > > > > > > > > > > > > Because I am using RDesktop in a commercial product, I can not use > > > > the --built-in-license option, as that would be viewed as slightly less than > > > > legal. > > > > > > > > > > > > So I am looking into implementing proper TSCAL functionality in > > > > RDesktop. I am looking for information regarding this implementation, > > > > specifically, what problems have been encountered saving/sending licenses, > > > > what approaches have been tried, does anyone have patch attempts? > > > > > > > > > > > > thanks in advance, > > > > > > > > > > > > -joe > > > > > > > > > > > > > > > ------------------------------------------------------- > > > > > This sf.net email is sponsored by:ThinkGeek > > > > > Welcome to geek heaven. > > > > > http://thinkgeek.com/sf > > > > > _______________________________________________ > > > > > rdesktop-devel mailing list > > > > > rde...@li... > > > > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel > > > > > > > > > ------------------------------------------------------- > > > This sf.net email is sponsored by:ThinkGeek > > > Welcome to geek heaven. > > > http://thinkgeek.com/sf > > > _______________________________________________ > > > rdesktop-devel mailing list > > > rde...@li... > > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel > > > > > > ------------------------------------------------------- > > This sf.net email is sponsored by:ThinkGeek > > Welcome to geek heaven. > > http://thinkgeek.com/sf > > _______________________________________________ > > rdesktop-devel mailing list > > rde...@li... > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel |
From: Joe K. <jk...@ne...> - 2002-10-31 21:42:05
|
We do have a weakness with only one license file, however. For those of us running multiple connections, there is a chance that some of these servers will require seperate license keys. As written, we only keep track of one licens^Hce key. Any thoughts? ----- Original Message ----- From: "Peter Fales" <ps...@lu...> To: "Matt Chapman" <mat...@cs...> Cc: "Joe Kisela" <jk...@ne...>; <rde...@li...> Sent: Thursday, October 31, 2002 1:30 PM Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > Success! > > Good work. I edited the licence file to remove the first 84 bytes prior > to the 3082, and connected to our terminal server. The terminal server > did not send any traffic to the license server (indicating that the > terminal server was happy with the client license it was presented)! > Next, we set the clocks on the terminal server and the license server > to 1 day prior to the license expiration date. This time when we > connected, there was traffic to the license server and the license was > renewed for another ~90 days! > > So, it seems like all we need to do is modify save_licence() to not store > the header. But, I'm not quite sure of the right way to do that. Can we > assume that the header is always 84 bytes and/or that the license blob > always begins with 3082? > > A related question: Do we need to have multiple licence files corresponding > to different terminal servers, or will all terminal servers accept the > same license? > > Thanks for your help. > > -- > Peter Fales Lucent Technologies, Room 1C-436 > N9IYJ 2000 N Naperville Rd PO Box 3033 > internet: ps...@lu... Naperville, IL 60566-7033 > work: (630) 979-8031 > > On Thu, Oct 31, 2002 at 12:26:02PM +1100, Matt Chapman wrote: > > Yep, sorry about that - we mostly use British spelling in Australia :) > > > > SAVE_LICENCE is what you want, but unfortunately it's a bit broken > > currently. It saves and sends the whole blob which looks like: > > > > 0000000: 0500 0e00 0000 6d69 6372 6f73 6f66 742e ......microsoft. > > 0000010: 636f 6d00 2c00 0000 4d00 6900 6300 7200 com.,...M.i.c.r. > > 0000020: 6f00 7300 6f00 6600 7400 2000 4300 6f00 o.s.o.f.t. .C.o. > > 0000030: 7200 7000 6f00 7200 6100 7400 6900 6f00 r.p.o.r.a.t.i.o. > > 0000040: 6e00 0000 0800 0000 4100 3000 3200 0000 n.......A.0.2... > > 0000050: b404 0000 3082 04b0 0609 2a86 4886 f70d ....0.....*.H... > > ... > > > > Instead, from what I remember other clients sending, I think it > > should send just the certificate part, i.e. starting from 3082... > > > > To start with you could compile rdesktop with SAVE_LICENCE to grab > > the certificate (to ~/.rdesktop/licence), use a hex editor (or dd) > > to remove the header from it, and then see if that works. > > > > Matt > > > > > > On Wed, Oct 30, 2002 at 09:49:30AM -0600, Peter Fales wrote: > > > Sorry, I keep forgetting the British spelling. That should > > > be -DSAVE_LICENCE > > > > > > -- > > > Peter Fales Lucent Technologies, Room 1C-436 > > > N9IYJ 2000 N Naperville Rd PO Box 3033 > > > internet: ps...@lu... Naperville, IL 60566-7033 > > > work: (630) 979-8031 > > > > > > On Wed, Oct 30, 2002 at 09:47:18AM -0600, Peter Fales wrote: > > > > Have you tried compiling rdesktop with -DSAVE_LICENSE? > > > > > > > > -- > > > > Peter Fales Lucent Technologies, Room 1C-436 > > > > N9IYJ 2000 N Naperville Rd PO Box 3033 > > > > internet: ps...@lu... Naperville, IL 60566-7033 > > > > work: (630) 979-8031 > > > > > > > > On Wed, Oct 30, 2002 at 10:44:58AM -0500, Joe Kisela wrote: > > > > > I've pretty much narrowed it down to a client side problem when it is > > > > > supposed to present the license, it doesnt, and the server doesnt renew the > > > > > license. > > > > > > > > > > I've been able to force WinCE clients to behave like RDesktop by getting a > > > > > permanent license, deleting it from the WinCE registry, setting the server > > > > > ahead, and then reconnecting. > > > > > > > > > > All my experimentation has shown me that in order to renew, that the client > > > > > MUST present the TSCAL. > > > > > > > > > > > > > > > ----- Original Message ----- > > > > > From: "Peter Fales" <ps...@lu...> > > > > > To: "Joe Kisela" <jk...@ne...> > > > > > Cc: <rde...@li...> > > > > > Sent: Wednesday, October 30, 2002 10:26 AM > > > > > Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > > > > > > > > > > > > > > > > We're seeing the same thing, but I've been blocked from doing much about > > > > > > it by my limited understanding of the way TSCALs work. > > > > > > > > > > > > The current CVS version of rdesktop has some code inside > > > > > > "#ifdef SAVE_LICENCE" that saves the license from the server > > > > > > and (I think) presents it back on successive sessions. I built > > > > > > a version of rdesktop with this option and it works (at least as > > > > > > far as letting me connect/reconnect to the server) but does not > > > > > > renew the license, even when we set the clocks on the server to the > > > > > > 7-day window where licenses are supposed to be renewed. > > > > > > > > > > > > As I said, I'm not an expert on this, but from my reading of > > > > > > the "Licensing Technology White Paper" at > > > > > > http://www.microsoft.com/windows2000/docs/tslicensing.doc > > > > > > it seems that: > > > > > > > > > > > > 1) It should not be necessary for the client to save the TSCAL. If > > > > > > the client presents a valid TSCAL, the terminal server can use it > > > > > > without contacting the license server. Otherwise, there is just > > > > > > a bit more overhead needed to get the TSCAL from the license server. > > > > > > > > > > > > 2) Under "Automatic License Token Reissuance" it says that if license > > > > > > expiration is within 7 days, the *terminal server* contacts the > > > > > > license server to renew. > > > > > > > > > > > > This makes it sound like the client is not involved. But it doesn't > > > > > > explain whe the rdesktop TSCALs aren't getting renewed. > > > > > > > > > > > > -- > > > > > > Peter Fales Lucent Technologies, Room 1C-436 > > > > > > N9IYJ 2000 N Naperville Rd PO Box 3033 > > > > > > internet: ps...@lu... Naperville, IL 60566-7033 > > > > > > work: (630) 979-8031 > > > > > > > > > > > > On Wed, Oct 30, 2002 at 10:15:58AM -0500, Joe Kisela wrote: > > > > > > > Hi Everyone, > > > > > > > > > > > > > > I have run into an issue with RDesktop and licensing with Windows 2000, > > > > > Service Pack 3. > > > > > > > > > > > > > > MS changed the way "permanent" TSCAL's work. They now are issued for a > > > > > period between 52-89 days, and are supposed to be renewed when the RDP > > > > > client presents the license token seven days before of the expiration date, > > > > > or after the expiration date. > > > > > > > > > > > > > > The problem is that since the RDesktop client does not save the TSCAL > > > > > token, it can not present it to the server for renewal. > > > > > > > > > > > > > > Because I am using RDesktop in a commercial product, I can not use > > > > > the --built-in-license option, as that would be viewed as slightly less than > > > > > legal. > > > > > > > > > > > > > > So I am looking into implementing proper TSCAL functionality in > > > > > RDesktop. I am looking for information regarding this implementation, > > > > > specifically, what problems have been encountered saving/sending licenses, > > > > > what approaches have been tried, does anyone have patch attempts? > > > > > > > > > > > > > > thanks in advance, > > > > > > > > > > > > > > -joe > > > > > > > > > > > > > > > > > > ------------------------------------------------------- > > > > > > This sf.net email is sponsored by:ThinkGeek > > > > > > Welcome to geek heaven. > > > > > > http://thinkgeek.com/sf > > > > > > _______________________________________________ > > > > > > rdesktop-devel mailing list > > > > > > rde...@li... > > > > > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel > > > > > > > > > > > > ------------------------------------------------------- > > > > This sf.net email is sponsored by:ThinkGeek > > > > Welcome to geek heaven. > > > > http://thinkgeek.com/sf > > > > _______________________________________________ > > > > rdesktop-devel mailing list > > > > rde...@li... > > > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel > > > > > > > > > ------------------------------------------------------- > > > This sf.net email is sponsored by:ThinkGeek > > > Welcome to geek heaven. > > > http://thinkgeek.com/sf > > > _______________________________________________ > > > rdesktop-devel mailing list > > > rde...@li... > > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel > > > ------------------------------------------------------- > This sf.net email is sponsored by: Influence the future > of Java(TM) technology. Join the Java Community > Process(SM) (JCP(SM)) program now. > http://ads.sourceforge.net/cgi-bin/redirect.pl?sunm0004en > _______________________________________________ > rdesktop-devel mailing list > rde...@li... > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel |
From: Peter F. <ps...@lu...> - 2002-10-31 21:47:07
|
Our Windows guru was of the opinion that one licen*e file is OK for our company, since even if clients connect to multiple servers, they all refer back to the same licen*e server and get the same key. But, it seems like it would not be too hard to store the licen*e in a file that includes the host name as part of the file name. -- Peter Fales Lucent Technologies, Room 1C-436 N9IYJ 2000 N Naperville Rd PO Box 3033 internet: ps...@lu... Naperville, IL 60566-7033 work: (630) 979-8031 On Thu, Oct 31, 2002 at 04:42:02PM -0500, Joe Kisela wrote: > We do have a weakness with only one license file, however. > > For those of us running multiple connections, there is a chance that some of > these servers will require seperate license keys. As written, we only keep > track of one licens^Hce key. > > Any thoughts? > > ----- Original Message ----- > From: "Peter Fales" <ps...@lu...> > To: "Matt Chapman" <mat...@cs...> > Cc: "Joe Kisela" <jk...@ne...>; > <rde...@li...> > Sent: Thursday, October 31, 2002 1:30 PM > Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > > > > Success! > > > > Good work. I edited the licence file to remove the first 84 bytes prior > > to the 3082, and connected to our terminal server. The terminal server > > did not send any traffic to the license server (indicating that the > > terminal server was happy with the client license it was presented)! > > Next, we set the clocks on the terminal server and the license server > > to 1 day prior to the license expiration date. This time when we > > connected, there was traffic to the license server and the license was > > renewed for another ~90 days! > > > > So, it seems like all we need to do is modify save_licence() to not store > > the header. But, I'm not quite sure of the right way to do that. Can we > > assume that the header is always 84 bytes and/or that the license blob > > always begins with 3082? > > > > A related question: Do we need to have multiple licence files > corresponding > > to different terminal servers, or will all terminal servers accept the > > same license? > > > > Thanks for your help. > > > > -- > > Peter Fales Lucent Technologies, Room 1C-436 > > N9IYJ 2000 N Naperville Rd PO Box 3033 > > internet: ps...@lu... Naperville, IL 60566-7033 > > work: (630) 979-8031 > > > > On Thu, Oct 31, 2002 at 12:26:02PM +1100, Matt Chapman wrote: > > > Yep, sorry about that - we mostly use British spelling in Australia :) > > > > > > SAVE_LICENCE is what you want, but unfortunately it's a bit broken > > > currently. It saves and sends the whole blob which looks like: > > > > > > 0000000: 0500 0e00 0000 6d69 6372 6f73 6f66 742e ......microsoft. > > > 0000010: 636f 6d00 2c00 0000 4d00 6900 6300 7200 com.,...M.i.c.r. > > > 0000020: 6f00 7300 6f00 6600 7400 2000 4300 6f00 o.s.o.f.t. .C.o. > > > 0000030: 7200 7000 6f00 7200 6100 7400 6900 6f00 r.p.o.r.a.t.i.o. > > > 0000040: 6e00 0000 0800 0000 4100 3000 3200 0000 n.......A.0.2... > > > 0000050: b404 0000 3082 04b0 0609 2a86 4886 f70d ....0.....*.H... > > > ... > > > > > > Instead, from what I remember other clients sending, I think it > > > should send just the certificate part, i.e. starting from 3082... > > > > > > To start with you could compile rdesktop with SAVE_LICENCE to grab > > > the certificate (to ~/.rdesktop/licence), use a hex editor (or dd) > > > to remove the header from it, and then see if that works. > > > > > > Matt > > > > > > > > > On Wed, Oct 30, 2002 at 09:49:30AM -0600, Peter Fales wrote: > > > > Sorry, I keep forgetting the British spelling. That should > > > > be -DSAVE_LICENCE > > > > > > > > -- > > > > Peter Fales Lucent Technologies, Room 1C-436 > > > > N9IYJ 2000 N Naperville Rd PO Box 3033 > > > > internet: ps...@lu... Naperville, IL 60566-7033 > > > > work: (630) 979-8031 > > > > > > > > On Wed, Oct 30, 2002 at 09:47:18AM -0600, Peter Fales wrote: > > > > > Have you tried compiling rdesktop with -DSAVE_LICENSE? > > > > > > > > > > -- > > > > > Peter Fales Lucent Technologies, Room 1C-436 > > > > > N9IYJ 2000 N Naperville Rd PO Box 3033 > > > > > internet: ps...@lu... Naperville, IL 60566-7033 > > > > > work: (630) 979-8031 > > > > > > > > > > On Wed, Oct 30, 2002 at 10:44:58AM -0500, Joe Kisela wrote: > > > > > > I've pretty much narrowed it down to a client side problem when it > is > > > > > > supposed to present the license, it doesnt, and the server doesnt > renew the > > > > > > license. > > > > > > > > > > > > I've been able to force WinCE clients to behave like RDesktop by > getting a > > > > > > permanent license, deleting it from the WinCE registry, setting > the server > > > > > > ahead, and then reconnecting. > > > > > > > > > > > > All my experimentation has shown me that in order to renew, that > the client > > > > > > MUST present the TSCAL. > > > > > > > > > > > > > > > > > > ----- Original Message ----- > > > > > > From: "Peter Fales" <ps...@lu...> > > > > > > To: "Joe Kisela" <jk...@ne...> > > > > > > Cc: <rde...@li...> > > > > > > Sent: Wednesday, October 30, 2002 10:26 AM > > > > > > Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > > > > > > > > > > > > > > > > > > > We're seeing the same thing, but I've been blocked from doing > much about > > > > > > > it by my limited understanding of the way TSCALs work. > > > > > > > > > > > > > > The current CVS version of rdesktop has some code inside > > > > > > > "#ifdef SAVE_LICENCE" that saves the license from the server > > > > > > > and (I think) presents it back on successive sessions. I built > > > > > > > a version of rdesktop with this option and it works (at least as > > > > > > > far as letting me connect/reconnect to the server) but does not > > > > > > > renew the license, even when we set the clocks on the server to > the > > > > > > > 7-day window where licenses are supposed to be renewed. > > > > > > > > > > > > > > As I said, I'm not an expert on this, but from my reading of > > > > > > > the "Licensing Technology White Paper" at > > > > > > > http://www.microsoft.com/windows2000/docs/tslicensing.doc > > > > > > > it seems that: > > > > > > > > > > > > > > 1) It should not be necessary for the client to save the TSCAL. > If > > > > > > > the client presents a valid TSCAL, the terminal server can > use it > > > > > > > without contacting the license server. Otherwise, there is > just > > > > > > > a bit more overhead needed to get the TSCAL from the license > server. > > > > > > > > > > > > > > 2) Under "Automatic License Token Reissuance" it says that if > license > > > > > > > expiration is within 7 days, the *terminal server* contacts > the > > > > > > > license server to renew. > > > > > > > > > > > > > > This makes it sound like the client is not involved. But it > doesn't > > > > > > > explain whe the rdesktop TSCALs aren't getting renewed. > > > > > > > > > > > > > > -- > > > > > > > Peter Fales Lucent Technologies, Room 1C-436 > > > > > > > N9IYJ 2000 N Naperville Rd PO Box 3033 > > > > > > > internet: ps...@lu... Naperville, IL 60566-7033 > > > > > > > work: (630) 979-8031 > > > > > > > > > > > > > > On Wed, Oct 30, 2002 at 10:15:58AM -0500, Joe Kisela wrote: > > > > > > > > Hi Everyone, > > > > > > > > > > > > > > > > I have run into an issue with RDesktop and licensing with > Windows 2000, > > > > > > Service Pack 3. > > > > > > > > > > > > > > > > MS changed the way "permanent" TSCAL's work. They now are > issued for a > > > > > > period between 52-89 days, and are supposed to be renewed when the > RDP > > > > > > client presents the license token seven days before of the > expiration date, > > > > > > or after the expiration date. > > > > > > > > > > > > > > > > The problem is that since the RDesktop client does not save > the TSCAL > > > > > > token, it can not present it to the server for renewal. > > > > > > > > > > > > > > > > Because I am using RDesktop in a commercial product, I can not > use > > > > > > the --built-in-license option, as that would be viewed as slightly > less than > > > > > > legal. > > > > > > > > > > > > > > > > So I am looking into implementing proper TSCAL functionality > in > > > > > > RDesktop. I am looking for information regarding this > implementation, > > > > > > specifically, what problems have been encountered saving/sending > licenses, > > > > > > what approaches have been tried, does anyone have patch attempts? > > > > > > > > > > > > > > > > thanks in advance, > > > > > > > > > > > > > > > > -joe > > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------- > > > > > > > This sf.net email is sponsored by:ThinkGeek > > > > > > > Welcome to geek heaven. > > > > > > > http://thinkgeek.com/sf > > > > > > > _______________________________________________ > > > > > > > rdesktop-devel mailing list > > > > > > > rde...@li... > > > > > > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel > > > > > > > > > > > > > > > ------------------------------------------------------- > > > > > This sf.net email is sponsored by:ThinkGeek > > > > > Welcome to geek heaven. > > > > > http://thinkgeek.com/sf > > > > > _______________________________________________ > > > > > rdesktop-devel mailing list > > > > > rde...@li... > > > > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel > > > > > > > > > > > > ------------------------------------------------------- > > > > This sf.net email is sponsored by:ThinkGeek > > > > Welcome to geek heaven. > > > > http://thinkgeek.com/sf > > > > _______________________________________________ > > > > rdesktop-devel mailing list > > > > rde...@li... > > > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel > > > > > > ------------------------------------------------------- > > This sf.net email is sponsored by: Influence the future > > of Java(TM) technology. Join the Java Community > > Process(SM) (JCP(SM)) program now. > > http://ads.sourceforge.net/cgi-bin/redirect.pl?sunm0004en > > _______________________________________________ > > rdesktop-devel mailing list > > rde...@li... > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel |
From: Matt C. <mat...@cs...> - 2002-11-05 11:06:44
|
On Thu, Oct 31, 2002 at 12:30:12PM -0600, Peter Fales wrote: > > So, it seems like all we need to do is modify save_licence() to not store > the header. But, I'm not quite sure of the right way to do that. Can we > assume that the header is always 84 bytes and/or that the license blob > always begins with 3082? I think the safest thing to do is to skip two bytes (05 00), then skip three strings (scope, supplier, product?) and assume the fourth is the licence. You'll notice each "string" is prefixed by a 32-bit length. I can't really advise about the multiple-licence-server thing; my environment only has one licence server. Matt > > 0000000: 0500 0e00 0000 6d69 6372 6f73 6f66 742e ......microsoft. > > 0000010: 636f 6d00 2c00 0000 4d00 6900 6300 7200 com.,...M.i.c.r. > > 0000020: 6f00 7300 6f00 6600 7400 2000 4300 6f00 o.s.o.f.t. .C.o. > > 0000030: 7200 7000 6f00 7200 6100 7400 6900 6f00 r.p.o.r.a.t.i.o. > > 0000040: 6e00 0000 0800 0000 4100 3000 3200 0000 n.......A.0.2... > > 0000050: b404 0000 3082 04b0 0609 2a86 4886 f70d ....0.....*.H... > > ... |
From: Peter F. <ps...@lu...> - 2002-11-05 21:46:47
|
Yes, that seems like a good way to do it. Here's my updated version of save_licence(). Seems to do the trick for us, but comments are welcome. void save_licence(unsigned char *data, int length) { char path[PATH_MAX]; char *home; int fd,i; struct stream s,*s_ptr; uint32 len; home = getenv("HOME"); if (home == NULL) return; STRNCPY(path, home, sizeof(path)); strncat(path, "/.rdesktop", sizeof(path) - strlen(path) - 1); mkdir(path, 0700); strncat(path, "/licence", sizeof(path) - strlen(path) - 1); fd = open(path, O_WRONLY | O_CREAT | O_TRUNC, 0600); if (fd == -1) { perror("open"); return; } /* Construct a stream, so that we can use macros to extract the * licence. */ s_ptr = &s; s_ptr->p = data; /* Skip first two bytes */ in_uint16(s_ptr,len); /* Skip three strings */ for ( i=0 ; i<3 ; i++ ) { in_uint32(s_ptr,len); s_ptr->p += len; } /* Next word is the length of the actual licence data */ in_uint32(s_ptr,len); if ( s_ptr->p + len > data + length ) { printf("Error in parsing licence key.\n"); printf("End value %x > supplied length (%x)\n", s_ptr->p+ len, data + length ); } else { write(fd, s_ptr->p, len); } close(fd); } -- Peter Fales Lucent Technologies, Room 1C-436 N9IYJ 2000 N Naperville Rd PO Box 3033 internet: ps...@lu... Naperville, IL 60566-7033 work: (630) 979-8031 On Tue, Nov 05, 2002 at 10:06:26PM +1100, Matt Chapman wrote: > On Thu, Oct 31, 2002 at 12:30:12PM -0600, Peter Fales wrote: > > > > So, it seems like all we need to do is modify save_licence() to not store > > the header. But, I'm not quite sure of the right way to do that. Can we > > assume that the header is always 84 bytes and/or that the license blob > > always begins with 3082? > > I think the safest thing to do is to skip two bytes (05 00), then skip > three strings (scope, supplier, product?) and assume the fourth is the > licence. You'll notice each "string" is prefixed by a 32-bit length. > > I can't really advise about the multiple-licence-server thing; my > environment only has one licence server. > > Matt > > > > 0000000: 0500 0e00 0000 6d69 6372 6f73 6f66 742e ......microsoft. > > > 0000010: 636f 6d00 2c00 0000 4d00 6900 6300 7200 com.,...M.i.c.r. > > > 0000020: 6f00 7300 6f00 6600 7400 2000 4300 6f00 o.s.o.f.t. .C.o. > > > 0000030: 7200 7000 6f00 7200 6100 7400 6900 6f00 r.p.o.r.a.t.i.o. > > > 0000040: 6e00 0000 0800 0000 4100 3000 3200 0000 n.......A.0.2... > > > 0000050: b404 0000 3082 04b0 0609 2a86 4886 f70d ....0.....*.H... > > > ... |
From: Mrs. B. <mrs...@ni...> - 2002-11-05 22:40:03
|
On Tue, 2002-11-05 at 16:46, Peter Fales wrote: > Yes, that seems like a good way to do it. Here's my updated version > of save_licence(). Seems to do the trick for us, but comments are > welcome. Check the length within your for loop, and just before it before you advance the pointer. rdesktop could core if the terminal server/license server sends crafted data. of course, you should trust your servers... all the same. > void > save_licence(unsigned char *data, int length) > { > char path[PATH_MAX]; > char *home; > int fd,i; > struct stream s,*s_ptr; > uint32 len; > > home = getenv("HOME"); > if (home == NULL) > return; > > STRNCPY(path, home, sizeof(path)); > strncat(path, "/.rdesktop", sizeof(path) - strlen(path) - 1); > mkdir(path, 0700); > > strncat(path, "/licence", sizeof(path) - strlen(path) - 1); > > fd = open(path, O_WRONLY | O_CREAT | O_TRUNC, 0600); > if (fd == -1) > { > perror("open"); > return; > } > > /* Construct a stream, so that we can use macros to extract the > * licence. > */ > s_ptr = &s; > s_ptr->p = data; > /* Skip first two bytes */ > in_uint16(s_ptr,len); > > /* Skip three strings */ > for ( i=0 ; i<3 ; i++ ) { > in_uint32(s_ptr,len); > s_ptr->p += len; > } > > /* Next word is the length of the actual licence data */ > in_uint32(s_ptr,len); > if ( s_ptr->p + len > data + length ) { > printf("Error in parsing licence key.\n"); > printf("End value %x > supplied length (%x)\n", > s_ptr->p+ len, data + length ); > } else { > write(fd, s_ptr->p, len); > } > close(fd); > } > > -- > Peter Fales Lucent Technologies, Room 1C-436 > N9IYJ 2000 N Naperville Rd PO Box 3033 > internet: ps...@lu... Naperville, IL 60566-7033 > work: (630) 979-8031 > > On Tue, Nov 05, 2002 at 10:06:26PM +1100, Matt Chapman wrote: > > On Thu, Oct 31, 2002 at 12:30:12PM -0600, Peter Fales wrote: > > > > > > So, it seems like all we need to do is modify save_licence() to not store > > > the header. But, I'm not quite sure of the right way to do that. Can we > > > assume that the header is always 84 bytes and/or that the license blob > > > always begins with 3082? > > > > I think the safest thing to do is to skip two bytes (05 00), then skip > > three strings (scope, supplier, product?) and assume the fourth is the > > licence. You'll notice each "string" is prefixed by a 32-bit length. > > > > I can't really advise about the multiple-licence-server thing; my > > environment only has one licence server. > > > > Matt > > > > > > 0000000: 0500 0e00 0000 6d69 6372 6f73 6f66 742e ......microsoft. > > > > 0000010: 636f 6d00 2c00 0000 4d00 6900 6300 7200 com.,...M.i.c.r. > > > > 0000020: 6f00 7300 6f00 6600 7400 2000 4300 6f00 o.s.o.f.t. .C.o. > > > > 0000030: 7200 7000 6f00 7200 6100 7400 6900 6f00 r.p.o.r.a.t.i.o. > > > > 0000040: 6e00 0000 0800 0000 4100 3000 3200 0000 n.......A.0.2... > > > > 0000050: b404 0000 3082 04b0 0609 2a86 4886 f70d ....0.....*.H... > > > > ... > > > ------------------------------------------------------- > This sf.net email is sponsored by: See the NEW Palm > Tungsten T handheld. Power & Color in a compact size! > http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en > _______________________________________________ > rdesktop-devel mailing list > rde...@li... > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel |
From: Peter F. <ps...@lu...> - 2002-11-07 15:04:19
|
On Tue, Nov 05, 2002 at 05:39:50PM -0500, Mrs. Brisby wrote: > Check the length within your for loop, and just before it before you > advance the pointer. rdesktop could core if the terminal server/license > server sends crafted data. > Thanks for the suggestions. How about this? I also rearranged things so that it doesn't attempt to open the .licence file until the licence blob has been successfully parsed. =============================================================== void save_licence(unsigned char *data, int length) { char path[PATH_MAX]; char *home; int fd,i; struct stream s,*s_ptr; uint32 len; /* Construct a stream, so that we can use macros to extract the * licence. */ s_ptr = &s; s_ptr->p = data; /* Skip first two bytes */ in_uint16(s_ptr,len); /* Skip three strings */ for ( i=0 ; i<3 ; i++ ) { in_uint32(s_ptr,len); s_ptr->p += len; /* Make sure that we won't be past the end of data after * reading the next length value */ if ( (s_ptr->p)+4 > data + length ) { printf("Error in parsing licence key.\n"); printf("Strings %d end value %x > supplied length (%x)\n", i, s_ptr->p, data + length ); return; } } in_uint32(s_ptr,len); if ( s_ptr->p+len > data+length ) { printf("Error in parsing licence key.\n"); printf("End of licence %x > supplied length (%x)\n", s_ptr->p+len, data+length ); return; } home = getenv("HOME"); if (home == NULL) return; STRNCPY(path, home, sizeof(path)); strncat(path, "/.rdesktop", sizeof(path) - strlen(path) - 1); mkdir(path, 0700); strncat(path, "/licence", sizeof(path) - strlen(path) - 1); fd = open(path, O_WRONLY | O_CREAT | O_TRUNC, 0600); if (fd == -1) { perror("open"); return; } write(fd, s_ptr->p, len); close(fd); } =============================================================== -- Peter Fales Lucent Technologies, Room 1C-436 N9IYJ 2000 N Naperville Rd PO Box 3033 internet: ps...@lu... Naperville, IL 60566-7033 work: (630) 979-8031 |
From: Mrs. B. <mrs...@ni...> - 2002-11-07 15:43:05
|
Okay, one more batch of changes. This adds some useful features: 1. NFS and crash-safety. I think one of the most dangerous things is O_WRONLY|O_TRUNC - it's worthless on filesystems like amoeba, and dangerous when using NFS. Plus, your system crashes, and your files are pooped and in a dangerous state. Never use O_WRONLY|O_TRUNC just because you don't want to type 10 more lines of code. 2. path is dynamically allocated. necessary on operating systems like HURD that don't have a PATH_MAX. You should never use PATH_MAX. 3. added some additional error checking (mkdir, write). Error checking is everyone's friend. 4. fcntl is here. I know many systems do not support fcntl for locking (or it is broken). I am not error checking this for that reason. It may be good to wrap them around #ifdef's. I need: char *x, *q; unsigned long y; struct flock fl; int r, ofd; Change this around (the end): path = malloc(strlen(home)+37); if (!path) { perror("malloc"); exit(1); } q = malloc(strlen(home)+25); if (!q) { perror("malloc"); exit(1); } sprintf(path, "%s/.rdesktop", path); if (mkdir(path, 0700) == -1 && errno != EEXIST) { perror("mkdir"); exit(1); } sprintf(q, "%s/license", path); ofd = open(q, O_RDONLY); if (ofd != -1) { fl.l_type = F_WRLCK; fl.l_whence = SEEK_SET; fl.l_start = 0; fl.l_len = 1; fcntl(ofd, F_SETLK, &fl); } x = strchr(path, '\0'); for (y = 0;; y++) { sprintf(x, "/license.%lu", y); fd = open(path, O_WRONLY|O_CREAT|O_EXCL, 0600); if (fd == -1) { if (errno == EINTR || errno == EEXIST) continue; perror("creat"); exit(1); } break; } for (y = 0; y < len;) { do { r = write(fd, s_ptr->p+y, len-y); } while (r == -1 && errno == EINTR); if (r < 1) { perror("write"); unlink(path); exit(1); } y += r; } if (close(fd) == -1) { perror("close"); unlink(path); exit(1); } if (rename(path, q) == -1) { perror("rename"); unlink(path); exit(1); } if (ofd != -1) { fl.l_type = F_UNLCK; fl.l_whence = SEEK_SET; fl.l_start = 0; fl.l_len = 1; fcntl(ofd, F_SETLK, &fl); close(ofd); } On Thu, 2002-11-07 at 10:03, Peter Fales wrote: > On Tue, Nov 05, 2002 at 05:39:50PM -0500, Mrs. Brisby wrote: > > Check the length within your for loop, and just before it before you > > advance the pointer. rdesktop could core if the terminal server/license > > server sends crafted data. > > > > Thanks for the suggestions. How about this? I also rearranged things > so that it doesn't attempt to open the .licence file until the > licence blob has been successfully parsed. > > =============================================================== > void > save_licence(unsigned char *data, int length) > { > char path[PATH_MAX]; > char *home; > int fd,i; > struct stream s,*s_ptr; > uint32 len; > > /* Construct a stream, so that we can use macros to extract the > * licence. > */ > s_ptr = &s; > s_ptr->p = data; > /* Skip first two bytes */ > in_uint16(s_ptr,len); > > /* Skip three strings */ > for ( i=0 ; i<3 ; i++ ) { > in_uint32(s_ptr,len); > s_ptr->p += len; > /* Make sure that we won't be past the end of data after > * reading the next length value > */ > if ( (s_ptr->p)+4 > data + length ) { > printf("Error in parsing licence key.\n"); > printf("Strings %d end value %x > supplied length (%x)\n", > i, s_ptr->p, data + length ); > return; > } > } > in_uint32(s_ptr,len); > if ( s_ptr->p+len > data+length ) { > printf("Error in parsing licence key.\n"); > printf("End of licence %x > supplied length (%x)\n", > s_ptr->p+len, data+length ); > return; > } > > home = getenv("HOME"); > if (home == NULL) > return; > > STRNCPY(path, home, sizeof(path)); > strncat(path, "/.rdesktop", sizeof(path) - strlen(path) - 1); > mkdir(path, 0700); > > strncat(path, "/licence", sizeof(path) - strlen(path) - 1); > > fd = open(path, O_WRONLY | O_CREAT | O_TRUNC, 0600); > if (fd == -1) > { > perror("open"); > return; > } > > write(fd, s_ptr->p, len); > close(fd); > } > =============================================================== > > -- > Peter Fales Lucent Technologies, Room 1C-436 > N9IYJ 2000 N Naperville Rd PO Box 3033 > internet: ps...@lu... Naperville, IL 60566-7033 > work: (630) 979-8031 > |
From: Peter F. <ps...@lu...> - 2002-11-07 16:44:42
|
See >>> for my comments. Pete On Thu, Nov 07, 2002 at 10:42:54AM -0500, Mrs. Brisby wrote: > 1. NFS and crash-safety. I think one of the most dangerous things is > O_WRONLY|O_TRUNC - it's worthless on filesystems like amoeba, and > dangerous when using NFS. Plus, your system crashes, and your files are > pooped and in a dangerous state. Never use O_WRONLY|O_TRUNC just because > you don't want to type 10 more lines of code. >>> Makes sense, though in this case it doesn't seem to serious. If >>> the file is corrupted, the terminal server will simply send a >>> new license blob when rdesktop is nex started, and it will get written >>> at that time. > > Change this around (the end): > path = malloc(strlen(home)+37); > if (!path) { > perror("malloc"); > exit(1); > } > q = malloc(strlen(home)+25); > if (!q) { > perror("malloc"); > exit(1); > } > sprintf(path, "%s/.rdesktop", path); >>> path is undefined here. Do you mean home? >>> Would it make sense to add some string variables for "/.rdesktop" and >>> "/license" (or "/licence") so that can use strlen instead of >>> hardcoding 25 and 37? > if (mkdir(path, 0700) == -1 && errno != EEXIST) { > perror("mkdir"); > exit(1); > } > sprintf(q, "%s/license", path); > ofd = open(q, O_RDONLY); > if (ofd != -1) { > fl.l_type = F_WRLCK; > fl.l_whence = SEEK_SET; > fl.l_start = 0; > fl.l_len = 1; > fcntl(ofd, F_SETLK, &fl); > } > > x = strchr(path, '\0'); > for (y = 0;; y++) { > sprintf(x, "/license.%lu", y); > fd = open(path, O_WRONLY|O_CREAT|O_EXCL, 0600); > if (fd == -1) { > if (errno == EINTR || errno == EEXIST) continue; > perror("creat"); > exit(1); > } > break; > } > for (y = 0; y < len;) { > do { > r = write(fd, s_ptr->p+y, len-y); > } while (r == -1 && errno == EINTR); > if (r < 1) { > perror("write"); > unlink(path); > exit(1); > } > y += r; > } > if (close(fd) == -1) { > perror("close"); > unlink(path); > exit(1); > } > if (rename(path, q) == -1) { > perror("rename"); > unlink(path); > exit(1); > } > if (ofd != -1) { > fl.l_type = F_UNLCK; > fl.l_whence = SEEK_SET; > fl.l_start = 0; > fl.l_len = 1; > fcntl(ofd, F_SETLK, &fl); > close(ofd); > } > |
From: Mrs. B. <mrs...@ni...> - 2002-11-07 17:14:45
|
On Thu, 2002-11-07 at 11:44, Peter Fales wrote: > See >>> for my comments. > > Pete > > > On Thu, Nov 07, 2002 at 10:42:54AM -0500, Mrs. Brisby wrote: > > 1. NFS and crash-safety. I think one of the most dangerous things is > > O_WRONLY|O_TRUNC - it's worthless on filesystems like amoeba, and > > dangerous when using NFS. Plus, your system crashes, and your files are > > pooped and in a dangerous state. Never use O_WRONLY|O_TRUNC just because > > you don't want to type 10 more lines of code. > > >>> Makes sense, though in this case it doesn't seem to serious. If > >>> the file is corrupted, the terminal server will simply send a > >>> new license blob when rdesktop is nex started, and it will get written > >>> at that time. Are we certain of this? I don't have the ability to read MS's Terminal Services code. Does someone with their SS NDA signed know this for certain? Anyway, what's the point in wasting a license (or two, or three) if you launch rdesktop from two machines (sharing an NFS home) during that race? > > > > Change this around (the end): > > path = malloc(strlen(home)+37); > > if (!path) { > > perror("malloc"); > > exit(1); > > } > > q = malloc(strlen(home)+25); > > if (!q) { > > perror("malloc"); > > exit(1); > > } > > sprintf(path, "%s/.rdesktop", path); > > >>> path is undefined here. Do you mean home? > >>> Would it make sense to add some string variables for "/.rdesktop" and > >>> "/license" (or "/licence") so that can use strlen instead of > >>> hardcoding 25 and 37? whoops, no I meant "home"; not path. It's late for me.... Thanks for catching it. > > > if (mkdir(path, 0700) == -1 && errno != EEXIST) { > > perror("mkdir"); > > exit(1); > > } > > sprintf(q, "%s/license", path); > > ofd = open(q, O_RDONLY); > > if (ofd != -1) { > > fl.l_type = F_WRLCK; > > fl.l_whence = SEEK_SET; > > fl.l_start = 0; > > fl.l_len = 1; > > fcntl(ofd, F_SETLK, &fl); > > } > > > > x = strchr(path, '\0'); > > for (y = 0;; y++) { > > sprintf(x, "/license.%lu", y); > > fd = open(path, O_WRONLY|O_CREAT|O_EXCL, 0600); > > if (fd == -1) { > > if (errno == EINTR || errno == EEXIST) continue; > > perror("creat"); > > exit(1); > > } > > break; > > } > > for (y = 0; y < len;) { > > do { > > r = write(fd, s_ptr->p+y, len-y); > > } while (r == -1 && errno == EINTR); > > if (r < 1) { > > perror("write"); > > unlink(path); > > exit(1); > > } > > y += r; > > } > > if (close(fd) == -1) { > > perror("close"); > > unlink(path); > > exit(1); > > } > > if (rename(path, q) == -1) { > > perror("rename"); > > unlink(path); > > exit(1); > > } > > if (ofd != -1) { > > fl.l_type = F_UNLCK; > > fl.l_whence = SEEK_SET; > > fl.l_start = 0; > > fl.l_len = 1; > > fcntl(ofd, F_SETLK, &fl); > > close(ofd); > > } > > |
From: Peter F. <ps...@lu...> - 2002-11-07 17:36:28
|
On Thu, Nov 07, 2002 at 12:14:31PM -0500, Mrs. Brisby wrote: > Are we certain of this? I don't have the ability to read MS's Terminal > Services code. Does someone with their SS NDA signed know this for > certain? Based on empirical data, that's the way it works. > > Anyway, what's the point in wasting a license (or two, or three) if you > launch rdesktop from two machines (sharing an NFS home) during that > race? It doesn't waste a license (again, just based on experiments). If the client presents an invalid license, or no license at all, the terminal server contacts the license server to get a new one. It always sends back the same license based on the client host name. (This is essentially the way the code works now if SAVE_LICENCE is not used, or the way it works if the broken code currently in CVS is used.) If you run "sum" on the current .rdesktop/licence file, delete it, and run rdesktop again, you'll get exactly the same file. If you check the License Manager, you'll see that you're still using only one license. The only time you'ld have a problem would be if it failed to save the license *every* time. In that case, the client will never present a valid license, and the server will never renew it. > > > for (y = 0;; y++) { > > > sprintf(x, "/license.%lu", y); > > > fd = open(path, O_WRONLY|O_CREAT|O_EXCL, 0600); > > > if (fd == -1) { > > > if (errno == EINTR || errno == EEXIST) continue; > > > perror("creat"); > > > exit(1); > > > } > > > break; Do you want to put an upper bound on y? Or take some action to clean up extra files? Pete |
From: Joe K. <jk...@ne...> - 2002-11-07 18:38:29
|
I've been experimenting with connecting to a non-licence terminal server, and getting a licence from its terminal server, and I've been getting poor results. The funny thing is, if you replace the licence returned from thet non-licence server with a licence that you get from connecting to the licence server, the licence will renew properly. But if you save and return the licence from connecting to the non-licence server, it will not renew, and will not connect. Has anyone else tested this scenario? I'm going to check that my setup is sane, and this is a valid test... ----- Original Message ----- From: "Peter Fales" <ps...@lu...> To: "Mrs. Brisby" <mrs...@ni...> Cc: "Matt Chapman" <mat...@cs...>; "Joe Kisela" <jk...@ne...>; <rde...@li...> Sent: Thursday, November 07, 2002 12:36 PM Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > On Thu, Nov 07, 2002 at 12:14:31PM -0500, Mrs. Brisby wrote: > > Are we certain of this? I don't have the ability to read MS's Terminal > > Services code. Does someone with their SS NDA signed know this for > > certain? > > Based on empirical data, that's the way it works. > > > > > Anyway, what's the point in wasting a license (or two, or three) if you > > launch rdesktop from two machines (sharing an NFS home) during that > > race? > > It doesn't waste a license (again, just based on experiments). If > the client presents an invalid license, or no license at all, the > terminal server contacts the license server to get a new one. It > always sends back the same license based on the client host name. (This > is essentially the way the code works now if SAVE_LICENCE is not used, or > the way it works if the broken code currently in CVS is used.) If you > run "sum" on the current .rdesktop/licence file, delete it, and run > rdesktop again, you'll get exactly the same file. If you check the > License Manager, you'll see that you're still using only one license. > > The only time you'ld have a problem would be if it failed to save the > license *every* time. In that case, the client will never present > a valid license, and the server will never renew it. > > > > > for (y = 0;; y++) { > > > > sprintf(x, "/license.%lu", y); > > > > fd = open(path, O_WRONLY|O_CREAT|O_EXCL, 0600); > > > > if (fd == -1) { > > > > if (errno == EINTR || errno == EEXIST) continue; > > > > perror("creat"); > > > > exit(1); > > > > } > > > > break; > > Do you want to put an upper bound on y? Or take some action to clean > up extra files? > > Pete |
From: Joe K. <jk...@ne...> - 2002-11-08 15:11:01
|
More Licencing woes: I've been testing this setup (connecting to a Terminal Server, and getting a licence from a seperate server), and the licence server *never* issues a permanent licence to the RDesktop Client. This is unlike Peter's issue, the licencing server just doesnt move the client from temporary to permanent in this case, regardless of whether we return a temp licence or no licence. It is supposed to issue a temporary licence on first connection, and then issue a permanent licence on second connection, but it isnt. Licence server reports that only a temporary licence is issued. ----- Original Message ----- From: "Joe Kisela" <jk...@ne...> To: "Peter Fales" <ps...@lu...>; "Mrs. Brisby" <mrs...@ni...> Cc: "Matt Chapman" <mat...@cs...>; <rde...@li...> Sent: Thursday, November 07, 2002 1:38 PM Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > I've been experimenting with connecting to a non-licence terminal server, > and getting a licence from its terminal server, and I've been getting poor > results. > > The funny thing is, if you replace the licence returned from thet > non-licence server with a licence that you get from connecting to the > licence server, the licence will renew properly. But if you save and return > the licence from connecting to the non-licence server, it will not renew, > and will not connect. > > Has anyone else tested this scenario? > > I'm going to check that my setup is sane, and this is a valid test... > > ----- Original Message ----- > From: "Peter Fales" <ps...@lu...> > To: "Mrs. Brisby" <mrs...@ni...> > Cc: "Matt Chapman" <mat...@cs...>; "Joe Kisela" > <jk...@ne...>; <rde...@li...> > Sent: Thursday, November 07, 2002 12:36 PM > Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > > > > On Thu, Nov 07, 2002 at 12:14:31PM -0500, Mrs. Brisby wrote: > > > Are we certain of this? I don't have the ability to read MS's Terminal > > > Services code. Does someone with their SS NDA signed know this for > > > certain? > > > > Based on empirical data, that's the way it works. > > > > > > > > Anyway, what's the point in wasting a license (or two, or three) if you > > > launch rdesktop from two machines (sharing an NFS home) during that > > > race? > > > > It doesn't waste a license (again, just based on experiments). If > > the client presents an invalid license, or no license at all, the > > terminal server contacts the license server to get a new one. It > > always sends back the same license based on the client host name. (This > > is essentially the way the code works now if SAVE_LICENCE is not used, or > > the way it works if the broken code currently in CVS is used.) If you > > run "sum" on the current .rdesktop/licence file, delete it, and run > > rdesktop again, you'll get exactly the same file. If you check the > > License Manager, you'll see that you're still using only one license. > > > > The only time you'ld have a problem would be if it failed to save the > > license *every* time. In that case, the client will never present > > a valid license, and the server will never renew it. > > > > > > > for (y = 0;; y++) { > > > > > sprintf(x, "/license.%lu", y); > > > > > fd = open(path, O_WRONLY|O_CREAT|O_EXCL, 0600); > > > > > if (fd == -1) { > > > > > if (errno == EINTR || errno == EEXIST) continue; > > > > > perror("creat"); > > > > > exit(1); > > > > > } > > > > > break; > > > > Do you want to put an upper bound on y? Or take some action to clean > > up extra files? > > > > Pete > > > > ------------------------------------------------------- > This sf.net email is sponsored by: See the NEW Palm > Tungsten T handheld. Power & Color in a compact size! > http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en > _______________________________________________ > rdesktop-devel mailing list > rde...@li... > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel |
From: Peter F. <ps...@lu...> - 2002-11-08 16:35:22
|
When you connect, do you actually login to the terminal server? It only promotes the temporary license to permanent following a successful login. But, after a successful login, we find the next connection getting converted to permanent even before the user actually logs in. (And this is with the "standard" version of rdesktop that doesn't try to save licenses) Pete On Fri, Nov 08, 2002 at 10:10:58AM -0500, Joe Kisela wrote: > More Licencing woes: > > I've been testing this setup (connecting to a Terminal Server, and getting a > licence from a seperate server), and the licence server *never* issues a > permanent licence to the RDesktop Client. This is unlike Peter's issue, the > licencing server just doesnt move the client from temporary to permanent in > this case, regardless of whether we return a temp licence or no licence. > > It is supposed to issue a temporary licence on first connection, and then > issue a permanent licence on second connection, but it isnt. Licence server > reports that only a temporary licence is issued. > > ----- Original Message ----- > From: "Joe Kisela" <jk...@ne...> > To: "Peter Fales" <ps...@lu...>; "Mrs. Brisby" <mrs...@ni...> > Cc: "Matt Chapman" <mat...@cs...>; > <rde...@li...> > Sent: Thursday, November 07, 2002 1:38 PM > Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > > > > I've been experimenting with connecting to a non-licence terminal server, > > and getting a licence from its terminal server, and I've been getting poor > > results. > > > > The funny thing is, if you replace the licence returned from thet > > non-licence server with a licence that you get from connecting to the > > licence server, the licence will renew properly. But if you save and > return > > the licence from connecting to the non-licence server, it will not renew, > > and will not connect. > > > > Has anyone else tested this scenario? > > > > I'm going to check that my setup is sane, and this is a valid test... > > > > ----- Original Message ----- > > From: "Peter Fales" <ps...@lu...> > > To: "Mrs. Brisby" <mrs...@ni...> > > Cc: "Matt Chapman" <mat...@cs...>; "Joe Kisela" > > <jk...@ne...>; <rde...@li...> > > Sent: Thursday, November 07, 2002 12:36 PM > > Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > > > > > > > On Thu, Nov 07, 2002 at 12:14:31PM -0500, Mrs. Brisby wrote: > > > > Are we certain of this? I don't have the ability to read MS's Terminal > > > > Services code. Does someone with their SS NDA signed know this for > > > > certain? > > > > > > Based on empirical data, that's the way it works. > > > > > > > > > > > Anyway, what's the point in wasting a license (or two, or three) if > you > > > > launch rdesktop from two machines (sharing an NFS home) during that > > > > race? > > > > > > It doesn't waste a license (again, just based on experiments). If > > > the client presents an invalid license, or no license at all, the > > > terminal server contacts the license server to get a new one. It > > > always sends back the same license based on the client host name. > (This > > > is essentially the way the code works now if SAVE_LICENCE is not used, > or > > > the way it works if the broken code currently in CVS is used.) If you > > > run "sum" on the current .rdesktop/licence file, delete it, and run > > > rdesktop again, you'll get exactly the same file. If you check the > > > License Manager, you'll see that you're still using only one license. > > > > > > The only time you'ld have a problem would be if it failed to save the > > > license *every* time. In that case, the client will never present > > > a valid license, and the server will never renew it. > > > > > > > > > for (y = 0;; y++) { > > > > > > sprintf(x, "/license.%lu", y); > > > > > > fd = open(path, O_WRONLY|O_CREAT|O_EXCL, 0600); > > > > > > if (fd == -1) { > > > > > > if (errno == EINTR || errno == EEXIST) continue; > > > > > > perror("creat"); > > > > > > exit(1); > > > > > > } > > > > > > break; > > > > > > Do you want to put an upper bound on y? Or take some action to clean > > > up extra files? > > > > > > Pete > > > > > > > > ------------------------------------------------------- > > This sf.net email is sponsored by: See the NEW Palm > > Tungsten T handheld. Power & Color in a compact size! > > http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en > > _______________________________________________ > > rdesktop-devel mailing list > > rde...@li... > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel |
From: Joe K. <jk...@ne...> - 2002-11-08 16:43:34
|
I've logged in both times, so it should promote it... I'm checking that our server setup is sane... need to rule that out first. ----- Original Message ----- From: "Peter Fales" <ps...@lu...> To: "Joe Kisela" <jk...@ne...> Cc: "Mrs. Brisby" <mrs...@ni...>; "Matt Chapman" <mat...@cs...>; <rde...@li...> Sent: Friday, November 08, 2002 11:35 AM Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > When you connect, do you actually login to the terminal server? It > only promotes the temporary license to permanent following a successful > login. But, after a successful login, we find the next connection > getting converted to permanent even before the user actually logs in. > (And this is with the "standard" version of rdesktop that doesn't try > to save licenses) > > Pete > > On Fri, Nov 08, 2002 at 10:10:58AM -0500, Joe Kisela wrote: > > More Licencing woes: > > > > I've been testing this setup (connecting to a Terminal Server, and getting a > > licence from a seperate server), and the licence server *never* issues a > > permanent licence to the RDesktop Client. This is unlike Peter's issue, the > > licencing server just doesnt move the client from temporary to permanent in > > this case, regardless of whether we return a temp licence or no licence. > > > > It is supposed to issue a temporary licence on first connection, and then > > issue a permanent licence on second connection, but it isnt. Licence server > > reports that only a temporary licence is issued. > > > > ----- Original Message ----- > > From: "Joe Kisela" <jk...@ne...> > > To: "Peter Fales" <ps...@lu...>; "Mrs. Brisby" <mrs...@ni...> > > Cc: "Matt Chapman" <mat...@cs...>; > > <rde...@li...> > > Sent: Thursday, November 07, 2002 1:38 PM > > Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > > > > > > > I've been experimenting with connecting to a non-licence terminal server, > > > and getting a licence from its terminal server, and I've been getting poor > > > results. > > > > > > The funny thing is, if you replace the licence returned from thet > > > non-licence server with a licence that you get from connecting to the > > > licence server, the licence will renew properly. But if you save and > > return > > > the licence from connecting to the non-licence server, it will not renew, > > > and will not connect. > > > > > > Has anyone else tested this scenario? > > > > > > I'm going to check that my setup is sane, and this is a valid test... > > > > > > ----- Original Message ----- > > > From: "Peter Fales" <ps...@lu...> > > > To: "Mrs. Brisby" <mrs...@ni...> > > > Cc: "Matt Chapman" <mat...@cs...>; "Joe Kisela" > > > <jk...@ne...>; <rde...@li...> > > > Sent: Thursday, November 07, 2002 12:36 PM > > > Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > > > > > > > > > > On Thu, Nov 07, 2002 at 12:14:31PM -0500, Mrs. Brisby wrote: > > > > > Are we certain of this? I don't have the ability to read MS's Terminal > > > > > Services code. Does someone with their SS NDA signed know this for > > > > > certain? > > > > > > > > Based on empirical data, that's the way it works. > > > > > > > > > > > > > > Anyway, what's the point in wasting a license (or two, or three) if > > you > > > > > launch rdesktop from two machines (sharing an NFS home) during that > > > > > race? > > > > > > > > It doesn't waste a license (again, just based on experiments). If > > > > the client presents an invalid license, or no license at all, the > > > > terminal server contacts the license server to get a new one. It > > > > always sends back the same license based on the client host name. > > (This > > > > is essentially the way the code works now if SAVE_LICENCE is not used, > > or > > > > the way it works if the broken code currently in CVS is used.) If you > > > > run "sum" on the current .rdesktop/licence file, delete it, and run > > > > rdesktop again, you'll get exactly the same file. If you check the > > > > License Manager, you'll see that you're still using only one license. > > > > > > > > The only time you'ld have a problem would be if it failed to save the > > > > license *every* time. In that case, the client will never present > > > > a valid license, and the server will never renew it. > > > > > > > > > > > for (y = 0;; y++) { > > > > > > > sprintf(x, "/license.%lu", y); > > > > > > > fd = open(path, O_WRONLY|O_CREAT|O_EXCL, 0600); > > > > > > > if (fd == -1) { > > > > > > > if (errno == EINTR || errno == EEXIST) continue; > > > > > > > perror("creat"); > > > > > > > exit(1); > > > > > > > } > > > > > > > break; > > > > > > > > Do you want to put an upper bound on y? Or take some action to clean > > > > up extra files? > > > > > > > > Pete > > > > > > > > > > > > ------------------------------------------------------- > > > This sf.net email is sponsored by: See the NEW Palm > > > Tungsten T handheld. Power & Color in a compact size! > > > http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en > > > _______________________________________________ > > > rdesktop-devel mailing list > > > rde...@li... > > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel > > > ------------------------------------------------------- > This sf.net email is sponsored by: See the NEW Palm > Tungsten T handheld. Power & Color in a compact size! > http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en > _______________________________________________ > rdesktop-devel mailing list > rde...@li... > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel |
From: Mrs. B. <mrs...@ni...> - 2002-11-08 19:12:57
|
So licenses are only exchanged after login? Are they also exchanged when using the commandline login (when it's enabled on the server) I suppose this would keep my last plan from working. I guess the only way would be to identify the difference in the licenses (perm. versus temporary) What format are the licenses encoded in? Can we read the timestamp out of them? On Fri, 2002-11-08 at 11:35, Peter Fales wrote: > When you connect, do you actually login to the terminal server? It > only promotes the temporary license to permanent following a successful > login. But, after a successful login, we find the next connection > getting converted to permanent even before the user actually logs in. > (And this is with the "standard" version of rdesktop that doesn't try > to save licenses) > > Pete > > On Fri, Nov 08, 2002 at 10:10:58AM -0500, Joe Kisela wrote: > > More Licencing woes: > > > > I've been testing this setup (connecting to a Terminal Server, and getting a > > licence from a seperate server), and the licence server *never* issues a > > permanent licence to the RDesktop Client. This is unlike Peter's issue, the > > licencing server just doesnt move the client from temporary to permanent in > > this case, regardless of whether we return a temp licence or no licence. > > > > It is supposed to issue a temporary licence on first connection, and then > > issue a permanent licence on second connection, but it isnt. Licence server > > reports that only a temporary licence is issued. > > > > ----- Original Message ----- > > From: "Joe Kisela" <jk...@ne...> > > To: "Peter Fales" <ps...@lu...>; "Mrs. Brisby" <mrs...@ni...> > > Cc: "Matt Chapman" <mat...@cs...>; > > <rde...@li...> > > Sent: Thursday, November 07, 2002 1:38 PM > > Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > > > > > > > I've been experimenting with connecting to a non-licence terminal server, > > > and getting a licence from its terminal server, and I've been getting poor > > > results. > > > > > > The funny thing is, if you replace the licence returned from thet > > > non-licence server with a licence that you get from connecting to the > > > licence server, the licence will renew properly. But if you save and > > return > > > the licence from connecting to the non-licence server, it will not renew, > > > and will not connect. > > > > > > Has anyone else tested this scenario? > > > > > > I'm going to check that my setup is sane, and this is a valid test... > > > > > > ----- Original Message ----- > > > From: "Peter Fales" <ps...@lu...> > > > To: "Mrs. Brisby" <mrs...@ni...> > > > Cc: "Matt Chapman" <mat...@cs...>; "Joe Kisela" > > > <jk...@ne...>; <rde...@li...> > > > Sent: Thursday, November 07, 2002 12:36 PM > > > Subject: Re: [rdesktop-devel] Saving and Returning TSCAL's > > > > > > > > > > On Thu, Nov 07, 2002 at 12:14:31PM -0500, Mrs. Brisby wrote: > > > > > Are we certain of this? I don't have the ability to read MS's Terminal > > > > > Services code. Does someone with their SS NDA signed know this for > > > > > certain? > > > > > > > > Based on empirical data, that's the way it works. > > > > > > > > > > > > > > Anyway, what's the point in wasting a license (or two, or three) if > > you > > > > > launch rdesktop from two machines (sharing an NFS home) during that > > > > > race? > > > > > > > > It doesn't waste a license (again, just based on experiments). If > > > > the client presents an invalid license, or no license at all, the > > > > terminal server contacts the license server to get a new one. It > > > > always sends back the same license based on the client host name. > > (This > > > > is essentially the way the code works now if SAVE_LICENCE is not used, > > or > > > > the way it works if the broken code currently in CVS is used.) If you > > > > run "sum" on the current .rdesktop/licence file, delete it, and run > > > > rdesktop again, you'll get exactly the same file. If you check the > > > > License Manager, you'll see that you're still using only one license. > > > > > > > > The only time you'ld have a problem would be if it failed to save the > > > > license *every* time. In that case, the client will never present > > > > a valid license, and the server will never renew it. > > > > > > > > > > > for (y = 0;; y++) { > > > > > > > sprintf(x, "/license.%lu", y); > > > > > > > fd = open(path, O_WRONLY|O_CREAT|O_EXCL, 0600); > > > > > > > if (fd == -1) { > > > > > > > if (errno == EINTR || errno == EEXIST) continue; > > > > > > > perror("creat"); > > > > > > > exit(1); > > > > > > > } > > > > > > > break; > > > > > > > > Do you want to put an upper bound on y? Or take some action to clean > > > > up extra files? > > > > > > > > Pete > > > > > > > > > > > > ------------------------------------------------------- > > > This sf.net email is sponsored by: See the NEW Palm > > > Tungsten T handheld. Power & Color in a compact size! > > > http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en > > > _______________________________________________ > > > rdesktop-devel mailing list > > > rde...@li... > > > https://lists.sourceforge.net/lists/listinfo/rdesktop-devel |
From: Mrs. B. <mrs...@ni...> - 2002-11-07 18:46:55
|
On Thu, 2002-11-07 at 12:36, Peter Fales wrote: > On Thu, Nov 07, 2002 at 12:14:31PM -0500, Mrs. Brisby wrote: > > Are we certain of this? I don't have the ability to read MS's Terminal > > Services code. Does someone with their SS NDA signed know this for > > certain? > > Based on empirical data, that's the way it works. I don't have a license server to test this. Empirical data would require choping it at every block boundary (i'm not aware of any unixish filesystems with less than a 512 byte block site) and verifying that the terminal server still has no problems. What does the terminal server do with invalidly-formed licenses (not just invalid licenses)- This could require sending various random-blocks of data to the server. Again, more work than just 10 lines of code. I'd rather not bother with this empirical data; it's in my habit to overwrite-through-rename because even if this one case of binary data is safe, there are hundreds elsewhere where this problem is important. I don't want to profile and test if this is one of those safe-cases either, so I won't. > > Anyway, what's the point in wasting a license (or two, or three) if you > > launch rdesktop from two machines (sharing an NFS home) during that > > race? > > It doesn't waste a license (again, just based on experiments). If > the client presents an invalid license, or no license at all, the > terminal server contacts the license server to get a new one. It > always sends back the same license based on the client host name. (This > is essentially the way the code works now if SAVE_LICENCE is not used, or > the way it works if the broken code currently in CVS is used.) If you > run "sum" on the current .rdesktop/licence file, delete it, and run > rdesktop again, you'll get exactly the same file. If you check the > License Manager, you'll see that you're still using only one license. > > The only time you'ld have a problem would be if it failed to save the > license *every* time. In that case, the client will never present > a valid license, and the server will never renew it. Then why have a SAVE_LICENSE at all? On this point: Can host A use host B's license (being as how they have different host names) - does the TS care? I was not aware that these things had worked themselves out; so if this is a bad reason, then we'll not bother any further with this. > > > > for (y = 0;; y++) { > > > > sprintf(x, "/license.%lu", y); > > > > fd = open(path, O_WRONLY|O_CREAT|O_EXCL, 0600); > > > > if (fd == -1) { > > > > if (errno == EINTR || errno == EEXIST) continue; > > > > perror("creat"); > > > > exit(1); > > > > } > > > > break; > > Do you want to put an upper bound on y? Or take some action to clean > up extra files? What extra files? O_EXCL means that open will either create a new file or it will fail. If it fails, fd is -1 and no file was created. If it fails because the file existed already (EEXIST) or a signal interrupted us (EINTR) then we can continue with the next id. If, on the other hand, open succeeded, then it's the only file we need and we clean up by unlinking it if we need to bomb out later, or renaming it over the old file (causing normal unix close-behind semantics to take effect). O_EXCL is broken in many NFS implementations. We could use something like this: sprintf(x, "/license.%lu.%u.%s", time(0), getpid(), gethostname()); However, I think we can get past this by simply doing a stat after the open making sure the link count is what we'd expect. |
From: Joe K. <jk...@ne...> - 2002-11-07 18:52:05
|
> Then why have a SAVE_LICENSE at all? In SP3, and a licencing hotfix, MS changed the way "permanent" licences are issued. They are renewed 52-90 days after issue. However, upon expiration, the licence server will not hand you a copy of the licence when you connect. You *must* present the licence given to you in order to connect to the Terminal Server, so that it may renew the licence. |
From: Peter F. <ps...@lu...> - 2002-11-08 19:49:05
|
On Fri, Nov 08, 2002 at 02:12:45PM -0500, Mrs. Brisby wrote: > So licenses are only exchanged after login? No, but the server keeps track of who has successfully logged in. Once they have logged in with a temp license, the next time they connect (but before login) the license gets promoted to permanent. Ideally, that's the point where we should grab the new license and store it. But how? > Are they also exchanged when using the commandline login (when it's > enabled on the server) I'm not familiar with that. > I guess the only way would be to identify the difference in the licenses > (perm. versus temporary) I'm not even sure that will work, because we need to do the same thing when a permanent license is renewed. (i.e. receive and store the new permanent license) Pete Fales |