#83 Smart Card Support for RDesktop 1.4.1

Unstable_(example)
closed-fixed
None
5
2006-11-04
2005-10-06
No

Smart Card Support for RDesktop 1.4.1.
Use PC/SC Lite 1.2.9 with this patch.

Discussion

  • Antti Andreimann

    Logged In: YES
    user_id=18349

    Great work!

    Tested with the following configuration:
    - SCM Micro 3310 USB & Omnikey 4040 PCMCIA readers
    - An Estonian ID card (EstEID)
    - Fedora Core 4
    - pcsc-lite 1.2.9-beta8
    - ccid-0.9.3
    - Windows 2k3 Terminal Server
    - Rdesktop 1.4.1 + scard patch (of course)

    Test results:
    - SmartCard certificates and keys in IE - work
    - ID Card tool - works
    - SmartCard Login - events and PIN prompt work, login fails
    (not scard patch fault, EstEID card does not have proper
    certificates for windows logon anyway)

    Problems:
    - Debug output "[nameMapCount 0]" shown on each card open
    - Protocol crashes when card is removed an then re-inserted
    during the same session. The programs trying to open the
    card will just hang. It doesn't matter if I close the
    programs using the card before removing it (It might be the
    case, that EstEID drivers don't close the card anyway, but
    the problems do not show themselves with mstsc).
    - Disconnect (connection closed by peer) on rare occasions
    when removing/re-inserting the card during session

    I'm willing to test / provide more information on request.
    Thanx.

     
  • Ilya Konstantinov

    Logged In: YES
    user_id=335423

    Whoa, a significant piece of work.
    I don't have any such equipment to test it with, but still -
    impressive.

    BTW, would be nicer if you'd keep the code style (braces
    style etc.) of the rest of the rdesktop code.

     
  • Peter Åstrand

    Peter Åstrand - 2005-10-31

    Logged In: YES
    user_id=344921

    >BTW, would be nicer if you'd keep the code style (braces
    >style etc.) of the rest of the rdesktop code.

    The code style should basically fix itself when running
    indent-all (which should always be done before commit).

     
  • Alexi Volkov

    Alexi Volkov - 2005-11-07

    Logged In: YES
    user_id=1357228

    Modifications:
    1) SCardStatus behaivour according to Heiko Nardmann patch.
    2) Now you can enable smart card support with "./configure
    --enable-smartcard" or
    "./configure --enable-smartcard-debug". Read "./configure
    --help" for
    additional help.
    3) SCardListReaders now returns exact error code.
    4) Some cosmetic modifications.

     
  • Alon Bar-Lev

    Alon Bar-Lev - 2005-11-08

    Logged In: YES
    user_id=1157530

    A path for your patch to allow compilation without scard
    support and allow proper CFLAGS, LIBS of libpcsc.

    diff -urNp rdesktop-1.4.1.old/configure.ac
    rdesktop-1.4.1/configure.ac
    --- rdesktop-1.4.1.old/configure.ac 2005-11-08
    10:37:13.000000000 +0200
    +++ rdesktop-1.4.1/configure.ac 2005-11-08
    10:48:58.000000000 +0200
    @@ -87,6 +87,10 @@ AC_ARG_ENABLE(smartcard,
    [
    SCARD_SUPPORT="-DWITH_SCARD"
    SCARD_OBJ="scard.o"
    +PCSC_CFLAGS=`pkg-config libpcsclite --cflags`
    +PCSC_LIBS=`pkg-config libpcsclite --libs`
    +CFLAGS="$CFLAGS $PCSC_CFLAGS"
    +LIBS="$LIBS $PCSC_LIBS"
    ])

    AC_ARG_ENABLE(smartcard-debug,
    @@ -94,7 +98,7 @@ AC_ARG_ENABLE(smartcard-debug,
    [
    SCARD_SUPPORT="-DWITH_SCARD"
    SCARD_OBJ="scard.o"
    -SCARD_DEBUG="-DWITH_SCARD_DEBUG"
    +SCARD_DEBUG="-DWITH_SCARD_DEBUG"
    ])

    AC_SUBST(SCARD_SUPPORT)
    diff -urNp rdesktop-1.4.1.old/Makefile.in
    rdesktop-1.4.1/Makefile.in
    --- rdesktop-1.4.1.old/Makefile.in 2005-11-08
    10:37:13.000000000 +0200
    +++ rdesktop-1.4.1/Makefile.in 2005-11-08 10:44:36.000000000
    +0200
    @@ -16,7 +16,7 @@ KEYMAP_PATH = $(datadir)/rdesktop/keymap
    CC = @CC@
    INSTALL = @INSTALL@
    CFLAGS = @CFLAGS@ @X_CFLAGS@ @DEFS@
    -DKEYMAP_PATH=\"$(KEYMAP_PATH)\" @SCARD_SUPPORT@ @SCARD_DEBUG@
    -LDFLAGS = @LDFLAGS@ @LIBS@ @X_LIBS@ @X_EXTRA_LIBS@
    -lpcsclite -lpthread
    +LDFLAGS = @LDFLAGS@ @LIBS@ @X_LIBS@ @X_EXTRA_LIBS@

    TARGETS = rdesktop @RDP2VNCTARGET@
    VNCINC = @VNCINC@
    diff -urNp rdesktop-1.4.1.old/rdpdr.c rdesktop-1.4.1/rdpdr.c
    --- rdesktop-1.4.1.old/rdpdr.c 2005-11-08 10:37:13.000000000
    +0200
    +++ rdesktop-1.4.1/rdpdr.c 2005-11-08 10:50:59.000000000 +0200
    @@ -40,7 +40,9 @@
    #include <time.h>
    #include <errno.h>
    #include "rdesktop.h"
    +#ifdef WITH_SCARD
    #include "scard.h"
    +#endif
    #include "rdpdr.h"

    #define IRP_MJ_CREATE 0x00
    diff -urNp rdesktop-1.4.1.old/types.h rdesktop-1.4.1/types.h
    --- rdesktop-1.4.1.old/types.h 2005-11-08 10:37:13.000000000
    +0200
    +++ rdesktop-1.4.1/types.h 2005-11-08 10:50:14.000000000 +0200
    @@ -18,8 +18,11 @@
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
    */

    +#ifdef WITH_SCARD
    #include <wintypes.h>
    -//typedef int BOOL;
    +#else
    +typedef int BOOL;
    +#endif

    #ifndef True
    #define True (1)

     
  • Antti Andreimann

    Logged In: YES
    user_id=18349

    Tested with the same setup. Insert-Remove events are
    somewhat more stable now, but still manage to confuse the
    windows end from time to time.
    It's visible when using certtool -scinfo from windows
    command line.
    I'll attach a patch that includes both, the latest Alexey
    stuff and Alons autoconf changes.

     
  • Antti Andreimann

    Logged In: YES
    user_id=18349

    Bleh, seems like I can't post files here.
    Interested parties can get an RPM for Fedora Core 4 as well
    as both patches (Alexeys and Alons) from:
    ftp://ftp.smartlink.ee/pub/esteid

     
  • Alexi Volkov

    Alexi Volkov - 2006-05-05

    Logged In: YES
    user_id=1357228

    odifications:
    1) Added SCardState function
    2) File configure.ac is now more accurate

     
  • Alexi Volkov

    Alexi Volkov - 2006-05-06

    Logged In: YES
    user_id=1357228

    Modification:
    1) Added additional switch "--with-pkgconfig"
    in configure script. This switch instructs to
    use`pkg-config` tool to correctly find pathes
    of pcsc-lite files in some linux distribs.
    // Accordingly to wishes of Alon Bar-Lev
    2) Modified debug output for simplificaion.

     
  • Alexi Volkov

    Alexi Volkov - 2006-05-06

    Logged In: YES
    user_id=1357228

    Keeping in mind Alon Bar-Lev criticism:
    1) Switch "--with-pkgconfig" has been removed. Now patch
    requires `pkg-config` to be installed and configured if not
    present.
    2) Added ./configure to the patch. Now it's not required to
    run autoreconf.
    3) Removed switch "--enable-smartcard-debug"
    4) Added switch "--with-debug-smartcard" which
    allows to enable smart-card debug output.
    5) Added comments to README file
    6) Added smart-card subsection to man file

     
  • Alexi Volkov

    Alexi Volkov - 2006-06-03

    Logged In: YES
    user_id=1357228

    Modifications for rdesktop-1.4.1+scard-20060603.patch.gz:

    SCardTransmit function output was redesigned.
    Now it's seemed to work correctly with pioRecvPci
    specified.

     
  • Alexi Volkov

    Alexi Volkov - 2006-06-14

    Logged In: YES
    user_id=1357228

    Please test this code.

    In this release SCardGetStatusChange function was modified
    back to pass parameters to PCSC-lite as is with little
    modification. In the previous releases this function before
    calling PCSC-lite had modified dwCurrentState parameter to
    emulate Windows-to-Windows behavior. But I found that Alon
    Bar-Lev and Reto Buerki have problems with their smart-cards
    and log shows excessive calls of SCardGetStatusChange. So I
    have mostly commented out this code.

     
  • Alexi Volkov

    Alexi Volkov - 2006-06-19

    Logged In: YES
    user_id=1357228

    Modified SCardTransmit function.

     
  • Alexi Volkov

    Alexi Volkov - 2006-06-22

    Logged In: YES
    user_id=1357228

    Modified "tcp.c" to correctly work with several threads
    which send result simultaneously.
    This should solve the problem with Terminal Server which
    sometimes resets connection with Protocol Error message.

     
  • Alexi Volkov

    Alexi Volkov - 2006-06-23

    Logged In: YES
    user_id=1357228

    Now works with Windows XP Remote Desktop too.

     
  • Alexi Volkov

    Alexi Volkov - 2006-06-26

    Logged In: YES
    user_id=1357228

    For now there is no way found to correctly transmit answer
    of SCardTransmit function call to Windows if receive buffer
    length is larger than 448 bytes. In this case Windows simply
    stop Smart-Card service and you have to relogin.

    I added check of buffer length and hard limit it on 448
    bytes before SCardTransmit call. This is temporarily.

    If your smart-card worked before this patch it should
    continue to work as it uses short buffer lengths.

     
  • Przemek

    Przemek - 2006-10-17

    Logged In: YES
    user_id=1622901

    Hi.
    This patch does not work for me. After compiliing with
    ./configure --enable-smartcard --with-debug
    --with-debug-smartcard --prefix=/usr
    --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info
    running rdesktop remote_host ends with blank screen
    On debug i see:
    ./rdesktop tshd
    Architectures match, enabling little endian optimisations.
    Generating client random
    rc_4_key_size == 2, 128-bit encryption enabled
    Sending encrypted packet:
    0000 00 00 00 00 33 01 00 00 00 00 0e 00 00 00 00 00
    ....3...........
    [...]
    Connection successful.
    Sending encrypted packet:
    0000 22 00 17 00 ed 03 00 00 00 00 00 01 14 00 1c 00
    "...............
    0010 00 00 01 00 00 00 66 dd 34 45 04 00 00 c1 5b 00
    ......f.4E....[.
    0020 00 00 ..
    ERROR: send: Bad file descriptor
    ERROR: recv: Bad file descriptor
    Disconnecting...

    running with -r scard ends with:
    ERROR: send: Bad file descriptor
    Connection successful.
    zsh: segmentation fault ./rdesktop -r scard tshd

    my system: ubuntu dapper, kernel 2.6.15

    One of previous patch (155362:
    rdesktop-1.4.1-scard-patch.tar.gz) works "correctly" - i am
    able to login using smard card.

     
  • Michael Gernoth

    Michael Gernoth - 2006-11-04

    Logged In: YES
    user_id=471365

    Smartcard support is now committed to rdesktop based on this patch.

     
  • Michael Gernoth

    Michael Gernoth - 2006-11-04
    • assigned_to: nobody --> stargo
    • status: open --> closed-fixed
     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks