Tech updates

2014.12.03 :
- added INI reader by Fusix for C++ version
- asulwer also helped with the development

2014.11.25 :
- corrected some typos in INI file
- added EasyPrint policy value

2014.11.24 :
- added support for termsrv.dll 6.3.9600.17415

res/rdpwrap.ini

@@ -2,7 +2,7 @@
 ; Do not modify without special knowledge
 
 [Main]
-Updated=2014-11-20
+Updated=2014-11-25
 LogFile=\rdpwrap.txt
 SLPolicyHookNT60=1
 SLPolicyHookNT61=1
@@ -901,8 +901,8 @@ SLInitFunc.x64=New_CSLQuery_Initialize
 LocalOnlyPatch.x86=1
 LocalOnlyOffset.x86=A2729
 LocalOnlyCode.x86=jmpshort
-; .text:000000018008181F                 cmp     [rsp+48h+arg_18], 0
-; .text:0000000180081824                 jz      loc_180031DEF <- nop + jmp
+; .text:000000018008181F          cmp     [rsp+48h+arg_18], 0
+; .text:0000000180081824          jz      loc_180031DEF <- nop + jmp
 LocalOnlyPatch.x64=1
 LocalOnlyOffset.x64=81824
 LocalOnlyCode.x64=nopjmp
@@ -1016,6 +1016,67 @@ SLInitHook.x64=1
 SLInitOffset.x64=3B110
 SLInitFunc.x64=New_CSLQuery_Initialize
 
+[6.3.9600.17415]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+; .text:100B33EB          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:100B33F0          test    eax, eax
+; .text:100B33F2          js      short loc_100B340F
+; .text:100B33F4          cmp     [ebp+var_C], 0
+; .text:100B33F8          jz      short loc_100B340F <- jmp
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=B33F8
+LocalOnlyCode.x86=jmpshort
+; .text:000000018008B2D4          cmp     [rsp+58h+arg_18], 0
+; .text:000000018008B2D9          jz      loc_180025C39 <- nop + jmp
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=8B2D9
+LocalOnlyCode.x64=nopjmp
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:10037111          lea     eax, [esp+150h+VersionInformation]
+; .text:10037115          inc     ebx            <- nop
+; .text:10037116          mov     [edi], ebx
+; .text:10037118          push    eax             ; lpVersionInformation
+; .text:10037119          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=37115
+SingleUserCode.x86=nop
+; .text:0000000180033CE3          lea     rcx, [rsp+190h+VersionInformation] ; lpVersionInformation
+; .text:0000000180033CE8          mov     ebx, 1     <- 0
+; .text:0000000180033CED          mov     [rsp+190h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:0000000180033CF5          mov     [rdi], ebx
+; .text:0000000180033CF7          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=33CE9
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:1003CFF9          cmp     eax, [ecx+320h]
+; .text:1003CFFF          jz      loc_1004A52F
+; Changed
+; .text:1003CFF9          mov     eax, 100h
+; .text:1003CFFE          mov     [ecx+320h], eax
+; .text:1003D004          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=3CFF9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+; Original
+; .text:0000000180045825          cmp     [rcx+63Ch], eax
+; .text:000000018004582B          jz      loc_180067704
+; Changed
+; .text:0000000180045825          mov     eax, 100h
+; .text:000000018004582A          mov     [rcx+638h], eax
+; .text:0000000180045830          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=45825
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=18478
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=5DBC0
+SLInitFunc.x64=New_CSLQuery_Initialize
+
 [6.4.9841.0]
 ; Patch CEnforcementCore::GetInstanceOfTSLicense
 ; .text:1009569B          call    sub_100B7EE5
@@ -1211,6 +1272,25 @@ bAppServerAllowed.x64 =E44A8
 bInitialized.x64      =E44AC
 bMultimonAllowed.x64  =E44B0
 
+[6.3.9600.17415-SLInit]
+bFUSEnabled.x86       =D3068
+lMaxUserSessions.x86  =D306C
+bAppServerAllowed.x86 =D3070
+bInitialized.x86      =D3074
+bMultimonAllowed.x86  =D3078
+bServerSku.x86        =D307C
+ulMaxDebugSessions.x86=D3080
+bRemoteConnAllowed.x86=D3084
+
+bFUSEnabled.x64       =F9054
+lMaxUserSessions.x64  =F9058
+bAppServerAllowed.x64 =F905C
+bInitialized.x64      =F9060
+bMultimonAllowed.x64  =F9064
+bServerSku.x64        =F9068
+ulMaxDebugSessions.x64=F906C
+bRemoteConnAllowed.x64=F9070
+
 [6.4.9841.0-SLInit]
 bFUSEnabled.x86       =BF9F0
 lMaxUserSessions.x86  =BF9F4

technical.txt

@@ -35,7 +35,7 @@ Terminal Services supported versions
 6.3.9431.0     (Windows 8.1 Preview)                   [init hook + extended patch]
 6.3.9600.16384 (Windows 8.1)                           [init hook + extended patch]
 6.3.9600.17095 (Windows 8.1 with KB2959626)            [init hook + extended patch]
-6.3.9600.17415 (Windows 8.1 with KB3000850)            [!todo]
+6.3.9600.17415 (Windows 8.1 with KB3000850)            [init hook + extended patch ~ requires INI support]
 6.4.9841.0     (Windows 10 Technical Preview)          [init hook + extended patch]
 6.4.9860.0     (Windows 10 Technical Preview Update 1) [init hook + extended patch]
 6.4.9879.0     (Windows 10 Technical Preview Update 2) [!todo]
@@ -45,6 +45,17 @@ Known failures
 
 Source code changelog (rdpwrap library):
 
+2014.12.03 :
+- added INI reader by Fusix for C++ version
+- asulwer also helped with the development
+
+2014.11.25 :
+- corrected some typos in INI file
+- added EasyPrint policy value
+
+2014.11.24 :
+- added support for termsrv.dll 6.3.9600.17415
+
 2014.11.21 :
 - new LiteINI module to read INI files
 - added support to store patch settings in INI file