Detecting HASP or WIBU flexid may take more than 30 seconds per request
We're using FNP 2016 R2 SP1 on Windows and run our software in a closed network environment behind a restrictive firewall. We noticed that, under certain circumstances, the lmhostid tool can take a long time (up to 30 seconds or longer) to detect a FLEX9 or Wibu dongle.
After troubleshooting the problem and checking the network logs, we noticed that lmhostid sends requests to an external website. The DNS is owned by a known corporation and is used as an OCSP endpoint and appears to be a part of PKIX infrastructure to check for the validity of code signing certificates.
Is this something FNP controls?
FNP uses dynamic linking to dongles, which means that for both SafeNet and Wibu there is user space shared object that needs to be present ? haspsrm_win32/64.dll in the case of SafeNet. That dll is digitally signed. To prevent spoofing, we do an explicit check of the digital signature.