Development discussion of WireGuard
 help / color / mirror / Atom feed
* [Wintun] DEPENDENTLOADFLAG for wintun.dll?
@ 2021-02-10 14:02 Brad Spencer
  2021-02-10 14:43 ` Jason A. Donenfeld
  0 siblings, 1 reply; 4+ messages in thread
From: Brad Spencer @ 2021-02-10 14:02 UTC (permalink / raw)
  To: WireGuard mailing list

Would it make sense to link the official wintun.dll with the MSVC 
linker's -DEPENDENTLOADFLAG:0x800 option?

https://docs.microsoft.com/en-us/cpp/build/reference/dependentloadflag

Doing so restricts the search path for immediate dependencies to the 
%windows%\system32\ directory, and I think all of the DLLs Wintun needs 
are there.

-- 
Brad Spencer


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [Wintun] DEPENDENTLOADFLAG for wintun.dll?
  2021-02-10 14:02 [Wintun] DEPENDENTLOADFLAG for wintun.dll? Brad Spencer
@ 2021-02-10 14:43 ` Jason A. Donenfeld
  2021-02-10 14:57   ` Stefan Kanthak
  0 siblings, 1 reply; 4+ messages in thread
From: Jason A. Donenfeld @ 2021-02-10 14:43 UTC (permalink / raw)
  To: Brad Spencer; +Cc: WireGuard mailing list, Stefan Kanthak

Hi Brad,

On Wed, Feb 10, 2021 at 3:04 PM Brad Spencer <bspencer@blackberry.com> wrote:
>
> Would it make sense to link the official wintun.dll with the MSVC
> linker's -DEPENDENTLOADFLAG:0x800 option?
>
> https://docs.microsoft.com/en-us/cpp/build/reference/dependentloadflag
>
> Doing so restricts the search path for immediate dependencies to the
> %windows%\system32\ directory, and I think all of the DLLs Wintun needs
> are there.

That flag is a bit of a can of worms, which I haven't been too
inclined to open. See:
https://skanthak.homepage.t-online.de/snafu.html

Instead, wintun.dll uses delay loading for all DLLs except for
kernel32.dll and ntdll.dll, and then forces the delay loader hook
through LoadLibraryEx. See:
https://git.zx2c4.com/wintun/tree/api/entry.c#n25 You can see this in
action by putting wintun.dll into depends:
https://data.zx2c4.com/depends-for-wintun-dll-feb-2021.png

(CCing Stefan, in case he's curious. The DLLs in question are
https://www.wintun.net/builds/wintun-0.10.1.zip )

Jason

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [Wintun] DEPENDENTLOADFLAG for wintun.dll?
  2021-02-10 14:43 ` Jason A. Donenfeld
@ 2021-02-10 14:57   ` Stefan Kanthak
  2021-02-10 17:52     ` Brad Spencer
  0 siblings, 1 reply; 4+ messages in thread
From: Stefan Kanthak @ 2021-02-10 14:57 UTC (permalink / raw)
  To: Jason A. Donenfeld, Brad Spencer; +Cc: WireGuard mailing list

"Jason A. Donenfeld" <Jason@zx2c4.com> wrote:

> Hi Brad,
> 
> On Wed, Feb 10, 2021 at 3:04 PM Brad Spencer <bspencer@blackberry.com> wrote:
>>
>> Would it make sense to link the official wintun.dll with the MSVC
>> linker's -DEPENDENTLOADFLAG:0x800 option?
>>
>> https://docs.microsoft.com/en-us/cpp/build/reference/dependentloadflag
>>
>> Doing so restricts the search path for immediate dependencies to the
>> %windows%\system32\ directory, and I think all of the DLLs Wintun needs
>> are there.

This flag is supported only on current versions of Windows 10.
Since Wireguard still supports Windows 7 and 8 you but need the "classic"
mitigation there, i.e. delay-loading and your own delay-loading routine, as
Jason writes below.

> That flag is a bit of a can of worms, which I haven't been too
> inclined to open. See:
> https://skanthak.homepage.t-online.de/snafu.html

This flag also doesn't help with exports forwarded to "unknown" DLLs,
neither with /DEPENDENTLOADFLAG:... nor with LoadLibraryEx(): see
https://skanthak.homepage.t-online.de/detour.html

> Instead, wintun.dll uses delay loading for all DLLs except for
> kernel32.dll and ntdll.dll, and then forces the delay loader hook
> through LoadLibraryEx. See:
> https://git.zx2c4.com/wintun/tree/api/entry.c#n25 You can see this in
> action by putting wintun.dll into depends:
> https://data.zx2c4.com/depends-for-wintun-dll-feb-2021.png

Stefan

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [Wintun] DEPENDENTLOADFLAG for wintun.dll?
  2021-02-10 14:57   ` Stefan Kanthak
@ 2021-02-10 17:52     ` Brad Spencer
  0 siblings, 0 replies; 4+ messages in thread
From: Brad Spencer @ 2021-02-10 17:52 UTC (permalink / raw)
  To: Stefan Kanthak, Jason A. Donenfeld; +Cc: WireGuard mailing list

On 2021-02-10 10:57 a.m., Stefan Kanthak wrote:
> This flag is supported only on current versions of Windows 10.
> Since Wireguard still supports Windows 7 and 8 you but need the "classic"
> mitigation there, i.e. delay-loading and your own delay-loading routine, as
> Jason writes below.

Thanks.  I have actually read your pages previously, Stefan, but I 
neglected to dig in to how wintun.dll loads its dependencies already.  
Thanks to you both for the comprehensive replies.

-- 

Brad Spencer


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2021-02-10 17:53 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-10 14:02 [Wintun] DEPENDENTLOADFLAG for wintun.dll? Brad Spencer
2021-02-10 14:43 ` Jason A. Donenfeld
2021-02-10 14:57   ` Stefan Kanthak
2021-02-10 17:52     ` Brad Spencer

Development discussion of WireGuard

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://inbox.vuxu.org/wireguard/0 wireguard/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 wireguard wireguard/ http://inbox.vuxu.org/wireguard \
		wireguard@lists.zx2c4.com
	public-inbox-index wireguard

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.vuxu.org/vuxu.archive.wireguard


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git