Hesham/wintun
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

api: move undocumented ntdll symbols to ntdll.h

Browse Source 
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld 2020-11-03 15:28:17 +01:00
parent d5dc79255d
commit 90a33d9cc6
4 changed files with 18 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
api/adapter.c
View File

@ -9,7 +9,7 @@
#include "logger.h" #include "logger.h"
#include "namespace.h" #include "namespace.h"
#include "nci.h" #include "nci.h"
#include "ntldr.h" #include "ntdll.h"
#include "registry.h" #include "registry.h"
#include "resource.h" #include "resource.h"
@ -780,17 +780,6 @@ WintunOpenAdapterDeviceObject(_In_ const WINTUN_ADAPTER *Adapter, _Out_ HANDLE *
return GetDeviceObject(Adapter->DevInstanceID, Handle); return GetDeviceObject(Adapter->DevInstanceID, Handle);
} }
/* We can't use RtlGetVersion, because appcompat's aclayers.dll shims it to report Vista
* when run from legacy contexts. So, we instead use the undocumented RtlGetNtVersionNumbers.
*
* Another way would be reading from the PEB directly:
* ((DWORD *)NtCurrentTeb()->ProcessEnvironmentBlock)[sizeof(void *) == 8 ? 70 : 41]
* Or just read from KUSER_SHARED_DATA the same way on 32-bit and 64-bit:
* *(DWORD *)0x7FFE026C
*/
extern VOID NTAPI
RtlGetNtVersionNumbers(_Out_opt_ DWORD *MajorVersion, _Out_opt_ DWORD *MinorVersion, _Out_opt_ DWORD *BuildNumber);
static BOOL static BOOL
HaveWHQL(void) HaveWHQL(void)
{ {

2
api/api.vcxproj
View File

@ -164,7 +164,7 @@ lib.exe /def:nci.def /out:"$(IntDir)nci.lib" /machine:$(PlatformTarget) /nologo
<ClInclude Include="logger.h" /> <ClInclude Include="logger.h" />
<ClInclude Include="namespace.h" /> <ClInclude Include="namespace.h" />
<ClInclude Include="nci.h" /> <ClInclude Include="nci.h" />
<ClInclude Include="ntldr.h" /> <ClInclude Include="ntdll.h" />
<ClInclude Include="registry.h" /> <ClInclude Include="registry.h" />
<ClInclude Include="resource.h" /> <ClInclude Include="resource.h" />
<ClInclude Include="wintun.h" /> <ClInclude Include="wintun.h" />

6
api/api.vcxproj.filters
View File

@ -49,9 +49,6 @@
<ClInclude Include="wintun.h"> <ClInclude Include="wintun.h">
<Filter>Header Files</Filter> <Filter>Header Files</Filter>
</ClInclude> </ClInclude>
<ClInclude Include="ntldr.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="elevate.h"> <ClInclude Include="elevate.h">
<Filter>Header Files</Filter> <Filter>Header Files</Filter>
</ClInclude> </ClInclude>
@ -61,6 +58,9 @@
<ClInclude Include="rundll32.h"> <ClInclude Include="rundll32.h">
<Filter>Header Files</Filter> <Filter>Header Files</Filter>
</ClInclude> </ClInclude>
<ClInclude Include="ntdll.h">
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<ClCompile Include="namespace.c"> <ClCompile Include="namespace.c">

15
api/ntldr.h → api/ntdll.h
View File

@ -32,6 +32,17 @@ typedef struct _RTL_PROCESS_MODULES
RTL_PROCESS_MODULE_INFORMATION Modules[1]; RTL_PROCESS_MODULE_INFORMATION Modules[1];
} RTL_PROCESS_MODULES, *PRTL_PROCESS_MODULES; } RTL_PROCESS_MODULES, *PRTL_PROCESS_MODULES;
#define STATUS_INFO_LENGTH_MISMATCH ((NTSTATUS)0xC0000004L) // TODO: #include <ntstatus.h> instead of this
#define STATUS_INFO_LENGTH_MISMATCH ((NTSTATUS)0xC0000004L) //TODO: #include <ntstatus.h> instead of this
#define STATUS_PNP_DEVICE_CONFIGURATION_PENDING ((NTSTATUS)0xC0000495L) #define STATUS_PNP_DEVICE_CONFIGURATION_PENDING ((NTSTATUS)0xC0000495L)
/* We can't use RtlGetVersion, because appcompat's aclayers.dll shims it to report Vista
* when run from legacy contexts. So, we instead use the undocumented RtlGetNtVersionNumbers.
*
* Another way would be reading from the PEB directly:
* ((DWORD *)NtCurrentTeb()->ProcessEnvironmentBlock)[sizeof(void *) == 8 ? 70 : 41]
* Or just read from KUSER_SHARED_DATA the same way on 32-bit and 64-bit:
* *(DWORD *)0x7FFE026C
*/
EXTERN_C
DECLSPEC_IMPORT VOID NTAPI
RtlGetNtVersionNumbers(_Out_opt_ DWORD *MajorVersion, _Out_opt_ DWORD *MinorVersion, _Out_opt_ DWORD *BuildNumber);