The .sys file of the driver does not need to be digitally signed. It is
the .cat file that Windows is checking for complete driver .inf+.sys+
.cat bundle.
Signed-off-by: Simon Rozman <simon@rozman.si>
- Return pointer to ring buffer with packet data allowing clients to
read/write directly. This eliminates one memcpy().
- Make sending/receiving packets thread-safe.
Signed-off-by: Simon Rozman <simon@rozman.si>
We must not use the process heap, as it is changeable. Client may change
it causing our HeapFree() to use wrong heap.
Signed-off-by: Simon Rozman <simon@rozman.si>
Rather than every client reinvent the art of using the Wintun and its
ring buffers, we offer helper structs and functions to unify and
simplify Wintun usage.
Signed-off-by: Simon Rozman <simon@rozman.si>
The ARM64 platform has no WHQL/Attestation driver available yet and the
Release build of the wintun.dll was explicitly designed to include WHQL/
Attn signed ARM64 driver only: There are no Windows on ARM64 before
Windows 10. This prevented alpha testing of the wintun.dll on ARM64.
Debug build includes EV signed ARM64 driver.
Signed-off-by: Simon Rozman <simon@rozman.si>
RegistryQueryString() may produce one or more "File not found" errors
when called from RegistryQueryStringWait() - which is expected while
waiting. Those errors were annoying and awkward to read in the log.
Furthermore, should RegistryQueryString() fail, it already displays
detailed Windows error message and the parent's logging was simplified
to prevent repetitions in the log.
Signed-off-by: Simon Rozman <simon@rozman.si>
The WintunCreateAdapter()+CreateAdapter() and WintunDeleteAdapter()+
DeleteAdapter() communicate using Unicode anonymous pipes now. This
allows the WintunCreateAdapter() to exactly determine the adapter
CreateAdapter() just created by its GUID rather than its name - avoiding
the possible ambiguity caused by same-adapter-name ordinal suffixes.
This also allows exact retrieval of the result code and pending reboot
flag from the rundll32 child process.
Furthermore, CreateAdapter() and DeleteAdapter() are now available in
_DEBUG for all platforms to allow testing. It took a #pragma comment(
linker, "/EXPORT") trick to stop compiler from decorating function names
and exporting as _CreateAdapter@16() and _DeleteAdapter@16() in x86.
Signed-off-by: Simon Rozman <simon@rozman.si>
The SDK header for deployment containing datatype and function
declarations for use by C/C++ clients.
As we shall not distribute MSVC wintun.lib files, making clients need to
use GetProcAddress(), this file contains function type declarations
rather then __declspec(dllimport) function declarations.
Signed-off-by: Simon Rozman <simon@rozman.si>
Go supports only callbacks that return "something" of a size up to
uintptr. It panics on void-returning callbacks.
Signed-off-by: Simon Rozman <simon@rozman.si>
SetupAPI fails to create a device in WoW64 processes. x86 (and arm)
wintun.dll pack the amd64 and arm64 wintun.dll now, and use rundll32 to
create a native process to do the job where required.
Signed-off-by: Simon Rozman <simon@rozman.si>
The WoW64 client will provide stdio handles to read the log messages.
Furthermore, the rundll32 calls could return results using stdout.
Signed-off-by: Simon Rozman <simon@rozman.si>
This should allow wintun.dll to simplify referencing same configuration
but different platform wintun.dll for WoW64 support.
Signed-off-by: Simon Rozman <simon@rozman.si>
1. Add driver to the store: SetupCopyOEMInfW()
2. Create the adapter using explicit path to .inf file: DI_ENUMSINGLEINF
3. Delete all Wintun drivers from the store.
This is a subject of further research:
- It appears those adapters survive a reboot. So, Windows must store the
driver somewhere on the disk and the driver removal is not completed.
If the driver removal is not completed until there are existing
adapters, this is excellent, as it will provide a self-cleanup.
- Test multiple adapters with different driver versions. Which driver
wins?
- Are other Wintun adapters interrupted when adding a new one?
- Test Windows 7 behaviour.
Signed-off-by: Simon Rozman <simon@rozman.si>
When debugger is attached, CreateDirectory() with SYSTEM-only SID fails
with "This security ID may not be assigned as the owner of this object.
(Code 0x0000051B)".
Signed-off-by: Simon Rozman <simon@rozman.si>
I need this for debugging. In production environment, WoW64 clients will
already call rundll32 elevated to SYSTEM.
Signed-off-by: Simon Rozman <simon@rozman.si>
While Doxygen correctly locates the function documentation when it is
written directly preceding the function body, Microsoft Visual Studio
IDE does not. The former requires the documentation to precede the
function declaration.
Signed-off-by: Simon Rozman <simon@rozman.si>
When an internal function logs an error and its cause, it bloats the log
when the caller logs the cause again.
Signed-off-by: Simon Rozman <simon@rozman.si>
Gather adapter management in adapter.h/.c (formerly devmgmt.h/.c) and
unify HwID tests.
Use "Namespace" namespace in all functions from namespace.h/.c.
Fix char strings in LOG_...
Signed-off-by: Simon Rozman <simon@rozman.si>
WINTUN_LOGGER_... => LOGGER_... => LOG_...
Those macros are internal, so they don/t need to start with WINTUN_...
Replacing the noun LOGGER_... with the verb LOG_... makes the code more
natural to read now.
Signed-off-by: Simon Rozman <simon@rozman.si>
With installer.dll the installer did the decision whether to install or
upgrade the driver according to installer.dll version and hash stored in
registry by MSM.
With wintun.dll we need to know, which version of Wintun driver we are
packing in the resources to decide about driver upgrade. The most
accurate source of the driver version is the DriverVer directive in
[Version] section of the driver's .inf file.
Signed-off-by: Simon Rozman <simon@rozman.si>
Quote from MSDN:
> You will need to call setlocale for _wcsicmp to work with Latin 1
> characters. The C locale is in effect by default, so, for example, ä
> will not compare equal to Ä.
Signed-off-by: Simon Rozman <simon@rozman.si>
Some functions of SetupAPI only work when invoked from a native process.
Registry and filesystem reflection makes them fail on WoW64. For WoW64
processes, a minimum set of rundll32 functions are provided.
Signed-off-by: Simon Rozman <simon@rozman.si>
