Commit Graph

415 Commits

Author SHA1 Message Date
Jason A. Donenfeld
6c40f24498 api: add debugging rundll32 entry point
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-31 19:11:56 +01:00
Jason A. Donenfeld
f6d8b694eb api: add missing header for rundll32 mode
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-31 19:11:52 +01:00
Jason A. Donenfeld
26c5478042 api: opencode bin2hex in same manner as random directory creation
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-31 19:11:51 +01:00
Jason A. Donenfeld
62f21f2fdd api: link to nci.dll at compile time
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 19:11:51 +01:00
Jason A. Donenfeld
42062fe554 Bump date headers
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-31 19:11:51 +01:00
Jason A. Donenfeld
937eb44727 api: get rid of pch and make headers sane
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-31 19:11:51 +01:00
Jason A. Donenfeld
c5b05150c6 api: simplify build settings
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-31 19:11:51 +01:00
Jason A. Donenfeld
0faba6c3e8 api: use NT api directly for enumerating kernel modules
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-31 19:11:51 +01:00
Simon Rozman
efbc70635b api expose Send.TailMoved event to clients
This allows clients to use it in WaitForMultipleObjects().

Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 19:11:50 +01:00
Simon Rozman
c8004933c1 api: rename MAX_POOL to WINTUN_MAX_POOL
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 19:11:50 +01:00
Simon Rozman
9957396dc7 api: upgrade source analysis annotations
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 19:11:50 +01:00
Simon Rozman
08440580c3 api: refuse to load DLL on init failure
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 19:11:50 +01:00
Jason A. Donenfeld
e7a85b7b28 api: attempt to upgrade currently running adapters
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-31 19:11:50 +01:00
Jason A. Donenfeld
f947205cee api: use proper iso atomic semantics
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-31 19:11:50 +01:00
Jason A. Donenfeld
b4a1494fb2 api: rework pool hashing
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-31 19:11:49 +01:00
Jason A. Donenfeld
0a8bf9d1ff api: only force close handles if requested
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-31 19:11:49 +01:00
Jason A. Donenfeld
a332f54a1b api: only sleep after force closing handles if required
Also force close handles when deleting the adapter, in case the function
is called from another process, for example an uninstaller.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-31 19:11:49 +01:00
Simon Rozman
1b3af95be3 api: selectively use temporary variable to prepare output
Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 19:11:49 +01:00
Jason A. Donenfeld
8c935ce151 api: remove security attributes debug trap door
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-31 10:41:49 +01:00
Jason A. Donenfeld
7964694e1e api: elevate only when needed for system operations
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-31 10:41:49 +01:00
Simon Rozman
779d0e0c38 api: simplify driver selection by always including EV driver
When Windows 7-8.1 support is sunset, there will be no more EV driver
deployment at all.

Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:49 +01:00
Jason A. Donenfeld
c928ad4de7 api: fix dll hijacking vulns
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-31 10:41:48 +01:00
Simon Rozman
abf6962144 api: simplify driver removal
When we install the Wintun driver to the store, we get exact oem<nn>.inf
filename of the driver in the store we just installed. Since the
installation should be only temporarily, we should uninstall only the
driver we installed.

This also eliminates the need for iterating driver store speeding up
things.

The code we removed was inherited from the installer.dll, where it made
perfect sense to remove all installed Wintun drivers in the update
process.

Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:48 +01:00
Simon Rozman
eeb42a5f12 api: make #ifdef-s more descriptive
Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:48 +01:00
Simon Rozman
4b0470210d api: cleanup driver selection logic
With all the platforms (including ARM) having at least one driver now,
the dead-code removal #ifdef-s are no longer required.

Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:48 +01:00
Simon Rozman
77459a130a Add ARM driver compilation
This adds the ARM driver to the list of Wintun drivers we compile for
future deployment. Since we're not in position to test it in the real
world, any feedback is greatly appreciated.

Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:48 +01:00
Simon Rozman
44cfac5d63 api: add a cleanup note when Windows 7 support is discontinued
DriverMajorVersion and DriverMinorVersion registry values were
introduced in Windows 8.

Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:48 +01:00
Simon Rozman
5a3a217b0b api: split adapter creation/deletion to delegator and worker functions
Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:48 +01:00
Simon Rozman
3dacd1c6ce api: make pipe handles non-inheritable by default
...and change to inheritable only the ones really needed, eliminating a
window where we'd have inheritable handles that are not supposed to be
inheritable.

Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:47 +01:00
Simon Rozman
fb6d5b62f1 api: check the stdout reader thread exit status for failures
...and refactor the ExecuteRunDll32().

Reported-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:47 +01:00
Simon Rozman
44568f81cb api: make architecture-dependent wintun.dll selection an explicit select
Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:47 +01:00
Simon Rozman
8b0409ce2a api: fix adapter name numbering termination
Reported-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:47 +01:00
Simon Rozman
254a900a76 api: bail out on _TRUNCATE truncation
Silently ignoring truncation of the strings(like adapter and pool names,
registry paths etc.) leads to strange failures later down the road (like
registry key not found) masking the true reason of the failure. This
makes troubleshooting difficult.

Reported-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:47 +01:00
Simon Rozman
13e90b52cc api: simplify RemoveNumberedSuffix()
Reported-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:47 +01:00
Simon Rozman
f389fd5629 api: use C locale for adapter and pool name case-insensitive comparing
Reported-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:47 +01:00
Simon Rozman
e630c3bec1 api: fix zero-parameter C function prototypes
Reported-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:46 +01:00
Simon Rozman
4a575d210a api: fallback to hard-coded version
Windows 7 doesn't have DriverMajorVersion and DriverMinorVersion
registry values yet.

Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:46 +01:00
Simon Rozman
e11897e343 api: depretiate WintunIsPacketAvailable()
Spinning on the WintunReceivePacket() while it returns
ERROR_NO_MORE_ITEMS achieves the same.

Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:41:46 +01:00
Simon Rozman
1170f56446 api: move files from root to wintun folder within Zip
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:15:15 +01:00
Simon Rozman
660a61b865 api: use catalog file for signing certificate extraction
The .sys file of the driver does not need to be digitally signed. It is
the .cat file that Windows is checking for complete driver .inf+.sys+
.cat bundle.

Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:15:15 +01:00
Simon Rozman
2439b05212 api: upgrade ring management
- Return pointer to ring buffer with packet data allowing clients to
  read/write directly. This eliminates one memcpy().

- Make sending/receiving packets thread-safe.

Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 10:15:15 +01:00
Simon Rozman
202f1dc9b8 api: update README.md
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-31 06:55:58 +01:00
Simon Rozman
fbb9098393 api: allow wintun.h use in C++
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-30 16:51:01 +01:00
Simon Rozman
bf4eabb4ca api: switch to private heap
We must not use the process heap, as it is changeable. Client may change
it causing our HeapFree() to use wrong heap.

Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-30 16:51:01 +01:00
Simon Rozman
4b8f879fd6 api: add ring management
Rather than every client reinvent the art of using the Wintun and its
ring buffers, we offer helper structs and functions to unify and
simplify Wintun usage.

Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-30 16:51:01 +01:00
Simon Rozman
8fd98b6ca3 api: allow Debug build packaging
The ARM64 platform has no WHQL/Attestation driver available yet and the
Release build of the wintun.dll was explicitly designed to include WHQL/
Attn signed ARM64 driver only: There are no Windows on ARM64 before
Windows 10. This prevented alpha testing of the wintun.dll on ARM64.

Debug build includes EV signed ARM64 driver.

Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-30 16:51:01 +01:00
Simon Rozman
10caab8813 api: upgrade Zip building to output SHA256
This allows following the Zip file integrity from immediately after it
is built.

Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-30 16:51:01 +01:00
Simon Rozman
84c066fa79 api: revise logging
RegistryQueryString() may produce one or more "File not found" errors
when called from RegistryQueryStringWait() - which is expected while
waiting. Those errors were annoying and awkward to read in the log.

Furthermore, should RegistryQueryString() fail, it already displays
detailed Windows error message and the parent's logging was simplified
to prevent repetitions in the log.

Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-30 16:51:01 +01:00
Simon Rozman
faf7d3771c api: connect rundll32 child with parent using stdout and stderr
The WintunCreateAdapter()+CreateAdapter() and WintunDeleteAdapter()+
DeleteAdapter() communicate using Unicode anonymous pipes now. This
allows the WintunCreateAdapter() to exactly determine the adapter
CreateAdapter() just created by its GUID rather than its name - avoiding
the possible ambiguity caused by same-adapter-name ordinal suffixes.
This also allows exact retrieval of the result code and pending reboot
flag from the rundll32 child process.

Furthermore, CreateAdapter() and DeleteAdapter() are now available in
_DEBUG for all platforms to allow testing. It took a #pragma comment(
linker, "/EXPORT") trick to stop compiler from decorating function names
and exporting as _CreateAdapter@16() and _DeleteAdapter@16() in x86.

Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-30 16:51:01 +01:00
Simon Rozman
52738e17b1 api: installer: switch from MSM to ZIP distribution
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-30 16:51:01 +01:00