Also force close handles when deleting the adapter, in case the function
is called from another process, for example an uninstaller.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
When Windows 7-8.1 support is sunset, there will be no more EV driver
deployment at all.
Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
When we install the Wintun driver to the store, we get exact oem<nn>.inf
filename of the driver in the store we just installed. Since the
installation should be only temporarily, we should uninstall only the
driver we installed.
This also eliminates the need for iterating driver store speeding up
things.
The code we removed was inherited from the installer.dll, where it made
perfect sense to remove all installed Wintun drivers in the update
process.
Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
With all the platforms (including ARM) having at least one driver now,
the dead-code removal #ifdef-s are no longer required.
Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
This adds the ARM driver to the list of Wintun drivers we compile for
future deployment. Since we're not in position to test it in the real
world, any feedback is greatly appreciated.
Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
DriverMajorVersion and DriverMinorVersion registry values were
introduced in Windows 8.
Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
...and change to inheritable only the ones really needed, eliminating a
window where we'd have inheritable handles that are not supposed to be
inheritable.
Suggested-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
Silently ignoring truncation of the strings(like adapter and pool names,
registry paths etc.) leads to strange failures later down the road (like
registry key not found) masking the true reason of the failure. This
makes troubleshooting difficult.
Reported-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
The .sys file of the driver does not need to be digitally signed. It is
the .cat file that Windows is checking for complete driver .inf+.sys+
.cat bundle.
Signed-off-by: Simon Rozman <simon@rozman.si>
- Return pointer to ring buffer with packet data allowing clients to
read/write directly. This eliminates one memcpy().
- Make sending/receiving packets thread-safe.
Signed-off-by: Simon Rozman <simon@rozman.si>
We must not use the process heap, as it is changeable. Client may change
it causing our HeapFree() to use wrong heap.
Signed-off-by: Simon Rozman <simon@rozman.si>
Rather than every client reinvent the art of using the Wintun and its
ring buffers, we offer helper structs and functions to unify and
simplify Wintun usage.
Signed-off-by: Simon Rozman <simon@rozman.si>
The ARM64 platform has no WHQL/Attestation driver available yet and the
Release build of the wintun.dll was explicitly designed to include WHQL/
Attn signed ARM64 driver only: There are no Windows on ARM64 before
Windows 10. This prevented alpha testing of the wintun.dll on ARM64.
Debug build includes EV signed ARM64 driver.
Signed-off-by: Simon Rozman <simon@rozman.si>
RegistryQueryString() may produce one or more "File not found" errors
when called from RegistryQueryStringWait() - which is expected while
waiting. Those errors were annoying and awkward to read in the log.
Furthermore, should RegistryQueryString() fail, it already displays
detailed Windows error message and the parent's logging was simplified
to prevent repetitions in the log.
Signed-off-by: Simon Rozman <simon@rozman.si>
The WintunCreateAdapter()+CreateAdapter() and WintunDeleteAdapter()+
DeleteAdapter() communicate using Unicode anonymous pipes now. This
allows the WintunCreateAdapter() to exactly determine the adapter
CreateAdapter() just created by its GUID rather than its name - avoiding
the possible ambiguity caused by same-adapter-name ordinal suffixes.
This also allows exact retrieval of the result code and pending reboot
flag from the rundll32 child process.
Furthermore, CreateAdapter() and DeleteAdapter() are now available in
_DEBUG for all platforms to allow testing. It took a #pragma comment(
linker, "/EXPORT") trick to stop compiler from decorating function names
and exporting as _CreateAdapter@16() and _DeleteAdapter@16() in x86.
Signed-off-by: Simon Rozman <simon@rozman.si>
