<feed xmlns='http://www.w3.org/2005/Atom'>
<title>wintun/api/api.vcxproj, branch master</title>
<subtitle>Layer 3 TUN Driver for Windows</subtitle>
<id>https://git.zx2c4.com/wintun/atom/api/api.vcxproj?h=master</id>
<link rel='self' href='https://git.zx2c4.com/wintun/atom/api/api.vcxproj?h=master'/>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/wintun/'/>
<updated>2021-10-12T18:54:20Z</updated>
<entry>
<title>api: rewrite based on SwDevice</title>
<updated>2021-10-12T18:54:20Z</updated>
<author>
<name>Jason A. Donenfeld</name>
<email>Jason@zx2c4.com</email>
</author>
<published>2021-10-12T05:21:31Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/wintun/commit/?id=544fdaaf8fb970d9657a59c1fc4c4569de4f2d3e'/>
<id>urn:sha1:544fdaaf8fb970d9657a59c1fc4c4569de4f2d3e</id>
<content type='text'>
Signed-off-by: Jason A. Donenfeld &lt;Jason@zx2c4.com&gt;
</content>
</entry>
<entry>
<title>props: unify import .lib of DLLs</title>
<updated>2021-08-10T10:01:26Z</updated>
<author>
<name>Simon Rozman</name>
<email>simon@rozman.si</email>
</author>
<published>2021-08-10T10:01:26Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/wintun/commit/?id=b239eb6505bd3afc448e3aceeebb78b162f87495'/>
<id>urn:sha1:b239eb6505bd3afc448e3aceeebb78b162f87495</id>
<content type='text'>
This moves downlevelshim.lib and those .lib from any future DLLs in this
repo to the matching IntDir.

Signed-off-by: Simon Rozman &lt;simon@rozman.si&gt;
</content>
</entry>
<entry>
<title>proj: clean up loose ends</title>
<updated>2021-08-01T23:04:35Z</updated>
<author>
<name>Jason A. Donenfeld</name>
<email>Jason@zx2c4.com</email>
</author>
<published>2021-08-01T23:04:35Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/wintun/commit/?id=8967516baff344255b6cf9dcb7b8d903c402a19e'/>
<id>urn:sha1:8967516baff344255b6cf9dcb7b8d903c402a19e</id>
<content type='text'>
Signed-off-by: Jason A. Donenfeld &lt;Jason@zx2c4.com&gt;
</content>
</entry>
<entry>
<title>api: remove authenticode support</title>
<updated>2021-08-01T22:24:10Z</updated>
<author>
<name>Jason A. Donenfeld</name>
<email>Jason@zx2c4.com</email>
</author>
<published>2021-08-01T22:24:10Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/wintun/commit/?id=acc9ee7f3450132e15442f871d4b864d7cadc973'/>
<id>urn:sha1:acc9ee7f3450132e15442f871d4b864d7cadc973</id>
<content type='text'>
Certificates are no longer valid.

Signed-off-by: Jason A. Donenfeld &lt;Jason@zx2c4.com&gt;
</content>
</entry>
<entry>
<title>api: upgrade</title>
<updated>2021-07-28T18:25:27Z</updated>
<author>
<name>Simon Rozman</name>
<email>simon@rozman.si</email>
</author>
<published>2021-07-28T18:20:09Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/wintun/commit/?id=d675646ab8df227ba39c9d0160d0ba77e8f85479'/>
<id>urn:sha1:d675646ab8df227ba39c9d0160d0ba77e8f85479</id>
<content type='text'>
Signed-off-by: Simon Rozman &lt;simon@rozman.si&gt;
</content>
</entry>
<entry>
<title>vs: move shared configuration to wintun.props and upgrade</title>
<updated>2021-07-28T18:22:18Z</updated>
<author>
<name>Simon Rozman</name>
<email>simon@rozman.si</email>
</author>
<published>2021-07-28T11:50:40Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/wintun/commit/?id=7dffa4be72c77bd7322039ffdc558a842abba8af'/>
<id>urn:sha1:7dffa4be72c77bd7322039ffdc558a842abba8af</id>
<content type='text'>
Remember to rename wintun.vcxproj.user file in your local working folder
to wintun.props.user manually.

Signed-off-by: Simon Rozman &lt;simon@rozman.si&gt;
</content>
</entry>
<entry>
<title>api: build with WDK</title>
<updated>2021-07-23T18:20:43Z</updated>
<author>
<name>Jason A. Donenfeld</name>
<email>Jason@zx2c4.com</email>
</author>
<published>2021-07-23T16:19:00Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/wintun/commit/?id=899e085a913fe114c72929a91338629128f517a2'/>
<id>urn:sha1:899e085a913fe114c72929a91338629128f517a2</id>
<content type='text'>
Makes builds more reproducable, as we can do our next release using the
EWDK, an all-in-one ISO of build tools from Microsoft.

Signed-off-by: Jason A. Donenfeld &lt;Jason@zx2c4.com&gt;
</content>
</entry>
<entry>
<title>api: use SuggestedInstanceId instead of NetSetupAnticipatedInstanceId</title>
<updated>2021-07-09T15:08:28Z</updated>
<author>
<name>Jason A. Donenfeld</name>
<email>Jason@zx2c4.com</email>
</author>
<published>2021-07-08T14:59:43Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/wintun/commit/?id=005af4a9c788dab2646fa115cda3cbe0c51089bd'/>
<id>urn:sha1:005af4a9c788dab2646fa115cda3cbe0c51089bd</id>
<content type='text'>
All was well with NetSetupAnticipatedInstanceId, until a bug crept into
recent Windows builds that caused old GUIDs not to be properly removed,
resulting in subsequent adapter creations to fail, because NetSetup
AnticipatedInstanceId considers it fatal when the target GUID
already exists, even if in diminished form.

The initial solution was to detect cruft, and then steal a
TrustedInstaller token and sleuth around the registry cleaning things
up. The horror!

Uncomfortable with this, I reopened IDA and had a look around with fresh
eyes, three years after the original discovery of NetSetupAnticipated
InstanceId. There, I found some interesting behavior in
NetSetupSvcDeviceManager::InstallNetworkInterfaces, which amounts to
something like:

    if (IsSet("RetiredNetCfgInstanceId") {
      if (IsSet("NetSetupAnticipatedInstanceId")
        DeleteAdapter(GetValue("RetiredNetCfgInstanceId"));
      else
        Set("NetSetupAnticipatedInstanceId", GetValue("RetiredNetCfgInstanceId"));
      Delete("RetiredNetCfgInstanceId");
    }
    CreateAdapter = TRUE;
    if (IsSet("NetSetupAnticipatedInstanceId")) {
      Guid = GetValue("NetSetupAnticipatedInstanceId");
      if (AdapterAlreadyExists(Guid))
        CreateAdapter = FALSE;
      else
        SetGuidOfNewAdapter(Guid);
      Delete("NetSetupAnticipatedInstanceId");
    } else if (IsSet("SuggestedInstanceId")) {
      Guid = GetValue("SuggestedInstanceId");
      if (!AdapterAlreadyExists(Guid))
        SetGuidOfNewAdapter(Guid);
      Delete("SuggestedInstanceId");
    }

Thus, one appealing strategy would be to set both NetSetupAnticipated
InstanceId and RetiredInstanceId to the same value, and let the service
handle deleting the old one for us before creating the new one.
However, the cleanup of the old adapter winds up being quasi-
asynchronous, and thus we still wind up in the CreateAdapter = FALSE
case.

So, the remaining strategy is to simply use SuggestedInstanceId instead.
This has the behavior that if there's an adapter already in use, it'll
use a new random GUID. The result is that adapter creation won't fail.

That's not great, but the docs have always made it clear that
"requested" is a best-effort sort of thing. Plus, hopefully the creation
of the new adapter will help nudge the bug a bit and cleanup the old
cruft. In some ways, transitioning from our old strategy of "cudgel the
registry until we get the GUID we want" to "ask politely and accept no
for an answer" is a disappointing regression in functionality. But it
also means we don't need to keep crazy token stealing code around, or
fish around in the registry dangerously. This probably also increases
the likelihood that an adapter will be created during edge cases, which
means fewer errors for users, which could be a good thing. On the
downside, we have the perpetual tensions caused by a system that now
"fails open" instead of "fails closed". But so it goes in Windows land.

Signed-off-by: Jason A. Donenfeld &lt;Jason@zx2c4.com&gt;
</content>
</entry>
<entry>
<title>api: delay load remaining dlls to work around forwarder gotchas</title>
<updated>2020-11-27T13:52:03Z</updated>
<author>
<name>Jason A. Donenfeld</name>
<email>Jason@zx2c4.com</email>
</author>
<published>2020-11-26T16:26:05Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/wintun/commit/?id=a3a1fa8931da5e9e5f2e47e83d854a36a7737952'/>
<id>urn:sha1:a3a1fa8931da5e9e5f2e47e83d854a36a7737952</id>
<content type='text'>
RtlGenRandom forwards to cryptbase.dll, which is not in KnownDlls.
Therefore it's not a good idea to link to advapi32.dll at link time. How
many other gotchas of unusual forwarded functions are there? I don't
really want to find out. Therefore, delay load everything else.

Signed-off-by: Jason A. Donenfeld &lt;Jason@zx2c4.com&gt;
</content>
</entry>
<entry>
<title>api: do not call UpdateDriverForPlugAndPlayDevicesW</title>
<updated>2020-11-09T14:14:33Z</updated>
<author>
<name>Jason A. Donenfeld</name>
<email>Jason@zx2c4.com</email>
</author>
<published>2020-11-09T13:45:41Z</published>
<link rel='alternate' type='text/html' href='https://git.zx2c4.com/wintun/commit/?id=0d214d72542713c0d716173eab1bc787772026d8'/>
<id>urn:sha1:0d214d72542713c0d716173eab1bc787772026d8</id>
<content type='text'>
This seems to reset a number of device properties, and our update flow
seems to update old adapters without needing to call this.

Signed-off-by: Jason A. Donenfeld &lt;Jason@zx2c4.com&gt;
</content>
</entry>
</feed>
