diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2020-11-26 14:05:21 +0100 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2020-11-27 12:50:53 +0100 |
commit | 06fa04f63379899933b503bbfcd233e5d70f3c87 (patch) | |
tree | 60919d0a4850c0ddc7da92d78a0e4ce8aa176251 /installer | |
parent | manager: move legacy store from conf (diff) | |
download | wireguard-windows-06fa04f63379899933b503bbfcd233e5d70f3c87.tar.xz wireguard-windows-06fa04f63379899933b503bbfcd233e5d70f3c87.zip |
fetcher: delay load anything with transitive dependencies outside of knowndlls
It looks like advapi32.dll loads cryptbase.dll because RtlGenRandom is
forwarded to it, and cryptbase.dll isn't in knowndlls. So, even though
we haven't done anything wrong by importing advapi32.dll statically, the
surprising forwarding behavior means that this is a disaster. At the
same time, some UI-related system modules wind up calling loadlibraryex with
default arguments, so again, even though linking to things like
user32.dll and such statically is fine, microsoft is doing the wrong
thing inside of them. Work around the first issue by loading
advapi32.dll (and others, just for good measure) delayed, and work
around the latter by gimping the dll search path.
Reported-by: Stefan Kanthak <stefan.kanthak@nexgo.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'installer')
-rw-r--r-- | installer/fetcher/Makefile | 2 | ||||
-rw-r--r-- | installer/fetcher/fetcher.c | 3 |
2 files changed, 4 insertions, 1 deletions
diff --git a/installer/fetcher/Makefile b/installer/fetcher/Makefile index 49b0bc51..0c150d90 100644 --- a/installer/fetcher/Makefile +++ b/installer/fetcher/Makefile @@ -13,7 +13,7 @@ LDLIBS += -lkernel32 -lwinhttp -lntdll -lshlwapi -lmsi -lcomctl32 -luser32 -lshe LDFLAGS += -s -flto -Wl,--dynamicbase -Wl,--nxcompat -Wl,--tsaware -mwindows LDFLAGS += -Wl,--major-os-version=6 -Wl,--minor-os-version=1 -Wl,--major-subsystem-version=6 -Wl,--minor-subsystem-version=1 # The use of -Wl,/delayload: here implies we're using llvm-mingw -LDFLAGS += -Wl,/delayload:winhttp.dll -Wl,/delayload:msi.dll -Wl,/delayload:wintrust.dll +LDFLAGS += -Wl,/delayload:winhttp.dll -Wl,/delayload:msi.dll -Wl,/delayload:wintrust.dll -Wl,/delayload:advapi32.dll -Wl,/delayload:shell32.dll -Wl,/delayload:shlwapi.dll -Wl,/delayload:gdi32.dll -Wl,/delayload:user32.dll -Wl,/delayload:comctl32.dll TARGET := wireguard-installer.exe CC := i686-w64-mingw32-clang WINDRES := i686-w64-mingw32-windres diff --git a/installer/fetcher/fetcher.c b/installer/fetcher/fetcher.c index 473cb26d..2e0a2d16 100644 --- a/installer/fetcher/fetcher.c +++ b/installer/fetcher/fetcher.c @@ -284,6 +284,9 @@ int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, PSTR pCmdLine, (void)hPrevInstance; (void)pCmdLine; (void)nCmdShow; + if (!SetDllDirectoryA("") || !SetDefaultDllDirectories(LOAD_LIBRARY_SEARCH_SYSTEM32)) + return 1; + InitCommonControlsEx(&(INITCOMMONCONTROLSEX){ .dwSize = sizeof(INITCOMMONCONTROLSEX), .dwICC = ICC_PROGRESS_CLASS }); progress = CreateWindowEx(0, PROGRESS_CLASS, "WireGuard Installer", |