mirror of
https://github.com/zerotier/ZeroTierOne.git
synced 2025-06-06 12:33:44 +02:00
Fix a Windows bug in refactored tap code, and always make sure we have a firewall exception rule on startup.
This commit is contained in:
Adam Ierymenko
parent
502ea66f15
commit
fe3ad5e2cc
4 changed files with 46 additions and 10 deletions
37
main.cpp
37
main.cpp
|
|
@ -680,6 +680,43 @@ int main(int argc,char **argv)
|
||||||
#endif // __UNIX_LIKE__
|
#endif // __UNIX_LIKE__
|
||||||
|
|
||||||
#ifdef __WINDOWS__
|
#ifdef __WINDOWS__
|
||||||
|
{
|
||||||
|
char myPath[MAX_PATH];
|
||||||
|
DWORD ps = GetModuleFileNameA(NULL,myPath,sizeof(myPath));
|
||||||
|
if ((ps > 0)&&(ps < (DWORD)sizeof(myPath))) {
|
||||||
|
STARTUPINFOA startupInfo;
|
||||||
|
PROCESS_INFORMATION processInfo;
|
||||||
|
fprintf(stderr,"*** path: %s\n",myPath);
|
||||||
|
|
||||||
|
startupInfo.cb = sizeof(startupInfo);
|
||||||
|
memset(&startupInfo,0,sizeof(STARTUPINFOA));
|
||||||
|
memset(&processInfo,0,sizeof(PROCESS_INFORMATION));
|
||||||
|
if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\netsh.exe advfirewall firewall delete rule name=\"ZeroTier One\" program=\"") + myPath + "\"").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) {
|
||||||
|
WaitForSingleObject(processInfo.hProcess,INFINITE);
|
||||||
|
CloseHandle(processInfo.hProcess);
|
||||||
|
CloseHandle(processInfo.hThread);
|
||||||
|
}
|
||||||
|
|
||||||
|
startupInfo.cb = sizeof(startupInfo);
|
||||||
|
memset(&startupInfo,0,sizeof(STARTUPINFOA));
|
||||||
|
memset(&processInfo,0,sizeof(PROCESS_INFORMATION));
|
||||||
|
if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\netsh.exe advfirewall firewall add rule name=\"ZeroTier One\" dir=in action=allow program=\"") + myPath + "\" enable=yes").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) {
|
||||||
|
WaitForSingleObject(processInfo.hProcess,INFINITE);
|
||||||
|
CloseHandle(processInfo.hProcess);
|
||||||
|
CloseHandle(processInfo.hThread);
|
||||||
|
}
|
||||||
|
|
||||||
|
startupInfo.cb = sizeof(startupInfo);
|
||||||
|
memset(&startupInfo,0,sizeof(STARTUPINFOA));
|
||||||
|
memset(&processInfo,0,sizeof(PROCESS_INFORMATION));
|
||||||
|
if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\netsh.exe advfirewall firewall add rule name=\"ZeroTier One\" dir=out action=allow program=\"") + myPath + "\" enable=yes").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) {
|
||||||
|
WaitForSingleObject(processInfo.hProcess,INFINITE);
|
||||||
|
CloseHandle(processInfo.hProcess);
|
||||||
|
CloseHandle(processInfo.hThread);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (winRunFromCommandLine) {
|
if (winRunFromCommandLine) {
|
||||||
// Running in "interactive" mode (mostly for debugging)
|
// Running in "interactive" mode (mostly for debugging)
|
||||||
if (IsCurrentUserLocalAdministrator() != TRUE) {
|
if (IsCurrentUserLocalAdministrator() != TRUE) {
|
||||||
|
|
|
||||||
|
|
@ -110,7 +110,7 @@ bool Dictionary::verify(const Identity &id) const
|
||||||
if (sig == end())
|
if (sig == end())
|
||||||
return false;
|
return false;
|
||||||
std::string sigbin(Utils::unhex(sig->second));
|
std::string sigbin(Utils::unhex(sig->second));
|
||||||
return id.verify(buf.data(),(unsigned int)buf.length(),sigbin.data(),sigbin.length());
|
return id.verify(buf.data(),(unsigned int)buf.length(),sigbin.data(),(unsigned int)sigbin.length());
|
||||||
} catch ( ... ) {
|
} catch ( ... ) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -260,22 +260,20 @@ void Utils::lockDownFile(const char *path,bool isDir)
|
||||||
#ifdef __WINDOWS__
|
#ifdef __WINDOWS__
|
||||||
{
|
{
|
||||||
STARTUPINFOA startupInfo;
|
STARTUPINFOA startupInfo;
|
||||||
startupInfo.cb = sizeof(startupInfo);
|
|
||||||
PROCESS_INFORMATION processInfo;
|
PROCESS_INFORMATION processInfo;
|
||||||
|
|
||||||
|
startupInfo.cb = sizeof(startupInfo);
|
||||||
memset(&startupInfo,0,sizeof(STARTUPINFOA));
|
memset(&startupInfo,0,sizeof(STARTUPINFOA));
|
||||||
memset(&processInfo,0,sizeof(PROCESS_INFORMATION));
|
memset(&processInfo,0,sizeof(PROCESS_INFORMATION));
|
||||||
/*
|
|
||||||
if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\cacls.exe \"") + path + "\" /E /R Users").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) {
|
|
||||||
WaitForSingleObject(processInfo.hProcess,INFINITE);
|
|
||||||
CloseHandle(processInfo.hProcess);
|
|
||||||
CloseHandle(processInfo.hThread);
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\icacls.exe \"") + path + "\" /inheritance:d /Q").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) {
|
if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\icacls.exe \"") + path + "\" /inheritance:d /Q").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) {
|
||||||
WaitForSingleObject(processInfo.hProcess,INFINITE);
|
WaitForSingleObject(processInfo.hProcess,INFINITE);
|
||||||
CloseHandle(processInfo.hProcess);
|
CloseHandle(processInfo.hProcess);
|
||||||
CloseHandle(processInfo.hThread);
|
CloseHandle(processInfo.hThread);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
startupInfo.cb = sizeof(startupInfo);
|
||||||
|
memset(&startupInfo,0,sizeof(STARTUPINFOA));
|
||||||
|
memset(&processInfo,0,sizeof(PROCESS_INFORMATION));
|
||||||
if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\icacls.exe \"") + path + "\" /remove *S-1-5-32-545 /Q").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) {
|
if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\icacls.exe \"") + path + "\" /remove *S-1-5-32-545 /Q").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) {
|
||||||
WaitForSingleObject(processInfo.hProcess,INFINITE);
|
WaitForSingleObject(processInfo.hProcess,INFINITE);
|
||||||
CloseHandle(processInfo.hProcess);
|
CloseHandle(processInfo.hProcess);
|
||||||
|
|
|
||||||
|
|
@ -706,8 +706,9 @@ NET_IFINDEX WindowsEthernetTap::_getDeviceIndex()
|
||||||
|
|
||||||
for(ULONG i=0;i<ift->NumEntries;++i) {
|
for(ULONG i=0;i<ift->NumEntries;++i) {
|
||||||
if (ift->Table[i].InterfaceLuid.Value == _deviceLuid.Value) {
|
if (ift->Table[i].InterfaceLuid.Value == _deviceLuid.Value) {
|
||||||
|
NET_IFINDEX idx = ift->Table[i].InterfaceIndex;
|
||||||
FreeMibTable(ift);
|
FreeMibTable(ift);
|
||||||
return ift->Table[i].InterfaceIndex;
|
return idx;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue