Hi, Sorry for the delay.
1) Was it really necessary to modify .props? I enabled this via Linker->Advanced->CET Shadow Stack Compatible and only .vcxproj files got modified. 2) I think we could enable it for all binaries (openvpn/openvpnmsica/openvpnserv/tapctl) for ARM64/WIn32/x64 Release configurations. -Lev ma 27. jouluk. 2021 klo 11.09 Илья Шипицин ([email protected]) kirjoitti: > > gentle ping > > > сб, 16 окт. 2021 г. в 19:15, Ilya Shipitsin <[email protected]>: >> >> found by BinSkim, more details: >> https://docs.microsoft.com/en-us/cpp/build/reference/cetcompat?view=msvc-160 >> >> Signed-off-by: Ilya Shipitsin <[email protected]> >> --- >> src/compat/Debug.props | 10 ++++++++++ >> src/compat/Release.props | 10 ++++++++++ >> src/openvpn/openvpn.vcxproj | 4 ++++ >> src/openvpnmsica/openvpnmsica-Debug.props | 10 ++++++++++ >> src/openvpnmsica/openvpnmsica-Release.props | 10 ++++++++++ >> src/openvpnserv/openvpnserv.vcxproj | 4 ++++ >> 6 files changed, 48 insertions(+) >> >> diff --git a/src/compat/Debug.props b/src/compat/Debug.props >> index 31bb9d91..14d7a1f7 100644 >> --- a/src/compat/Debug.props >> +++ b/src/compat/Debug.props >> @@ -17,5 +17,15 @@ >> <DebugInformationFormat>EditAndContinue</DebugInformationFormat> >> </ClCompile> >> </ItemDefinitionGroup> >> + <ItemDefinitionGroup >> Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> >> + <Link> >> + <CETCompat>true</CETCompat> >> + </Link> >> + </ItemDefinitionGroup> >> + <ItemDefinitionGroup >> Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> >> + <Link> >> + <CETCompat>true</CETCompat> >> + </Link> >> + </ItemDefinitionGroup> >> <ItemGroup /> >> </Project> >> \ No newline at end of file >> diff --git a/src/compat/Release.props b/src/compat/Release.props >> index 50eaa8de..df04ddf2 100644 >> --- a/src/compat/Release.props >> +++ b/src/compat/Release.props >> @@ -22,5 +22,15 @@ >> <OptimizeReferences>true</OptimizeReferences> >> </Link> >> </ItemDefinitionGroup> >> + <ItemDefinitionGroup >> Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> >> + <Link> >> + <CETCompat>true</CETCompat> >> + </Link> >> + </ItemDefinitionGroup> >> + <ItemDefinitionGroup >> Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> >> + <Link> >> + <CETCompat>true</CETCompat> >> + </Link> >> + </ItemDefinitionGroup> >> <ItemGroup /> >> </Project> >> \ No newline at end of file >> diff --git a/src/openvpn/openvpn.vcxproj b/src/openvpn/openvpn.vcxproj >> index 65ee6839..38dd22de 100644 >> --- a/src/openvpn/openvpn.vcxproj >> +++ b/src/openvpn/openvpn.vcxproj >> @@ -158,6 +158,7 @@ >> >> <AdditionalDependencies>Ncrypt.lib;gdi32.lib;ws2_32.lib;wininet.lib;crypt32.lib;iphlpapi.lib;winmm.lib;Fwpuclnt.lib;Rpcrt4.lib;setupapi.lib;Advapi32.lib</AdditionalDependencies> >> >> <AdditionalLibraryDirectories>$(OPENSSL_HOME)/lib;$(LZO_HOME)/lib;$(PKCS11H_HOME)/lib;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories> >> <SubSystem>Console</SubSystem> >> + <CETCompat>true</CETCompat> >> </Link> >> </ItemDefinitionGroup> >> <ItemDefinitionGroup >> Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> >> @@ -173,6 +174,7 @@ >> >> <AdditionalDependencies>Ncrypt.lib;gdi32.lib;ws2_32.lib;wininet.lib;crypt32.lib;iphlpapi.lib;winmm.lib;Fwpuclnt.lib;Rpcrt4.lib;setupapi.lib;Advapi32.lib</AdditionalDependencies> >> >> <AdditionalLibraryDirectories>$(OPENSSL_HOME)/lib;$(LZO_HOME)/lib;$(PKCS11H_HOME)/lib;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories> >> <SubSystem>Console</SubSystem> >> + <CETCompat>true</CETCompat> >> </Link> >> </ItemDefinitionGroup> >> <ItemDefinitionGroup >> Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'"> >> @@ -204,6 +206,7 @@ >> >> <AdditionalDependencies>Ncrypt.lib;gdi32.lib;ws2_32.lib;wininet.lib;crypt32.lib;iphlpapi.lib;winmm.lib;Fwpuclnt.lib;Rpcrt4.lib;setupapi.lib;Advapi32.lib</AdditionalDependencies> >> >> <AdditionalLibraryDirectories>$(OPENSSL_HOME)/lib;$(LZO_HOME)/lib;$(PKCS11H_HOME)/lib;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories> >> <SubSystem>Console</SubSystem> >> + <CETCompat>true</CETCompat> >> </Link> >> </ItemDefinitionGroup> >> <ItemDefinitionGroup >> Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> >> @@ -220,6 +223,7 @@ >> >> <AdditionalDependencies>Ncrypt.lib;gdi32.lib;ws2_32.lib;wininet.lib;crypt32.lib;iphlpapi.lib;winmm.lib;Fwpuclnt.lib;Rpcrt4.lib;setupapi.lib;Advapi32.lib</AdditionalDependencies> >> >> <AdditionalLibraryDirectories>$(OPENSSL_HOME)/lib;$(LZO_HOME)/lib;$(PKCS11H_HOME)/lib;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories> >> <SubSystem>Console</SubSystem> >> + <CETCompat>true</CETCompat> >> </Link> >> </ItemDefinitionGroup> >> <ItemDefinitionGroup >> Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'"> >> diff --git a/src/openvpnmsica/openvpnmsica-Debug.props >> b/src/openvpnmsica/openvpnmsica-Debug.props >> index 43532cfe..c99346af 100644 >> --- a/src/openvpnmsica/openvpnmsica-Debug.props >> +++ b/src/openvpnmsica/openvpnmsica-Debug.props >> @@ -10,5 +10,15 @@ >> <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary> >> </ClCompile> >> </ItemDefinitionGroup> >> + <ItemDefinitionGroup >> Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> >> + <Link> >> + <CETCompat>true</CETCompat> >> + </Link> >> + </ItemDefinitionGroup> >> + <ItemDefinitionGroup >> Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> >> + <Link> >> + <CETCompat>true</CETCompat> >> + </Link> >> + </ItemDefinitionGroup> >> <ItemGroup /> >> </Project> >> \ No newline at end of file >> diff --git a/src/openvpnmsica/openvpnmsica-Release.props >> b/src/openvpnmsica/openvpnmsica-Release.props >> index 47727b35..70f82713 100644 >> --- a/src/openvpnmsica/openvpnmsica-Release.props >> +++ b/src/openvpnmsica/openvpnmsica-Release.props >> @@ -11,5 +11,15 @@ >> <ControlFlowGuard>Guard</ControlFlowGuard> >> </ClCompile> >> </ItemDefinitionGroup> >> + <ItemDefinitionGroup >> Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> >> + <Link> >> + <CETCompat>true</CETCompat> >> + </Link> >> + </ItemDefinitionGroup> >> + <ItemDefinitionGroup >> Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> >> + <Link> >> + <CETCompat>true</CETCompat> >> + </Link> >> + </ItemDefinitionGroup> >> <ItemGroup /> >> </Project> >> \ No newline at end of file >> diff --git a/src/openvpnserv/openvpnserv.vcxproj >> b/src/openvpnserv/openvpnserv.vcxproj >> index 5fd7d60b..65d03e3b 100644 >> --- a/src/openvpnserv/openvpnserv.vcxproj >> +++ b/src/openvpnserv/openvpnserv.vcxproj >> @@ -130,6 +130,7 @@ >> <Link> >> >> <AdditionalDependencies>Userenv.lib;Iphlpapi.lib;ntdll.lib;Fwpuclnt.lib;Netapi32.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies> >> <SubSystem>Console</SubSystem> >> + <CETCompat>true</CETCompat> >> </Link> >> </ItemDefinitionGroup> >> <ItemDefinitionGroup >> Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> >> @@ -141,6 +142,7 @@ >> <Link> >> >> <AdditionalDependencies>legacy_stdio_definitions.lib;Userenv.lib;Iphlpapi.lib;ntdll.lib;Fwpuclnt.lib;Netapi32.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies> >> <SubSystem>Console</SubSystem> >> + <CETCompat>true</CETCompat> >> </Link> >> </ItemDefinitionGroup> >> <ItemDefinitionGroup >> Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'"> >> @@ -163,6 +165,7 @@ >> <Link> >> >> <AdditionalDependencies>Userenv.lib;Iphlpapi.lib;ntdll.lib;Fwpuclnt.lib;Netapi32.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies> >> <SubSystem>Console</SubSystem> >> + <CETCompat>true</CETCompat> >> </Link> >> </ItemDefinitionGroup> >> <ItemDefinitionGroup >> Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> >> @@ -174,6 +177,7 @@ >> <Link> >> >> <AdditionalDependencies>legacy_stdio_definitions.lib;Userenv.lib;Iphlpapi.lib;ntdll.lib;Fwpuclnt.lib;Netapi32.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies> >> <SubSystem>Console</SubSystem> >> + <CETCompat>true</CETCompat> >> </Link> >> </ItemDefinitionGroup> >> <ItemDefinitionGroup >> Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'"> >> -- >> 2.29.2.windows.2 >> > _______________________________________________ > Openvpn-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/openvpn-devel -- -Lev _______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
