"Jason A. Donenfeld" <[email protected]> wrote: > Hi Brad, > > On Wed, Feb 10, 2021 at 3:04 PM Brad Spencer <[email protected]> wrote: >> >> Would it make sense to link the official wintun.dll with the MSVC >> linker's -DEPENDENTLOADFLAG:0x800 option? >> >> https://docs.microsoft.com/en-us/cpp/build/reference/dependentloadflag >> >> Doing so restricts the search path for immediate dependencies to the >> %windows%\system32\ directory, and I think all of the DLLs Wintun needs >> are there.
This flag is supported only on current versions of Windows 10. Since Wireguard still supports Windows 7 and 8 you but need the "classic" mitigation there, i.e. delay-loading and your own delay-loading routine, as Jason writes below. > That flag is a bit of a can of worms, which I haven't been too > inclined to open. See: > https://skanthak.homepage.t-online.de/snafu.html This flag also doesn't help with exports forwarded to "unknown" DLLs, neither with /DEPENDENTLOADFLAG:... nor with LoadLibraryEx(): see https://skanthak.homepage.t-online.de/detour.html > Instead, wintun.dll uses delay loading for all DLLs except for > kernel32.dll and ntdll.dll, and then forces the delay loader hook > through LoadLibraryEx. See: > https://git.zx2c4.com/wintun/tree/api/entry.c#n25 You can see this in > action by putting wintun.dll into depends: > https://data.zx2c4.com/depends-for-wintun-dll-feb-2021.png Stefan
