From patchwork Tue Sep 21 23:57:55 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ilya Shipitsin X-Patchwork-Id: 1962 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director10.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id 6EugDQZSS2E9egAAIUCqbw (envelope-from ) for ; Wed, 22 Sep 2021 11:55:50 -0400 Received: from proxy6.mail.ord1d.rsapps.net ([172.30.191.6]) by director10.mail.ord1d.rsapps.net with LMTP id CD5cDQZSS2F2agAApN4f7A (envelope-from ) for ; Wed, 22 Sep 2021 11:55:50 -0400 Received: from smtp37.gate.ord1c ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy6.mail.ord1d.rsapps.net with LMTPS id cLc+DQZSS2GWfgAAQyIf0w (envelope-from ) for ; Wed, 22 Sep 2021 11:55:50 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp37.gate.ord1c.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Suspicious-Flag: YES X-Classification-ID: 8debfcf4-1bbd-11ec-b19c-525400e8d833-1-1 Received: from [216.105.38.7] ([216.105.38.7:50200] helo=lists.sourceforge.net) by smtp37.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id E9/48-25020-4025B416; Wed, 22 Sep 2021 11:55:49 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1mT4a0-0003we-0m; Wed, 22 Sep 2021 15:54:40 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mT4Zy-0003wL-DX for openvpn-devel@lists.sourceforge.net; Wed, 22 Sep 2021 15:54:38 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=ET2qbQu/GL391nhye8RtCNHoMvkK0uysqlsos6bBIUQ=; b=UTWA698xEj0+YRfv4kcNvV0XvG s/3HEOlpTVjFNn+CMGQ4BCYLBV1EaJ2FgqNdmvMwTqyG30ygTsADZ3bAU5MH+gdn7iIkppaW1i54N ZvfSIlEauuz3f2zcaLVZgNN4vhWeV8YaiyghN38fVTuYwMf2bMKVR7HNK1/BlWuKJumM=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=ET2qbQu/GL391nhye8RtCNHoMvkK0uysqlsos6bBIUQ=; b=f ulTYMFtT3ylxiQthcL8JyGLOVsE8XI9d5cjX93l4/PC39ENV9SMI5DiyQArAbr1ZihJnT6WABltzv SGbFRnHZKqVsfZ5jJdcDnpCu8uOQtZzZaS5zR5wd5wOI3uquJVyr/wO3H3V9Bsh2NsodkvvwiSMnQ 7xuJLfU+8uOGCrP0=; Received: from mail-lf1-f44.google.com ([209.85.167.44]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92.3) id 1mT4Zw-0007Ow-DW for openvpn-devel@lists.sourceforge.net; Wed, 22 Sep 2021 15:54:38 +0000 Received: by mail-lf1-f44.google.com with SMTP id y28so13691976lfb.0 for ; Wed, 22 Sep 2021 08:54:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=ET2qbQu/GL391nhye8RtCNHoMvkK0uysqlsos6bBIUQ=; b=XmruOhVbkgL9nRXHRF84ebg/1lohAJer4vYX9MIjIBf4TbYxc8EbOL0uuejQfkuMZ3 s38RgK/QzFmNUjSoaYPdXb01B3wUmkye9xyLlvbcS5mCz+2nu1MXwmUlLFw7WdO/vK55 uvhsx9olmPDtsB4ZZAa5oJH+e3urwqughEZHeKymmd0901t2kF2w9ihY84E9iLOqNwvu PWV9IhqEYgP+7V0vVo/tUhATMXOGUqLYciMNlbSfE1avbpQcz91jmCiAXdNhU6E/41Bg 7ErJAKMozpVt5DS75A0eEFBefUK4ukPNmxj1zCBrH5liSQt26Rm15iRzsH8Vp+aamLYq tzWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=ET2qbQu/GL391nhye8RtCNHoMvkK0uysqlsos6bBIUQ=; b=WcmUuB/JFSTvjmTbCwr8NDGWEKEs11le6bespeYMtfCvJb0CyPLgvbso8LNUZsSmFO 6qMyuJxm3se83vnOUMB3Nrbvmzz+e9DQbhE+kcHPkBGwMEa2oqTW8oa4jOZsyaMZiKw4 /rNw4z/YhnGWU8h+j0Iq0jplUYfVoH14Km0H5TUPtoH5Ix/G0k5+RLkzEuj8gd7lTieY DmV6nmlO5wWEXX93gtmi/Qm8oC/oMJ352heIvdXbp/tTETF6YPcPF+pHvL4iCURPkyZG 6XdeuhJ0O67h+LS48FE46BVBvizytbcqjLdn34MjfLuT3KlhWCd+baDVCVtTVGUN3UnL kwKA== X-Gm-Message-State: AOAM532fm2e97EvQFH9w8i68lRd9+zhw+b60ToVrR8oU9Y+KJmbmeTjd LX5SHecch57cIeem2/cB22mhrtFxhpE= X-Google-Smtp-Source: ABdhPJyoLNVx0ZFuaDZSHxORxAK7AXhMroGMMfrit+79ITh4vBkV+a4TXPbUFE4kmL6Af7nt+GXBiQ== X-Received: by 2002:a2e:824b:: with SMTP id j11mr238327ljh.373.1632325971804; Wed, 22 Sep 2021 08:52:51 -0700 (PDT) Received: from localhost.localdomain ([195.64.208.237]) by smtp.gmail.com with ESMTPSA id u14sm206119lfi.231.2021.09.22.08.52.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 Sep 2021 08:52:51 -0700 (PDT) From: Ilya Shipitsin To: openvpn-devel@lists.sourceforge.net Date: Wed, 22 Sep 2021 14:57:55 +0500 Message-Id: <20210922095756.1929-1-chipitsine@gmail.com> X-Mailer: git-send-email 2.29.2.windows.2 MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: found by BinSkim Signed-off-by: Ilya Shipitsin --- src/compat/Release.props | 1 + src/compat/compat.vcxproj | 6 ++++++ src/openvpn/openvpn.vcxproj | 9 +++++++++ src/openvpnmsica/openvpnmsica-Release.props | 1 + src/ [...] Content analysis details: (5.9 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.167.44 listed in list.dnswl.org] 3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [195.64.208.237 listed in zen.spamhaus.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 1.1 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [chipitsine[at]gmail.com] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.167.44 listed in wl.mailspike.net] 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 1.5 RCVD_IN_SORBS_WEB RBL: SORBS: sender is an abusable web server [195.64.208.237 listed in dnsbl.sorbs.net] X-Headers-End: 1mT4Zw-0007Ow-DW Subject: [Openvpn-devel] [PATCH v2] BUILD: enable CFG and Spectre mitigation for MSVC X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox found by BinSkim Signed-off-by: Ilya Shipitsin Acked-by: Lev Stipakov --- src/compat/Release.props | 1 + src/compat/compat.vcxproj | 6 ++++++ src/openvpn/openvpn.vcxproj | 9 +++++++++ src/openvpnmsica/openvpnmsica-Release.props | 1 + src/openvpnmsica/openvpnmsica.vcxproj | 6 ++++++ src/openvpnserv/openvpnserv.vcxproj | 6 ++++++ src/tapctl/tapctl.vcxproj | 6 ++++++ 7 files changed, 35 insertions(+) diff --git a/src/compat/Release.props b/src/compat/Release.props index 63828b79..50eaa8de 100644 --- a/src/compat/Release.props +++ b/src/compat/Release.props @@ -15,6 +15,7 @@ MultiThreadedDLL ProgramDatabase NDEBUG;%(PreprocessorDefinitions) + Guard true diff --git a/src/compat/compat.vcxproj b/src/compat/compat.vcxproj index 49824783..fe03a51a 100644 --- a/src/compat/compat.vcxproj +++ b/src/compat/compat.vcxproj @@ -38,33 +38,39 @@ MultiByte true v142 + Spectre StaticLibrary MultiByte true v142 + Spectre StaticLibrary MultiByte true v142 + Spectre StaticLibrary MultiByte v142 + Spectre StaticLibrary MultiByte v142 + Spectre StaticLibrary MultiByte v142 + Spectre diff --git a/src/openvpn/openvpn.vcxproj b/src/openvpn/openvpn.vcxproj index 5b3e0c6c..65ee6839 100644 --- a/src/openvpn/openvpn.vcxproj +++ b/src/openvpn/openvpn.vcxproj @@ -38,33 +38,39 @@ true NotSet v142 + Spectre Application true NotSet v142 + Spectre Application true NotSet v142 + Spectre Application NotSet v142 + Spectre Application NotSet v142 + Spectre Application NotSet v142 + Spectre @@ -191,6 +197,7 @@ Level2 true ..\compat;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard @@ -206,6 +213,7 @@ Level2 true ..\compat;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard @@ -221,6 +229,7 @@ Level2 true ..\compat;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard diff --git a/src/openvpnmsica/openvpnmsica-Release.props b/src/openvpnmsica/openvpnmsica-Release.props index 848fda8f..47727b35 100644 --- a/src/openvpnmsica/openvpnmsica-Release.props +++ b/src/openvpnmsica/openvpnmsica-Release.props @@ -8,6 +8,7 @@ MultiThreaded + Guard diff --git a/src/openvpnmsica/openvpnmsica.vcxproj b/src/openvpnmsica/openvpnmsica.vcxproj index c39b1240..11aa78bb 100644 --- a/src/openvpnmsica/openvpnmsica.vcxproj +++ b/src/openvpnmsica/openvpnmsica.vcxproj @@ -40,18 +40,21 @@ v142 Unicode true + Spectre DynamicLibrary true v142 Unicode + Spectre DynamicLibrary true v142 Unicode + Spectre DynamicLibrary @@ -60,6 +63,7 @@ true Unicode true + Spectre DynamicLibrary @@ -67,6 +71,7 @@ v142 true Unicode + Spectre DynamicLibrary @@ -74,6 +79,7 @@ v142 true Unicode + Spectre diff --git a/src/openvpnserv/openvpnserv.vcxproj b/src/openvpnserv/openvpnserv.vcxproj index 8009ab3d..5fd7d60b 100644 --- a/src/openvpnserv/openvpnserv.vcxproj +++ b/src/openvpnserv/openvpnserv.vcxproj @@ -38,33 +38,39 @@ Unicode true v142 + Spectre Application Unicode true v142 + Spectre Application Unicode true v142 + Spectre Application Unicode v142 + Spectre Application Unicode v142 + Spectre Application Unicode v142 + Spectre diff --git a/src/tapctl/tapctl.vcxproj b/src/tapctl/tapctl.vcxproj index ad96f02c..79da9d33 100644 --- a/src/tapctl/tapctl.vcxproj +++ b/src/tapctl/tapctl.vcxproj @@ -40,18 +40,21 @@ v142 Unicode true + Spectre Application true v142 Unicode + Spectre Application true v142 Unicode + Spectre Application @@ -60,6 +63,7 @@ true Unicode true + Spectre Application @@ -67,6 +71,7 @@ v142 true Unicode + Spectre Application @@ -74,6 +79,7 @@ v142 true Unicode + Spectre