From patchwork Wed Sep 15 02:25:34 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ilya Shipitsin X-Patchwork-Id: 1950 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director13.mail.ord1d.rsapps.net ([172.27.255.1]) by backend30.mail.ord1d.rsapps.net with LMTP id OAT+JK/mQWHxCwAAIUCqbw (envelope-from ) for ; Wed, 15 Sep 2021 08:27:27 -0400 Received: from proxy20.mail.iad3a.rsapps.net ([172.27.255.1]) by director13.mail.ord1d.rsapps.net with LMTP id qHfFJK/mQWFOQAAA91zNiA (envelope-from ) for ; Wed, 15 Sep 2021 08:27:27 -0400 Received: from smtp32.gate.iad3a ([172.27.255.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy20.mail.iad3a.rsapps.net with LMTPS id UBibH6/mQWHMNQAAtfLT2w (envelope-from ) for ; Wed, 15 Sep 2021 08:27:27 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp32.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Suspicious-Flag: YES X-Classification-ID: 493b881a-1620-11ec-9f2b-5254001741cc-1-1 Received: from [216.105.38.7] ([216.105.38.7:33694] helo=lists.sourceforge.net) by smtp32.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id C2/F4-13549-FA6E1416; Wed, 15 Sep 2021 08:27:27 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1mQTzI-0001NP-L6; Wed, 15 Sep 2021 12:26:04 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mQTzH-0001NA-4D for openvpn-devel@lists.sourceforge.net; Wed, 15 Sep 2021 12:26:03 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=yYPfTF6RKNpEQzInx0nXb5veTSV0i8QcPQl4QavCBaA=; b=ASSM6y47t3zLxGLa+7x+4Rw9nI zcZFHW9h0j5R6+GDbaIVKnXwxSLzD/C7eRWdv2UWaW/FX+owP1WiQbj0A5VvTyRVb9WPHW3bMtWZp eOogUxa1uABVENBKT8nHyk8ctKxzXtQI5l8nvNEYIvTbwxgPq8OZhAO9oeUSduBd+ZHc=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=yYPfTF6RKNpEQzInx0nXb5veTSV0i8QcPQl4QavCBaA=; b=H BfQWRvScP9TptnlBcSyVbjttjbMFV2vFTQhS01pHqWATFf/11ehJPRltWsFf+2Q00TDbmwEA+GLNa fVem/RJ2SYpniSGIL/cOs3zXMDQ8ZBAQnOw9WzmA09epTshX8UHAp55BMsdiwdGVR9V4lIAsJcXGv anyu5jNvSqGW0j8E=; Received: from mail-lj1-f175.google.com ([209.85.208.175]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92.3) id 1mQTzB-00BacV-Bu for openvpn-devel@lists.sourceforge.net; Wed, 15 Sep 2021 12:26:01 +0000 Received: by mail-lj1-f175.google.com with SMTP id y6so798055lje.2 for ; Wed, 15 Sep 2021 05:25:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=yYPfTF6RKNpEQzInx0nXb5veTSV0i8QcPQl4QavCBaA=; b=BvZPWFWYDMN5QuTY3VIMzhHxw5WyYUDB9K/BNMPY16t5eVH0QgRi7RJQWCxXa2MYH/ fGfZKsxtLec2+qEtLXmSJnGwXOT2GaXOmz7kabEOrK5nS/2HkLoA3lI6QSDMFyOK7jpR Xmj+Efq6TnsjJ7x/4aJ8ZcPr/CdiNk547yqR9l5TI5etygVOhMmbtMy5YQ7Hp8fS0Yqe mhfCqq9NjjRph4JShB3eSzm/uDsHQVTKNV0lkYOkrWeiJX83MOeQvTX8PN5o52byNxCP qI0C/Xijl2uvJwyHJ4iYX9vxysFu8pWvAS794v4B5sL+zW0xGeMvegLHlRc7TCM90V0l RN8w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=yYPfTF6RKNpEQzInx0nXb5veTSV0i8QcPQl4QavCBaA=; b=Pe3GDIFZwONFU77xq0XlH1NURb1Ro+5fkHW3jjHNSKjm2geKuzDp/8sZpC9WjOyf5v YJqGiPfIJhHtvem5VJ72uI9DRi3glEvPw8iB91tphURbqiAs3miPA5glwfUIUDku9bA/ fhES7haHugwQGy5GJzo/HNtRQ+xCxLHJ7H3VzlC2YsBcoZDHeeRcU9/DmPyqxata0WBv QVSl1p/vc4hsIPsk9vDL+uTsoXhPnfElZ6CHIlrXEfpxThVNBPmDAeXRhgGgAxgknLyN 83t8gGZYdg4DevGqBZ8omLNmO1DBqAiZoy8SZMWSvSeaObrNoKSxhWAsNuNI1XQ7I8PY rUXg== X-Gm-Message-State: AOAM531+I6u3amd4ngGAS+JywWpM5gkEsNWAqEH42K8iTsgUwYZ72QGF fGdcESehsr1yzEJGmbna7H1DiuntHTs= X-Google-Smtp-Source: ABdhPJwFd2zwpSEm5atpLRGQK6R8MW9Jx4JzrnHqCwMPUD67A08502JMjArin+8ZUTNK1pWeqyVz1g== X-Received: by 2002:a05:651c:1131:: with SMTP id e17mr20263766ljo.301.1631708750439; Wed, 15 Sep 2021 05:25:50 -0700 (PDT) Received: from localhost.localdomain ([195.64.208.237]) by smtp.gmail.com with ESMTPSA id 4sm1763454ljq.99.2021.09.15.05.25.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 Sep 2021 05:25:50 -0700 (PDT) From: Ilya Shipitsin To: openvpn-devel@lists.sourceforge.net Date: Wed, 15 Sep 2021 17:25:34 +0500 Message-Id: <20210915122534.355-1-chipitsine@gmail.com> X-Mailer: git-send-email 2.29.2.windows.2 MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: found by BinSkim Signed-off-by: Ilya Shipitsin --- src/compat/Debug.props | 1 + src/compat/Release.props | 1 + src/compat/compat.vcxproj | 6 ++++++ src/openvpn/openvpn.vcxproj | 12 ++++++++++++ src/openvpnmsica/open [...] Content analysis details: (1.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.5 RCVD_IN_SORBS_WEB RBL: SORBS: sender is an abusable web server [195.64.208.237 listed in dnsbl.sorbs.net] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.208.175 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.208.175 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [chipitsine[at]gmail.com] -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-Headers-End: 1mQTzB-00BacV-Bu Subject: [Openvpn-devel] [PATCH] BUILD: enable CFG and Spectre mitigation for MSVC X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox found by BinSkim Signed-off-by: Ilya Shipitsin --- src/compat/Debug.props | 1 + src/compat/Release.props | 1 + src/compat/compat.vcxproj | 6 ++++++ src/openvpn/openvpn.vcxproj | 12 ++++++++++++ src/openvpnmsica/openvpnmsica.props | 1 + src/openvpnmsica/openvpnmsica.vcxproj | 6 ++++++ src/openvpnserv/openvpnserv.vcxproj | 6 ++++++ src/tapctl/tapctl.vcxproj | 6 ++++++ 8 files changed, 39 insertions(+) diff --git a/src/compat/Debug.props b/src/compat/Debug.props index 31bb9d91..810609bf 100644 --- a/src/compat/Debug.props +++ b/src/compat/Debug.props @@ -15,6 +15,7 @@ _DEBUG;%(PreprocessorDefinitions) MultiThreadedDebugDLL EditAndContinue + Guard diff --git a/src/compat/Release.props b/src/compat/Release.props index 63828b79..50eaa8de 100644 --- a/src/compat/Release.props +++ b/src/compat/Release.props @@ -15,6 +15,7 @@ MultiThreadedDLL ProgramDatabase NDEBUG;%(PreprocessorDefinitions) + Guard true diff --git a/src/compat/compat.vcxproj b/src/compat/compat.vcxproj index 49824783..fe03a51a 100644 --- a/src/compat/compat.vcxproj +++ b/src/compat/compat.vcxproj @@ -38,33 +38,39 @@ MultiByte true v142 + Spectre StaticLibrary MultiByte true v142 + Spectre StaticLibrary MultiByte true v142 + Spectre StaticLibrary MultiByte v142 + Spectre StaticLibrary MultiByte v142 + Spectre StaticLibrary MultiByte v142 + Spectre diff --git a/src/openvpn/openvpn.vcxproj b/src/openvpn/openvpn.vcxproj index 5b3e0c6c..8d27f9c6 100644 --- a/src/openvpn/openvpn.vcxproj +++ b/src/openvpn/openvpn.vcxproj @@ -38,33 +38,39 @@ true NotSet v142 + Spectre Application true NotSet v142 + Spectre Application true NotSet v142 + Spectre Application NotSet v142 + Spectre Application NotSet v142 + Spectre Application NotSet v142 + Spectre @@ -146,6 +152,7 @@ Level2 true ..\compat;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard @@ -161,6 +168,7 @@ Level2 true ..\compat;$(SolutionDir)include;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard @@ -176,6 +184,7 @@ Level2 true ..\compat;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard @@ -191,6 +200,7 @@ Level2 true ..\compat;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard @@ -206,6 +216,7 @@ Level2 true ..\compat;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard @@ -221,6 +232,7 @@ Level2 true ..\compat;$(SolutionDir);%(AdditionalIncludeDirectories) + Guard diff --git a/src/openvpnmsica/openvpnmsica.props b/src/openvpnmsica/openvpnmsica.props index 074635d0..9e934a73 100644 --- a/src/openvpnmsica/openvpnmsica.props +++ b/src/openvpnmsica/openvpnmsica.props @@ -9,6 +9,7 @@ ..\compat;$(TAP_WINDOWS_HOME)/include;%(AdditionalIncludeDirectories) _WIN32_WINNT=_WIN32_WINNT_VISTA;%(PreprocessorDefinitions) + Guard Windows diff --git a/src/openvpnmsica/openvpnmsica.vcxproj b/src/openvpnmsica/openvpnmsica.vcxproj index c39b1240..11aa78bb 100644 --- a/src/openvpnmsica/openvpnmsica.vcxproj +++ b/src/openvpnmsica/openvpnmsica.vcxproj @@ -40,18 +40,21 @@ v142 Unicode true + Spectre DynamicLibrary true v142 Unicode + Spectre DynamicLibrary true v142 Unicode + Spectre DynamicLibrary @@ -60,6 +63,7 @@ true Unicode true + Spectre DynamicLibrary @@ -67,6 +71,7 @@ v142 true Unicode + Spectre DynamicLibrary @@ -74,6 +79,7 @@ v142 true Unicode + Spectre diff --git a/src/openvpnserv/openvpnserv.vcxproj b/src/openvpnserv/openvpnserv.vcxproj index 8009ab3d..5fd7d60b 100644 --- a/src/openvpnserv/openvpnserv.vcxproj +++ b/src/openvpnserv/openvpnserv.vcxproj @@ -38,33 +38,39 @@ Unicode true v142 + Spectre Application Unicode true v142 + Spectre Application Unicode true v142 + Spectre Application Unicode v142 + Spectre Application Unicode v142 + Spectre Application Unicode v142 + Spectre diff --git a/src/tapctl/tapctl.vcxproj b/src/tapctl/tapctl.vcxproj index ad96f02c..79da9d33 100644 --- a/src/tapctl/tapctl.vcxproj +++ b/src/tapctl/tapctl.vcxproj @@ -40,18 +40,21 @@ v142 Unicode true + Spectre Application true v142 Unicode + Spectre Application true v142 Unicode + Spectre Application @@ -60,6 +63,7 @@ true Unicode true + Spectre Application @@ -67,6 +71,7 @@ v142 true Unicode + Spectre Application @@ -74,6 +79,7 @@ v142 true Unicode + Spectre