From 3f432cf1bd1466f2cc80da8873e891b5c29952ee Mon Sep 17 00:00:00 2001 From: jyyi1 Date: Fri, 25 Aug 2023 17:44:08 -0400 Subject: [PATCH 1/2] =?UTF-8?q?fix(electron/windows):=20=F0=9F=A9=B9=20pre?= =?UTF-8?q?vent=20command=20LPE=20in=20the=20installer?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/electron/README.md | 4 ---- src/electron/add_tap_device.bat | 16 ++++++++-------- src/electron/custom_install_steps.nsh | 10 +++++----- src/electron/install_windows_service.bat | 8 ++++---- 4 files changed, 17 insertions(+), 21 deletions(-) diff --git a/src/electron/README.md b/src/electron/README.md index 5edaf26770..9c59290747 100644 --- a/src/electron/README.md +++ b/src/electron/README.md @@ -16,10 +16,6 @@ npm run action electron/start [windows|linux] ### Windows -Requirements for building on Windows: - -- [Cygwin](https://cygwin.com/install.html), if running action scripts outside of `src`. It provides the "missing Unix pieces" required by build system such as rsync (and many others). Besides the default selected Unix tools such as `bash` and `rsync`, please also make sure to install `git` during Cygwin installation as well. You will need to clone this repository using `git` in Cygwin instead of the native Windows version of git, in order to ensure Unix line endings. - To build the _release_ version of Windows installer, you'll also need: - [Java 8+ Runtime](https://www.java.com/en/download/). This is required for the cross-platform Windows executable signing tool [Jsign](https://ebourg.github.io/jsign/). If you don't need to sign the executables, feel free to skip this. diff --git a/src/electron/add_tap_device.bat b/src/electron/add_tap_device.bat index 67926cc555..d140e207ca 100755 --- a/src/electron/add_tap_device.bat +++ b/src/electron/add_tap_device.bat @@ -35,7 +35,7 @@ set ERROR_TAP_CONFIGURE_DNS=5 set PATH=%PATH%;%SystemRoot%\system32;%SystemRoot%\system32\wbem;%SystemRoot%\system32\WindowsPowerShell/v1.0 :: Check whether the device already exists. -netsh interface show interface name=%DEVICE_NAME% +%SystemRoot%\System32\netsh interface show interface name=%DEVICE_NAME% if %errorlevel% equ 0 ( echo TAP network device already exists. goto :configure @@ -63,7 +63,7 @@ echo Found TAP device name: "%TAP_NAME%" call :wait_for_device "%TAP_NAME%" :: Attempt to rename the device even if waiting timed out. -netsh interface set interface name="%TAP_NAME%" newname="%DEVICE_NAME%" +%SystemRoot%\System32\netsh interface set interface name="%TAP_NAME%" newname="%DEVICE_NAME%" if %errorlevel% neq 0 ( :: Try to rename the device through powershell in case netsh failed due to not being able to "see" :: the device. Pipe input from /dev/null to prevent powershell from waiting forever on EOF. @@ -89,7 +89,7 @@ call :wait_for_device "%DEVICE_NAME%" :: :: So, continue even if this command fails - and always include its output. echo (Re-)enabling TAP network device... -netsh interface set interface "%DEVICE_NAME%" admin=enabled +%SystemRoot%\System32\netsh interface set interface "%DEVICE_NAME%" admin=enabled :: The powershell command is used to ensure the adapter is enabled if netsh fails and leaves it in :: a disabled state. While no such failure has yet been observed, this command would correct it and :: should behave idempotently otherwise. @@ -102,7 +102,7 @@ powershell "Enable-NetAdapter -Name \"%DEVICE_NAME%\"" &2 exit /b %ERROR_TAP_CONFIGURE_SUBNET% @@ -114,13 +114,13 @@ if %errorlevel% neq 0 ( :: as it means we do not have to modify the DNS settings of any other network :: device in the system. Configure with Cloudflare and Quad9 resolvers echo Configuring primary DNS... -netsh interface ip set dnsservers %DEVICE_NAME% static address=1.1.1.1 +%SystemRoot%\System32\netsh interface ip set dnsservers %DEVICE_NAME% static address=1.1.1.1 if %errorlevel% neq 0 ( echo Could not configure TAP device primary DNS. >&2 exit /b %ERROR_TAP_CONFIGURE_DNS% ) echo Configuring secondary DNS... -netsh interface ip add dnsservers %DEVICE_NAME% 9.9.9.9 index=2 +%SystemRoot%\System32\netsh interface ip add dnsservers %DEVICE_NAME% 9.9.9.9 index=2 if %errorlevel% neq 0 ( echo Could not configure TAP device secondary DNS. >&2 exit /b %ERROR_TAP_CONFIGURE_DNS% @@ -132,14 +132,14 @@ exit /b 0 :: Exits with a non-zero code if the operation times out. :wait_for_device echo Testing that the network device "%~1" is visible to netsh... -netsh interface ip show interfaces | find "%~1" >nul 2>&1 +%SystemRoot%\System32\netsh interface ip show interfaces | find "%~1" >nul 2>&1 if %errorlevel% equ 0 exit /b 0 for /l %%N in (1, 1, 6) do ( echo Waiting... %%N :: timeout doesn't like the environment created by nsExec::ExecToStack and exits with: :: "ERROR: Input redirection is not supported, exiting the process immediately." waitfor /t 10 thisisnotarealsignalname >nul 2>&1 - netsh interface ip show interfaces | find "%~1" >nul 2>&1 + %SystemRoot%\System32\netsh interface ip show interfaces | find "%~1" >nul 2>&1 if !errorlevel! equ 0 exit /b 0 ) exit /b 1 diff --git a/src/electron/custom_install_steps.nsh b/src/electron/custom_install_steps.nsh index 633841e816..b34b3d9a3d 100755 --- a/src/electron/custom_install_steps.nsh +++ b/src/electron/custom_install_steps.nsh @@ -56,7 +56,7 @@ ${StrRep} File "${PROJECT_DIR}\src\electron\find_tap_device_name.bat" ; OutlineService files, stopping the service first in case it's still running. - nsExec::Exec "net stop OutlineService" + nsExec::Exec "$SYSDIR\net stop OutlineService" File "${PROJECT_DIR}\tools\OutlineService\OutlineService\bin\OutlineService.exe" File "${PROJECT_DIR}\tools\smartdnsblock\bin\smartdnsblock.exe" File "${PROJECT_DIR}\third_party\newtonsoft\Newtonsoft.Json.dll" @@ -146,8 +146,8 @@ ${StrRep} installservice: nsExec::Exec install_windows_service.bat - - nsExec::Exec "sc query OutlineService" + + nsExec::Exec "$SYSDIR\sc query OutlineService" Pop $0 StrCmp $0 0 success ; TODO: Trigger a Sentry report for service installation failure, too, and revisit @@ -165,6 +165,6 @@ ${StrRep} ; with the bundled tapinstall.exe because it can only remove *all* devices ; having hwid tap0901 and these may include non-Outline devices. !macro customUnInstall - nsExec::Exec "net stop OutlineService" - nsExec::Exec "sc delete OutlineService" + nsExec::Exec "$SYSDIR\net stop OutlineService" + nsExec::Exec "$SYSDIR\sc delete OutlineService" !macroend \ No newline at end of file diff --git a/src/electron/install_windows_service.bat b/src/electron/install_windows_service.bat index 3c958d9321..8022a7d477 100755 --- a/src/electron/install_windows_service.bat +++ b/src/electron/install_windows_service.bat @@ -24,13 +24,13 @@ setlocal EnableDelayedExpansion set PWD=%~dp0% :: Stop and delete the service. -net stop OutlineService -sc delete OutlineService +%SystemRoot%\System32\net stop OutlineService +%SystemRoot%\System32\sc delete OutlineService :: Install and start the service, configuring it to restart on boot. :: NOTE: spaces after the arguments are necessary for a correct installation, do not remove! -sc create OutlineService binpath= "%PWD%OutlineService.exe" displayname= "OutlineService" start= "auto" -net start OutlineService +%SystemRoot%\System32\sc create OutlineService binpath= "%PWD%OutlineService.exe" displayname= "OutlineService" start= "auto" +%SystemRoot%\System32\net start OutlineService :: This is for the client: sudo-prompt discards stdout/stderr if the script :: exits with a non-zero return code *which will happen if any of the previous From 0b09ed6f708832887541a7718fd2ce288474c25d Mon Sep 17 00:00:00 2001 From: "J. Yi" <93548144+jyyi1@users.noreply.github.com> Date: Mon, 28 Aug 2023 11:51:10 -0400 Subject: [PATCH 2/2] Update custom_install_steps.nsh --- src/electron/custom_install_steps.nsh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/electron/custom_install_steps.nsh b/src/electron/custom_install_steps.nsh index b34b3d9a3d..4ca378065d 100755 --- a/src/electron/custom_install_steps.nsh +++ b/src/electron/custom_install_steps.nsh @@ -146,7 +146,7 @@ ${StrRep} installservice: nsExec::Exec install_windows_service.bat - + nsExec::Exec "$SYSDIR\sc query OutlineService" Pop $0 StrCmp $0 0 success @@ -167,4 +167,4 @@ ${StrRep} !macro customUnInstall nsExec::Exec "$SYSDIR\net stop OutlineService" nsExec::Exec "$SYSDIR\sc delete OutlineService" -!macroend \ No newline at end of file +!macroend