Folks,
While bundling stunnel with my user application, upon kick off I see this error message.*1 Is there a way to avoid this security warning? I am trying to figure out if signing the binaries will escape this situation, or if it is related to the binary not containing a string table. I investigated linking the win32 binary with MS Visual Studio 2005 to see if the presence of the version string info in the binary would help*2, but so far I have been unable to directly link. I originally built stunnel using cygwin's mingw32-gcc*3, so linking using MSDEV is not too easy.*4
Thanks
Refs: *1 "Windows Security Alert. To help protect your computer, Windows Firewall has blocked some features of this program. Do you want to keep blocking this program? Name: stunnel Publisher: Unknown"
*2 stunnel/src/version.rc,
// pdelaage TODO 20101111: this file works with MS VC / EVC // But with MINGW, properties are NOT displayed in Windows Explorer // although they are embedded in the final exe program. // anyway, using a .o coming from MS VC does not change anything, // and linking the gcc version.o with ms tools works! // so the problem is in fact in gcc-linking, not in version.o.
*2 mingw64-i686-gcc-core 4.5.1-2
Administrator@MSDN-2005-DEV /cygdrive/c/dl/stunnel/stunnel-4.35/src $ i686-w64-mingw32-gcc-4.5.1 -s -o stunnel.exe file.obj client.obj log.obj options.obj protocol.obj network.obj resolver.obj ssl.obj ctx.obj verify.obj sthreads.obj stunnel.obj gui.obj resources.obj -L/cygdrive/c/openssl/lib -L/cygdrive/c/dl/stunnel/zlib-1.2.5 -lcrypto.dll -lssl.dll -lz -lws2_32 -lgdi32 -mwindows -v Using built-in specs. COLLECT_GCC=i686-w64-mingw32-gcc-4.5.1 COLLECT_LTO_WRAPPER=/usr/lib/gcc/i686-w64-mingw32/4.5.1/lto-wrapper.exe Target: i686-w64-mingw32 Configured with: /cygdrive/c/nnnew/gcc32/mingw64-i686-gcc-4.5.1-2/src/gcc-4.5.1/configure --srcdir=/cygdrive/c/nnnew/gcc32/mingw64-i686-gcc-4.5.1-2/src/gcc-4.5.1 --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --libexecdir=/usr/lib --datadir=/usr/share --localstatedir=/var --sysconfdir=/etc --datarootdir=/usr/share --docdir=/usr/share/doc/mingw64-i686-gcc -C --build=i686-pc-cygwin --host=i686-pc-cygwin --target=i686-w64-mingw32 --with-sysroot=/usr/i686-w64-mingw32/sys-root --with-build-sysroot=/usr/i686-w64-mingw32/sys-root --disable-multilib --disable-win32-registry --enable-languages=c,ada,c++,fortran,objc,obj-c++ --enable-fully-dynamic-strings --enable-libgomp --enable-sjlj-exceptions --enable-version-specific-runtime-libs --with-dwarf2 --enable-decimal-float=bid --enable-lto Thread model: win32 gcc version 4.5.1 (GCC) COMPILER_PATH=/usr/lib/gcc/i686-w64-mingw32/4.5.1/:/usr/lib/gcc/i686-w64-mingw32/4.5.1/:/usr/lib/gcc/i686-w64-mingw32/:/usr/lib/gcc/i686-w64-mingw32/4.5.1/:/usr/lib/gcc/i686-w64-mingw32/:/usr/lib/gcc/i686-w64-mingw32/4.5.1/../../../../i686-w64-mingw32/bin/ LIBRARY_PATH=/usr/lib/gcc/i686-w64-mingw32/4.5.1/:/usr/lib/gcc/i686-w64-mingw32/4.5.1/../../../../i686-w64-mingw32/lib/../lib32/:/usr/lib/gcc/i686-w64-mingw32/4.5.1/../../../../i686-w64-mingw32/lib/:/usr/i686-w64-mingw32/sys-root/mingw/lib/ COLLECT_GCC_OPTIONS='-s' '-o' 'stunnel.exe' '-L/cygdrive/c/openssl/lib' '-L/cygdrive/c/dl/stunnel/zlib-1.2.5' '-mwindows' '-v' '-mtune=generic' '-march=pentiumpro' /usr/lib/gcc/i686-w64-mingw32/4.5.1/collect2.exe --sysroot=/usr/i686-w64-mingw32/sys-root -m i386pe --subsystem windows -Bdynamic -o stunnel.exe -s /usr/i686-w64-mingw32/sys-root/mingw/lib/crt2.o /usr/lib/gcc/i686-w64-mingw32/4.5.1/crtbegin.o -L/cygdrive/c/openssl/lib -L/cygdrive/c/dl/stunnel/zlib-1.2.5 -L/usr/lib/gcc/i686-w64-mingw32/4.5.1 -L/usr/lib/gcc/i686-w64-mingw32/4.5.1/../../../../i686-w64-mingw32/lib/../lib32 -L/usr/lib/gcc/i686-w64-mingw32/4.5.1/../../../../i686-w64-mingw32/lib -L/usr/i686-w64-mingw32/sys-root/mingw/lib file.obj client.obj log.obj options.obj protocol.obj network.obj resolver.obj ssl.obj ctx.obj verify.obj sthreads.obj stunnel.obj gui.obj resources.obj -lcrypto.dll -lssl.dll -lz -lws2_32 -lgdi32 -lmingw32 -lgcc_eh -lgcc -lmoldname -lmingwex -lmsvcrt -lgdi32 -lcomdlg32 -luser32 -lkernel32 -ladvapi32 -lshell32 -lmingw32 -lgcc_eh -lgcc -lmoldname -lmingwex -lmsvcrt /usr/lib/gcc/i686-w64-mingw32/4.5.1/crtend.o
Administrator@MSDN-2005-DEV /cygdrive/c/dl/stunnel/stunnel-4.35/src $
*4 Link attempt under windows:
C:\dl\stunnel\stunnel-4.35\src>link /libpath:"C:\openssl\lib" /libpath:"c:\dl\stunnel\zlib-1.2.5" /machine:I386 /nologo /out:"stunnel.exe" /incremental:no /release /mapinfo:exports /subsystem:windows /opt:ref /opt:icf wsock32.lib kernel32.lib user32.lib gdi32.lib comdlg32.lib advapi32.lib shell32.lib msvcrt.lib libcmt.lib libcrypto.a libssl.a libz.a file.obj client.obj log.obj options.obj protocol.obj network.obj resolver.obj ssl.obj ctx.obj verify.obj sthreads.obj stunnel.obj gui.obj resources.obj msvcrt.lib(_stat.obj) : warning LNK4078: multiple '.drectve' sections found with different attributes (00000A00) options.obj : error LNK2019: unresolved external symbol ___chkstk referenced in function _parse_conf gui.obj : error LNK2019: unresolved external symbol _strdup referenced in function _WinMain@16 libcrypto.a(asn_mime.o) : error LNK2001: unresolved external symbol __alloca libcrypto.a(bss_file.o) : error LNK2019: unresolved external symbol __alloca referenced in function _BIO_new_file libcrypto.a(cryptlib.o) : error LNK2001: unresolved external symbol __alloca libcrypto.a(err_prn.o) : error LNK2001: unresolved external symbol __alloca libcrypto.a(bn_prime.o) : error LNK2001: unresolved external symbol __alloca libcrypto.a(b_print.o) : error LNK2019: unresolved external symbol ___umoddi3 referenced in function _fmtint libcrypto.a(bn_word.o) : error LNK2001: unresolved external symbol ___umoddi3 libcrypto.a(b_print.o) : error LNK2019: unresolved external symbol ___udivdi3 referenced in function _fmtint stunnel.exe : fatal error LNK1120: 5 unresolved externals
C:\dl\stunnel\stunnel-4.35\src>
You can add the required firewall exceptions as part of your installation tasks. You just need to allow connections to the incoming port(s) your stunnel config use.
-----Original Message----- From: jay@experts-exchange.com Sender: stunnel-users-bounces@stunnel.org Date: Mon, 21 Mar 2011 17:39:11 To: stunnel-users@stunnel.org Subject: [stunnel-users] Windows Firewall has blocked some features of this program
Folks,
While bundling stunnel with my user application, upon kick off I see this error message.*1 Is there a way to avoid this security warning? I am trying to figure out if signing the binaries will escape this situation, or if it is related to the binary not containing a string table. I investigated linking the win32 binary with MS Visual Studio 2005 to see if the presence of the version string info in the binary would help*2, but so far I have been unable to directly link. I originally built stunnel using cygwin's mingw32-gcc*3, so linking using MSDEV is not too easy.*4
Thanks
Refs: *1 "Windows Security Alert. To help protect your computer, Windows Firewall has blocked some features of this program. Do you want to keep blocking this program? Name: stunnel Publisher: Unknown"
*2 stunnel/src/version.rc,
// pdelaage TODO 20101111: this file works with MS VC / EVC // But with MINGW, properties are NOT displayed in Windows Explorer // although they are embedded in the final exe program. // anyway, using a .o coming from MS VC does not change anything, // and linking the gcc version.o with ms tools works! // so the problem is in fact in gcc-linking, not in version.o.
*2 mingw64-i686-gcc-core 4.5.1-2
Administrator@MSDN-2005-DEV /cygdrive/c/dl/stunnel/stunnel-4.35/src $ i686-w64-mingw32-gcc-4.5.1 -s -o stunnel.exe file.obj client.obj log.obj options.obj protocol.obj network.obj resolver.obj ssl.obj ctx.obj verify.obj sthreads.obj stunnel.obj gui.obj resources.obj -L/cygdrive/c/openssl/lib -L/cygdrive/c/dl/stunnel/zlib-1.2.5 -lcrypto.dll -lssl.dll -lz -lws2_32 -lgdi32 -mwindows -v Using built-in specs. COLLECT_GCC=i686-w64-mingw32-gcc-4.5.1 COLLECT_LTO_WRAPPER=/usr/lib/gcc/i686-w64-mingw32/4.5.1/lto-wrapper.exe Target: i686-w64-mingw32 Configured with: /cygdrive/c/nnnew/gcc32/mingw64-i686-gcc-4.5.1-2/src/gcc-4.5.1/configure --srcdir=/cygdrive/c/nnnew/gcc32/mingw64-i686-gcc-4.5.1-2/src/gcc-4.5.1 --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --libexecdir=/usr/lib --datadir=/usr/share --localstatedir=/var --sysconfdir=/etc --datarootdir=/usr/share --docdir=/usr/share/doc/mingw64-i686-gcc -C --build=i686-pc-cygwin --host=i686-pc-cygwin --target=i686-w64-mingw32 --with-sysroot=/usr/i686-w64-mingw32/sys-root --with-build-sysroot=/usr/i686-w64-mingw32/sys-root --disable-multilib --disable-win32-registry --enable-languages=c,ada,c++,fortran,objc,obj-c++ --enable-fully-dynamic-strings --enable-libgomp --enable-sjlj-exceptions --enable-version-specific-runtime-libs --with-dwarf2 --enable-decimal-float=bid --enable-lto Thread model: win32 gcc version 4.5.1 (GCC) COMPILER_PATH=/usr/lib/gcc/i686-w64-mingw32/4.5.1/:/usr/lib/gcc/i686-w64-mingw32/4.5.1/:/usr/lib/gcc/i686-w64-mingw32/:/usr/lib/gcc/i686-w64-mingw32/4.5.1/:/usr/lib/gcc/i686-w64-mingw32/:/usr/lib/gcc/i686-w64-mingw32/4.5.1/../../../../i686-w64-mingw32/bin/ LIBRARY_PATH=/usr/lib/gcc/i686-w64-mingw32/4.5.1/:/usr/lib/gcc/i686-w64-mingw32/4.5.1/../../../../i686-w64-mingw32/lib/../lib32/:/usr/lib/gcc/i686-w64-mingw32/4.5.1/../../../../i686-w64-mingw32/lib/:/usr/i686-w64-mingw32/sys-root/mingw/lib/ COLLECT_GCC_OPTIONS='-s' '-o' 'stunnel.exe' '-L/cygdrive/c/openssl/lib' '-L/cygdrive/c/dl/stunnel/zlib-1.2.5' '-mwindows' '-v' '-mtune=generic' '-march=pentiumpro' /usr/lib/gcc/i686-w64-mingw32/4.5.1/collect2.exe --sysroot=/usr/i686-w64-mingw32/sys-root -m i386pe --subsystem windows -Bdynamic -o stunnel.exe -s /usr/i686-w64-mingw32/sys-root/mingw/lib/crt2.o /usr/lib/gcc/i686-w64-mingw32/4.5.1/crtbegin.o -L/cygdrive/c/openssl/lib -L/cygdrive/c/dl/stunnel/zlib-1.2.5 -L/usr/lib/gcc/i686-w64-mingw32/4.5.1 -L/usr/lib/gcc/i686-w64-mingw32/4.5.1/../../../../i686-w64-mingw32/lib/../lib32 -L/usr/lib/gcc/i686-w64-mingw32/4.5.1/../../../../i686-w64-mingw32/lib -L/usr/i686-w64-mingw32/sys-root/mingw/lib file.obj client.obj log.obj options.obj protocol.obj network.obj resolver.obj ssl.obj ctx.obj verify.obj sthreads.obj stunnel.obj gui.obj resources.obj -lcrypto.dll -lssl.dll -lz -lws2_32 -lgdi32 -lmingw32 -lgcc_eh -lgcc -lmoldname -lmingwex -lmsvcrt -lgdi32 -lcomdlg32 -luser32 -lkernel32 -ladvapi32 -lshell32 -lmingw32 -lgcc_eh -lgcc -lmoldname -lmingwex -lmsvcrt /usr/lib/gcc/i686-w64-mingw32/4.5.1/crtend.o
Administrator@MSDN-2005-DEV /cygdrive/c/dl/stunnel/stunnel-4.35/src $
*4 Link attempt under windows:
C:\dl\stunnel\stunnel-4.35\src>link /libpath:"C:\openssl\lib" /libpath:"c:\dl\stunnel\zlib-1.2.5" /machine:I386 /nologo /out:"stunnel.exe" /incremental:no /release /mapinfo:exports /subsystem:windows /opt:ref /opt:icf wsock32.lib kernel32.lib user32.lib gdi32.lib comdlg32.lib advapi32.lib shell32.lib msvcrt.lib libcmt.lib libcrypto.a libssl.a libz.a file.obj client.obj log.obj options.obj protocol.obj network.obj resolver.obj ssl.obj ctx.obj verify.obj sthreads.obj stunnel.obj gui.obj resources.obj msvcrt.lib(_stat.obj) : warning LNK4078: multiple '.drectve' sections found with different attributes (00000A00) options.obj : error LNK2019: unresolved external symbol ___chkstk referenced in function _parse_conf gui.obj : error LNK2019: unresolved external symbol _strdup referenced in function _WinMain@16 libcrypto.a(asn_mime.o) : error LNK2001: unresolved external symbol __alloca libcrypto.a(bss_file.o) : error LNK2019: unresolved external symbol __alloca referenced in function _BIO_new_file libcrypto.a(cryptlib.o) : error LNK2001: unresolved external symbol __alloca libcrypto.a(err_prn.o) : error LNK2001: unresolved external symbol __alloca libcrypto.a(bn_prime.o) : error LNK2001: unresolved external symbol __alloca libcrypto.a(b_print.o) : error LNK2019: unresolved external symbol ___umoddi3 referenced in function _fmtint libcrypto.a(bn_word.o) : error LNK2001: unresolved external symbol ___umoddi3 libcrypto.a(b_print.o) : error LNK2019: unresolved external symbol ___udivdi3 referenced in function _fmtint stunnel.exe : fatal error LNK1120: 5 unresolved externals
C:\dl\stunnel\stunnel-4.35\src>
_______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org http://stunnel.mirt.net/mailman/listinfo/stunnel-users
-
jay@experts-exchange.com -
josealf@rocketmail.com