Fix a Windows bug in refactored tap code, and always make sure we have a firewall exception rule on startup.

main.cpp

@@ -680,6 +680,43 @@ int main(int argc,char **argv)
 #endif // __UNIX_LIKE__
 
 #ifdef __WINDOWS__
+	{
+		char myPath[MAX_PATH];
+		DWORD ps = GetModuleFileNameA(NULL,myPath,sizeof(myPath));
+		if ((ps > 0)&&(ps < (DWORD)sizeof(myPath))) {
+			STARTUPINFOA startupInfo;
+			PROCESS_INFORMATION processInfo;
+			fprintf(stderr,"*** path: %s\n",myPath);
+
+			startupInfo.cb = sizeof(startupInfo);
+			memset(&startupInfo,0,sizeof(STARTUPINFOA));
+			memset(&processInfo,0,sizeof(PROCESS_INFORMATION));
+			if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\netsh.exe advfirewall firewall delete rule name=\"ZeroTier One\" program=\"") + myPath + "\"").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) {
+				WaitForSingleObject(processInfo.hProcess,INFINITE);
+				CloseHandle(processInfo.hProcess);
+				CloseHandle(processInfo.hThread);
+			}
+
+			startupInfo.cb = sizeof(startupInfo);
+			memset(&startupInfo,0,sizeof(STARTUPINFOA));
+			memset(&processInfo,0,sizeof(PROCESS_INFORMATION));
+			if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\netsh.exe advfirewall firewall add rule name=\"ZeroTier One\" dir=in action=allow program=\"") + myPath + "\" enable=yes").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) {
+				WaitForSingleObject(processInfo.hProcess,INFINITE);
+				CloseHandle(processInfo.hProcess);
+				CloseHandle(processInfo.hThread);
+			}
+
+			startupInfo.cb = sizeof(startupInfo);
+			memset(&startupInfo,0,sizeof(STARTUPINFOA));
+			memset(&processInfo,0,sizeof(PROCESS_INFORMATION));
+			if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\netsh.exe advfirewall firewall add rule name=\"ZeroTier One\" dir=out action=allow program=\"") + myPath + "\" enable=yes").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) {
+				WaitForSingleObject(processInfo.hProcess,INFINITE);
+				CloseHandle(processInfo.hProcess);
+				CloseHandle(processInfo.hThread);
+			}
+		}
+	}
+
 	if (winRunFromCommandLine) {
 		// Running in "interactive" mode (mostly for debugging)
 		if (IsCurrentUserLocalAdministrator() != TRUE) {

node/Dictionary.cpp

@@ -110,7 +110,7 @@ bool Dictionary::verify(const Identity &id) const
 		if (sig == end())
 			return false;
 		std::string sigbin(Utils::unhex(sig->second));
-		return id.verify(buf.data(),(unsigned int)buf.length(),sigbin.data(),sigbin.length());
+		return id.verify(buf.data(),(unsigned int)buf.length(),sigbin.data(),(unsigned int)sigbin.length());
 	} catch ( ... ) {
 		return false;
 	}

node/Utils.cpp

@@ -260,22 +260,20 @@ void Utils::lockDownFile(const char *path,bool isDir)
 #ifdef __WINDOWS__
 	{
 		STARTUPINFOA startupInfo;
-		startupInfo.cb = sizeof(startupInfo);
 		PROCESS_INFORMATION processInfo;
+
+		startupInfo.cb = sizeof(startupInfo);
 		memset(&startupInfo,0,sizeof(STARTUPINFOA));
 		memset(&processInfo,0,sizeof(PROCESS_INFORMATION));
-		/*
-		if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\cacls.exe \"") + path + "\" /E /R Users").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) {
-			WaitForSingleObject(processInfo.hProcess,INFINITE);
-			CloseHandle(processInfo.hProcess);
-			CloseHandle(processInfo.hThread);
-		}
-		*/
 		if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\icacls.exe \"") + path + "\" /inheritance:d /Q").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) {
 			WaitForSingleObject(processInfo.hProcess,INFINITE);
 			CloseHandle(processInfo.hProcess);
 			CloseHandle(processInfo.hThread);
 		}
+
+		startupInfo.cb = sizeof(startupInfo);
+		memset(&startupInfo,0,sizeof(STARTUPINFOA));
+		memset(&processInfo,0,sizeof(PROCESS_INFORMATION));
 		if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\icacls.exe \"") + path + "\" /remove *S-1-5-32-545 /Q").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) {
 			WaitForSingleObject(processInfo.hProcess,INFINITE);
 			CloseHandle(processInfo.hProcess);

osnet/WindowsEthernetTap.cpp

@@ -706,8 +706,9 @@ NET_IFINDEX WindowsEthernetTap::_getDeviceIndex()
 
 	for(ULONG i=0;i<ift->NumEntries;++i) {
 		if (ift->Table[i].InterfaceLuid.Value == _deviceLuid.Value) {
+			NET_IFINDEX idx = ift->Table[i].InterfaceIndex;
 			FreeMibTable(ift);
-			return ift->Table[i].InterfaceIndex;
+			return idx;
 		}
 	}