search

stunndard / golangwin7patch

Binary patcher for Go programs on Windows 7 / Server 2008
39 stars 4 forks source link

fatal error: acryptprimitives.dll not found #4

Open fjh1997 opened 2 months ago

fjh1997 commented 2 months ago 
fatal error: acryptprimitives.dll not found
runtime: panic before malloc heap initialized

And I'm sure acryptprimitives.dll exists in system32

stunndard commented 2 months ago

What EXE are you trying to patch? What is Server 2008 version? Is it 32 or 64 bit? Is there any software potentially preventing execution installed in the Server 2008? (Antivirus, firewall,etc)

fjh1997 commented 2 months ago

What EXE are you trying to patch? What is Server 2008 version? Is it 32 or 64 bit? Is there any software potentially preventing execution installed in the Server 2008? (Antivirus, firewall,etc)

I tried to run client of This Project,But it failed, systeminfo detail below:

OS Name:                   Microsoft Windows Server 2008 R2 Enterprise
OS Version:                6.1.7601 Service Pack 1 Build 7601
OS Manufacturer:           Microsoft Corporation
OS Configuration:          Standalone Server
OS Build Type:             Multiprocessor Free
System Manufacturer:       VMware, Inc.
System Model:              VMware Virtual Platform
System Type:               x64-based PC

The attathment is the sample client(generated bylink --goos windows),which connects to 192.168.50.162:3232 by default.And you can change it to another address. fa38075ad1af21dc03bee20e4b874fb0.zip No Antivirus or firewall installed

stunndard commented 2 months ago

I tried your exe in Server 2008 and it seems working fine after patching. https://imgur.com/a/7TFRYkP Is there anything else I'm missing?

fjh1997 commented 2 months ago

I tried your exe in Server 2008 and it seems working fine after patching. https://imgur.com/a/7TFRYkP Is there anything else I'm missing?

I appreciate your help in trying to verify the issue. After extensive troubleshooting, I found out that the version of Windows I installed was reinstalled from a DVD (https://archive.org/details/WINSERVER2008R2SP1_AIO_ZH-CN), which did not have the KB474419 and KB4490628 security patches installed. After installing these two patches, it worked. However, programs compiled with Go 1.20 also work on Windows without these patches installed. Maybe we could make it further to support Windows systems that don't have these patches installed?

stunndard commented 2 months ago

Could you please suggest an English version of Server 2008 that exhibits this problem with Go 1.22+ ? I tried a couple of them, but they all seem to have some patches applied and I couldn't reproduce the problem aforementioned.

fjh1997 commented 1 month ago

Could you please suggest an English version of Server 2008 that exhibits this problem with Go 1.22+ ? I tried a couple of them, but they all seem to have some patches applied and I couldn't reproduce the problem aforementioned.

Sorry for the delay, I've been busy recently. Today, I had some time and tried the English version: https://archive.org/details/WinServer2008R2SP1AIO. I used the manual installation method to install the ISO in VMware (without using automatic installation). At the same time, I transferred the exe and the patching tool to the virtual machine using Remote Desktop (without installing VMware Tools or any Windows updates). I found that the issue still persists.

stunndard commented 1 month ago

The issue is that the newest Go runtime 1.20+ (?) is using LoadLibraryEx with LOAD_LIBRARY_SEARCH_SYSTEM32 flag, which is only supported on Win7/Server 2008 with patch KB2533623 installed, as described in Microsoft docs: https://learn.microsoft.com/en-us/windows/win32/api/libloaderapi/nf-libloaderapi-loadlibraryexa. This patch, in turn, seems to be superseded by KB3063858. I tried KB3063858 and it fixed the problem for me with stock bare ISO you provided.

The Go runtime uses this flag not only for bcryptprimitives.dll, but also for all other Windows DLLs it loads, so this is another "feature" they introduced that completely breaks Win7/Server 2008 compatibility. At least it can be fixed for now by installing stock patches from Microsoft. Making it work on unpatched Win7 systems would require patching it in all places in Go executable, which is not future-proof and can lead to security problems. I will update the patcher to mention that KB3063858 is required. Thank you for finding this.

Actually, almost nothing currently works on an unpatched Win7/Server2008, even VMWare Tools require some certificate patches to be installed first, so... In the long run. we cannot win this race against the whole world abandoning Win7.