{"id":2916,"date":"2019-09-28T22:01:01","date_gmt":"2019-09-28T14:01:01","guid":{"rendered":"https:\/\/www.aoisnow.net\/blog\/?p=2916"},"modified":"2019-09-28T22:01:01","modified_gmt":"2019-09-28T14:01:01","slug":"tont-102300-38583-%e4%b8%8d%e8%a6%81%e6%8a%8a%e4%bd%a0%e7%9a%84dll%e5%91%bd%e5%90%8d%e4%b8%basecurity-dll","status":"publish","type":"post","link":"https:\/\/www.aoisnow.net\/blog\/archives\/2916","title":{"rendered":"TONT 102300 (38583) \u4e0d\u8981\u628a\u4f60\u7684DLL\u547d\u540d\u4e3aSecurity.dll"},"content":{"rendered":"<p>\u9898\u5916\u8bdd\uff1a<\/p>\n<p>\u9274\u4e8e The old new thing \u535a\u5ba2\u8fc1\u79fb\u81f3 Microsoft Developer Blogs \u4e4b\u540e\uff0c\u90e8\u5206\u6587\u7ae0 ID \u53d1\u751f\u4e86\u5f7b\u5e95\u53d8\u5316\uff08\u6beb\u4e0d\u76f8\u5173\uff09\uff0c\u6545\u81ea\u672c\u7bc7\u8d77\uff0c\u5b58\u5728\u8be5\u95ee\u9898\u7684\u5bf9\u5e94\u535a\u6587\uff0c\u5982\u5728\u672c\u4eba\u624b\u4e2d\u5177\u6709\u65e7\u7248\u5907\u4efd\uff0c\u5219\u4f1a\u5728\u6807\u9898\u4e2d\u4ee5\u62ec\u53f7\u7684\u5f62\u5f0f\u6807\u51fa\u65e7 ID\uff0c\u65b0 ID \u5219\u5728\u5176\u4e4b\u524d\uff0c\u4ee5\u4e0d\u5e26\u62ec\u53f7\u7684\u5f62\u5f0f\u63d0\u4f9b\u3002\u5982\u9047\u6587\u7ae0\u7684\u65b0\u3001\u65e7 ID \u76f8\u540c\uff0c\u6216\u53ef\u4ee5\u901a\u8fc7\u65e7 ID \u76f4\u63a5\u5728\u65b0\u7248 The old new thing \u4e0a\u8fdb\u884c\u8bbf\u95ee\uff0c\u5219\u53ea\u4f1a\u64b0\u5199\u4e00\u4e2a ID\u3002<\/p>\n<p>\u539f\u6587\u94fe\u63a5\uff1a<a href=\"https:\/\/devblogs.microsoft.com\/oldnewthing\/20040702-00\/?p=102300\" target=\"_blank\" rel=\"noopener\">https:\/\/devblogs.microsoft.com\/oldnewthing\/20040702-00\/?p=102300<\/a><\/p>\n<p>Reaching back into the history bucket\u2026<\/p>\n<p>\u8ba9\u6211\u4eec\u56de\u5230\u5386\u53f2\u7684\u6545\u7eb8\u5806\u4e2d\u3002<\/p>\n<p>Some people have discovered that strange things happen if you name your DLL \u201csecurity.dll\u201d.<\/p>\n<p>\u6709\u4eba\u53d1\u73b0\uff0c\u5982\u679c\u5c06\u4f60\uff08\u5f00\u53d1\uff09\u7684 DLL \u547d\u540d\u4e3a security.dll\uff0c\u5c31\u4f1a\u53d1\u751f\u4e00\u4e9b\u5947\u602a\u7684\u4e8b\u60c5\u3002<\/p>\n<p>The reason is that there is already a system DLL called \u201csecurity.dll\u201d; it\u2019s the Security Support Provider Interface DLL, and it used to go by the name \u201csecurity.dll\u201d, though nowadays the name \u201csecur32.dll\u201d is preferred. If you look into your system32 directory, you\u2019ll see both \u201csecurity.dll\u201d and \u201csecur32.dll\u201d in there. And if you\u2019re handy with an export dumper, you\u2019ll see that \u201csecurity.dll\u201d is just a bunch of forwarders to \u201csecur32.dll\u201d. If you browse through the MSDN documentation, you\u2019ll see that everybody talks about \u201csecur32.dll\u201d and hardly any mention is made of its doppelg\u00e4nger \u201csecurity.dll\u201d.<\/p>\n<p>\u8fd9\u662f\u7531\u4e8e\u5df2\u7ecf\u6709\u4e00\u4e2a\u7cfb\u7edf DLL \u7684\u540d\u5b57\u53eb security.dll \u4e86\uff0c\u5b83\u662f\uff08\u7cfb\u7edf\u7684\uff09\u5b89\u5168\u652f\u6301\u63d0\u4f9b\u5668\u63a5\u53e3\uff08SSPI\uff09\u7684 DLL\uff0c\u5e76\u4e14\u66fe\u7ecf\u7528\u8fc7\u00a0\u00a0security.dll \u7684\u540d\u5b57\uff0c\u867d\u7136\u5982\u4eca\u6bd4\u8f83\u63a8\u8350\u4f7f\u7528 secur32.dll \u5c31\u662f\u4e86\u3002\u6253\u5f00\u4f60\u7684 system32 \u76ee\u5f55\u7684\u8bdd\uff0c\u4f60\u4f1a\u540c\u65f6\u770b\u5230 secutiry.dll \u548c secur32.dll\uff0c\u5982\u679c\u624b\u5934\u4e0a\u6b63\u597d\u6709DLL\u5bfc\u51fa\u51fd\u6570\u6d4f\u89c8\u5668\u7684\u8bdd\uff0c\u4f60\u4f1a\u53d1\u73b0 security.dll \u7684\u5bfc\u51fa\u51fd\u6570\u4e0d\u8fc7\u662f\u4e00\u5927\u5806\u5230 secur32.dll \u7684\u8f6c\u53d1\u800c\u5df2\u3002\u53e6\u5916\uff0c\u6d4f\u89c8\u4e00\u4e0b MSDN \u6587\u6863\uff0c\u4e5f\u4f1a\u53d1\u73b0\u5927\u591a\u6570\u6587\u7ae0\u91cc\u63d0\u53ca\u7684\u90fd\u662f secur32.dll\uff0c\u800c\u6781\u5c11\u63d0\u53ca\u5b83\u7684\u5f71\u5b50\u5f1f\u5144 security.dll\u3002<\/p>\n<p>Okay, here\u2019s where the history comes in. Wind back to Windows 95.<\/p>\n<p>\u597d\u4e86\uff0c\u73b0\u5728\u8ba9\u6211\u4eec\u6765\u8c08\u8c08\u5386\u53f2\uff0c\u9996\u5148\u56de\u5230 Windows 95 \u7684\u5e74\u4ee3\u3002<\/p>\n<p>Back in those days, the Security Support Provider Interface was implemented in two different DLLs. The one you wanted depended on whether you are running Windows NT or Windows 95. On Windows 95, it was called \u201csecur32.dll\u201d, but on Windows NT, it was called \u201csecurity.dll\u201d.<\/p>\n<p>\u4ece\u524d\uff0cSSPI \u662f\u901a\u8fc7\u4e24\u4e2a\u4e0d\u540c\u7684 DLL \u5b9e\u73b0\u7684\uff0c\u9700\u8981\u4f7f\u7528\u54ea\u4e00\u4e2a\u53d6\u51b3\u4e8e\u662f\u5728\u8fd0\u884c Windows NT \u8fd8\u662f Windows 95\u3002\u5728 Windows 95 \u91cc\uff0cSSPI \u7684 DLL \u53eb secur32.dll\uff0c\u4f46\u5728 Windows NT \u4e2d\uff0c\u5219\u53eb security.dll\u3002<\/p>\n<p>This was obviously a messed-up state of affairs, so the Windows NT folks decided to \u201cgo with the flow\u201d and rename their security DLL to \u201csecur32.dll\u201d. This was probably for application compatibility reasons: Applications that were written to run on Windows 95 and were never tested on Windows NT just went straight for \u201csecur32.dll\u201d instead of loading the correct DLL based on the operating system.<\/p>\n<p>\u5f88\u660e\u663e\uff0c\u8fd9\u6837\u7684\u5b89\u6392\u7b80\u76f4\u662f\u4e00\u56e2\u7cdf\uff0c\u6240\u4ee5 Windows NT \u5f00\u53d1\u7ec4\u7684\u8001\u54e5\u4eec\u51b3\u5b9a\u300e\u968f\u6ce2\u9010\u6d41\u300f\uff0c\u5c06\u4ed6\u4eec\u7684\u5b89\u5168 DLL \u6539\u540d\u6210\u4e86 secur32.dll\u3002\u8fd9\u5927\u6982\u662f\u51fa\u4e8e\u5bf9\u5e94\u7528\u7a0b\u5e8f\u517c\u5bb9\u6027\u7684\u8003\u91cf\uff1a\u9762\u5411 Windows 95 \u5f00\u53d1\u3001\u5e76\u4e14\u4ece\u6765\u6ca1\u6709\u5728 Windows NT \u4e0a\u6d4b\u8bd5\u8fc7\u7684\u7684\u5e94\u7528\u7a0b\u5e8f\u4f1a\u76f4\u5954 secur32.dll \u800c\u53bb\uff0c\u800c\u4e0d\u4f1a\u6839\u636e\u64cd\u4f5c\u7cfb\u7edf\u7684\u60c5\u51b5\u53bb\u9009\u62e9\u52a0\u8f7d\u6b63\u786e\u7684 DLL\u3002<\/p>\n<p>Okay, so now pop back to the present day. When you put a DLL called \u201cSecurity.dll\u201d in your application directory, what happens?<\/p>\n<p>\u597d\u4e86\uff0c\u56de\u5230\u73b0\u5728\u3002\u5f53\u4f60\u5c06\u4e00\u4e2a\u53eb security.dll \u7684 DLL \u653e\u5728\u4f60\u7684\u5e94\u7528\u7a0b\u5e8f\u76ee\u5f55\u4e2d\uff0c\u4f1a\u53d1\u751f\u4ec0\u4e48\u5462\uff1f<\/p>\n<p><a href=\"http:\/\/msdn.microsoft.com\/library\/en-us\/dllproc\/base\/loadlibrary.asp\" target=\"_blank\" rel=\"noopener\">Recall that the rules for the order in which DLLs are searched<\/a> for checks the application directory before it checks the system directory. As a result, anybody in your application who wants \u201cSecurity.dll\u201d will get your version instead of the system version.<\/p>\n<p><a href=\"https:\/\/docs.microsoft.com\/en-us\/windows\/win32\/dlls\/dynamic-link-library-search-order\" target=\"_blank\" rel=\"noopener\">\u56de\u5fc6\u4e00\u4e0b\u6709\u5173 DLL \u7684\u641c\u7d22\u987a\u5e8f\u7684\u8bbe\u5b9a<\/a>\uff08\u8bd1\u6ce8\uff1a\u539f\u94fe\u63a5\u5df2\u5931\u6548\uff0c\u4e2d\u6587\u94fe\u63a5\u4e3a\u65b0\u5730\u5740\uff09\uff0cWindows \u4f1a\u5728\u53bb\u7cfb\u7edf\u76ee\u5f55\u4e0b\u67e5\u627e\u4e4b\u524d\uff0c\u5148\u5728\u5e94\u7528\u7a0b\u5e8f\u7684\u5de5\u4f5c\u76ee\u5f55\u4e0b\u8fdb\u884c\u641c\u7d22\u3002\u56e0\u6b64\uff0c\u7531\u4f60\u7684\u5e94\u7528\u7a0b\u5e8f\u53d1\u8d77\u7684\u8c03\u7528\uff0c\u5982\u679c\u8981\u67e5\u627e\u540d\u53eb security.dll \u7684 DLL\uff0c\u90fd\u4f1a\u62ff\u5230\u4f60\uff08\u653e\u5728\u5e94\u7528\u7a0b\u5e8f\u76ee\u5f55\u4e0b\uff09\u7684\u7248\u672c\uff0c\u800c\u4e0d\u662f\u7cfb\u7edf\uff08\u76ee\u5f55\uff09\u4e2d\u7684\u7248\u672c\u3002<\/p>\n<p>Even if the system version is the one they really wanted.<\/p>\n<p>\u5373\u4fbf\u7cfb\u7edf\u76ee\u5f55\u4e2d\u7684\u90a3\u4e2a\u7248\u672c\u662f\u5b83\u4eec\u771f\u6b63\u9700\u8981\u7684\u3002<\/p>\n<p>That\u2019s why overriding the system\u2019s Security.dll with your own results in a bunch of SSPI errors. Components you are using in your program are trying to talk to SPPI by loading \u201csecurity.dll\u201d and instead of getting the system one, they get yours. But yours was never meant to be a replacement for \u201csecurity.dll\u201d; it\u2019s just some random DLL that happens to have the same name.<\/p>\n<p>\u8fd9\u5c31\u662f\u4e3a\u4ec0\u4e48\u4ee5\u4f60\u81ea\u5df1\u7248\u672c\u7684 security.dll \u66ff\u4ee3\u7cfb\u7edf\u7248\u672c\u4f1a\u5f15\u53d1\u4e00\u5927\u5806 SSPI \u76f8\u5173\u7684\u9519\u8bef\u3002\u4f60\u7684\u5e94\u7528\u7a0b\u5e8f\u4e2d\u7684\u7ec4\u4ef6\u5c1d\u8bd5\u8fdb\u884c SSPI \u8c03\u7528\u65f6\u4f1a\u53bb\u5c1d\u8bd5\u52a0\u8f7d security.dll\uff0c\u800c\u57fa\u4e8e\u4ee5\u4e0a\u89c4\u5219\uff0c\u7ec4\u4ef6\u4f1a\u62ff\u5230\u4f60\u7684\u7a0b\u5e8f\u76ee\u5f55\u4e0b\u7684\u7248\u672c\uff0c\u800c\u4e0d\u662f\u7cfb\u7edf\u76ee\u5f55\u4e2d\u7684\u7248\u672c\u3002\u7136\u800c\u4f60\u7684 security.dll \u5e76\u4e0d\u662f\u7cfb\u7edf\u4e2d\u90a3\u4e2a security.dll \u7684\u66ff\u4ee3\u54c1\uff0c\u53ea\u662f\u4e00\u4e2a\u6070\u597d\u540c\u540d\u7684\u3001\u5176\u5b83\u7528\u9014\u7684 DLL \u800c\u5df2\u3002<\/p>\n<p>You would have had the same problem if you happened to name your DLL something like \u201cDDRAW.DLL\u201d and some component in your program tried to create a DirectDraw surface. \u201cSecurity.dll\u201d has the disadvantage that it has a simple name (which people are likely to want to name their own DLL), and its importance to proper system functionality is not well-known. (Whereas it would be more obvious that creating a DLL called \u201ckernel32.dll\u201d and putting it in your application directory is going to cause nothing but trouble.)<\/p>\n<p>\u540c\u6837\u5730\uff0c\u5f53\u4f60\u7684 DLL \u78b0\u5de7\u8d77\u4e86\u4e2a\u540d\u5b57\u53eb ddraw.dll \u800c\u4f60\u7684\u7a0b\u5e8f\u4e2d\u67d0\u4e2a\u7ec4\u4ef6\u5c1d\u8bd5\u521b\u5efa DirectDraw \u7ed8\u56fe\u5e73\u9762\u65f6\uff0c\u4e5f\u4f1a\u53d1\u751f\u7c7b\u4f3c\u7684\u95ee\u9898\u3002Security.dll \u7684\u52a3\u52bf\u5728\u4e8e\u5176\u540d\u79f0\u592a\u7b80\u660e\u4e86\uff08\u56e0\u800c\u4eba\u4eec\u53ef\u80fd\u4f1a\u628a\u4ed6\u4eec\u7684 DLL \u8d77\u4e00\u4e2a\u76f8\u540c\u7684\u540d\u5b57\uff09\uff0c\u5e76\u4e14\u5176\u5bf9\u7cfb\u7edf\u8fd0\u884c\u7684\u91cd\u8981\u6027\u5e76\u975e\u5e7f\u4e3a\u4eba\u77e5\u3002\uff08\u7136\u800c\u66f4\u660e\u663e\u7684\u662f\u521b\u5efa\u4e00\u4e2a DLL \u8d77\u540d\u53eb kernel32.dll \u7136\u540e\u653e\u8fdb\u4f60\u7684\u5e94\u7528\u7a0b\u5e8f\u76ee\u5f55\u4e2d\uff0c\u90a3\u4e48\u9664\u4e86\u9ebb\u70e6\u4e4b\u5916\u4ec0\u4e48\u4e5f\u4e0d\u4f1a\u4ea7\u751f\u3002\uff09<\/p>\n<p>\uff08\u8bd1\u6ce8\uff1a\u4e8b\u5b9e\u4e0a kernel32.dll \u7531\u4e8e\u5c5e\u4e8e KnownDLLs\uff08\u6ce8\u518c\u8868 HKLM\\SYSTEM\\CurrentControlSet\\Control\\Session Manager\\KnownDLLs\uff09\uff0cWindows \u4f1a\u4ec5\u5728\u7cfb\u7edf\u76ee\u5f55\u4e2d\u67e5\u627e\u5728\u8be5\u5217\u8868\u4e2d\u7684DLL \u800c\u4e0d\u9075\u5b88\u524d\u8ff0\u7684\u89c4\u5219\uff0c\u6240\u4ee5\u5e76\u4e0d\u4f1a\u53d1\u751f\u8fd9\u4e2a\u95ee\u9898\uff0c\u800c security.dll \u4e4b\u6240\u4ee5\u81f3\u4eca\u6709\u8fd9\u4e2a\u95ee\u9898\uff0c\u4e2a\u4eba\u8ba4\u4e3a\u66f4\u591a\u7684\u8fd8\u662f\u7531\u4e8e\u9996\u5148\u5fae\u8f6f\u5728\u5386\u53f2\u4e0a\u641e\u7838\u4e86\u8fd9\u4e2a\u6587\u4ef6\u7684\u547d\u540d\uff0c\u7136\u540e\u53c8\u66ff\u6c34\u5e73\u53c2\u5dee\u4e0d\u9f50\u7684\u8f6f\u4ef6\u5f00\u53d1\u5546\u80cc\u4e86\u4e00\u90e8\u5206\u7684\u9ed1\u9505\uff09<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u9898\u5916\u8bdd\uff1a \u9274\u4e8e The old new thing \u535a\u5ba2\u8fc1\u79fb\u81f3 Microsoft Developer Blo [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-2916","post","type-post","status-publish","format-standard","hentry","category-tont_history"],"_links":{"self":[{"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/posts\/2916","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/comments?post=2916"}],"version-history":[{"count":0,"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/posts\/2916\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/media?parent=2916"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/categories?post=2916"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/tags?post=2916"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}