These days I'm very much busy on developing an activex/com application. Some of our customers are working under heavily restricted windows environments. So i decided to make my application regfree. I found genman32.exe which can easily create manifests (also mt.exe is useful). Everything went fine but when i tried to execute my application from wsh(vbs or js) -which is obligated for my the situation because the application works on a com server-
set o = CreateObject("Application.Interface")
// No object reference
Because "CreateObject" looks to the registery and there is no registery entry :) then i searched and found the thing that is "actctx". It is very easy to implement in a dot.net environment. But i must execute my application from wsh(vbs or js) ;) so i decided to search a little then found
set o = CreateObject("Microsoft.Windows.ActCtx")
o.manifest = "L:\\Application.dll.manifest"
set app = o.CreateObject("Application.Interface")
app.Launch() // which is my executing function
Problem -
"Microsoft.Windows.ActCtx" interface is not available in Windows Xp machines even in SP3 - Microsoft never lets it easy -
Is there any solution to that problem? Do You know any other methods or windows update that creates that interface?
I figured out the problem with my manifest. I'll share it with anyone else who may have run into a similiar problem.
Please be aware that you MUST specify the progid="" property in your manifest when using this with the "Microsoft.Windows.ActCtx" interface otherwise you get ActiveX Component Can't Create Object error.
<comClass
clsid="{ED59F192-EF2E-4BCC-95EB-85A8C5C65326}"
progid="myclass.process"
threadingModel = "Apartment" />
The following manifest example should get you up and running :)
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1"
manifestVersion="1.0">
<assemblyIdentity
type="win32"
name="myclass"
version="1.0.0.0"/>
<file name = "myclass.dll">
<comClass
clsid="{ED59F192-EF2E-4BCC-95EB-85A8C5C65326}"
progid="myclass.process"
threadingModel = "Apartment" />
<typelib tlbid="{7AE20C3A-48C2-42C1-A68D-A1C3EB0A2C65}"
version="1.0" helpdir=""/>
</file>
<comInterfaceExternalProxyStub
name="_PROCESS"
iid="{187D0811-470D-44C0-B68C-C1C7F3EEFDA0}"
proxyStubClsid32="{00020424-0000-0000-C000-000000000046}"
baseInterface="{00000000-0000-0000-C000-000000000046}"
tlbid = "{7AE20C3A-48C2-42C1-A68D-A1C3EB0A2C65}" />
</assembly>
If the Microsoft.Windows.ActCtx were redistributable, there would have to be some way for it to get onto the machine and globally registered. If you had access to register this on the machine, can't you insted simply register Application.Interface? If you're dealing with a restricted environment ... well you have to deal with what's available already.
It looks like you're using the wsh script to launch your application. Why not write a stub to launch the app in native or managed code (where you will be able to use a manifest), and call that stub instead?
Related
I have a solution consisting of a Windows Application Packaging Project that groups two other projects:
A UWP project, named UwpUI, which is the entry point of the package. It can also be launched by protocol activation.
A .NET framework project, named FrameworkLogic, declared as Fulltrust.
An AppServiceConnection connects the two projects and allows a bi-directional communication between them.
It works using a well known pattern, described in this blog post by Stefan Wick:
Uwp with desktop extension-part 3
The package.appxmanifest (of my app) contains this.
<Extensions>
<desktop:Extension
Category="windows.fullTrustProcess"
Executable="FrameworkLogic\FrameworkLogic.exe">
</desktop:Extension>
<uap:Extension Category="windows.appService">
<uap:AppService Name="BidirectionalCom" />
</uap:Extension>
<uap:Extension Category="windows.protocol" Executable="UwpUI.exe"
EntryPoint="UwpUI.App">
<uap:Protocol Name="protoLaunch" />
</uap:Extension>
The uwp starts the fulltrust process like that:
await FullTrustProcessLauncher.LaunchFullTrustProcessForCurrentAppAsync();
In the entrypoint of the fulltrust .net framework, the connection is made with:
Connection = new AppServiceConnection();
Connection.AppServiceName = "BidirectionalCom";
var familyName = Package.Current.Id.FamilyName;
Connection.PackageFamilyName = familyName;
Connection.RequestReceived += Connection_RequestReceived;
Connection.ServiceClosed += Connection_ServiceClosed;
AppServiceConnectionStatus status = await Connection.OpenAsync();
opening the connection result in a call on the uwp side in the method
OnBackgroundActivated(BackgroundActivatedEventArgs args)
Where a reference to the connection is kept. Everything works.
The new requirement is this : set a console app (or a WPF app) as the package entry point.
If the package is launched without arguments, the new console app launches the uwp project by protocol activation. The bi-directional communication between the UWP and the .NET framework is instantiated and used.
If the app is launched with arguments (in my case, from the jumplist), then only the console app is used.
Adding the new project and setting it as the package entry point results in the following error:
DEP0700: Registration of the app failed. [0x80073CF6] AppxManifest.xml(44,10): error 0x80080204: Cannot register the package because the extension is missing an EntryPoint or StartPage attribute.
The solution on this SO post got me further.
Seems logical : the appservice must be defined under the project that uses it, which is not the package's entrypoint anymore.
My package manifest now include a second app (UwpUI) and looks like this:
<Application Id="App" Executable="$targetnametoken$.exe" EntryPoint="$targetentrypoint$">
<uap:VisualElements DisplayName="Home" Description="Package" BackgroundColor="white" Square44x44Logo="Images\Square44x44Logo.png">
</uap:VisualElements>
<Extensions>
<uap:Extension Category="windows.protocol" Executable="UwpUI.exe" EntryPoint="UwpUI.App" ><uap:Protocol Name="protoLaunch" />
</uap:Extension>
<desktop:Extension Category="windows.fullTrustProcess" Executable="FrameworkLogic\FrameworkLogic.exe">
</desktop:Extension>
</Extensions>
</Application>
<Application Id="App2" Executable="UwpUI.exe" EntryPoint="UwpUI.App">
<uap:VisualElements AppListEntry="none" DisplayName="Home" Description="Package" BackgroundColor="white" Square44x44Logo="Images\Square44x44Logo.png" Square150x150Logo="Images\Square150x150Logo.png">
<uap:DefaultTile ShortName="-TestApp-" Square71x71Logo="Images\SmallTile.png" Wide310x150Logo="Images\Wide310x150Logo.png" Square310x310Logo="Images\LargeTile.png"/>
<uap:SplashScreen BackgroundColor="white" Image="Images\SplashScreen.png" a:Optional="true"/>
</uap:VisualElements>
<Extensions>
<uap:Extension Category="windows.appService" >
<uap:AppService Name="BidirectionalCom" uap4:SupportsMultipleInstances="false"/>
</uap:Extension>
</Extensions>
</Application>
Doing that works as far as launching the fulltrust project, and establishing the connection, with a call to OnBackgroundActivated(BackgroundActivatedEventArgs args). There, I can succesfuly send a request and get an answer.
But I hit two major problems:
Any (static or instance) field or event instantiated in app.xaml.cs of the UwpUI project is null when it is called from another method, including the reference to the connection.
Prior to the modification, in debug mode at least, I could set breakpoints in both the UWP and the .NET framework project by doing 'detach all', then 'attach to process'. Now When attaching, the .NET framework project is greyed out.
Any idea what I'm missing? Problem 1 is the worse, since it breaks the app, but I need to solve the two.
Thank you.
EDIT : When looking at Task Manager, I see two processes with the same entry point (UwpUI.exe). Indeed, breakpoints show me that the call to the uwp constructor ( App.xaml.cs.App()), is called twice.
That certainly explains problem 1: fields are set in one instance and are of course null in the second instance.
Seems I need to structure my manifest differently, but I have yet to find how.
EDIT: Example project Here
System.Net.WebException:
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.'
This is an error that occurs in my VS2022 solution when working with a self signed certificate and Android.
The case is the following:
It is an android app that runs on an local network, with a local https backend service. A certificate has been issued for this service by the domain admin. However, the domain is not an official CA (Certificate Authority). You then have to manually install a CA, via settings.
Part of the solution
What I did to solve this is adding the CA certificates to the Android device (via Settings > Security -> Encryption & Credentials -> Install a Certificate).
The web browser, in the android app, can now successfully access the https site, without warnings.
I still need help with
However the CA store is not accessible via the app unless it is configured via network-security-config: https://developer.android.com/training/articles/security-config#TrustingAdditionalCas
This is something that can be done in the Xamarin days like:
https://devblogs.microsoft.com/xamarin/cleartext-http-android-network-security/
https://nicksnettravels.builttoroam.com/android-certificates/#:~:text=Accessing%20the%20Android%20Certificate%20Store
But in MAUI I'm a bit lost, I don't see the right resources, mipmap, etc.
I would like to solve this issue with a one-liner like this:
[assembly: Application(UsesCleartextTraffic = true)]
...which can also be configured via the via network-security-config.
Is there a one-liner or can someone help me out configuring my network-security-config to get the CA store available in a MAUI solution?
After this suggestion of Gerald, "So you can still add a xml folder under Resources (under the Android folder that is)", I finally got it!
Add a network_security_config.xml file, under the Android folder, with:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config>
<trust-anchors>
<!-- Trust preinstalled CAs -->
<certificates src="system" />
<!-- Additionaly trusted user added CAs -->
<certificates src="user"/>
</trust-anchors>
</base-config>
</network-security-config>
And in your AndroidManifest.xml add the: android:networkSecurityConfig="#xml/network_security_config" attribute to your Application node.
So, add it to the already existing node, don't add a new one (or else you'll get strange errors):
And the trust anchor exception is gone, but I'm still curious if there is another way - without the network-security-config. ;-)
PS Don't forget to add the CA certificates to the Android device, as stated in the original question.
OK so I see a couple of things here and not sure what you're after exactly so let me go over it one by one.
Let's start with: if you can, please avoid using clear text traffic! ;)
UseClearTextTraffic Attribute
Then, the easy one, you want the [assembly: Application(UsesCleartextTraffic = true)] oneliner. You can totally still do that and actually you can now that throughout the whole project I think. But it makes the most sense in Android.
Notice how the attribute says assembly so it works for the whole assembly anyway and it doesn't really matter where you put it. That is how it typically works. However, in .NET MAUI there is already a [Application] attribute above the MainApplication, so open that and modify it like below.
namespace MauiAndroidClearText;
[Application(UsesCleartextTraffic = true)]
public class MainApplication : MauiApplication
{
// Your code
}
Network Security Config
Basically your separate Android project is now under the Platforms\Android folder. Everything you put there, even if it's not there by default, will still behave as it was in a separate Android project.
So you can still add a xml folder under Resources (under the Android folder that is), then add the network_security_config.xml file with:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">10.0.2.2</domain> <!-- Debug port -->
<domain includeSubdomains="true">xamarin.com</domain>
</domain-config>
</network-security-config>
And in your AndroidManifest.xml add the android:networkSecurityConfig="#xml/network_security_config" attribute to your Application node.
See a full sample here: https://github.com/jfversluis/MauiAndroidClearText
How you asked how you could trust a self signed root certificate (self signed CA) without needed to install in the device, I will share the code.
I am using a MAUI project that use .NET 6.
In the MAUI project, in platform/android/resources/raw, you have to copy your ca.crt certificate. It can have .crt or .pem extension. In my case, I use .crt.
The raw folder is not created by default, so you have to create this folder.
In platform/android/resources, you have to create the folder xml, so you will have platform/android/resources/xml folder. In this folder, add a new xml file, with this name: network_security_config.xml.
This file set the certificates in which you want to trust.
The code of this file is:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config>
<!--NOTA: el subdominio es necesario porque si no no se podrĂ¡ instalar-->
<domain includeSubdomains="true">192.168.1.200</domain>
<trust-anchors>
<certificates src="#raw/ca"/>
</trust-anchors>
</domain-config>
</network-security-config>
The certificate is ca, with no extension, if not, it will give an error when you try to compile.
You have to include a subdomain, in my case, the IP of the server, because I am not inside a domain. If you don't set this, when you try to debug it doesn't start, gives problems.
You have to edit the file AndroidManifest.xml, this exists. The code of my file is this:
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android">
<application android:allowBackup="true" android:icon="#mipmap/appicon" android:roundIcon="#mipmap/appicon_round" android:supportsRtl="true"
android:networkSecurityConfig="#xml/network_security_config"></application>
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.INTERNET" />
</manifest>
You only need to add android:networkSecurityConfig="#xml/network_security_config" in the application entry. This tells that you will config the network security.
That's all, you can build the project and then the application will include the CA in the trusted certificates, so you don't need to install the certificate in the device.
You can also see the following documentation for more information:
https://developer.android.com/training/articles/security-config
If you have some question, tell me and I will try tohelp.
I am struggling with very strange situation with wix installer.
I have custom BA app which installs windows service and removes it on uninstall.
On Win XP everything is working perfectly but on Win 10 service is not stopped and not removed though uninstallation processed successfully.
In log files I cannot see any errors related to this.
Any ideas?
This is service install configuration:
<ServiceInstall
Id="MyServiceInstaller"
Type="ownProcess"
Name="MyService"
DisplayName="My Service"
Description="My Service"
Start="auto"
Account="[SERVICEACCOUNT]"
Password="[SERVICEPASSWORD]"
ErrorControl="normal" />
<ServiceControl Id="StartMyService"
Name="MyService"
Start="install"
Wait="no" />
<ServiceControl Id="StopMyService"
Name="MyService"
Stop="both"
Remove="uninstall"
Wait="yes" />
Round 2:
I jumped the gun here. As Chris says, we do need to see the log. I assumed the uninstall was hanging, which it does not seem to be at all.
ARP: I suppose you should quickly check if there are two product entries in Add / Remove Programs first of all? (don't think that is the problem either - failed major upgrade).
SharedDllRefCount: Is the SharedDllRefCount attribute set to yes for the service component? Please post the whole component markup, with all attributes specified - conditions and all. If the component was set permanent, that would explain things, but then the uninstall wouldn't work on XP. Enabling SharedDllRefCount sets the legacy ref-count here:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs
Some SharedDllRefCount cleanup details here: MSI not uninstalling .dll files
Conditions Table: Are there any entries in the Condition table? (Feature conditions).
Round 1 (misunderstood the question - again - a couple of items still apply):
Debug Logging: Perhaps try to run your uninstall with verbose, debug logging to see if you can get some more information about what the problem can be:
msiexec.exe /x {ProductCode} /L*vx! C:\Your.log
Security Software: Is there anti-virus or security software on the problem box? If so, try to disable it before you run the uninstall.
Event Log: Maybe have a quick look for any clues in the event viewer? (Windows + Tap R. type eventvwr and pressOK). Check the different logs.
Custom Actions: Do you have any custom actions that run on uninstall? If so, what type of custom action? Managed code?
Service Credentials: Is the password for the service account still valid on that problem box? If worst comes to worst, can you log on with those service credentials (if that is possible) and try to start and stop the service to check for errors? Maybe even try to run the service with your own admin account? This is not ideal any of it, and should only be done to get to the bottom of this.
There have been a lot of service questions on StackOverflow lately. Here are some recent answers:
Wix - ServiceControl start takes four minutes to fail, should be 30 sec
Wix Service Installer sometimes fails to install or start
Wix installer: installed service unable to read HKLM registry entries on start
I have a Windows form application that works fine on Windows 7, but when opened in Windows 10, image files using ResourceManager don't show up. Application is using .Net 3.5 framework. Following is a bit of code:
static readonly System.Resources.ResourceManager rm = new System.Resources.ResourceManager("ImageResources", Assembly.GetExecutingAssembly());
rm.GetObject("ImageName");
Following is the error:
Could not find any resources appropriate for the specified culture or
the neutral culture. Make sure was correctly embedded or linked into
assembly at compile time, or that all the satellite assemblies
required are loadable and fully signed.
System.Resources.MissingManifestResourceException:
Is it due to some kind of incompatibility or Windows 10 is somehow restricting ResourceManager class to use all those images?
Try to check value of Environment.Version (with some MessageBox for example) on the target machine.
If you get 4.0 then you need to change configuration file as was proposed by Dr. Stich.
If you don't have configuration file then create it like described there:
How to: Add an Application Configuration File to a C# Project
And change it content to something like this:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v2.0.50727" />
</startup>
</configuration>
Runtime version you can get on supportedRuntime Element page
This issue was eventually resolved by adding CultureInfo.CurrentCulture in rm.GetObject method parameter i.e.
rm.GetObject("ImageName", CultureInfo.CurrentCulture);
Visual Studio 2015 RC
Wix v3.10.0.1726
I am creating a installer for a windows services. I've tested the service with InstallUtil and it runs fine. Unfortunately I'm having a bit of troubles with wix, here is the exact error -
"Service 'Service Name' failed to start. Verify that you have sufficient privileges to start system services."
Now I've narrowed down the issue to starting the service through WIX. If I forgo the ServiceControl tag and manually start it with services.msc it works fine.
From other questions it appears this error is a general catch error and occurs in a variety of situations. The most popular being if your service relies on assemblies installed to the GAC (Global Assembly Cache) which I am also unclear about. I never implicitly save anything to the GAC and my service simply calls a .cs file I wrote that is included in the project.
Any help would be greatly appreciated!
<Component Id="ProductComponent7">
<File Source="$(var.ServiceName.TargetPath)" KeyPath="yes" Vital="yes"/>
<ServiceInstall Id="ServiceName.exe"
Account="LocalSystem"
Arguments="-start"
Type="ownProcess"
Name="ServiceName.exe"
DisplayName="ServiceName Service"
Description="sdfg"
Start="auto"
Interactive="yes"
ErrorControl="critical" />
<ServiceControl Id="ServiceControl" Name="ServiceName" Start="install" />
</Component>
I've also tried a variety of different attributes in ServiceControl, I recently removed them all to try to make it as simple as possible.
If anyone has any insight that'd be great!
The issue appears to be that you've installed a service called ServiceName.exe and you're trying to start a serice called just ServiceName. The Name values need to match.
Correct, it's a generic error. You have to profile your service to understand why it won't start.
GAC is just one scenario. In that case it's because MSI doesn't publish assemblies to the GAC until after StartServices. A classic race condition that results in a missing dependency and error.
With the message box still up, run the EXE from the console. Do you get an errors? Do you get any errors in your application log? Find out why the service won't fix, resolve it and try again.
For me, the error was due to that Name attribute in the ServiceInstall tag was having a different name value from the one specified in the ServiceBase child class InitializeComponent() method.
Code updates:
In Product.wxs:
<ServiceInstall Id="ServiceInstaller"
Type="ownProcess"
Name="MyWindowsService"
DisplayName="$(var.ServiceDisplayName)"
Description="$(var.ServiceDiscription)"
Start="auto"
Account="LocalSystem"
ErrorControl="normal" />
In ServiceBase child class:
private void InitializeComponent()
{
components = new System.ComponentModel.Container();
this.ServiceName = "MyWindowsService";
}