http://bugs.winehq.org/show_bug.cgi?id=9685
--- Comment #89 from Anastasius Focht focht@gmx.net 2007-10-31 10:54:53 --- Hello,
--- quote --- Can you give me an example of implementing thunking layer code, or a link to learn more about the subject? --- quote ---
If you're curious: you just have to write a wine (builtin) dll (winegcc) that exports same PB interface and talks to the linux PB client (.so library) using dlopen/dlsym. Of course you need some knowledge on PB api exports. Anyway, forget that thunking approach. Seems recent PB updates broke even this way on games that worked before (having binary compatible interfaces win<->linux).
I'm currently in the process of gathering some statistics to calculate the effort of making API wrappers to please PB signature checks - but it's very time consuming. I already gathered an increasing list of API calls being checked, each corresponding to a specific 1311xx number. To please the signature scanner I faked the API entry opcodes from my Windows XP SP2 binaries and this keeps it happy (that proved my theory). Unfortunately I have no knowledge _how many_ different API calls are actually verified (scattered between number of dlls). If the number remains somewhat manageable (<25) it could be worth to mimic windows API entries with __asm__ wrappers to keep that signature scanner happy (just like I recently did for Shrinker PE compressor).
Currently I run the Battlefield series (BF1942, Vietnam, BF2) and Americas Army as PunkBuster testbed without further problems. Although random 1311xx kicks are still there - when APIs are checked I have no signature for (I add them "on demand" = "on kick"). Though I could automate this process by having windows versions of the required dlls in place and calculating the required export signatures on demand at run time.
In my opinion this stuff is just a big waste of time because even if I gather a more or less complete list of checked entries, the patches probably won't make it into official wine tree ... and EB could add expand that list every time to disrupt this effort.
Just bugger EB to drop/loosen 131xxx signature checks. All other stuff just works fine - as long as EB doesn't add other braindamaged methods, requiring windows interna mimicked. Hell, they could easily implement non OS/patchlevel specific analyzer to verify if an API entry has been hooked (using some heuristics) - so even wine could be officially supported.
Regards