Am 16.06.13 01:41, schrieb Peter Sagerson:
Nice, glad to see I'm not the only one working on this. Apple has been pretty clear that they're aware of the kext conflicts but don't have much interest in addressing the situation. If we can get native tunnel support in one way or another, we can stop the insanity.I toyed with the idea of various auto-detect or fallback modes, but I ended up opting for explicit behavior and backward compatibility. With the inherent uncertainties in a change like this, my inclination would be to start with a release that calls it an experimental feature, which users can turn on if they want to. Given the substantial benefits of not having to deal with kernel extensions, I think we would see both users and vendors promoting its use. If all goes well, the question of making it the default behavior probably belongs in the context of a major release.
I think using utun as default at least for -master and 2.4rc candidates is a good way to get the feature tested. I hope there is time in the next OpenVPN developer IRC meeting to decide if my or your patch should be included.
Arne
smime.p7s
Description: S/MIME Kryptografische Unterschrift
