Hi,
Agree. This is the first thought I had when I heard about "you must
> have privileges to access wintun" - just use our existing privilege
> handling mechanism. I have no idea how to actually *do* that (= pass
> a handle to wintun over our service pipe), but I'm all willing to
> review and test :-)
>
Seems that we have a consensus here.
> I wonder if we couldn't do this with tap-windows6 as well - read/write
> multiple packets at once. The driver should handle this - from what
> I saw when reading patches "all is done using NBL lists"...
>
Not sure what is missing in OpenVPN 2.x to do multi-packet read/write,
> not sure if there is anything missing in the tap6-driver.
>
We would have to modify tap-windows6 to write multiple packets
to userspace with some encapsulation. Maybe Wintun / tap-windows6
could employ scatter / gather IO and return list of per-packet buffers.
Is Steffan's code available somewhere? On openvpn2 we would need a list of
link write buffers. WSASend / WSASendTo methods, which we use to write to
link on Windows,
already support multiple buffers (but we do not use that feature):
WSABUF wsabuf[1];
wsabuf[0].buf = BPTR(&sock->writes.buf);
wsabuf[0].len = BLEN(&sock->writes.buf);
status = WSASendTo(
sock->sd,
wsabuf,
1, // The number of WSABUF structures in the
lpBuffers array.
What does OpenVPN 3 do on Windows?
>
Basically the same what openvpn2 does - processes IP packets one by one.
I'll try this approach
on openvpn3/wintun first to see what happens.
--
-Lev
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
