That --allow-nonadmin functionality was included into commit 3c7f2f553 from yeah 2005. Here is code from tap-win32/tapdrv.c from the same commit:
+#if ENABLE_NONADMIN + /* Read AllowNonAdmin setting from registry */ + { + NDIS_STRING key = NDIS_STRING_CONST("AllowNonAdmin"); + NdisReadConfiguration (&status, &parm, configHandle, + &key, NdisParameterInteger); + if (status == NDIS_STATUS_SUCCESS) + { + if (parm->ParameterType == NdisParameterInteger) + { + if (parm->ParameterData.IntegerData) + { + enable_non_admin = TRUE; + } + } + } + } +#endif As you see, the current version posted by Selva is missing if (parm->ParameterData.IntegerData) part. So it seems for me that this feature has been degraded somewhere between 2005 and 2019. la 29. kesäk. 2019 klo 17.34 Lev Stipakov (lstipa...@gmail.com) kirjoitti: > Hi, > > So Lev's patch proposes to do service calls for wintun *and* tap6, and >> do so "always"? Or only if the registry key says so? >> > > Yep, patch always opens wintun and tap6 via service no matter what > registry key says. > > > For some reason that registry key appears to be doing nothing in >> > current versions of tap-windows6. I know this is confusing... >> >> This sounds like a bug... >> > > Indeed that registry key is confusing. If we fix it in tap6, won't we > break existing setups, which open tap6 > from unprivileged process and do not use --allow-nonadmin? > > -- > -Lev > -- -Lev
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel