[Openvpn-devel] using arm64 on travis ?
hello, https://docs.travis-ci.com/user/multi-cpu-architectures we can switch some builds to arm64. any suggestions ? Cheers, Ilya Shipitsin ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH applied] Re: is_ipv_X: add support for parsing IP header inside a 802.1q frame
Acked-by: Gert Doering Stared at code, and ran the full t_client/t_server test suite, but mostly for completeness. Since we do not have tagged packets yet (with the appropriate ether type), this code does not change anything. Again, only TAP code paths are touched. Your patch has been applied to the master branch. commit def3f32d216d16c3bf5a203a2162256203686a34 Author: Antonio Quartulli Date: Wed Oct 9 16:34:18 2019 +0200 is_ipv_X: add support for parsing IP header inside a 802.1q frame Signed-off-by: Fabian Knittel Signed-off-by: Antonio Quartulli Acked-by: Gert Doering Message-Id: <20191009143422.9419-...@unstable.cc> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18916.html Signed-off-by: Gert Doering -- kind regards, Gert Doering ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH applied] Re: VLAN: add basic VLAN tagging support
Hi, It's lots of text that is totally uninteresting if it succeeds, but that > you need to scroll over when looking for the reason why a build fails - > which is the reason why it is the way it is today. > I have sent v2 which doesn't change the behavior for non-Windows builds. If you volunteer to update MSVC every time we add or change a source file, > I'm happy to send you a HEADS UP notice. But I am not doing it, and I will > not request it from any contributor who is not using windows. > All right, that would work for me. We don't add C files that often, I could take care of fixing Visual Studio build after getting a mail from travis / buildbot (when we'll have MSVC there). v2: https://patchwork.openvpn.net/patch/886/ happy travis: https://travis-ci.org/lstipakov/openvpn/builds/608949725 -- -Lev ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH v2] travis: add Visual Studio build
From: Lev Stipakov
Signed-off-by: Lev Stipakov
---
v2; do not unconditionally print dependencies build output for non-Windows
builds
.travis.yml | 9 -
.travis/build-check.sh| 5 +
.travis/build-deps.sh | 9 +
.travis/run-build-deps.sh | 10 ++
4 files changed, 32 insertions(+), 1 deletion(-)
create mode 100755 .travis/run-build-deps.sh
diff --git a/.travis.yml b/.travis.yml
index 2d07cdc..61be17c 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -24,6 +24,13 @@ env:
matrix:
include:
+- env:
+ - SSLLIB="openssl"
+ - OPENSSL_VERSION="1.1.1d"
+ - P7Z="c:\Program Files\7-Zip\7z.exe"
+ - CC="cl"
+ os: windows
+ compiler: cl
- env: SSLLIB="openssl" RUN_COVERITY="1"
os: linux
compiler: gcc
@@ -89,7 +96,7 @@ cache:
install:
- if [ ! -z "${CHOST}" ]; then unset CC; fi
- - .travis/build-deps.sh > build-deps.log 2>&1 || (cat build-deps.log && exit
1)
+ - .travis/run-build-deps.sh
before_script:
- .travis/coverity.sh
diff --git a/.travis/build-check.sh b/.travis/build-check.sh
index 74f3ae1..d2d2e8a 100755
--- a/.travis/build-check.sh
+++ b/.travis/build-check.sh
@@ -1,6 +1,11 @@
#!/bin/sh
set -eux
+if [ "${TRAVIS_OS_NAME}" = "windows" ]; then
+ PATH="/c/Program Files (x86)/Microsoft Visual
Studio/2017/BuildTools/MSBuild/15.0/Bin/":$PATH
+ MSBuild.exe openvpn.sln //p:Platform=x64 && exit 0
+fi
+
if [ "${TRAVIS_OS_NAME}" = "linux" ]; then
export LD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH:-}"
fi
diff --git a/.travis/build-deps.sh b/.travis/build-deps.sh
index 391b35e..724ff30 100755
--- a/.travis/build-deps.sh
+++ b/.travis/build-deps.sh
@@ -1,6 +1,15 @@
#!/bin/sh
set -eux
+if [ "${TRAVIS_OS_NAME}" = "windows" ]; then
+choco install strawberryperl nasm
+cd ..
+git clone https://github.com/openvpn/openvpn-build.git
+cd openvpn-build
+PATH="/c/Strawberry/perl/bin:":$PATH MODE=DEPS msvc/build.bat
+exit 0
+fi
+
# Set defaults
PREFIX="${PREFIX:-${HOME}/opt}"
diff --git a/.travis/run-build-deps.sh b/.travis/run-build-deps.sh
new file mode 100755
index 000..b8eb41c
--- /dev/null
+++ b/.travis/run-build-deps.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+set -eux
+
+if [ "${TRAVIS_OS_NAME}" = "windows" ]; then
+# for windows we need to print output since openssl build
+# might take more than 10 minutes, which causes build abort
+.travis/build-deps.sh
+else
+.travis/build-deps.sh > build-deps.log 2>&1 || (cat build-deps.log && exit
1)
+fi
--
2.7.4
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH applied] Re: VLAN: filter multicast and client-to-client unicast traffic
Acked-by: Gert Doering
Your patch has been applied to the master branch.
Stared at the code, did quite a bit of testing, found interesting effects.
What this patch does is "client-to-client isolation according to pvid"
(so if you have clients with "vlan-pvid 200" in their ccd/ file, and
other clients with "vlan-pvid 207", only those with the same ID can
talk to each other). This is as desired.
What it also does is completely break TAP-to-client communication if
"--vlan-tagging" is enabled - broadcasts ("...incoming_tun()") are
broadcasted everywhere, but unicast packets are never delivered as
they are looked up with a dst PVID of "0" while the "...incoming_link()"
part has learned then with the correct per-client pvid (defaulting
to "@1"). The necessary adjustments for this are coming in a later
patch in the series, but it makes testing individual bits a bit
more complex (I hacked multi.c to use a non-0 server pvid and that
made tap<->client work again, so the basics are sound).
If --vlan-tagging is disabled, all tests pass. So this is not breaking
existing functionality, just not adding all required new bits yet.
(And it's not touching any non-TAP code paths anyway)
commit 1c57ea76a256330314d53999bce3e09644b420f9
Author: Antonio Quartulli
Date: Wed Oct 9 16:34:17 2019 +0200
VLAN: filter multicast and client-to-client unicast traffic
Signed-off-by: Fabian Knittel
Signed-off-by: Antonio Quartulli
Acked-by: Gert Doering
Message-Id: <20191009143422.9419-...@unstable.cc>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18922.html
Signed-off-by: Gert Doering
--
kind regards,
Gert Doering
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH v2 1/7] Visual Studio: upgrade project files to VS2019
Last version of openvpn for xp/Vista is 2.3, so dropping support for it in the build system is a no brainer to me. JM2CW, JJK Gert Doering wrote: >Hi, > >On Thu, Nov 07, 2019 at 07:28:36PM +0100, Lev Stipakov wrote: >> With VS2019 you cannot build for XP, you would need to install build tools >> from VS2017 for that. >> >> On the other hand, we do not build releases with VS, so it should not be an >> issue. > >Not sure right now about 2.4, but for master/2.5, we dropped support for >XP/Vista long ago. > >So "not being able to build for XP" would not be a problem. > >gert >-- >"If was one thing all people took for granted, was conviction that if you > feed honest figures into a computer, honest figures come out. Never doubted > it myself till I met a computer with a sense of humor." > Robert A. Heinlein, The Moon is a Harsh Mistress > >Gert Doering - Munich, Germany g...@greenie.muc.de > >___ >Openvpn-devel mailing list >Openvpn-devel@lists.sourceforge.net >https://lists.sourceforge.net/lists/listinfo/openvpn-devel ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH v2 1/7] Visual Studio: upgrade project files to VS2019
Hi, On Thu, Nov 07, 2019 at 07:28:36PM +0100, Lev Stipakov wrote: > With VS2019 you cannot build for XP, you would need to install build tools > from VS2017 for that. > > On the other hand, we do not build releases with VS, so it should not be an > issue. Not sure right now about 2.4, but for master/2.5, we dropped support for XP/Vista long ago. So "not being able to build for XP" would not be a problem. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH v2 1/7] Visual Studio: upgrade project files to VS2019
With VS2019 you cannot build for XP, you would need to install build tools
from VS2017 for that.
On the other hand, we do not build releases with VS, so it should not be an
issue.
to 7. marrask. 2019 klo 18.52 Илья Шипицин kirjoitti:
>
>
> чт, 7 нояб. 2019 г. в 22:49, Lev Stipakov :
>
>> From: Lev Stipakov
>>
>> Signed-off-by: Lev Stipakov
>> ---
>> src/compat/compat.vcxproj | 12 ++--
>> src/openvpn/openvpn.vcxproj | 12 ++--
>> src/openvpnmsica/openvpnmsica.vcxproj | 14 +++---
>> src/openvpnserv/openvpnserv.vcxproj | 12 ++--
>> src/tapctl/tapctl.vcxproj | 14 +++---
>> 5 files changed, 32 insertions(+), 32 deletions(-)
>>
>> diff --git a/src/compat/compat.vcxproj b/src/compat/compat.vcxproj
>> index 111dacd..e388008 100644
>> --- a/src/compat/compat.vcxproj
>> +++ b/src/compat/compat.vcxproj
>> @@ -22,30 +22,30 @@
>> {4B2E2719-E661-45D7-9203-F6F456B22F19}
>> compat
>> Win32Proj
>> -
>> 10.0.17134.0
>> +10.0
>>
>>
>>> Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"
>> Label="Configuration">
>> StaticLibrary
>> MultiByte
>> true
>> -v141
>> +v142
>>
>>> Condition="'$(Configuration)|$(Platform)'=='Release|x64'"
>> Label="Configuration">
>> StaticLibrary
>> MultiByte
>> true
>> -v141
>> +v142
>>
>
>
> does it limit target platform ?
> can we build for Vista ? XP ? 7 ? does this setting affect that ?
>
>
>
>>
>>> Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"
>> Label="Configuration">
>> StaticLibrary
>> MultiByte
>> -v141
>> +v142
>>
>>> Label="Configuration">
>> StaticLibrary
>> MultiByte
>> -v141
>> +v142
>>
>>
>>
>> @@ -115,4 +115,4 @@
>>
>>
>>
>> -
>> +
>> \ No newline at end of file
>> diff --git a/src/openvpn/openvpn.vcxproj b/src/openvpn/openvpn.vcxproj
>> index 42b..e77f026 100644
>> --- a/src/openvpn/openvpn.vcxproj
>> +++ b/src/openvpn/openvpn.vcxproj
>> @@ -22,30 +22,30 @@
>> {29DF226E-4D4E-440F-ADAF-5829CFD4CA94}
>> openvpn
>> Win32Proj
>> -
>> 10.0.17134.0
>> +10.0
>>
>>
>>> Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"
>> Label="Configuration">
>> Application
>> true
>> Unicode
>> -v141
>> +v142
>>
>>> Condition="'$(Configuration)|$(Platform)'=='Release|x64'"
>> Label="Configuration">
>> Application
>> true
>> Unicode
>> -v141
>> +v142
>>
>>> Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"
>> Label="Configuration">
>> Application
>> Unicode
>> -v141
>> +v142
>>
>>> Label="Configuration">
>> Application
>> Unicode
>> -v141
>> +v142
>>
>>
>>
>> @@ -301,4 +301,4 @@
>>
>>
>>
>> -
>> +
>> \ No newline at end of file
>> diff --git a/src/openvpnmsica/openvpnmsica.vcxproj
>> b/src/openvpnmsica/openvpnmsica.vcxproj
>> index 5f1d699..afa4fae 100644
>> --- a/src/openvpnmsica/openvpnmsica.vcxproj
>> +++ b/src/openvpnmsica/openvpnmsica.vcxproj
>> @@ -31,32 +31,32 @@
>> {D41AA9D6-B818-476E-992E-0E16EB86BEE2}
>> Win32Proj
>> openvpnmsica
>> -
>> 10.0.17134.0
>> +10.0
>>
>>
>>> Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'"
>> Label="Configuration">
>> DynamicLibrary
>> true
>> -v141
>> +v142
>> Unicode
>> true
>>
>>> Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"
>> Label="Configuration">
>> DynamicLibrary
>> true
>> -v141
>> +v142
>> Unicode
>>
>>> Label="Configuration">
>> DynamicLibrary
>> true
>> -v141
>> +v142
>> Unicode
>>
>>> Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'"
>> Label="Configuration">
>> DynamicLibrary
>> false
>> -v141
>> +v142
>> true
>> Unicode
>> true
>> @@ -64,14 +64,14 @@
>>> Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"
>> Label="Configuration">
>> DynamicLibrary
>> false
>> -v141
>> +v142
>> true
>> Unicode
>>
>>> Condition="'$(Configuration)|$(Platform)'=='Release|x64'"
>> Label="Configuration">
>> DynamicLibrary
>> false
>> -v141
>> +v142
>> true
>> Unicode
>>
>> diff --git a/src/openvpnserv/openvpnserv.vcxproj
>> b/src/openvpnserv/openvpnserv.vcxproj
>> index 7407757..7061b7b 100644
>> --- a/src/openvpnserv/openvpnserv.vcxproj
>> +++ b/src/openvpnserv/openvpnserv.vcxproj
>> @@ -22,30 +22,30 @@
>> {9C91EE0B-817D-420A-A1E6-15A5A9D98BAD}
>> openvpnserv
>> Win32Proj
>> -
>> 10.0.17134.0
>> +10.0
>>
>>
>>> Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"
>> Label="Configuration">
>> Application
>> Unicode
>> true
>> -v141
>> +v142
>>
>>>
Re: [Openvpn-devel] [PATCH v2 1/7] Visual Studio: upgrade project files to VS2019
чт, 7 нояб. 2019 г. в 22:49, Lev Stipakov :
> From: Lev Stipakov
>
> Signed-off-by: Lev Stipakov
> ---
> src/compat/compat.vcxproj | 12 ++--
> src/openvpn/openvpn.vcxproj | 12 ++--
> src/openvpnmsica/openvpnmsica.vcxproj | 14 +++---
> src/openvpnserv/openvpnserv.vcxproj | 12 ++--
> src/tapctl/tapctl.vcxproj | 14 +++---
> 5 files changed, 32 insertions(+), 32 deletions(-)
>
> diff --git a/src/compat/compat.vcxproj b/src/compat/compat.vcxproj
> index 111dacd..e388008 100644
> --- a/src/compat/compat.vcxproj
> +++ b/src/compat/compat.vcxproj
> @@ -22,30 +22,30 @@
> {4B2E2719-E661-45D7-9203-F6F456B22F19}
> compat
> Win32Proj
> -
> 10.0.17134.0
> +10.0
>
>
> Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"
> Label="Configuration">
> StaticLibrary
> MultiByte
> true
> -v141
> +v142
>
> Condition="'$(Configuration)|$(Platform)'=='Release|x64'"
> Label="Configuration">
> StaticLibrary
> MultiByte
> true
> -v141
> +v142
>
does it limit target platform ?
can we build for Vista ? XP ? 7 ? does this setting affect that ?
>
> Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"
> Label="Configuration">
> StaticLibrary
> MultiByte
> -v141
> +v142
>
> Label="Configuration">
> StaticLibrary
> MultiByte
> -v141
> +v142
>
>
>
> @@ -115,4 +115,4 @@
>
>
>
> -
> +
> \ No newline at end of file
> diff --git a/src/openvpn/openvpn.vcxproj b/src/openvpn/openvpn.vcxproj
> index 42b..e77f026 100644
> --- a/src/openvpn/openvpn.vcxproj
> +++ b/src/openvpn/openvpn.vcxproj
> @@ -22,30 +22,30 @@
> {29DF226E-4D4E-440F-ADAF-5829CFD4CA94}
> openvpn
> Win32Proj
> -
> 10.0.17134.0
> +10.0
>
>
> Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"
> Label="Configuration">
> Application
> true
> Unicode
> -v141
> +v142
>
> Condition="'$(Configuration)|$(Platform)'=='Release|x64'"
> Label="Configuration">
> Application
> true
> Unicode
> -v141
> +v142
>
> Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"
> Label="Configuration">
> Application
> Unicode
> -v141
> +v142
>
> Label="Configuration">
> Application
> Unicode
> -v141
> +v142
>
>
>
> @@ -301,4 +301,4 @@
>
>
>
> -
> +
> \ No newline at end of file
> diff --git a/src/openvpnmsica/openvpnmsica.vcxproj
> b/src/openvpnmsica/openvpnmsica.vcxproj
> index 5f1d699..afa4fae 100644
> --- a/src/openvpnmsica/openvpnmsica.vcxproj
> +++ b/src/openvpnmsica/openvpnmsica.vcxproj
> @@ -31,32 +31,32 @@
> {D41AA9D6-B818-476E-992E-0E16EB86BEE2}
> Win32Proj
> openvpnmsica
> -
> 10.0.17134.0
> +10.0
>
>
> Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'"
> Label="Configuration">
> DynamicLibrary
> true
> -v141
> +v142
> Unicode
> true
>
> Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"
> Label="Configuration">
> DynamicLibrary
> true
> -v141
> +v142
> Unicode
>
> Label="Configuration">
> DynamicLibrary
> true
> -v141
> +v142
> Unicode
>
> Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'"
> Label="Configuration">
> DynamicLibrary
> false
> -v141
> +v142
> true
> Unicode
> true
> @@ -64,14 +64,14 @@
> Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"
> Label="Configuration">
> DynamicLibrary
> false
> -v141
> +v142
> true
> Unicode
>
> Condition="'$(Configuration)|$(Platform)'=='Release|x64'"
> Label="Configuration">
> DynamicLibrary
> false
> -v141
> +v142
> true
> Unicode
>
> diff --git a/src/openvpnserv/openvpnserv.vcxproj
> b/src/openvpnserv/openvpnserv.vcxproj
> index 7407757..7061b7b 100644
> --- a/src/openvpnserv/openvpnserv.vcxproj
> +++ b/src/openvpnserv/openvpnserv.vcxproj
> @@ -22,30 +22,30 @@
> {9C91EE0B-817D-420A-A1E6-15A5A9D98BAD}
> openvpnserv
> Win32Proj
> -
> 10.0.17134.0
> +10.0
>
>
> Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"
> Label="Configuration">
> Application
> Unicode
> true
> -v141
> +v142
>
> Condition="'$(Configuration)|$(Platform)'=='Release|x64'"
> Label="Configuration">
> Application
> Unicode
> true
> -v141
> +v142
>
> Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"
> Label="Configuration">
> Application
> Unicode
> -v141
> +v142
>
> Label="Configuration">
> Application
> Unicode
> -v141
> +v142
>
>
>
> @@ -139,4 +139,4 @@
>
>
>
> -
> +
> \ No newline at end of file
> diff --git
[Openvpn-devel] [PATCH v2 7/7] wintun: clear adapter settings on tun close
From: Lev Stipakov
With tap-windows6 we clear adapter settings with DHCP,
but since wintun doesn't do DHCP we do it with netsh.
Signed-off-by: Lev Stipakov
---
src/openvpn/tun.c | 79 +++
1 file changed, 50 insertions(+), 29 deletions(-)
diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
index c3ea4a8..9bdd707 100644
--- a/src/openvpn/tun.c
+++ b/src/openvpn/tun.c
@@ -6369,6 +6369,50 @@ tun_show_debug(struct tuntap *tt)
}
}
+static void
+netsh_delete_address_dns(const struct tuntap *tt, bool ipv6, struct gc_arena
*gc)
+{
+const char* ifconfig_ip_local;
+struct argv argv = argv_new();
+
+/* "store=active" is needed in Windows 8(.1) to delete the
+ * address we added (pointed out by Cedric Tabary).
+ */
+
+ /* netsh interface ipvX delete address \"%s\" %s */
+if (ipv6)
+{
+ifconfig_ip_local = print_in6_addr(tt->local_ipv6, 0, gc);
+}
+else
+{
+ifconfig_ip_local = print_in_addr_t(tt->local, 0, gc);
+}
+argv_printf(,
+"%s%sc interface %s delete address %s %s store=active",
+get_win_sys_path(),
+NETSH_PATH_SUFFIX,
+ipv6 ? "ipv6" : "ipv4",
+tt->actual_name,
+ifconfig_ip_local);
+
+netsh_command(, 1, M_WARN);
+
+/* delete ipvX dns servers if any were set */
+int len = ipv6 ? tt->options.dns6_len : tt->options.dns_len;
+if (len > 0)
+{
+argv_printf(,
+"%s%sc interface %s delete dns %s all",
+get_win_sys_path(),
+NETSH_PATH_SUFFIX,
+ipv6 ? "ipv6" : "ipv4",
+tt->actual_name);
+netsh_command(, 1, M_WARN);
+}
+argv_reset();
+}
+
void
close_tun(struct tuntap *tt, openvpn_net_ctx_t *ctx)
{
@@ -6391,35 +6435,7 @@ close_tun(struct tuntap *tt, openvpn_net_ctx_t *ctx)
}
else
{
-const char *ifconfig_ipv6_local;
-struct argv argv = argv_new();
-
-/* "store=active" is needed in Windows 8(.1) to delete the
- * address we added (pointed out by Cedric Tabary).
- */
-
-/* netsh interface ipv6 delete address \"%s\" %s */
-ifconfig_ipv6_local = print_in6_addr(tt->local_ipv6, 0, );
-argv_printf(,
-"%s%sc interface ipv6 delete address %s %s
store=active",
-get_win_sys_path(),
-NETSH_PATH_SUFFIX,
-tt->actual_name,
-ifconfig_ipv6_local);
-
-netsh_command(, 1, M_WARN);
-
-/* delete ipv6 dns servers if any were set */
-if (tt->options.dns6_len > 0)
-{
-argv_printf(,
-"%s%sc interface ipv6 delete dns %s all",
-get_win_sys_path(),
-NETSH_PATH_SUFFIX,
-tt->actual_name);
-netsh_command(, 1, M_WARN);
-}
-argv_reset();
+netsh_delete_address_dns(tt, true, );
}
}
#if 1
@@ -6441,6 +6457,11 @@ close_tun(struct tuntap *tt, openvpn_net_ctx_t *ctx)
strerror_win32(status, ));
}
}
+else
+if (tt->wintun)
+{
+netsh_delete_address_dns(tt, false, );
+}
#endif
dhcp_release(tt);
--
2.7.4
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH v2 3/7] wintun: implement opening wintun device
From: Lev Stipakov
To open wintun device, we cannot use "\\.\Global\Wintun"
path as before. To get device path which we supply to CreateFile,
we have to use SetupAPI to:
- enumerate network adapters with "wintun" as component id
- for each adapter save its guid
- open device information set
- for each item in set
- open corresponding registry key to get net_cfg_instance_id
- get symbolic link name of device interface by instance id
- path will be symbolic link name of device instance matched with adapter's
guid
See https://github.com/OpenVPN/openvpn3/blob/master/openvpn/tun/win/tunutil.hpp
and
https://github.com/WireGuard/wireguard-go/blob/master/tun/wintun/wintun_windows.go
for
implementation examples.
Signed-off-by: Lev Stipakov
---
src/openvpn/Makefile.am | 2 +-
src/openvpn/openvpn.vcxproj | 6 +-
src/openvpn/tun.c | 244 +---
src/openvpn/tun.h | 14 +++
4 files changed, 223 insertions(+), 43 deletions(-)
diff --git a/src/openvpn/Makefile.am b/src/openvpn/Makefile.am
index fbb86ad..a091ffc 100644
--- a/src/openvpn/Makefile.am
+++ b/src/openvpn/Makefile.am
@@ -139,5 +139,5 @@ openvpn_LDADD = \
$(OPTIONAL_DL_LIBS)
if WIN32
openvpn_SOURCES += openvpn_win32_resources.rc block_dns.c block_dns.h
-openvpn_LDADD += -lgdi32 -lws2_32 -lwininet -lcrypt32 -liphlpapi -lwinmm
-lfwpuclnt -lrpcrt4 -lncrypt
+openvpn_LDADD += -lgdi32 -lws2_32 -lwininet -lcrypt32 -liphlpapi -lwinmm
-lfwpuclnt -lrpcrt4 -lncrypt -lsetupapi
endif
diff --git a/src/openvpn/openvpn.vcxproj b/src/openvpn/openvpn.vcxproj
index e77f026..9ffef9f 100644
--- a/src/openvpn/openvpn.vcxproj
+++ b/src/openvpn/openvpn.vcxproj
@@ -91,7 +91,7 @@
-
legacy_stdio_definitions.lib;Ncrypt.lib;libssl.lib;libcrypto.lib;lzo2.lib;pkcs11-helper.dll.lib;gdi32.lib;ws2_32.lib;wininet.lib;crypt32.lib;iphlpapi.lib;winmm.lib;Fwpuclnt.lib;Rpcrt4.lib;%(AdditionalDependencies)
+
legacy_stdio_definitions.lib;Ncrypt.lib;libssl.lib;libcrypto.lib;lzo2.lib;pkcs11-helper.dll.lib;gdi32.lib;ws2_32.lib;wininet.lib;crypt32.lib;iphlpapi.lib;winmm.lib;Fwpuclnt.lib;Rpcrt4.lib;setupapi.lib;%(AdditionalDependencies)
$(OPENSSL_HOME)/lib;$(LZO_HOME)/lib;$(PKCS11H_HOME)/lib;%(AdditionalLibraryDirectories)
Console
@@ -117,7 +117,7 @@
-
legacy_stdio_definitions.lib;Ncrypt.lib;libssl.lib;libcrypto.lib;lzo2.lib;pkcs11-helper.dll.lib;gdi32.lib;ws2_32.lib;wininet.lib;crypt32.lib;iphlpapi.lib;winmm.lib;Fwpuclnt.lib;Rpcrt4.lib;%(AdditionalDependencies)
+
legacy_stdio_definitions.lib;Ncrypt.lib;libssl.lib;libcrypto.lib;lzo2.lib;pkcs11-helper.dll.lib;gdi32.lib;ws2_32.lib;wininet.lib;crypt32.lib;iphlpapi.lib;winmm.lib;Fwpuclnt.lib;Rpcrt4.lib;setupapi.lib;%(AdditionalDependencies)
$(OPENSSL_HOME)/lib;$(LZO_HOME)/lib;$(PKCS11H_HOME)/lib;%(AdditionalLibraryDirectories)
Console
@@ -301,4 +301,4 @@
-
\ No newline at end of file
+
diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
index ce23eb6..37bf065 100644
--- a/src/openvpn/tun.c
+++ b/src/openvpn/tun.c
@@ -58,6 +58,9 @@
#ifdef _WIN32
+const static GUID GUID_DEVCLASS_NET = { 0x4d36e972L, 0xe325, 0x11ce, { 0xbf,
0xc1, 0x08, 0x00, 0x2b, 0xe1, 0x03, 0x18 } };
+const static GUID GUID_DEVINTERFACE_NET = { 0xcac88484, 0x7515, 0x4c03, {
0x82, 0xe6, 0x71, 0xa8, 0x7a, 0xba, 0xc3, 0x61 } };
+
/* #define SIMULATE_DHCP_FAILED */ /* simulate bad DHCP negotiation */
#define NI_TEST_FIRST (1<<0)
@@ -3444,7 +3447,123 @@ tun_finalize(
return ret;
}
-const struct tap_reg *
+static const struct device_instance_id_interface *
+get_device_instance_id_interface(struct gc_arena* gc)
+{
+HDEVINFO dev_info_set;
+DWORD err;
+struct device_instance_id_interface *first = NULL;
+struct device_instance_id_interface *last = NULL;
+
+dev_info_set = SetupDiGetClassDevsEx(_DEVCLASS_NET, NULL, NULL,
DIGCF_PRESENT, NULL, NULL, NULL);
+if (dev_info_set == INVALID_HANDLE_VALUE)
+{
+err = GetLastError();
+msg(M_FATAL, "Error [%u] opening device information set key: %s",
(unsigned int)err, strerror_win32(err, gc));
+}
+
+for (DWORD i = 0;; ++i)
+{
+SP_DEVINFO_DATA device_info_data;
+BOOL res;
+HKEY dev_key;
+char net_cfg_instance_id_string[] = "NetCfgInstanceId";
+char net_cfg_instance_id[256];
+char device_instance_id[256];
+DWORD len;
+DWORD data_type;
+LONG status;
+ULONG dev_interface_list_size;
+CONFIGRET cr;
+struct buffer dev_interface_list;
+
+ZeroMemory(_info_data, sizeof(SP_DEVINFO_DATA));
+device_info_data.cbSize = sizeof(SP_DEVINFO_DATA);
+res = SetupDiEnumDeviceInfo(dev_info_set, i, _info_data);
+if (!res)
+{
+if (GetLastError() == ERROR_NO_MORE_ITEMS)
+{
+break;
+}
+else
+{
+
[Openvpn-devel] [PATCH v2 5/7] wintun: interactive service support
From: Lev Stipakov
Wintun requires ring buffers registration to be
performed by privileged process. In order to use
openvpn with wintun by non-Administrator, we
need to use interactive service and shared memory
to register buffers.
Openvpn process creates memory mapping object and event
for send and receive ring and passes handles to interactive
service. There handles are duplicated and memory mapped
object is mapped into the address space of service process.
Then address of mapped view and event handle is passed to
wintun kernel driver.
After interactive service preformed registration,
openvpn process maps memory mapped object into
own address space. Thus mapped views in openvpn
and service process represent the same memory region.
Signed-off-by: Lev Stipakov
---
include/openvpn-msg.h | 10 ++
src/openvpn/Makefile.am | 2 +-
src/openvpn/openvpn.vcxproj | 2 +
src/openvpn/openvpn.vcxproj.filters | 8 +-
src/openvpn/ring_buffer.c | 54 +++
src/openvpn/ring_buffer.h | 79
src/openvpn/tun.c | 89 +++---
src/openvpn/tun.h | 3 +
src/openvpn/win32.c | 25 -
src/openvpn/win32.h | 43 -
src/openvpnserv/Makefile.am | 3 +-
src/openvpnserv/interactive.c | 141 ++--
src/openvpnserv/openvpnserv.vcxproj | 2 +
src/openvpnserv/openvpnserv.vcxproj.filters | 6 ++
14 files changed, 375 insertions(+), 92 deletions(-)
create mode 100644 src/openvpn/ring_buffer.c
create mode 100644 src/openvpn/ring_buffer.h
diff --git a/include/openvpn-msg.h b/include/openvpn-msg.h
index 66177a2..3ed6206 100644
--- a/include/openvpn-msg.h
+++ b/include/openvpn-msg.h
@@ -39,6 +39,7 @@ typedef enum {
msg_del_block_dns,
msg_register_dns,
msg_enable_dhcp,
+msg_register_ring_buffers
} message_type_t;
typedef struct {
@@ -117,4 +118,13 @@ typedef struct {
interface_t iface;
} enable_dhcp_message_t;
+typedef struct {
+message_header_t header;
+HANDLE device;
+HANDLE send_ring_handle;
+HANDLE receive_ring_handle;
+HANDLE send_tail_moved;
+HANDLE receive_tail_moved;
+} register_ring_buffers_message_t;
+
#endif /* ifndef OPENVPN_MSG_H_ */
diff --git a/src/openvpn/Makefile.am b/src/openvpn/Makefile.am
index a091ffc..d1bb99c 100644
--- a/src/openvpn/Makefile.am
+++ b/src/openvpn/Makefile.am
@@ -138,6 +138,6 @@ openvpn_LDADD = \
$(OPTIONAL_SYSTEMD_LIBS) \
$(OPTIONAL_DL_LIBS)
if WIN32
-openvpn_SOURCES += openvpn_win32_resources.rc block_dns.c block_dns.h
+openvpn_SOURCES += openvpn_win32_resources.rc block_dns.c block_dns.h
ring_buffer.c ring_buffer.h
openvpn_LDADD += -lgdi32 -lws2_32 -lwininet -lcrypt32 -liphlpapi -lwinmm
-lfwpuclnt -lrpcrt4 -lncrypt -lsetupapi
endif
diff --git a/src/openvpn/openvpn.vcxproj b/src/openvpn/openvpn.vcxproj
index 9ffef9f..61e634e 100644
--- a/src/openvpn/openvpn.vcxproj
+++ b/src/openvpn/openvpn.vcxproj
@@ -181,6 +181,7 @@
+
@@ -264,6 +265,7 @@
+
diff --git a/src/openvpn/openvpn.vcxproj.filters
b/src/openvpn/openvpn.vcxproj.filters
index e6068af..8f1b9e0 100644
--- a/src/openvpn/openvpn.vcxproj.filters
+++ b/src/openvpn/openvpn.vcxproj.filters
@@ -237,6 +237,9 @@
Source Files
+
+ Source Files
+
@@ -494,10 +497,13 @@
Header Files
+
+ Header Files
+
Resource Files
-
\ No newline at end of file
+
diff --git a/src/openvpn/ring_buffer.c b/src/openvpn/ring_buffer.c
new file mode 100644
index 000..482e333
--- /dev/null
+++ b/src/openvpn/ring_buffer.c
@@ -0,0 +1,54 @@
+/*
+ * OpenVPN -- An application to securely tunnel IP networks
+ * over a single UDP port, with support for SSL/TLS-based
+ * session authentication and key exchange,
+ * packet encryption, packet authentication, and
+ * packet compression.
+ *
+ * Copyright (C) 2002-2019 OpenVPN Inc
+ *2019 Lev Stipakov
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#include
[Openvpn-devel] [PATCH v2 1/7] Visual Studio: upgrade project files to VS2019
From: Lev Stipakov
Signed-off-by: Lev Stipakov
---
src/compat/compat.vcxproj | 12 ++--
src/openvpn/openvpn.vcxproj | 12 ++--
src/openvpnmsica/openvpnmsica.vcxproj | 14 +++---
src/openvpnserv/openvpnserv.vcxproj | 12 ++--
src/tapctl/tapctl.vcxproj | 14 +++---
5 files changed, 32 insertions(+), 32 deletions(-)
diff --git a/src/compat/compat.vcxproj b/src/compat/compat.vcxproj
index 111dacd..e388008 100644
--- a/src/compat/compat.vcxproj
+++ b/src/compat/compat.vcxproj
@@ -22,30 +22,30 @@
{4B2E2719-E661-45D7-9203-F6F456B22F19}
compat
Win32Proj
-10.0.17134.0
+10.0
StaticLibrary
MultiByte
true
-v141
+v142
StaticLibrary
MultiByte
true
-v141
+v142
StaticLibrary
MultiByte
-v141
+v142
StaticLibrary
MultiByte
-v141
+v142
@@ -115,4 +115,4 @@
-
+
\ No newline at end of file
diff --git a/src/openvpn/openvpn.vcxproj b/src/openvpn/openvpn.vcxproj
index 42b..e77f026 100644
--- a/src/openvpn/openvpn.vcxproj
+++ b/src/openvpn/openvpn.vcxproj
@@ -22,30 +22,30 @@
{29DF226E-4D4E-440F-ADAF-5829CFD4CA94}
openvpn
Win32Proj
-10.0.17134.0
+10.0
Application
true
Unicode
-v141
+v142
Application
true
Unicode
-v141
+v142
Application
Unicode
-v141
+v142
Application
Unicode
-v141
+v142
@@ -301,4 +301,4 @@
-
+
\ No newline at end of file
diff --git a/src/openvpnmsica/openvpnmsica.vcxproj
b/src/openvpnmsica/openvpnmsica.vcxproj
index 5f1d699..afa4fae 100644
--- a/src/openvpnmsica/openvpnmsica.vcxproj
+++ b/src/openvpnmsica/openvpnmsica.vcxproj
@@ -31,32 +31,32 @@
{D41AA9D6-B818-476E-992E-0E16EB86BEE2}
Win32Proj
openvpnmsica
-10.0.17134.0
+10.0
DynamicLibrary
true
-v141
+v142
Unicode
true
DynamicLibrary
true
-v141
+v142
Unicode
DynamicLibrary
true
-v141
+v142
Unicode
DynamicLibrary
false
-v141
+v142
true
Unicode
true
@@ -64,14 +64,14 @@
DynamicLibrary
false
-v141
+v142
true
Unicode
DynamicLibrary
false
-v141
+v142
true
Unicode
diff --git a/src/openvpnserv/openvpnserv.vcxproj
b/src/openvpnserv/openvpnserv.vcxproj
index 7407757..7061b7b 100644
--- a/src/openvpnserv/openvpnserv.vcxproj
+++ b/src/openvpnserv/openvpnserv.vcxproj
@@ -22,30 +22,30 @@
{9C91EE0B-817D-420A-A1E6-15A5A9D98BAD}
openvpnserv
Win32Proj
-10.0.17134.0
+10.0
Application
Unicode
true
-v141
+v142
Application
Unicode
true
-v141
+v142
Application
Unicode
-v141
+v142
Application
Unicode
-v141
+v142
@@ -139,4 +139,4 @@
-
+
\ No newline at end of file
diff --git a/src/tapctl/tapctl.vcxproj b/src/tapctl/tapctl.vcxproj
index 5c1983b..1d593fc 100644
--- a/src/tapctl/tapctl.vcxproj
+++ b/src/tapctl/tapctl.vcxproj
@@ -31,32 +31,32 @@
{A06436E7-D576-490D-8BA0-0751D920334A}
Win32Proj
tapctl
-10.0.17134.0
+10.0
Application
true
-v141
+v142
Unicode
true
Application
true
-v141
+v142
Unicode
Application
true
-v141
+v142
Unicode
Application
false
-v141
+v142
true
Unicode
true
@@ -64,14 +64,14 @@
Application
false
-v141
+v142
true
Unicode
Application
false
-v141
+v142
true
Unicode
--
2.7.4
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH v2 4/7] wintun: ring buffers based I/O
From: Lev Stipakov
Implemented according to Wintun documentation
and reference client code.
Wintun uses ring buffers to communicate between
kernel driver and user process. Client allocates
send and receive ring buffers, creates events
and passes it to kernel driver under LocalSystem
privileges.
When data is available for read, wintun modifies
"tail" pointer of send ring and signals via event.
User process reads data from "head" to "tail" and
updates "head" pointer.
When user process is ready to write, it writes
to receive ring, updates "tail" pointer and signals
to kernel via event.
In openvpn code we add send ring's event to event loop.
Before performing io wait, we compare "head" and "tail"
pointers of send ring and if they're different, we skip
io wait and perform read.
This also adds ring buffers support to tcp and udp
server code.
Signed-off-by: Lev Stipakov
---
src/openvpn/forward.c | 42 +++---
src/openvpn/forward.h | 47 +++-
src/openvpn/mtcp.c| 28 +++-
src/openvpn/mudp.c| 14 ++
src/openvpn/options.c | 4 +-
src/openvpn/syshead.h | 1 +
src/openvpn/tun.c | 45 +++
src/openvpn/tun.h | 121 +-
src/openvpn/win32.c | 120 +
src/openvpn/win32.h | 47
10 files changed, 458 insertions(+), 11 deletions(-)
diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c
index 8451706..0be8b6d 100644
--- a/src/openvpn/forward.c
+++ b/src/openvpn/forward.c
@@ -1256,12 +1256,30 @@ read_incoming_tun(struct context *c)
perf_push(PERF_READ_IN_TUN);
c->c2.buf = c->c2.buffers->read_tun_buf;
+
#ifdef _WIN32
-read_tun_buffered(c->c1.tuntap, >c2.buf);
+if (c->c1.tuntap->wintun)
+{
+read_wintun(c->c1.tuntap, >c2.buf);
+if (c->c2.buf.len == -1)
+{
+register_signal(c, SIGHUP, "tun-abort");
+c->persist.restart_sleep_seconds = 1;
+msg(M_INFO, "Wintun read error, restarting");
+perf_pop();
+return;
+}
+}
+else
+{
+read_tun_buffered(c->c1.tuntap, >c2.buf);
#else
-ASSERT(buf_init(>c2.buf, FRAME_HEADROOM(>c2.frame)));
-ASSERT(buf_safe(>c2.buf, MAX_RW_SIZE_TUN(>c2.frame)));
-c->c2.buf.len = read_tun(c->c1.tuntap, BPTR(>c2.buf),
MAX_RW_SIZE_TUN(>c2.frame));
+ASSERT(buf_init(>c2.buf, FRAME_HEADROOM(>c2.frame)));
+ASSERT(buf_safe(>c2.buf, MAX_RW_SIZE_TUN(>c2.frame)));
+c->c2.buf.len = read_tun(c->c1.tuntap, BPTR(>c2.buf),
MAX_RW_SIZE_TUN(>c2.frame));
+#endif
+#ifdef _WIN32
+}
#endif
#ifdef PACKET_TRUNCATION_CHECK
@@ -2103,7 +2121,21 @@ io_wait_dowork(struct context *c, const unsigned int
flags)
* Configure event wait based on socket, tuntap flags.
*/
socket_set(c->c2.link_socket, c->c2.event_set, socket, (void
*)_shift, NULL);
-tun_set(c->c1.tuntap, c->c2.event_set, tuntap, (void *)_shift, NULL);
+
+#ifdef _WIN32
+if (c->c1.tuntap && c->c1.tuntap->wintun)
+{
+/* add ring buffer event */
+struct rw_handle rw = {.read = c->c1.tuntap->send_tail_moved };
+event_ctl(c->c2.event_set, , EVENT_READ, (void *)_shift);
+}
+else
+{
+#endif
+tun_set(c->c1.tuntap, c->c2.event_set, tuntap, (void *)_shift,
NULL);
+#ifdef _WIN32
+}
+#endif
#ifdef ENABLE_MANAGEMENT
if (management)
diff --git a/src/openvpn/forward.h b/src/openvpn/forward.h
index 48202c0..6096fa8 100644
--- a/src/openvpn/forward.h
+++ b/src/openvpn/forward.h
@@ -375,6 +375,19 @@ p2p_iow_flags(const struct context *c)
{
flags |= IOW_TO_TUN;
}
+#ifdef _WIN32
+{
+struct tuntap *tt = c->c1.tuntap;
+if (tt && tt->wintun)
+{
+if (tt->send_ring->head == tt->send_ring->tail)
+{
+/* nothing to read from tun -> remove tun read flag set by
IOW_READ */
+flags &= ~IOW_READ_TUN;
+}
+}
+}
+#endif
return flags;
}
@@ -403,8 +416,38 @@ io_wait(struct context *c, const unsigned int flags)
}
else
{
-/* slow path */
-io_wait_dowork(c, flags);
+#ifdef _WIN32
+bool skip_iowait = flags & IOW_TO_TUN;
+if (flags & IOW_READ_TUN)
+{
+/*
+ * don't read from tun if we have pending write to link,
+ * since every tun read overwrites to_link buffer filled
+ * by previous tun read
+ */
+skip_iowait = !(flags & IOW_TO_LINK);
+}
+if (c->c1.tuntap && c->c1.tuntap->wintun && skip_iowait)
+{
+unsigned int ret = 0;
+if (flags & IOW_TO_TUN)
+{
+ret |= TUN_WRITE;
+}
+if (flags & IOW_READ_TUN)
+{
+ret |= TUN_READ;
+}
+c->c2.event_set_status =
[Openvpn-devel] [PATCH v2 2/7] wintun: add --windows-driver config option
From: Lev Stipakov
This allows to specify which tun driver openvpn should use,
tap-windows6 (default) or wintun.
Note than wintun support will be added in follow-up patches.
Signed-off-by: Lev Stipakov
---
src/openvpn/init.c| 7 +++
src/openvpn/options.c | 37 +
src/openvpn/options.h | 1 +
src/openvpn/tun.h | 1 +
4 files changed, 46 insertions(+)
diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index ae7bd63..c6d4953 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -1733,6 +1733,10 @@ do_init_tun(struct context *c)
c->c2.es,
>net_ctx);
+#ifdef _WIN32
+c->c1.tuntap->wintun = c->options.wintun;
+#endif
+
init_tun_post(c->c1.tuntap,
>c2.frame,
>options.tuntap_options);
@@ -1775,6 +1779,9 @@ do_open_tun(struct context *c)
/* store (hide) interactive service handle in tuntap_options */
c->c1.tuntap->options.msg_channel = c->options.msg_channel;
msg(D_ROUTE, "interactive service msg_channel=%u", (unsigned int)
c->options.msg_channel);
+
+c->c1.tuntap->wintun = c->options.wintun;
+
#endif
/* allocate route list structure */
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 1838a69..5c5033e 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -747,6 +747,9 @@ static const char usage_message[] =
" optional parameter controls the initial state of
ex.\n"
"--show-net-up : Show " PACKAGE_NAME "'s view of routing table and net
adapter list\n"
" after TAP adapter is up and routes have been added.\n"
+"--windows-driver : Which tun driver to use?\n"
+" tap-windows6 (default)\n"
+" wintun\n"
#ifdef _WIN32
"--block-outside-dns : Block DNS on other network adapters to prevent
DNS leaks\n"
#endif
@@ -851,6 +854,7 @@ init_options(struct options *o, const bool init_gc)
o->tuntap_options.dhcp_masq_offset = 0; /* use network address as
internal DHCP server address */
o->route_method = ROUTE_METHOD_ADAPTIVE;
o->block_outside_dns = false;
+o->wintun = false;
#endif
o->vlan_accept = VLAN_ONLY_UNTAGGED_OR_PRIORITY;
o->vlan_pvid = 1;
@@ -2994,6 +2998,12 @@ options_postprocess_mutate_invariant(struct options
*options)
options->ifconfig_noexec = false;
}
+/* for wintun kernel doesn't send DHCP requests, so use ipapi to set IP
address and netmask */
+if (options->wintun)
+{
+options->tuntap_options.ip_win32_type = IPW32_SET_IPAPI;
+}
+
remap_redirect_gateway_flags(options);
#endif
@@ -4039,6 +4049,26 @@ foreign_option(struct options *o, char *argv[], int len,
struct env_set *es)
}
}
+#ifdef _WIN32
+bool
+parse_windows_driver(const char *str, const int msglevel)
+{
+if (streq(str, "tap-windows6"))
+{
+return false;
+}
+else if (streq(str, "wintun"))
+{
+return true;
+}
+else
+{
+msg(msglevel, "--windows-driver must be tap-windows6 or wintun");
+return false;
+}
+}
+#endif
+
/*
* parse/print topology coding
*/
@@ -5281,6 +5311,13 @@ add_option(struct options *options,
VERIFY_PERMISSION(OPT_P_GENERAL);
options->dev_type = p[1];
}
+#ifdef _WIN32
+else if (streq(p[0], "windows-driver") && p[1] && !p[2])
+{
+VERIFY_PERMISSION(OPT_P_GENERAL);
+options->wintun = parse_windows_driver(p[1], M_FATAL);
+}
+#endif
else if (streq(p[0], "dev-node") && p[1] && !p[2])
{
VERIFY_PERMISSION(OPT_P_GENERAL);
diff --git a/src/openvpn/options.h b/src/openvpn/options.h
index ff7a5bb..0a24e5e 100644
--- a/src/openvpn/options.h
+++ b/src/openvpn/options.h
@@ -632,6 +632,7 @@ struct options
bool show_net_up;
int route_method;
bool block_outside_dns;
+bool wintun;
#endif
bool use_peer_id;
diff --git a/src/openvpn/tun.h b/src/openvpn/tun.h
index 5a0a933..df935f6 100644
--- a/src/openvpn/tun.h
+++ b/src/openvpn/tun.h
@@ -175,6 +175,7 @@ struct tuntap
* ~0 if undefined */
DWORD adapter_index;
+bool wintun; /* true if wintun is used instead of tap-windows6 */
int standby_iter;
#else /* ifdef _WIN32 */
int fd; /* file descriptor for TUN/TAP dev */
--
2.7.4
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH v2 6/7] wintun: set adapter properties via interactive service
From: Lev Stipakov
Since Wintun doesn't do DHCP, use interactive service
calls to set up adapter properties.
This also fixes bug in previously unused IPv4 code of
do_address_service():
- ipv4 address must be in network byte order
- prefix length cannot be hardcoded /32 but
must be calculated from netmask
Signed-off-by: Lev Stipakov
---
src/openvpn/route.c | 2 +-
src/openvpn/route.h | 3 ++-
src/openvpn/tun.c | 77 +
3 files changed, 63 insertions(+), 19 deletions(-)
diff --git a/src/openvpn/route.c b/src/openvpn/route.c
index 97e90e5..cc6d551 100644
--- a/src/openvpn/route.c
+++ b/src/openvpn/route.c
@@ -3019,7 +3019,7 @@ out:
return ret;
}
-static bool
+bool
do_route_ipv4_service(const bool add, const struct route_ipv4 *r, const struct
tuntap *tt)
{
DWORD if_index = windows_route_find_if_index(r, tt);
diff --git a/src/openvpn/route.h b/src/openvpn/route.h
index 2e68091..27b652c 100644
--- a/src/openvpn/route.h
+++ b/src/openvpn/route.h
@@ -321,7 +321,8 @@ void setenv_routes(struct env_set *es, const struct
route_list *rl);
void setenv_routes_ipv6(struct env_set *es, const struct route_ipv6_list *rl6);
-
+bool do_route_ipv4_service(const bool add, const struct route_ipv4 *r,
+ const struct tuntap *tt);
bool is_special_addr(const char *addr_str);
diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
index ef1415c..c3ea4a8 100644
--- a/src/openvpn/tun.c
+++ b/src/openvpn/tun.c
@@ -109,8 +109,8 @@ do_address_service(const bool add, const short family,
const struct tuntap *tt)
if (addr.family == AF_INET)
{
-addr.address.ipv4.s_addr = tt->local;
-addr.prefix_len = 32;
+addr.address.ipv4.s_addr = htonl(tt->local);
+addr.prefix_len = netmask_to_netbits2(tt->adapter_netmask);
}
else
{
@@ -139,13 +139,17 @@ out:
}
static bool
-do_dns6_service(bool add, const struct tuntap *tt)
+do_dns_service(bool add, const short family, const struct tuntap *tt)
{
bool ret = false;
ack_message_t ack;
struct gc_arena gc = gc_new();
HANDLE pipe = tt->options.msg_channel;
-int addr_len = add ? tt->options.dns6_len : 0;
+int len = family == AF_INET6 ? tt->options.dns6_len : tt->options.dns_len;
+int addr_len = add ? len : 0;
+char ip_proto_name[5];
+
+strcpy(ip_proto_name, family == AF_INET6 ? "IPv6" : "IPv4");
if (addr_len == 0 && add) /* no addresses to add */
{
@@ -160,7 +164,7 @@ do_dns6_service(bool add, const struct tuntap *tt)
},
.iface = { .index = tt->adapter_index, .name = "" },
.domains = "",
-.family = AF_INET6,
+.family = family,
.addr_len = addr_len
};
@@ -172,17 +176,24 @@ do_dns6_service(bool add, const struct tuntap *tt)
{
addr_len = _countof(dns.addr);
dns.addr_len = addr_len;
-msg(M_WARN, "Number of IPv6 DNS addresses sent to service truncated to
%d",
-addr_len);
+msg(M_WARN, "Number of %s DNS addresses sent to service truncated to
%d",
+ip_proto_name, addr_len);
}
for (int i = 0; i < addr_len; ++i)
{
-dns.addr[i].ipv6 = tt->options.dns6[i];
+if (family == AF_INET6)
+{
+dns.addr[i].ipv6 = tt->options.dns6[i];
+}
+else
+{
+dns.addr[i].ipv4.s_addr = htonl(tt->options.dns[i]);
+}
}
-msg(D_LOW, "%s IPv6 dns servers on '%s' (if_index = %d) using service",
-(add ? "Setting" : "Deleting"), dns.iface.name, dns.iface.index);
+msg(D_LOW, "%s %s dns servers on '%s' (if_index = %d) using service",
+(add ? "Setting" : "Deleting"), ip_proto_name, dns.iface.name,
dns.iface.index);
if (!send_msg_iservice(pipe, , sizeof(dns), , "TUN"))
{
@@ -191,13 +202,13 @@ do_dns6_service(bool add, const struct tuntap *tt)
if (ack.error_number != NO_ERROR)
{
-msg(M_WARN, "TUN: %s IPv6 dns failed using service: %s [status=%u
if_name=%s]",
-(add ? "adding" : "deleting"), strerror_win32(ack.error_number,
),
+msg(M_WARN, "TUN: %s %s dns failed using service: %s [status=%u
if_name=%s]",
+(add ? "adding" : "deleting"), ip_proto_name,
strerror_win32(ack.error_number, ),
ack.error_number, dns.iface.name);
goto out;
}
-msg(M_INFO, "IPv6 dns servers %s using service", (add ? "set" :
"deleted"));
+msg(M_INFO, "%s dns servers %s using service", ip_proto_name, (add ? "set"
: "deleted"));
ret = true;
out:
@@ -830,7 +841,7 @@ init_tun_post(struct tuntap *tt,
* an extra call to "route add..."
* -> helper function to simplify code below
*/
-void
+static void
add_route_connected_v6_net(struct tuntap *tt,
const struct env_set *es)
{
@@ -862,6 +873,21 @@ delete_route_connected_v6_net(struct tuntap *tt,
}
#endif /* if defined(_WIN32) ||
[Openvpn-devel] [PATCH v2 0/7] Wintun support
This set of patches adds support of wintun kernel driver (https://www.wintun.net) to OpenVPN Windows client and server. While wintun is in beta (currently used version is 0.7), it performs significantly faster comparison to tap-windows6. Below are download bandwidth stats reported by iperf3 running on client: > iperf3 -c -t 60 Server - community openvpn2 (2.4.4) tap-windows6 - 396Mbit/s wintun- 677Mbit/s Server - propietary openvpn3 with kernel acceleration (in development) tap-windows6 - 386Mbit/s wintun- 840Mbit/s Client version used for tap-windows6 tests is 2.4.8. To use wintun driver instead of tap-window6, add "windows-driver wintun" to your VPN config file or openvpn.exe command line. Ready-made Windows client installer (signed by OpenVPN Inc) with wintun support could be found here: from http://staging.openvpn.net/openvpn2/. To build installer yourself, you need a patched version of openvpn-build, see https://github.com/OpenVPN/openvpn-build/pull/154. Changes from v1: - rebased on top of latest master (2b11e57) Lev Stipakov (7): Visual Studio: upgrade project files to VS2019 wintun: add --windows-driver config option wintun: implement opening wintun device wintun: ring buffers based I/O wintun: interactive service support wintun: set adapter properties via interactive service wintun: clear adapter settings on tun close include/openvpn-msg.h | 10 + src/compat/compat.vcxproj | 12 +- src/openvpn/Makefile.am | 4 +- src/openvpn/forward.c | 42 ++- src/openvpn/forward.h | 47 ++- src/openvpn/init.c | 7 + src/openvpn/mtcp.c | 28 +- src/openvpn/mudp.c | 14 + src/openvpn/openvpn.vcxproj | 16 +- src/openvpn/openvpn.vcxproj.filters | 8 +- src/openvpn/options.c | 37 ++ src/openvpn/options.h | 1 + src/openvpn/ring_buffer.c | 54 +++ src/openvpn/ring_buffer.h | 79 + src/openvpn/route.c | 2 +- src/openvpn/route.h | 3 +- src/openvpn/syshead.h | 1 + src/openvpn/tun.c | 504 +++- src/openvpn/tun.h | 139 +++- src/openvpn/win32.c | 95 ++ src/openvpn/win32.h | 4 + src/openvpnmsica/openvpnmsica.vcxproj | 14 +- src/openvpnserv/Makefile.am | 3 +- src/openvpnserv/interactive.c | 141 +++- src/openvpnserv/openvpnserv.vcxproj | 14 +- src/openvpnserv/openvpnserv.vcxproj.filters | 6 + src/tapctl/tapctl.vcxproj | 14 +- 27 files changed, 1160 insertions(+), 139 deletions(-) create mode 100644 src/openvpn/ring_buffer.c create mode 100644 src/openvpn/ring_buffer.h -- 2.7.4 ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH applied] Re: VLAN: add basic VLAN tagging support
Hi
On Thu, Nov 7, 2019 at 7:43 AM Lev Stipakov wrote:
> Hi,
>
>
>> I'm a bit unhappy with that one, as it changes behaviour for all
>> non-windows
>> builds (including all the openssl build output even if it succeeds).
>>
>
> The only place it changes behavior is this
>
> install:
>- if [ ! -z "${CHOST}" ]; then unset CC; fi
> - - .travis/build-deps.sh > build-deps.log 2>&1 || (cat build-deps.log &&
> exit 1)
> + - .travis/build-deps.sh
>
> I don't see it as an issue to print output when building dependencies. The
> reason why
> it is done is that travis aborts build if there is no output for more than
> 10 minutes.
>
>
>> Besides this, we need to fix this whole MSVC mess - all other platforms
>> are just done with "add new source file to the Makefile.ac" and done
>> (including mingw builds), and then MSVC is broken again, and this will
>> happen again and again.
>
>
>> Is there no reasonable way to build these project files from Makefile.ac?
>>
>
> I see no reasonable way. Selva, Simon - opinions?
>
Personally, I come from the Unix world, work on Windows only out of
necessity, and either avoid MSVC or leave it to others to figure out as far
as possible. So my opinion may not count for much.
That said, short of moving to a more Windows-friendly build system such as
CMake, I see no good options. But the status quo looks good enough to me --
i.e., just do a patch to fix the project files when you notice a missing
entry.
Selva
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH applied] Re: msvc: Add vlan.c/h
Thanks! Your patch has been applied to the master branch. commit 2b11e57c02b2d21e384a2fc860fea1209f55 Author: Simon Rozman Date: Thu Nov 7 14:29:01 2019 +0100 msvc: Add vlan.c/h Signed-off-by: Simon Rozman Acked-by: Lev Stipakov Message-Id: <20191107132901.1280-1-si...@rozman.si> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg19015.html Signed-off-by: Gert Doering -- kind regards, Gert Doering ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH applied] Re: VLAN: add basic VLAN tagging support
Hi, On 07/11/2019 14:36, Simon Rozman wrote: > I revoke this “master.c” idea. It makes incremental compiling ridiculously > slow. It might work for production builds, but definitely not for development. It also breaks scoping of variables/function. So, I am glad you found your own reason to reject that :-) -- Antonio Quartulli ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH applied] Re: VLAN: add basic VLAN tagging support
I revoke this “master.c” idea. It makes incremental compiling ridiculously slow. It might work for production builds, but definitely not for development. Best regards, Simon From: Simon Rozman [mailto:si...@rozman.si] Sent: Thursday, November 7, 2019 2:06 PM To: 'Lev Stipakov' ; 'Gert Doering' Cc: 'Antonio Quartulli' ; 'openvpn-devel' Subject: Re: [Openvpn-devel] [PATCH applied] Re: VLAN: add basic VLAN tagging support We could introduce a master.c file which would include: #include "argv.c" #include "auth_token.c" #include "base64.c" #include "block_dns.c" #include "buffer.c" . . . #include "status.c" #include "tls_crypt.c" #include "tun.c" #include "win32.c" And then have Makefile.ac and MSVC project files compile the master.c only. Best regards, Simon Besides this, we need to fix this whole MSVC mess - all other platforms are just done with "add new source file to the Makefile.ac" and done (including mingw builds), and then MSVC is broken again, and this will happen again and again. Is there no reasonable way to build these project files from Makefile.ac? I see no reasonable way. Selva, Simon - opinions? We could probably have a templatized project file and script which inserts source files to there based on content of Makefile.ac, but I don't like it. I consider necessity of modifying VS project a lesser evil. (you open it and it just works) -Lev smime.p7s Description: S/MIME cryptographic signature ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH] msvc: Add vlan.c/h
Acked-by: Lev Stipakov to 7. marrask. 2019 klo 15.30 Simon Rozman (si...@rozman.si) kirjoitti: > This upgrades 99f28081477ca325a14b13c38abec2c9b619eb01 to support MSVC > building. > > Signed-off-by: Simon Rozman > --- > src/openvpn/openvpn.vcxproj | 2 ++ > src/openvpn/openvpn.vcxproj.filters | 6 ++ > 2 files changed, 8 insertions(+) > > diff --git a/src/openvpn/openvpn.vcxproj b/src/openvpn/openvpn.vcxproj > index 85af466f..48e8e140 100644 > --- a/src/openvpn/openvpn.vcxproj > +++ b/src/openvpn/openvpn.vcxproj > @@ -196,6 +196,7 @@ > > > > + > > > > @@ -283,6 +284,7 @@ > > > > + > > > > diff --git a/src/openvpn/openvpn.vcxproj.filters > b/src/openvpn/openvpn.vcxproj.filters > index e6068aff..653e892c 100644 > --- a/src/openvpn/openvpn.vcxproj.filters > +++ b/src/openvpn/openvpn.vcxproj.filters > @@ -237,6 +237,9 @@ > >Source Files > > + > + Source Files > + > > > > @@ -494,6 +497,9 @@ > >Header Files > > + > + Header Files > + > > > > -- > 2.23.0.windows.1 > > > > ___ > Openvpn-devel mailing list > Openvpn-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-devel > -- -Lev ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH applied] Re: VLAN: add basic VLAN tagging support
Hi,
On 07/11/2019 12:42, Lev Stipakov wrote:
Hi,
I'm a bit unhappy with that one, as it changes behaviour for all
non-windows
builds (including all the openssl build output even if it succeeds).
The only place it changes behavior is this
install:
- if [ ! -z "${CHOST}" ]; then unset CC; fi
- - .travis/build-deps.sh > build-deps.log 2>&1 || (cat build-deps.log &&
exit 1)
+ - .travis/build-deps.sh
I don't see it as an issue to print output when building dependencies. The
reason why
it is done is that travis aborts build if there is no output for more than
10 minutes.
Can travis be instructed to wait longer ?
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] msvc: Add vlan.c/h
This upgrades 99f28081477ca325a14b13c38abec2c9b619eb01 to support MSVC building. Signed-off-by: Simon Rozman --- src/openvpn/openvpn.vcxproj | 2 ++ src/openvpn/openvpn.vcxproj.filters | 6 ++ 2 files changed, 8 insertions(+) diff --git a/src/openvpn/openvpn.vcxproj b/src/openvpn/openvpn.vcxproj index 85af466f..48e8e140 100644 --- a/src/openvpn/openvpn.vcxproj +++ b/src/openvpn/openvpn.vcxproj @@ -196,6 +196,7 @@ + @@ -283,6 +284,7 @@ + diff --git a/src/openvpn/openvpn.vcxproj.filters b/src/openvpn/openvpn.vcxproj.filters index e6068aff..653e892c 100644 --- a/src/openvpn/openvpn.vcxproj.filters +++ b/src/openvpn/openvpn.vcxproj.filters @@ -237,6 +237,9 @@ Source Files + + Source Files + @@ -494,6 +497,9 @@ Header Files + + Header Files + -- 2.23.0.windows.1 ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH applied] Re: VLAN: add basic VLAN tagging support
We could introduce a master.c file which would include: #include "argv.c" #include "auth_token.c" #include "base64.c" #include "block_dns.c" #include "buffer.c" . . . #include "status.c" #include "tls_crypt.c" #include "tun.c" #include "win32.c" And then have Makefile.ac and MSVC project files compile the master.c only. Best regards, Simon Besides this, we need to fix this whole MSVC mess - all other platforms are just done with "add new source file to the Makefile.ac" and done (including mingw builds), and then MSVC is broken again, and this will happen again and again. Is there no reasonable way to build these project files from Makefile.ac? I see no reasonable way. Selva, Simon - opinions? We could probably have a templatized project file and script which inserts source files to there based on content of Makefile.ac, but I don't like it. I consider necessity of modifying VS project a lesser evil. (you open it and it just works) -Lev smime.p7s Description: S/MIME cryptographic signature ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH applied] Re: VLAN: add basic VLAN tagging support
Hi,
On Thu, Nov 07, 2019 at 02:42:17PM +0200, Lev Stipakov wrote:
> > I'm a bit unhappy with that one, as it changes behaviour for all
> > non-windows
> > builds (including all the openssl build output even if it succeeds).
>
> The only place it changes behavior is this
>
> install:
>- if [ ! -z "${CHOST}" ]; then unset CC; fi
> - - .travis/build-deps.sh > build-deps.log 2>&1 || (cat build-deps.log &&
> exit 1)
> + - .travis/build-deps.sh
>
> I don't see it as an issue to print output when building dependencies. The
> reason why
> it is done is that travis aborts build if there is no output for more than
> 10 minutes.
It's lots of text that is totally uninteresting if it succeeds, but that
you need to scroll over when looking for the reason why a build fails -
which is the reason why it is the way it is today.
[..]
> We could probably have a templatized project file and script which inserts
> source files to there
> based on content of Makefile.ac, but I don't like it. I consider necessity
> of modifying VS project a lesser evil.
>
> (you open it and it just works)
I'm not taking responsibility for not breaking MSVC builds. This is a
world alien to me - if you want me to not break things, it needs to be
"without fiddling XML files".
If you volunteer to update MSVC every time we add or change a source file,
I'm happy to send you a HEADS UP notice. But I am not doing it, and I will
not request it from any contributor who is not using windows.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH applied] Re: VLAN: add basic VLAN tagging support
Hi,
> I'm a bit unhappy with that one, as it changes behaviour for all
> non-windows
> builds (including all the openssl build output even if it succeeds).
>
The only place it changes behavior is this
install:
- if [ ! -z "${CHOST}" ]; then unset CC; fi
- - .travis/build-deps.sh > build-deps.log 2>&1 || (cat build-deps.log &&
exit 1)
+ - .travis/build-deps.sh
I don't see it as an issue to print output when building dependencies. The
reason why
it is done is that travis aborts build if there is no output for more than
10 minutes.
> Besides this, we need to fix this whole MSVC mess - all other platforms
> are just done with "add new source file to the Makefile.ac" and done
> (including mingw builds), and then MSVC is broken again, and this will
> happen again and again.
> Is there no reasonable way to build these project files from Makefile.ac?
>
I see no reasonable way. Selva, Simon - opinions?
We could probably have a templatized project file and script which inserts
source files to there
based on content of Makefile.ac, but I don't like it. I consider necessity
of modifying VS project
a lesser evil.
(you open it and it just works)
-Lev
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH applied] Re: VLAN: add basic VLAN tagging support
Hi, On Thu, Nov 07, 2019 at 02:18:25PM +0200, Lev Stipakov wrote: > This broke (again) Visual Studio build: > > > error LNK2019: unresolved external symbol vlan_process_outgoing_tun > referenced in function multi_process_outgoing_tun Can you please send a patch that adds vlan.c to the list of source code modules to be compiled and linked? > Can we please ack and merge this patch > https://patchwork.openvpn.net/patch/868/ to catch these things earlier? I'm a bit unhappy with that one, as it changes behaviour for all non-windows builds (including all the openssl build output even if it succeeds). Besides this, we need to fix this whole MSVC mess - all other platforms are just done with "add new source file to the Makefile.ac" and done (including mingw builds), and then MSVC is broken again, and this will happen again and again. Is there no reasonable way to build these project files from Makefile.ac? gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH applied] Re: VLAN: add basic VLAN tagging support
This broke (again) Visual Studio build: > error LNK2019: unresolved external symbol vlan_process_outgoing_tun referenced in function multi_process_outgoing_tun Can we please ack and merge this patch https://patchwork.openvpn.net/patch/868/ to catch these things earlier? ke 6. marrask. 2019 klo 22.42 Gert Doering (g...@greenie.muc.de) kirjoitti: > Acked-by: Gert Doering > > Stared at the code (twice now), run t_client and t_server tests. > > This patch does not really *do* much yet, but it lays the groundwork > for future work - the "broadcast only to clients in the same vlan" > part is there, but it's always called with "0" (= all clients). As > far as I can see, the only notable behavioural change we have so far > is "if a client is assigned a pvid (!= the global pvid), it will not > be able to communicate with the TAP interface" (check in vlan.c, > vlan_process_outgoing_tun()), but client-to-client is still allowed, > and there is no per-vlan MAC learning yet either. > > (Most notably, it only adds options and code relevant for TAP mode) > > Your patch has been applied to the master branch. > > commit 99f28081477ca325a14b13c38abec2c9b619eb01 > Author: Antonio Quartulli > Date: Wed Oct 9 16:34:15 2019 +0200 > > VLAN: add basic VLAN tagging support > > Signed-off-by: Fabian Knittel > Signed-off-by: Antonio Quartulli > Acked-by: Gert Doering > Message-Id: <20191009143422.9419-...@unstable.cc> > URL: > https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18924.html > Signed-off-by: Gert Doering > > > -- > kind regards, > > Gert Doering > > > > ___ > Openvpn-devel mailing list > Openvpn-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-devel > -- -Lev ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
