Re: [Openvpn-devel] [PATCH] tun.c: enable using wintun driver under SYSTEM
No need to rush. I’m happy to wait until Wednesday for beta2.
Cheers,
Marvin
Sent from my iPhone
> On Aug 22, 2020, at 12:20 AM, Gert Doering wrote:
>
> Hi,
>
>> On Fri, Aug 21, 2020 at 07:37:27PM -0700, Marvin Adeff wrote:
>> When will this be available as an installable (beta) msi?
>
> I'll merge the commit today or tomorrow (sorry for the lag on my side,
> was travelling and had only limited access to "Internet and focus").
>
> My plan is to do a formal "beta2" tag on Wednesday, but of course
> Samuli/Lev could do a new installer ("beta1_1") earlier.
>
> gert
> --
> "If was one thing all people took for granted, was conviction that if you
> feed honest figures into a computer, honest figures come out. Never doubted
> it myself till I met a computer with a sense of humor."
> Robert A. Heinlein, The Moon is a Harsh Mistress
>
> Gert Doering - Munich, Germany g...@greenie.muc.de
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH] tun.c: enable using wintun driver under SYSTEM
Hi,
On Fri, Aug 21, 2020 at 07:37:27PM -0700, Marvin Adeff wrote:
> When will this be available as an installable (beta) msi?
I'll merge the commit today or tomorrow (sorry for the lag on my side,
was travelling and had only limited access to "Internet and focus").
My plan is to do a formal "beta2" tag on Wednesday, but of course
Samuli/Lev could do a new installer ("beta1_1") earlier.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH] tun.c: enable using wintun driver under SYSTEM
Hi,
When will this be available as an installable (beta) msi?
Marvin
> On Aug 21, 2020, at 2:13 PM, Selva Nair wrote:
>
> Hi,
>
>> On Wed, Aug 19, 2020 at 3:08 AM Lev Stipakov wrote:
>> From: Lev Stipakov
>>
>> Commit 6d19775a468 has removed SYSTEM elevation hack,
>> but introduced regression - inability to use wintun without interactive
>> service.
>>
>> Proceed with ring buffers registration even if iservice is unavailable and
>> display
>> relevant error message.
>>
>> Trac #1318
>>
>> Signed-off-by: Lev Stipakov
>> ---
>> src/openvpn/tun.c | 30 +-
>> 1 file changed, 25 insertions(+), 5 deletions(-)
>>
>> diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
>> index 30454454..62557364 100644
>> --- a/src/openvpn/tun.c
>> +++ b/src/openvpn/tun.c
>> @@ -6158,12 +6158,32 @@ wintun_register_ring_buffer(struct tuntap *tt, const
>> char *device_guid)
>> }
>> else
>> {
>> -msg(M_FATAL, "ERROR: Wintun requires SYSTEM privileges and
>> therefore "
>> - "should be used with interactive service. If you want
>> to "
>> - "use openvpn from command line, you need to do SYSTEM "
>> - "elevation yourself (for example with psexec).");
>> -}
>> +if (!register_ring_buffers(tt->hand,
>> + tt->wintun_send_ring,
>> + tt->wintun_receive_ring,
>> + tt->rw_handle.read,
>> + tt->rw_handle.write))
>> +{
>> +switch (GetLastError())
>> +{
>> +case ERROR_ACCESS_DENIED:
>> +msg(M_FATAL, "ERROR: Wintun requires SYSTEM privileges
>> and therefore "
>> + "should be used with interactive service.
>> If you want to "
>> + "use openvpn from command line, you need
>> to do SYSTEM "
>> + "elevation yourself (for example with
>> psexec).");
>> +break;
>> +
>> +case ERROR_ALREADY_INITIALIZED:
>> +msg(M_NONFATAL, "Adapter %s is already in use",
>> device_guid);
>> +break;
>>
>> +default:
>> +msg(M_NONFATAL | M_ERRNO, "Failed to register ring
>> buffers");
>> +}
>> +ret = false;
>> +}
>> +
>> +}
>> return ret;
>> }
>
> Looks good and running as SYSTEM works now as expected. Tested on 64 bit
> Windows 10.
>
> Acked-by: selva.n...@gmail.com
> ___
> Openvpn-devel mailing list
> Openvpn-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-devel
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH] tun.c: enable using wintun driver under SYSTEM
Hi,
On Wed, Aug 19, 2020 at 3:08 AM Lev Stipakov wrote:
> From: Lev Stipakov
>
> Commit 6d19775a468 has removed SYSTEM elevation hack,
> but introduced regression - inability to use wintun without interactive
> service.
>
> Proceed with ring buffers registration even if iservice is unavailable and
> display
> relevant error message.
>
> Trac #1318
>
> Signed-off-by: Lev Stipakov
> ---
> src/openvpn/tun.c | 30 +-
> 1 file changed, 25 insertions(+), 5 deletions(-)
>
> diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
> index 30454454..62557364 100644
> --- a/src/openvpn/tun.c
> +++ b/src/openvpn/tun.c
> @@ -6158,12 +6158,32 @@ wintun_register_ring_buffer(struct tuntap *tt,
> const char *device_guid)
> }
> else
> {
> -msg(M_FATAL, "ERROR: Wintun requires SYSTEM privileges and
> therefore "
> - "should be used with interactive service. If you
> want to "
> - "use openvpn from command line, you need to do
> SYSTEM "
> - "elevation yourself (for example with psexec).");
> -}
> +if (!register_ring_buffers(tt->hand,
> + tt->wintun_send_ring,
> + tt->wintun_receive_ring,
> + tt->rw_handle.read,
> + tt->rw_handle.write))
> +{
> +switch (GetLastError())
> +{
> +case ERROR_ACCESS_DENIED:
> +msg(M_FATAL, "ERROR: Wintun requires SYSTEM
> privileges and therefore "
> + "should be used with interactive
> service. If you want to "
> + "use openvpn from command line, you need
> to do SYSTEM "
> + "elevation yourself (for example with
> psexec).");
> +break;
> +
> +case ERROR_ALREADY_INITIALIZED:
> +msg(M_NONFATAL, "Adapter %s is already in use",
> device_guid);
> +break;
>
> +default:
> +msg(M_NONFATAL | M_ERRNO, "Failed to register ring
> buffers");
> +}
> +ret = false;
> +}
> +
> +}
> return ret;
> }
>
Looks good and running as SYSTEM works now as expected. Tested on 64 bit
Windows 10.
Acked-by: selva.n...@gmail.com
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] tun.c: enable using wintun driver under SYSTEM
From: Lev Stipakov
Commit 6d19775a468 has removed SYSTEM elevation hack,
but introduced regression - inability to use wintun without interactive service.
Proceed with ring buffers registration even if iservice is unavailable and
display
relevant error message.
Trac #1318
Signed-off-by: Lev Stipakov
---
src/openvpn/tun.c | 30 +-
1 file changed, 25 insertions(+), 5 deletions(-)
diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
index 30454454..62557364 100644
--- a/src/openvpn/tun.c
+++ b/src/openvpn/tun.c
@@ -6158,12 +6158,32 @@ wintun_register_ring_buffer(struct tuntap *tt, const
char *device_guid)
}
else
{
-msg(M_FATAL, "ERROR: Wintun requires SYSTEM privileges and therefore "
- "should be used with interactive service. If you want to "
- "use openvpn from command line, you need to do SYSTEM "
- "elevation yourself (for example with psexec).");
-}
+if (!register_ring_buffers(tt->hand,
+ tt->wintun_send_ring,
+ tt->wintun_receive_ring,
+ tt->rw_handle.read,
+ tt->rw_handle.write))
+{
+switch (GetLastError())
+{
+case ERROR_ACCESS_DENIED:
+msg(M_FATAL, "ERROR: Wintun requires SYSTEM privileges
and therefore "
+ "should be used with interactive service. If
you want to "
+ "use openvpn from command line, you need to
do SYSTEM "
+ "elevation yourself (for example with
psexec).");
+break;
+
+case ERROR_ALREADY_INITIALIZED:
+msg(M_NONFATAL, "Adapter %s is already in use",
device_guid);
+break;
+default:
+msg(M_NONFATAL | M_ERRNO, "Failed to register ring
buffers");
+}
+ret = false;
+}
+
+}
return ret;
}
--
2.17.1
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
