cron2 has uploaded a new patch set (#2) to the change originally created by d12fk. ( http://gerrit.openvpn.net/c/openvpn/+/1429?usp=email )
The following approvals got outdated and were removed: Code-Review+2 by selvanair Change subject: iservice: set adapter DNS only with search domains ...................................................................... iservice: set adapter DNS only with search domains With NRPT the adapter name server configuration is not needed theoretically. However DNS config is not showing with traditional tools like ipconfig if they are left out. More importantly if there are no DNS servers configured for an adapter the adapter specific search domains are not recognized by the Windows resolver. However, adding the servers to the adapter has the side effect, that general look-ups are now also done using this adapter, which might come as unexpected and yield wrong results, if there is some trickery happening with the default DNS, for example. As a workaround, set the adapter DNS only when strictly needed. Github: OpenVPN/openvpn#473 Change-Id: I6debe8bbedd5a08da417bfee1243a43ef6df7980 Signed-off-by: Heiko Hund <[email protected]> Acked-by: Selva Nair <[email protected]> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1429 Message-Id: <[email protected]> URL: https://www.mail-archive.com/[email protected]/msg34968.html Signed-off-by: Gert Doering <[email protected]> --- M src/openvpnserv/interactive.c 1 file changed, 12 insertions(+), 4 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/29/1429/2 diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c index 6f04f6b..9327dfa 100644 --- a/src/openvpnserv/interactive.c +++ b/src/openvpnserv/interactive.c @@ -2869,11 +2869,19 @@ goto out; } - /* Set name servers */ - err = SetNameServerAddresses(iid, msg->addresses); - if (err) + /* + * Set DNS on the adapter for search domains to be considered. + * If split DNS is configured, do this only when search domains + * are given, so that look-ups for other domains do not go over + * the VPN all the time. + */ + if (msg->search_domains[0] || !msg->resolve_domains[0]) { - goto out; + err = SetNameServerAddresses(iid, msg->addresses); + if (err) + { + goto out; + } } /* Set search domains, if any */ -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1429?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings?usp=email Gerrit-MessageType: newpatchset Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I6debe8bbedd5a08da417bfee1243a43ef6df7980 Gerrit-Change-Number: 1429 Gerrit-PatchSet: 2 Gerrit-Owner: d12fk <[email protected]> Gerrit-Reviewer: plaisthos <[email protected]> Gerrit-Reviewer: selvanair <[email protected]> Gerrit-CC: openvpn-devel <[email protected]>
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
