Hi!
I am developing an eduVPN client for Windows. Imagine the eduVPN client as a
custom OpenVPN GUI. The client uses openvpn.exe for connecting, the
configuration file is provided by eduVPN server once user authenticates
using OAuth. User running the eduVPN client is not an administrator.
Eleva
Hi Selva,
Is there any specific reason, why Interactive Service is so paranoid, knowing
that it launches openvpn.exe and all external scripts as the interactive user
anyway?
The service does privileged operations so some admin has to bless a user to
allow certain options when launching openvpn
Hi,
>
> Wasn't this changed in the latest version, allowing config files to be
under
> user home/profile directory?
>
Nope, 2.4.3 refuses to run the openvpn.exe if --config points to an .ovpn
file in the user home directory (namely user's temporary folder). I also did
a brief openvpnserv source
Hi,
> +// stripped version of ExecCommand in interactive.c static DWORD
C++ style comment.
> +// rename adapter via netsh call
C++ style comment.
> +const TCHAR* szFmt = _T("netsh interface set interface name=\"%s\"
> newname=\"%s\"");
> +size_t ncmdline = _tcslen(szFmt) + _tcslen(
Hi,
Adapter name already is configurable in openvpn-build/windows-msi/msi.wxs:
https://github.com/Amebis/openvpn-build/blob/5f5ba807de2bad50d01a5b08dfc6fad98ee41213/windows-msi/msi.wxs#L1300
Regards, Simon
From: Selva Nair
Sent: Wednesday, September 2, 2020 3:12 PM
To: Lev Stipakov
Cc: Lev St
Hi,
> -Original Message-
> From: Lev Stipakov
> Sent: Wednesday, September 2, 2020 11:37 PM
> To: openvpn-devel@lists.sourceforge.net
> Cc: Lev Stipakov
> Subject: [Openvpn-devel] [PATCH v2] openvpnmsica: make adapter renaming
> non-fatal
>
> From: Lev Stipakov
>
> For some users rena
Signed-off-by: Simon Rozman
---
src/openvpn/tun.c | 10 ++
1 file changed, 10 insertions(+)
diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
index b1cd7a1b..80ae6958 100644
--- a/src/openvpn/tun.c
+++ b/src/openvpn/tun.c
@@ -6706,6 +6706,16 @@ netsh_delete_address_dns(const struct tunt
This is more efficient and less error prone.
Signed-off-by: Simon Rozman
---
src/openvpn/route.c | 26 +++---
src/openvpn/tun.c | 88 +
2 files changed, 53 insertions(+), 61 deletions(-)
diff --git a/src/openvpn/route.c b/src/openvpn/route.c
As the find_adapters() failure is not critical and FindSystemInfo()
should continue regardless, the find_adapters() has been simplified not
to return result code. It still logs any error thou.
Signed-off-by: Simon Rozman
---
src/openvpnmsica/openvpnmsica.c | 7 +++
1 file changed, 3 insertio
When there are no IPv6 DNS published, the adapter state is not
sanitized and might contain IPv6 DNS server from a previous session.
netsh_ifconfig_options() clears DNS servers for IPv4 already.
Signed-off-by: Simon Rozman
---
src/openvpn/tun.c | 8 +++-
1 file changed, 7 insertions(+), 1 de
Legacy TAP-Windows6 adapters (marked as IF_TYPE_ETHERNET_CSMACD 0x6)
fail to upgrade to the new driver on Windows 7: Device cannot start
(Code 10).
Ignoring those adapters on Windows 7 triggers creation of a new TAP
adapter on setup eliminating the need for user intervention.
Signed-off-by: Simon
Lots of string functions were declared unsafe in favor of ..._s()
counterparts. However, the code already is careful about the buffer
size. Code analysis is just not smart enough (yet) to detect this.
The code was refactored to use ..._s() variants MSVC is considering as
"safe".
Signed-off-by: Si
wcsncat() was declared unsafe in favour of wcsncat_s(). However, the
string concatenation follows the string length check, making wcsncat()
safe too. Code analysis is just not smart enough (yet) to detect this.
The code was refactored to use wcscat_s() MSVC is considering as "safe".
Signed-off-by
Signed-off-by: Simon Rozman
---
src/openvpn/tun.c | 34 --
1 file changed, 34 deletions(-)
diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
index 6c51a52d..6b7c8ef1 100644
--- a/src/openvpn/tun.c
+++ b/src/openvpn/tun.c
@@ -85,8 +85,6 @@ static void netsh_comman
Commit 24596b25 ("build: Remove compat-lz4") removed lz4 compat layer,
but openvpn-build\msvc doesn't provide LZ4 library either.
Signed-off-by: Simon Rozman
---
config-msvc.h | 1 -
1 file changed, 1 deletion(-)
diff --git a/config-msvc.h b/config-msvc.h
index e430ca96..53d97902 100644
--- a/c
It's about using a standard recommended alias for the wcsdup():
> warning C4996: 'wcsdup': The POSIX name for this item is deprecated.
> Instead, use the ISO C and C++ conformant name: _wcsdup. See online
> help for details.
And the documentation says:
> The Microsoft-implemented POSIX function
Hi,
> > -73,14 +73,13 @@ find_function(const WCHAR *libname, const char
> *funcname, HMODULE *m)
> > return NULL;
> > }
> >
> > -size_t len = _countof(libpath) - wcslen(libpath) - 1;
> > -if (len < wcslen(libname) + 1)
> > +if (wcslen(libpath) + 1 /*\*/ + wcslen(libname) >
Hi,
> > Commit 24596b25 ("build: Remove compat-lz4") removed lz4 compat layer,
> > but openvpn-build\msvc doesn't provide LZ4 library either.
>
> What would be needed to actually *build* with LZ4 on MSVC? That is,
> build it as prerequisite as LZO is built?
>
> The idea wasn't to remove LZ4 fro
wcsncat() was declared unsafe in favour of wcsncat_s(). However, the
string concatenation follows the string length check, making wcsncat()
safe too. Code analysis is just not smart enough (yet) to detect this.
The code was refactored to use wcscat_s() MSVC is considering as "safe".
Signed-off-by
FormatMessage() sets the last error according to its own success. This
looses the original error code leading to mismatched error message and
error number when sprintfted together resulting in confusing event log
message.
Signed-off-by: Simon Rozman
---
src/openvpnserv/common.c | 6 --
1 fil
20 matches
Mail list logo
