From patchwork Wed Feb  5 12:46:14 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: [Openvpn-devel,1/2] Skip DNS address validation
X-Patchwork-Submitter: Domagoj Pensa <domagoj@pensa.hr>
X-Patchwork-Id: 973
Message-Id: <20200205124615.15758-2-domagoj@pensa.hr>
To: openvpn-devel@lists.sourceforge.net
Date: Wed,  5 Feb 2020 13:46:14 +0100
From: Domagoj Pensa <domagoj@pensa.hr>
List-Id: <openvpn-devel.lists.sourceforge.net>

When adding IPv4 DNS servers without interactive service use
"validate=no", on Windows 7 and higher, to skip time consuming automatic
address validation, that is on by default.

Fix uses adapted code from commit 786e06a

Signed-off-by: Domagoj Pensa <domagoj@pensa.hr>
Acked-by: Lev Stipakov <lstipakov@gmail.com>
Acked-by: Simon Rozman <simon@rozman.si>
---
 src/openvpn/tun.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
index af09e676..9f369f74 100644
--- a/src/openvpn/tun.c
+++ b/src/openvpn/tun.c
@@ -5216,6 +5216,7 @@ netsh_ifconfig_options(const char *type,
     struct gc_arena gc = gc_new();
     struct argv argv = argv_new();
     bool delete_first = false;
+    bool is_dns = !strcmp(type, "dns");
 
     /* first check if we should delete existing DNS/WINS settings from TAP interface */
     if (test_first)
@@ -5259,6 +5260,14 @@ netsh_ifconfig_options(const char *type,
                             type,
                             flex_name,
                             print_in_addr_t(addr_list[i], 0, &gc));
+
+                /* disable slow address validation on Windows 7 and higher */
+                /* only for DNS */
+                if (is_dns && win32_version_info() >= WIN_7)
+                {
+                    argv_printf_cat(&argv, "%s", "validate=no");
+                }
+
                 netsh_command(&argv, 2, M_FATAL);
 
                 ++count;