From patchwork Mon Mar 9 22:48:21 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Rozman X-Patchwork-Id: 1033 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director11.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id +ISWI0FmZ17wTgAAIUCqbw for ; Tue, 10 Mar 2020 06:04:49 -0400 Received: from proxy15.mail.ord1d.rsapps.net ([172.30.191.6]) by director11.mail.ord1d.rsapps.net with LMTP id AN6AI0FmZ17pYAAAvGGmqA ; Tue, 10 Mar 2020 06:04:49 -0400 Received: from smtp4.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy15.mail.ord1d.rsapps.net with LMTP id eAqsIUFmZ17FdwAAAY1PeQ ; Tue, 10 Mar 2020 06:04:49 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp4.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=rozman.si; dmarc=fail (p=none; dis=none) header.from=rozman.si X-Suspicious-Flag: YES X-Classification-ID: 932ce97e-62b6-11ea-92f8-525400760ffc-1-1 Received: from [216.105.38.7] ([216.105.38.7:38104] helo=lists.sourceforge.net) by smtp4.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 23/3D-13746-046676E5; Tue, 10 Mar 2020 06:04:48 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1jBbk2-0006Lj-As; Tue, 10 Mar 2020 10:04:02 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jBbk1-0006LW-IR for openvpn-devel@lists.sourceforge.net; Tue, 10 Mar 2020 10:04:01 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=Ea0gcefGpLqqlbozbMF5AG5aTA/5h2LmMUUZ8kKPYPM=; b=PfbHT7dcmGpbMZzhATPfR6En85 F3RxWHW9p+PlzmOweA307LIIwZC8SvhlAsHTyFyE1O4PJjNd5sIhlcm1IbNsFo4tuISmhdw4iL6zB Hep63ikg7e8kdTxEkZ9BDXjIFj5EnWRa2z2TgZWusJaBOvjHAAxU6EIrAKz2We5KLTE8=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=Ea0gcefGpLqqlbozbMF5AG5aTA/5h2LmMUUZ8kKPYPM=; b=Y wG2Y0hSSWKvMTHNsAyZjDuTvJkMkZ6JvjL9gTn12+/OFzIzd60KM6ILIgdxbQ6TpEkxevYmKJyDc0 0euo9GfnbV4dV8JDx2NONYKZTCOUyc+Sdbuq9HCb3A7sw1Xgfuykwt5qSclmz9VkBcQJ8pV9gW5Qw vsYLyqZezyKKbpho=; Received: from pub5.amebis.si ([213.250.55.21]) by sfi-mx-4.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1jBbjx-007W5x-PA for openvpn-devel@lists.sourceforge.net; Tue, 10 Mar 2020 10:04:01 +0000 Received: by pub5.amebis.si (Postfix, from userid 1000) id AC5731002FB5; Tue, 10 Mar 2020 11:03:43 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rozman.si; s=default; t=1583834623; bh=Ea0gcefGpLqqlbozbMF5AG5aTA/5h2LmMUUZ8kKPYPM=; h=From:To:Cc:Subject:Date:From; b=Kd+MP2vhFDVOHuAjlYXLY/TK4x/vGLg30TlSuVbw495Haeb/c+pbio52wUDhyYfx2 iIyyN9lUPHwFgZR88RTsUGhr4WFITVDkKFLecgmi/oiy5hve9GNVMZMzOQJxdgTU/5 tVOhWE6StcfHOSPW0lxoqxOdJ+sWClzqZ6HKgwfQ= X-Spam-Checker-Version: SpamAssassin 3.4.3 (2019-12-06) on brana.amebis.doma X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.3 Received: from SR6.amebis.doma (unknown [IPv6:2a00:ee2:209:164:9d4:142e:b222:827d]) by pub5.amebis.si (Postfix) with ESMTP id C1D351002F87; Tue, 10 Mar 2020 11:03:40 +0100 (CET) From: Simon Rozman To: openvpn-devel@lists.sourceforge.net Date: Tue, 10 Mar 2020 10:48:21 +0100 Message-Id: <20200310094822.588-1-simon@rozman.si> X-Mailer: git-send-email 2.24.1.windows.2 MIME-Version: 1.0 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: rozman.si] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-Headers-End: 1jBbjx-007W5x-PA Subject: [Openvpn-devel] [PATCH 1/2] tun.c: reorder IPv6 ifconfig on Windows X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox The IPv6 interface network route should be setup as soon as possible after the interface address is set. Actually, all routes should be added before DNS servers are configured. This would allow Windows to validate DNS servers properly instead of shutting the validation off. The cleanup order has been changed to match reverse order of ifconfig. An additional check was added to skip the cleanup when --ip-win32 is set to manual. Signed-off-by: Simon Rozman Acked-by: Lev Stipakov --- src/openvpn/tun.c | 51 +++++++++++++++++++++++++---------------------- 1 file changed, 27 insertions(+), 24 deletions(-) diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 1f848d24..42193d97 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1016,6 +1016,7 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, else if (tt->options.msg_channel) { do_address_service(true, AF_INET6, tt); + add_route_connected_v6_net(tt, es); do_dns_service(true, AF_INET6, tt); } else @@ -1031,15 +1032,10 @@ do_ifconfig_ipv6(struct tuntap *tt, const char *ifname, int tun_mtu, get_win_sys_path(), NETSH_PATH_SUFFIX, iface, ifconfig_ipv6_local); netsh_command(&argv, 4, M_FATAL); + add_route_connected_v6_net(tt, es); /* set ipv6 dns servers if any are specified */ netsh_set_dns6_servers(tt->options.dns6, tt->options.dns6_len, ifname); } - - /* explicit route needed */ - if (tt->options.ip_win32_type != IPW32_SET_MANUAL) - { - add_route_connected_v6_net(tt, es); - } #else /* platforms we have no IPv6 code for */ msg(M_FATAL, "Sorry, but I don't know how to do IPv6 'ifconfig' commands on this operating system. You should ifconfig your TUN/TAP device manually or use an --up script."); #endif /* outer "if defined(TARGET_xxx)" conditional */ @@ -6467,6 +6463,24 @@ netsh_delete_address_dns(const struct tuntap *tt, bool ipv6, struct gc_arena *gc const char *ifconfig_ip_local; struct argv argv = argv_new(); + /* delete ipvX dns servers if any were set */ + int len = ipv6 ? tt->options.dns6_len : tt->options.dns_len; + if (len > 0) + { + argv_printf(&argv, + "%s%s interface %s delete dns %s all", + get_win_sys_path(), + NETSH_PATH_SUFFIX, + ipv6 ? "ipv6" : "ipv4", + tt->actual_name); + netsh_command(&argv, 1, M_WARN); + } + + if (ipv6) + { + delete_route_connected_v6_net(tt, NULL); + } + /* "store=active" is needed in Windows 8(.1) to delete the * address we added (pointed out by Cedric Tabary). */ @@ -6487,21 +6501,8 @@ netsh_delete_address_dns(const struct tuntap *tt, bool ipv6, struct gc_arena *gc ipv6 ? "ipv6" : "ipv4", tt->actual_name, ifconfig_ip_local); - netsh_command(&argv, 1, M_WARN); - /* delete ipvX dns servers if any were set */ - int len = ipv6 ? tt->options.dns6_len : tt->options.dns_len; - if (len > 0) - { - argv_printf(&argv, - "%s%s interface %s delete dns %s all", - get_win_sys_path(), - NETSH_PATH_SUFFIX, - ipv6 ? "ipv6" : "ipv4", - tt->actual_name); - netsh_command(&argv, 1, M_WARN); - } argv_free(&argv); } @@ -6514,16 +6515,18 @@ close_tun(struct tuntap *tt, openvpn_net_ctx_t *ctx) if (tt->did_ifconfig_ipv6_setup) { - /* remove route pointing to interface */ - delete_route_connected_v6_net(tt, NULL); - - if (tt->options.msg_channel) + if (tt->options.ip_win32_type == IPW32_SET_MANUAL) + { + /* We didn't do ifconfig. */ + } + else if (tt->options.msg_channel) { - do_address_service(false, AF_INET6, tt); if (tt->options.dns6_len > 0) { do_dns_service(false, AF_INET6, tt); } + delete_route_connected_v6_net(tt, NULL); + do_address_service(false, AF_INET6, tt); } else { From patchwork Mon Mar 9 22:48:22 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Rozman X-Patchwork-Id: 1034 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director9.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id IJBxFUJmZ17wTgAAIUCqbw for ; Tue, 10 Mar 2020 06:04:50 -0400 Received: from proxy16.mail.ord1d.rsapps.net ([172.30.191.6]) by director9.mail.ord1d.rsapps.net with LMTP id cHdsFUJmZ158aQAAalYnBA ; Tue, 10 Mar 2020 06:04:50 -0400 Received: from smtp18.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy16.mail.ord1d.rsapps.net with LMTP id UCVJFEJmZ17LFwAAetu3IA ; Tue, 10 Mar 2020 06:04:50 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp18.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=rozman.si; dmarc=fail (p=none; dis=none) header.from=rozman.si X-Suspicious-Flag: YES X-Classification-ID: 9371942a-62b6-11ea-ad1f-5254005167a7-1-1 Received: from [216.105.38.7] ([216.105.38.7:38114] helo=lists.sourceforge.net) by smtp18.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 83/E6-21707-146676E5; Tue, 10 Mar 2020 06:04:49 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1jBbk1-0006LA-2j; Tue, 10 Mar 2020 10:04:01 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jBbjx-0006L1-E4 for openvpn-devel@lists.sourceforge.net; Tue, 10 Mar 2020 10:03:57 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=3xKeTF1baAQv/aIDUMTeTnZbVfTcjBlspCVjQpX0PDo=; b=LahT+zt1f8SIw6oIIBU1msMzvQ m654osMC8UzXPWX6PuRXGmvLzyYOlcr3LNYTMU+cVlgCy808dIK7EDh8eCdHNZ0Jwm3x4y4WbVvRj aOVx8kcjoP8HXjf3WEGDJn/oKi3DQk2RQr4cHg9EkueCVA9AjBRq7t+HoZpQY2w8zt3s=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=3xKeTF1baAQv/aIDUMTeTnZbVfTcjBlspCVjQpX0PDo=; b=AISXKOidmoX9MkT0rNl7JoHSWd R3sWXMnoGvrVpMWpgPMeynrVlyy2UVjbwCKV5kRXZlTwE7OJLxrjE1ugPC3ZDEBXkGFGHTNnUDcz6 b/R3NPaLWT4FaknbHx1evx6GIOseVWzDdXzLvchzlMx7BUrtL1XQVr9oiJ0yPoTx/bt0=; Received: from pub5.amebis.si ([213.250.55.21]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1jBbju-00EThr-6g for openvpn-devel@lists.sourceforge.net; Tue, 10 Mar 2020 10:03:57 +0000 Received: by pub5.amebis.si (Postfix, from userid 1000) id 42AA11002F87; Tue, 10 Mar 2020 11:03:45 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rozman.si; s=default; t=1583834625; bh=3xKeTF1baAQv/aIDUMTeTnZbVfTcjBlspCVjQpX0PDo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=FsXntVkqi5iqMq3BoHGQ0WVIlP4qj+338WlavTG11hovKIig+0kgdA3W/iK2ciMXN i5bc0wTF6RmyuiGICkVogtwxzhxpNNkaWg2uA4AXo8m7A5UR+EZsPPxjzUYdn64cJ9 MvXLNvMJnWVZr+5JVbTpJ2p/GNjFBGW9icyLb+pA= X-Spam-Checker-Version: SpamAssassin 3.4.3 (2019-12-06) on brana.amebis.doma X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham autolearn_force=no version=3.4.3 Received: from SR6.amebis.doma (unknown [IPv6:2a00:ee2:209:164:9d4:142e:b222:827d]) by pub5.amebis.si (Postfix) with ESMTP id D031A1002F94; Tue, 10 Mar 2020 11:03:40 +0100 (CET) From: Simon Rozman To: openvpn-devel@lists.sourceforge.net Date: Tue, 10 Mar 2020 10:48:22 +0100 Message-Id: <20200310094822.588-2-simon@rozman.si> X-Mailer: git-send-email 2.24.1.windows.2 In-Reply-To: <20200310094822.588-1-simon@rozman.si> References: <20200310094822.588-1-simon@rozman.si> MIME-Version: 1.0 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: rozman.si] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-Headers-End: 1jBbju-00EThr-6g Subject: [Openvpn-devel] [PATCH 2/2] tun.c: revise the IPv4 ifconfig flow on Windows X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox When provisioning IP configuration, we shall not ask what kind of adapter this is. Rather, we should ask what method of provisioning we are configured to use. It is options.c's job to rule out invalid combinations. - do_ifconfig_ipv4(): unify the workflow with its IPv6 counterpart No need to distinguish Wintun and TAP-Windows6 here. This also fixes an issue with --windows-driver wintun overriding --ip-win32 manual, the later being perfectly fine choice for Wintun too. - open_tun() & tuntap_post_open(): unify Wintun and TAP-Windows6 workflow. This allows allows --ip-win32 ipapi now. - close_tun() the cleanup has been revised to match the ifconfig workflow in reverse. Signed-off-by: Simon Rozman --- src/openvpn/tun.c | 127 ++++++++++++++++++++++++---------------------- 1 file changed, 65 insertions(+), 62 deletions(-) diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 42193d97..f7224093 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -1381,34 +1381,29 @@ do_ifconfig_ipv4(struct tuntap *tt, const char *ifname, int tun_mtu, env_set_destroy(aix_es); } #elif defined (_WIN32) - { - ASSERT(ifname != NULL); - - if (tt->options.msg_channel && tt->windows_driver == WINDOWS_DRIVER_WINTUN) - { - do_address_service(true, AF_INET, tt); - do_dns_service(true, AF_INET, tt); - } - else - { - switch (tt->options.ip_win32_type) - { - case IPW32_SET_MANUAL: - msg(M_INFO, - "******** NOTE: Please manually set the IP/netmask of '%s' to %s/%s (if it is not already set)", - ifname, ifconfig_local, - print_in_addr_t(tt->adapter_netmask, 0, &gc)); - break; + ASSERT(ifname != NULL); - case IPW32_SET_NETSH: - netsh_ifconfig(&tt->options, ifname, tt->local, - tt->adapter_netmask, NI_IP_NETMASK|NI_OPTIONS); - - break; - } - } + if (tt->options.ip_win32_type == IPW32_SET_MANUAL) + { + msg(M_INFO, + "******** NOTE: Please manually set the IP/netmask of '%s' to %s/%s (if it is not already set)", + ifname, ifconfig_local, + print_in_addr_t(tt->adapter_netmask, 0, &gc)); + } + else if (tt->options.ip_win32_type == IPW32_SET_DHCP_MASQ || tt->options.ip_win32_type == IPW32_SET_ADAPTIVE) + { + /* Let the DHCP configure the interface. */ + } + else if (tt->options.msg_channel) + { + do_address_service(true, AF_INET, tt); + do_dns_service(true, AF_INET, tt); + } + else if (tt->options.ip_win32_type == IPW32_SET_NETSH) + { + netsh_ifconfig(&tt->options, ifname, tt->local, + tt->adapter_netmask, NI_IP_NETMASK|NI_OPTIONS); } - #else /* if defined(TARGET_LINUX) */ msg(M_FATAL, "Sorry, but I don't know how to do 'ifconfig' commands on this operating system. You should ifconfig your TUN/TAP device manually or use an --up script."); #endif /* if defined(TARGET_LINUX) */ @@ -6357,36 +6352,39 @@ tuntap_post_open(struct tuntap *tt, const char *device_guid) bool dhcp_masq = false; bool dhcp_masq_post = false; - /* get driver version info */ - tuntap_get_version_info(tt); + if (tt->windows_driver == WINDOWS_DRIVER_TAP_WINDOWS6) + { + /* get driver version info */ + tuntap_get_version_info(tt); - /* get driver MTU */ - tuntap_get_mtu(tt); + /* get driver MTU */ + tuntap_get_mtu(tt); - /* - * Preliminaries for setting TAP-Windows adapter TCP/IP - * properties via --ip-win32 dynamic or --ip-win32 adaptive. - */ - if (tt->did_ifconfig_setup) - { - tuntap_set_ip_props(tt, &dhcp_masq, &dhcp_masq_post); - } + /* + * Preliminaries for setting TAP-Windows adapter TCP/IP + * properties via --ip-win32 dynamic or --ip-win32 adaptive. + */ + if (tt->did_ifconfig_setup) + { + tuntap_set_ip_props(tt, &dhcp_masq, &dhcp_masq_post); + } - /* set point-to-point mode if TUN device */ - if (tt->type == DEV_TYPE_TUN) - { - tuntap_set_ptp(tt); - } + /* set point-to-point mode if TUN device */ + if (tt->type == DEV_TYPE_TUN) + { + tuntap_set_ptp(tt); + } - /* should we tell the TAP-Windows driver to masquerade as a DHCP server as a means - * of setting the adapter address? */ - if (dhcp_masq) - { - tuntap_dhcp_mask(tt, device_guid); - } + /* should we tell the TAP-Windows driver to masquerade as a DHCP server as a means + * of setting the adapter address? */ + if (dhcp_masq) + { + tuntap_dhcp_mask(tt, device_guid); + } - /* set driver media status to 'connected' */ - tuntap_set_connected(tt); + /* set driver media status to 'connected' */ + tuntap_set_connected(tt); + } /* possibly use IP Helper API to set IP address on adapter */ tuntap_set_ip_addr(tt, device_guid, dhcp_masq_post); @@ -6413,10 +6411,7 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun tun_open_device(tt, dev_node, &device_guid); - if (tt->windows_driver == WINDOWS_DRIVER_TAP_WINDOWS6) - { - tuntap_post_open(tt, device_guid); - } + tuntap_post_open(tt, device_guid); /*netcmd_semaphore_release ();*/ } @@ -6533,20 +6528,29 @@ close_tun(struct tuntap *tt, openvpn_net_ctx_t *ctx) netsh_delete_address_dns(tt, true, &gc); } } -#if 1 - if (tt->windows_driver == WINDOWS_DRIVER_WINTUN) + + if (tt->did_ifconfig_setup) { - if (tt->options.msg_channel) + if (tt->options.ip_win32_type == IPW32_SET_MANUAL) + { + /* We didn't do ifconfig. */ + } + else if (tt->options.ip_win32_type == IPW32_SET_DHCP_MASQ || tt->options.ip_win32_type == IPW32_SET_ADAPTIVE) + { + /* We don't have to clean the configuration with DHCP. */ + } + else if (tt->options.msg_channel) { - do_address_service(false, AF_INET, tt); do_dns_service(false, AF_INET, tt); + do_address_service(false, AF_INET, tt); } - else + else if (tt->options.ip_win32_type == IPW32_SET_NETSH) { netsh_delete_address_dns(tt, false, &gc); } } - else if (tt->ipapi_context_defined) + + if (tt->ipapi_context_defined) { DWORD status; if ((status = DeleteIPAddress(tt->ipapi_context)) != NO_ERROR) @@ -6557,7 +6561,6 @@ close_tun(struct tuntap *tt, openvpn_net_ctx_t *ctx) strerror_win32(status, &gc)); } } -#endif /* if 1 */ dhcp_release(tt);