From patchwork Tue Dec 5 01:19:52 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?SmnFmcOtIEVuZ2VsdGhhbGVy?= X-Patchwork-Id: 133 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director2.mail.ord1d.rsapps.net ([172.30.191.6]) by backend31.mail.ord1d.rsapps.net (Dovecot) with LMTP id 44/3JEmTJlpWLQAAgoeIoA for ; Tue, 05 Dec 2017 07:38:33 -0500 Received: from proxy8.mail.ord1d.rsapps.net ([172.30.191.6]) by director2.mail.ord1d.rsapps.net (Dovecot) with LMTP id 8aM4DkmTJlodLwAAgYhSiA ; Tue, 05 Dec 2017 07:38:33 -0500 Received: from smtp19.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy8.mail.ord1d.rsapps.net (Dovecot) with LMTP id 6hYLD0mTJloaWgAAGdz6CA ; Tue, 05 Dec 2017 07:38:33 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.34.181.88] Authentication-Results: smtp19.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.34.181.88"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Classification-ID: 342ce5f6-d9b9-11e7-9dc4-525400d67fa8-1-1 Received: from [216.34.181.88] ([216.34.181.88:15366] helo=lists.sourceforge.net) by smtp19.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 16/2F-27003-843962A5; Tue, 05 Dec 2017 07:38:32 -0500 Received: from localhost ([127.0.0.1] helo=sfs-ml-1.v29.ch3.sourceforge.com) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.89) (envelope-from ) id 1eMCTo-00047z-Om; Tue, 05 Dec 2017 12:37:44 +0000 Received: from sfi-mx-1.v28.ch3.sourceforge.com ([172.29.28.191] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1eMCTm-00047s-TL for openvpn-devel@lists.sourceforge.net; Tue, 05 Dec 2017 12:37:42 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:Content-Type:MIME-Version :Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=KF9bHaVDgAMAEE6e6OuDWt4p+r97xvBLeJCexRnxZMg=; b=TcIeH4nTFhlaFEH3AbQDmBzd/B TbSZsAFzkcSvR8cgwgxkIYT7IvAY0TgcJyXf8A1mdmJRqJ2KQuyspnTRMvTTNYPUViZweREKICjcN NjLDoQ9k7FCBEmKiGyJipCveYRYvJKZURmzTJSqHtYc0cTPwBfwKXLwg2+xmUf2N2mOw=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-Id:Date: Subject:Cc:To:From:Sender:Reply-To:Content-ID:Content-Description:Resent-Date :Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=KF9bHaVDgAMAEE6e6OuDWt4p+r97xvBLeJCexRnxZMg=; b=i OYyLd8YLpO177vB+MfXYRSdab+dU3HcnvewqEsS3wB52KMrD+dUetH1aLS/ytwySm9HGAS9KAn0s3 x1uUGMlKBAGZ+tec5z6dQheqdweYISp2gdQcTUlJoV7uwy2+ysu4wWODhgvCyL+tSlyMPPl+zuZ54 PgDU/z/GFO3cojNI=; Received: from mail.pilsfree.net ([81.201.60.141]) by sfi-mx-1.v28.ch3.sourceforge.com with esmtp (Exim 4.89) id 1eMCTl-0000cw-Ci for openvpn-devel@lists.sourceforge.net; Tue, 05 Dec 2017 12:37:42 +0000 Received: from localhost (localhost [127.0.0.1]) by mail.pilsfree.net (Postfix) with ESMTP id 5073550A628; Tue, 5 Dec 2017 13:19:59 +0100 (CET) X-Spam-Level: X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[ALL_TRUSTED=-1, BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, NML_ADSP_CUSTOM_MED=0.9] autolearn=no autolearn_force=no Received: from mail.pilsfree.net ([127.0.0.1]) by localhost (mail.pilsfree.czf [127.0.0.1]) (amavisd-new, port 10024) with LMTP id I4HEDvr5xm5C; Tue, 5 Dec 2017 13:19:56 +0100 (CET) Received: from nbpl1001.zat.lan (unknown [89.24.52.143]) (Authenticated sender: engy) by mail.pilsfree.net (Postfix) with ESMTPA id 226A450A5AE; Tue, 5 Dec 2017 13:19:52 +0100 (CET) From: =?utf-8?b?SmnFmcOtIEVuZ2VsdGhhbGVy?= To: openvpn-devel@lists.sourceforge.net Date: Tue, 5 Dec 2017 13:19:52 +0100 Message-Id: <20171205121952.13008-1-EngyCZ@gmail.com> X-Mailer: git-send-email 2.14.2.windows.3 MIME-Version: 1.0 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (engycz[at]gmail.com) -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [81.201.60.141 listed in list.dnswl.org] 0.0 DKIM_ADSP_CUSTOM_MED No valid author signature, adsp_override is CUSTOM_MED 1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) 1.2 NML_ADSP_CUSTOM_MED ADSP custom_med hit, and not from a mailing list X-Headers-End: 1eMCTl-0000cw-Ci Subject: [Openvpn-devel] [PATCH] Add a warning for disabled DHCP media sense on Window X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox When DHCP media sense configuration is disabled, network applications including DHCP client will not receive information about link status changes and the link seems to be always connected. This lead to the non-renewal DHCP address on OpenVPN connect. DHCP media sense status can by shown with command "netsh interface ipv4 show global" There are several reports of problems with DHCP address renewal. https://community.openvpn.net/openvpn/ticket/665 https://community.openvpn.net/openvpn/ticket/807 Added checking of disabled DHCP media sense and print a warning with forced dhcp-renew option and suggestion to enable DHCP media sense. Signed-off-by: Jiří Engelthaler Signed-off-by: Jiří Engelthaler --- src/openvpn/tun.c | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 25831ce3..35811975 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -62,6 +62,8 @@ #define NI_IP_NETMASK (1<<1) #define NI_OPTIONS (1<<2) +#define TCPIP_PARAMS "SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters" + static void netsh_ifconfig(const struct tuntap_options *to, const char *flex_name, const in_addr_t ip, @@ -3827,6 +3829,56 @@ get_panel_reg(struct gc_arena *gc) return first; } +/* + * Return DhcpMediaSense enabled value + */ +static bool +get_dhcp_media_sense(void) +{ + HKEY tcpip_params; + LONG status; + DWORD len; + char disable_dhcp_media_sense_string[] = "DisableDHCPMediaSense"; + DWORD disable_dhcp_media_sense; + DWORD data_type; + bool ret_value = true; + + status = RegOpenKeyEx( + HKEY_LOCAL_MACHINE, + TCPIP_PARAMS, + 0, + KEY_READ, + &tcpip_params); + + if (status != ERROR_SUCCESS) + { + msg(M_WARN, "Error opening registry key: %s", TCPIP_PARAMS); + } + else + { + len = sizeof(disable_dhcp_media_sense); + status = RegQueryValueEx( + tcpip_params, + disable_dhcp_media_sense_string, + NULL, + &data_type, + (PBYTE)&disable_dhcp_media_sense, + &len); + + if (status == ERROR_SUCCESS && data_type == REG_DWORD) + { + if (disable_dhcp_media_sense != 0) + { + ret_value = false; + } + } + + RegCloseKey(tcpip_params); + } + + return ret_value; +} + /* * Check that two addresses are part of the same 255.255.255.252 subnet. */ @@ -5901,6 +5953,13 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun { uint32_t ep[4]; + /* Check DHCP media sense value */ + if (!tt->options.dhcp_renew && !get_dhcp_media_sense()) + { + msg(M_WARN, "WARNING: DHCP media sense disabled, dhcp_renew option forced. You can enable media sense with \"netsh interface ipv4 set global dhcpmediasense=enabled\" shell command"); + tt->options.dhcp_renew = true; + } + /* We will answer DHCP requests with a reply to set IP/subnet to these values */ ep[0] = htonl(tt->local); ep[1] = htonl(tt->adapter_netmask);