wintun: add --windows-driver config option

This allows to specify which tun driver openvpn should use,
tap-windows6 (default) or wintun.

Note than wintun support will be added in follow-up patches.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Simon Rozman <simon@rozman.si>
Message-Id: <1573234655-905-1-git-send-email-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg19046.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/doc/openvpn.8 b/doc/openvpn.8
index f58a3ccc683907622eded427014881ce6017f34c..457c2667fa7fa38b5203ce38f14b57076f20496f 100644 (file)
--- a/doc/openvpn.8
+++ b/doc/openvpn.8
@@ -6245,6 +6245,14 @@ Note that pushing unknown options from server does not trigger
 fatal errors.
 .\"*********************************************************
 .TP
+.B \-\-windows\-driver
+Specifies which tun driver to use. Values are
+.B tap-windows6
+(default) and
+.B wintun.
+This is Windows-only option.
+.\"*********************************************************
+.TP
 .B \-\-dhcp\-renew
 Ask Windows to renew the TAP adapter lease on startup.
 This option is normally unnecessary, as Windows automatically

diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index ae7bd639b57c91941849298d01ffae28e0f7c549..0bdb0a9ce3b885b67aa8931e7c445d59bc103dd8 100644 (file)
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -1733,6 +1733,10 @@ do_init_tun(struct context *c)
                             c->c2.es,
                             &c->net_ctx);
 
+#ifdef _WIN32
+    c->c1.tuntap->wintun = c->options.wintun;
+#endif
+
     init_tun_post(c->c1.tuntap,
                   &c->c2.frame,
                   &c->options.tuntap_options);

diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index d9e8257dfd6589c567f5759c96f4474ac0dfff9d..c282b582e109baf77736214939f0ff24dbbbf149 100644 (file)
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -748,9 +748,10 @@ static const char usage_message[] =
     "                       optional parameter controls the initial state of ex.\n"
     "--show-net-up   : Show " PACKAGE_NAME "'s view of routing table and net adapter list\n"
     "                  after TAP adapter is up and routes have been added.\n"
-#ifdef _WIN32
+    "--windows-driver   : Which tun driver to use?\n"
+    "                     tap-windows6 (default)\n"
+    "                     wintun\n"
     "--block-outside-dns   : Block DNS on other network adapters to prevent DNS leaks\n"
-#endif
     "Windows Standalone Options:\n"
     "\n"
     "--show-adapters : Show all TAP-Windows adapters.\n"
@@ -852,6 +853,7 @@ init_options(struct options *o, const bool init_gc)
     o->tuntap_options.dhcp_masq_offset = 0;     /* use network address as internal DHCP server address */
     o->route_method = ROUTE_METHOD_ADAPTIVE;
     o->block_outside_dns = false;
+    o->wintun = false;
 #endif
     o->vlan_accept = VLAN_ALL;
     o->vlan_pvid = 1;
@@ -3003,6 +3005,12 @@ options_postprocess_mutate_invariant(struct options *options)
         options->ifconfig_noexec = false;
     }
 
+    /* for wintun kernel doesn't send DHCP requests, so use ipapi to set IP address and netmask */
+    if (options->wintun)
+    {
+        options->tuntap_options.ip_win32_type = IPW32_SET_IPAPI;
+    }
+
     remap_redirect_gateway_flags(options);
 #endif
 
@@ -4048,6 +4056,33 @@ foreign_option(struct options *o, char *argv[], int len, struct env_set *es)
     }
 }
 
+#ifdef _WIN32
+/**
+ * Parses --windows-driver config option
+ *
+ * @param str       value of --windows-driver option
+ * @param msglevel  msglevel to report parsing error
+ * @return bool     true if --windows-driver is wintun, false otherwise
+ */
+static bool
+parse_windows_driver(const char *str, const int msglevel)
+{
+    if (streq(str, "tap-windows6"))
+    {
+        return false;
+    }
+    else if (streq(str, "wintun"))
+    {
+        return true;
+    }
+    else
+    {
+        msg(msglevel, "--windows-driver must be tap-windows6 or wintun");
+        return false;
+    }
+}
+#endif
+
 /*
  * parse/print topology coding
  */
@@ -5290,6 +5325,13 @@ add_option(struct options *options,
         VERIFY_PERMISSION(OPT_P_GENERAL);
         options->dev_type = p[1];
     }
+#ifdef _WIN32
+    else if (streq(p[0], "windows-driver") && p[1] && !p[2])
+    {
+        VERIFY_PERMISSION(OPT_P_GENERAL);
+        options->wintun = parse_windows_driver(p[1], M_FATAL);
+    }
+#endif
     else if (streq(p[0], "dev-node") && p[1] && !p[2])
     {
         VERIFY_PERMISSION(OPT_P_GENERAL);

diff --git a/src/openvpn/options.h b/src/openvpn/options.h
index 288c905bdb5734143e1721be64e44c457a09777a..7fd2c00f3377e614b6f487ce691a6aedfee2d1dc 100644 (file)
--- a/src/openvpn/options.h
+++ b/src/openvpn/options.h
@@ -634,6 +634,7 @@ struct options
     bool show_net_up;
     int route_method;
     bool block_outside_dns;
+    bool wintun;
 #endif
 
     bool use_peer_id;

diff --git a/src/openvpn/tun.h b/src/openvpn/tun.h
index 5a0a9331f28d0a3c07140eb204abac886ef82d1c..df935f605246fa2266cb59798740a4ac05b3c27b 100644 (file)
--- a/src/openvpn/tun.h
+++ b/src/openvpn/tun.h
@@ -175,6 +175,7 @@ struct tuntap
      * ~0 if undefined */
     DWORD adapter_index;
 
+    bool wintun; /* true if wintun is used instead of tap-windows6 */
     int standby_iter;
 #else  /* ifdef _WIN32 */
     int fd; /* file descriptor for TUN/TAP dev */