With NRPT the adapter name server configuration is not needed
theoretically. However DNS config is not showing with traditional
tools like ipconfig if they are left out. More importantly if
there are no DNS servers configured for an adapter the adapter
specific search domains are not recognized by the Windows resolver.
However, adding the servers to the adapter has the side effect, that
general look-ups are now also done using this adapter, which might
come as unexpected and yield wrong results, if there is some trickery
happening with the default DNS, for example.
As a workaround, set the adapter DNS only when strictly needed.
Github: OpenVPN/openvpn#473
Change-Id: I6debe8bbedd5a08da417bfee1243a43ef6df7980
Signed-off-by: Heiko Hund <heiko@ist.eigentlich.net>
Acked-by: Selva Nair <selva.nair@gmail.com>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1429
Message-Id: <
20251210072951.25753-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34968.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
goto out;
}
- /* Set name servers */
- err = SetNameServerAddresses(iid, msg->addresses);
- if (err)
+ /*
+ * Set DNS on the adapter for search domains to be considered.
+ * If split DNS is configured, do this only when search domains
+ * are given, so that look-ups for other domains do not go over
+ * the VPN all the time.
+ */
+ if (msg->search_domains[0] || !msg->resolve_domains[0])
{
- goto out;
+ err = SetNameServerAddresses(iid, msg->addresses);
+ if (err)
+ {
+ goto out;
+ }
}
/* Set search domains, if any */
projects / thirdparty / openvpn.git / commitdiff
