This allows to run openvpn under normal user account,
in which case ring buffers registration is performed
by a separate privileged process.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Implemented according to Wintun documentation
and reference client code.
For send and receive ring, client allocates buffer,
creates event and passes it to Wintun under LocalSystem
privileges. When data is availabe for read, Wintun
moves tail pointer of send ring and signals via
send ring's event. To write, client writes to tail
pointer of receive ring and signals via receive ring's event.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
This also removes unittest.vcxproj from solution, since
it is deprecated in favor of CMake-based unit tests.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
This introduces experimental support for Wintun
as an alternative for tap-windows6.
In order to use wintun, set "ClientAPI::Config::wintun"
flag to "true" or use "-w" option in test client.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
The asio upgrade of 0.1.13 brought us over the limit of 65k
entitities in a single compilation unit. /bigobj allows more
methods
The ovpn3-core.vcxproj already uses this flag
When receiving packed from tun which size exceeds
mssfix value minus encap overhead, send ICMP
"destination unreachable" / "fragmentation needed"
(for IPv4) or "packet too big" (for IPv6) response.
This is required for non-TCP based protocols, since
for TCP we alter MSS in SYN segments.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Adds mssfix support including optional
transport overhead. Some code has been ported
from openvpn2.
mssfix sets MSS option in TCP SYN to
a calculated value which guarantees that
size of UDP/TCP packet (which may or may not
include headers, see below) encapsulating
TCP segments won't exceed mssfix value.
If mssfix is used with optional "mtu" parameter,
then IP and UDP/TCP headers are also taken into account.
It is set in config like this:
mssfix 1300 mtu
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Set proxy settings in registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
If process is running under SYSTEM account, we impersonate to
logged-in user to access HKEY_CURRENT_USER.
After modifying proxy setting we need to tell Windows to refresh those,
we do it if process is running under user account. Unfortunately WinInet API
we use is not available for services, even with impersonation, so
user application should take care of refreshing settings.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
This requires following environment variables defined:
OVPN3_BUILD - path where dependencies are build (BUILD in parms.py)
OVPN3_CORE - path where ovpn3-core was checked out (OVPN3 in parms.py)
OVPN3_TAP_WINDOWS - path where tap-windows was checked out (TAP in parms.py)
OVPN3-18
Signed-off-by: Lev Stipakov <lev@openvpn.net>