1. openvpn
  2. Commit f4761dd12ec5eb10a5897ecb7dc427f54a9b0769
Browse code

tun.c: enable using wintun driver under SYSTEM

Commit 6d19775a468 has removed SYSTEM elevation hack,
but introduced regression - inability to use wintun without
interactive service.

Proceed with ring buffers registration even if iservice is unavailable
and display relevant error message.

Trac: #1318

Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Selva Nair <selva.nair@gmail.com>
Message-Id: <20200819070746.197-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg20780.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit ed47c097db63f8334f32bf9482da488928ff909b)

Lev Stipakov authored on 2020/08/19 16:07:46
Showing 1 changed files
src/openvpn/tun.c
History View file @ f4761dd
... ... 
@@ -6158,12 +6158,32 @@ wintun_register_ring_buffer(struct tuntap *tt, const char *device_guid)
6158 6158 
     }
6159 6159 
     else
6160 6160 
     {
6161 
-        msg(M_FATAL, "ERROR:  Wintun requires SYSTEM privileges and therefore "
6162 
-                     "should be used with interactive service. If you want to "
6163 
-                     "use openvpn from command line, you need to do SYSTEM "
6164 
-                     "elevation yourself (for example with psexec).");
6165 
-    }
6161 
+        if (!register_ring_buffers(tt->hand,
6162 
+                                   tt->wintun_send_ring,
6163 
+                                   tt->wintun_receive_ring,
6164 
+                                   tt->rw_handle.read,
6165 
+                                   tt->rw_handle.write))
6166 
+        {
6167 
+            switch (GetLastError())
6168 
+            {
6169 
+                case ERROR_ACCESS_DENIED:
6170 
+                    msg(M_FATAL, "ERROR:  Wintun requires SYSTEM privileges and therefore "
6171 
+                                 "should be used with interactive service. If you want to "
6172 
+                                 "use openvpn from command line, you need to do SYSTEM "
6173 
+                                 "elevation yourself (for example with psexec).");
6174 
+                    break;
6175 
+
6176 
+                case ERROR_ALREADY_INITIALIZED:
6177 
+                    msg(M_NONFATAL, "Adapter %s is already in use", device_guid);
6178 
+                    break;
6166 6179
6180 
+                default:
6181 
+                    msg(M_NONFATAL | M_ERRNO, "Failed to register ring buffers");
6182 
+            }
6183 
+            ret = false;
6184 
+        }
6185 
+
6186 
+    }
6167 6187 
     return ret;
6168 6188 
 }
6169 6189