From 7df2a8530b1b93100b6008931f0b241c1670ea5a Mon Sep 17 00:00:00 2001 From: Lev Stipakov Date: Fri, 29 Sep 2023 13:58:09 +0200 Subject: [PATCH 1/2] Win: workaround for transient 0.0.0.0/0 When setting IP address with "gateway" option, Windows by some reasons creates 0.0.0.0/0 route which we later remove. However for a few seconds while this route exists it might interfer with routing. To work around that, we initially set tun interface metric to very high, which makes Windows create a rougue route with high metric. After a few seconds we delete that route and set metric to a lowest value. Fixes https://github.com/OpenVPN/openvpn3/issues/281 Signed-off-by: Lev Stipakov --- openvpn/tun/win/client/tunsetup.hpp | 26 +++++++++++++++++--------- 1 file changed, 17 insertions(+), 9 deletions(-) diff --git a/openvpn/tun/win/client/tunsetup.hpp b/openvpn/tun/win/client/tunsetup.hpp index e3543a02c..e05667a1d 100644 --- a/openvpn/tun/win/client/tunsetup.hpp +++ b/openvpn/tun/win/client/tunsetup.hpp @@ -401,8 +401,9 @@ class Setup : public SetupBase // Process ifconfig and topology if (!l2_post) { - // set lowest interface metric to make Windows use pushed DNS search domain - create.add(new WinCmd("netsh interface ip set interface " + tap_index_name + " metric=1")); + // set high metric on interface so that rogue route which Windows creates (0.0.0.0/0) + // won't affect anything + create.add(new WinCmd("netsh interface ip set interface " + tap_index_name + " metric=9000")); const std::string metric = route_metric_opt(pull, *local4, MT_IFACE); const std::string netmask = IPv4::Addr::netmask_from_prefix_len(local4->prefix_length).to_string(); @@ -421,15 +422,22 @@ class Setup : public SetupBase // specifying 'gateway' when setting ip address makes Windows add unnecessary route 0.0.0.0/0, // which might cause routing conflicts, so we have to delete it after a small delay. // If route is deleted before profile is created, then profile won't be created at all (OVPN-135) - WinCmd::Ptr cmd = new WinCmd("netsh interface ip delete route 0.0.0.0/0 " + tap_index_name + ' ' + local4->gateway + " store=active"); + WinCmd::Ptr cmd_delroute = new WinCmd("netsh interface ip delete route 0.0.0.0/0 " + tap_index_name + ' ' + local4->gateway + " store=active"); + + // set lowest interface metric to make Windows use pushed DNS search domain + WinCmd::Ptr cmd_setmetric = new WinCmd("netsh interface ip set interface " + tap_index_name + " metric=1"); + delete_route_timer.expires_after(Time::Duration::seconds(5)); - delete_route_timer.async_wait([self = Ptr(this), cmd = std::move(cmd)](const openvpn_io::error_code &error) + delete_route_timer.async_wait([self = Ptr(this), + cmd_delroute = std::move(cmd_delroute), + cmd_setmetric = std::move(cmd_setmetric)](const openvpn_io::error_code &error) { - if (!error) - { - std::ostringstream os; - cmd->execute(os); - } }); + if (!error) + { + std::ostringstream os; + cmd_delroute->execute(os); + cmd_setmetric->execute(os); + } }); } } From 7b145649c713a7ee42e3d64b08817f9c80962fb1 Mon Sep 17 00:00:00 2001 From: David Sommerseth Date: Wed, 8 Nov 2023 12:59:24 +0100 Subject: [PATCH 2/2] Release: OpenVPN 3 Core Library, version 3.8.3 Signed-off-by: David Sommerseth --- openvpn/common/version.hpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openvpn/common/version.hpp b/openvpn/common/version.hpp index 8a06ceb22..c9093fee0 100644 --- a/openvpn/common/version.hpp +++ b/openvpn/common/version.hpp @@ -24,5 +24,5 @@ #pragma once #ifndef OPENVPN_VERSION -#define OPENVPN_VERSION "3.8.2" +#define OPENVPN_VERSION "3.8.3" #endif