From a2c4d2f5e73370fff18f0013a96c2f9a5005b3a2 Mon Sep 17 00:00:00 2001 From: Daniel Lenski Date: Wed, 31 Mar 2021 17:21:41 -0700 Subject: [PATCH] Don't set Legacy IP address on Windows tunnel interface within OpenConnect itself The pre-existing Windows routing connection script (vpnc-script-win.js) was not able to reliably set the Legacy IP address of the tunnel interface, so we've been setting it in OpenConnect itself since 60d1f092e35f05217f1c96823c4f1b86c7915bbd. As of https://gitlab.com/openconnect/vpnc-scripts/-/merge_requests/26, we've got vpnc-script-win.js setting the Legacy IP address correctly, and IPv6 as well. We should leave this as the script's responsibility for cross-platform consistency. Signed-off-by: Daniel Lenski --- wintun.c | 44 -------------------------------------------- 1 file changed, 44 deletions(-) diff --git a/wintun.c b/wintun.c index f575e594..78b48084 100644 --- a/wintun.c +++ b/wintun.c @@ -140,50 +140,6 @@ intptr_t open_wintun(struct openconnect_info *vpninfo, char *guid, wchar_t *wnam } } - if (vpninfo->ip_info.addr) { - /* - * For now, vpnc-script-win.js depends on us setting the Legacy IP - * address on the interface. Which of course assumes there *is* a - * Legacy IP configuration not just IPv6. This is kind of horrid - * but stay compatible with it for now. In order to set the address - * up, we may first need to *remove* it from any other interface - * that has it, even if the other interface is down. Testing with - * a TAP-Windows interface and then Wintun was failing until I made - * it explicitly delete the IP address first. The later call to - * CreateUnicastIpAddressEntry() was apparently succeeding, but - * wasn't changing anything. Yay Windows! - */ - MIB_UNICASTIPADDRESS_ROW AddressRow; - InitializeUnicastIpAddressEntry(&AddressRow); - WintunGetAdapterLUID(vpninfo->wintun_adapter, &AddressRow.InterfaceLuid); - AddressRow.Address.Ipv4.sin_family = AF_INET; - AddressRow.Address.Ipv4.sin_addr.S_un.S_addr = htonl(inet_addr(vpninfo->ip_info.addr)); - AddressRow.OnLinkPrefixLength = 32; - - PMIB_UNICASTIPADDRESS_TABLE pipTable = NULL; - DWORD LastError = GetUnicastIpAddressTable(AF_INET, &pipTable); - if (LastError == ERROR_SUCCESS) { - for (int i = 0; i < pipTable->NumEntries; i++) { - if (pipTable->Table[i].Address.Ipv4.sin_addr.S_un.S_addr == - AddressRow.Address.Ipv4.sin_addr.S_un.S_addr) { - DeleteUnicastIpAddressEntry(&pipTable->Table[i]); - } - } - } - - LastError = CreateUnicastIpAddressEntry(&AddressRow); - if (LastError != ERROR_SUCCESS) { - char *errstr = openconnect__win32_strerror(GetLastError()); - vpn_progress(vpninfo, PRG_ERR, - _("Failed to set Legacy IP address on Wintun: %s\n"), - errstr); - free(errstr); - - ret = OPEN_TUN_HARDFAIL; - goto out; - } - } - vpninfo->wintun_session = WintunStartSession(vpninfo->wintun_adapter, 0x400000); if (!vpninfo->wintun_session) { char *errstr = openconnect__win32_strerror(GetLastError()); -- 2.50.1