Menu
▾
▴
openvpn-devel
|
From: Jonathan K. B. <jkb...@gm...> - 2013-06-27 01:07:16
|
On Fri, Jun 21, 2013 at 6:48 AM, Arne Schwabe <ar...@rf...> wrote: > Mac OS X 10.7+ natively supports tun devices (called utun). The "standard" utun.ko driver is sometimes problematic (e.g. VmWare Fusion 5 and tun.ko do not work together). > > When OpenVPN is compiled with utun support it will if no dev-node is given first try to use utun and if that is not available will try the traditional tun devices > > v2: Fixed tap support, get device name via ioctl, add manage > v3.1: Fix compiling without if/utun.h, fix manage errors > v4/v5: Don't try open to dynamically open utun0 -255 when early utun initialization fails, fix fallback to tun, give fatal error message when utun fails but no tun fallback should be done > v6: add commit message change log, replace strstr with strncmp, move #includes to the top of the file > v7: Throw error if a user does the strange combination of --dev tun --dev-type tap and --dev-node utun v7 works on 10.4 through 10.9, tested several different situations on each. I didn't test it on an actual tap connection, but all the tun/utun connections I tried worked, and the fallback to tun on 10.4 and 10.5 worked, and the misconfiguration of "--dev tun --dev-type tap --dev-node utun" was caught. This looks good to me, for either 2.3.x (because it will fix problems people have with tuntaposx) or 2.4 (because it is a new feature). Thanks, Arne. |
|
From: Gert D. <ge...@gr...> - 2013-07-03 18:49:21
|
ACK (based on discussion on the patch, feature-ack, and code testing from
Jonathan).
Patch has been applied to the master and release/2.3 branches, with
the usual whitespace fixing :-)
commit fbc04bedbcce02fc625357b7475ddbc7164cabbf (master)
commit bdfd4ee4c0e3bcd46222b8425cea87a4c83bb37c (release/2.3)
Author: Arne Schwabe
Date: Fri Jun 21 12:48:28 2013 +0200
Add support of utun devices under Mac OS X
Signed-off-by: Arne Schwabe <ar...@rf...>
Tested-by: Jonathan K. Bullard <jkb...@gm...>
Acked-by: Gert Doering <ge...@gr...>
Message-Id: <137...@rf...>
URL: http://article.gmane.org/gmane.network.openvpn.devel/7739
Signed-off-by: Gert Doering <ge...@gr...>
--
kind regards,
Gert Doering
|
|
From: Arne S. <ar...@rf...> - 2014-01-23 12:12:26
|
Am 21.06.13 12:48, schrieb Arne Schwabe: > +to select a specific utun instance. To force using the tun.kext (/dev/tunX) use > +.B \-\-dev\-node tun > +. When not specifying a > +.B \-\-dev\-node > +option openvpn will first try to open utun, and fall back to tun.kext. I just noticed that this does not work because man does ignore the line starting with a ".". Does anyone know how to fix this? My attempts of escaping the . were not fruitful. Arne |
|
From: Thomas V. <tho...@wa...> - 2014-01-23 12:36:00
|
-.B \-\-dev\-node tun -. When not specifying a +.B \-\-dev\-node tun\fR. +When not specifying a Should do the trick. -- Thomas On January 23, 2014 at 1:12:41 PM, Arne Schwabe (ar...@rf...) wrote: Am 21.06.13 12:48, schrieb Arne Schwabe: > +to select a specific utun instance. To force using the tun.kext (/dev/tunX) use > +.B \-\-dev\-node tun > +. When not specifying a > +.B \-\-dev\-node > +option openvpn will first try to open utun, and fall back to tun.kext. I just noticed that this does not work because man does ignore the line starting with a ".". Does anyone know how to fix this? My attempts of escaping the . were not fruitful. Arne ------------------------------------------------------------------------------ CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk _______________________________________________ Openvpn-devel mailing list Ope...@li... https://lists.sourceforge.net/lists/listinfo/openvpn-devel |
|
From: Gert D. <ge...@gr...> - 2013-06-20 17:29:07
|
Hi,
On Thu, Jun 20, 2013 at 04:38:43PM +0200, Arne Schwabe wrote:
> v6: add commit message change log, replace strstr with strncmp, move #includes to the top of the file
>
This looks good to me. It would be great if Jonathan could test this
again to verify that all OSX versions are properly covered (I only have
a limited set to test with), but if that all works, I'm happy to move
it in and ACK it code-wise and feature-wise.
(There's a few more platform cleanups lurking in here, with more sharing
of the read_tun_header()/write_tun_header() functions with other BSDs,
but that's an independent opportunity for improval)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany ge...@gr...
fax: +49-89-35655025 ge...@ne...
|
|
From: Jonathan K. B. <jkb...@gm...> - 2013-06-20 17:44:54
|
On Thu, Jun 20, 2013 at 1:28 PM, Gert Doering <ge...@gr...> wrote: > > Hi, > > On Thu, Jun 20, 2013 at 04:38:43PM +0200, Arne Schwabe wrote: > > v6: add commit message change log, replace strstr with strncmp, move #includes to the top of the file > > > > This looks good to me. It would be great if Jonathan could test this > again to verify that all OSX versions are properly covered (I only have > a limited set to test with), but if that all works, I'm happy to move > it in and ACK it code-wise and feature-wise. I am building now, but it will be a few hours before I can do all the testing. I will report back to this thread. |
|
From: Gert D. <ge...@gr...> - 2013-06-20 17:46:31
|
Hi,
On Thu, Jun 20, 2013 at 01:44:04PM -0400, Jonathan K. Bullard wrote:
> I am building now, but it will be a few hours before I can do all the
> testing. I will report back to this thread.
Cool, thanks in advance!
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany ge...@gr...
fax: +49-89-35655025 ge...@ne...
|
|
From: Arne S. <ar...@rf...> - 2013-06-20 08:58:37
|
Am 20.06.13 05:17, schrieb Jonathan K. Bullard: > On Tue, Jun 18, 2013 at 1:23 AM, Arne Schwabe <ar...@rf...> wrote: >> Mac OS X 10.7+ natively supports tun devices (called utun). The "standard" utun.ko driver is sometimes problematic (e.g. VmWare Fusion 5 and tun.ko do not work together). >> >> When OpenVPN is compiled with utun support it will if no dev-node is given first try to use utun and if that is not available will try the traditional tun devices >> >> Parts of the patches are inspired from Peter Sagerson's <ps...@ig...> utun patch >> Signed-off-by: Arne Schwabe <ar...@rf...> Thanks for looking at the patch. I fixed all the bugs you found. > > > The resulting binary works fine and uses utun on 10.6.8 and 10.7.5. > > (Interesting that utun isn't in the 10.6 SDK but utun works on 10.6.8. > Since it isn't in the SDK, I assume it may be flakey and/or only in > some OS X > 10.6.0. If it is flakey in 10.6.8, that's a problem > because it will be used by default, but if it is just that it isn't in > all of 10.6.*, that should be OK.) I have a OS X 10.6 VM with Xcode 3.2.6 installed and this VM has the if/utun.h header. I probably was added somewhere between 10.6.0 and 10.6.8. > > On 10.5.8, however, attempting to connect to a server fails with the > following messages from the OpenVPN log: > > 2013-06-19 10:06:28 Opening utun (ioctl(CTLIOCGINFO)): No such file or > directory: No such file or directory (errno=2) > 2013-06-19 10:06:28 Exiting due to fatal error > > Someone should build with the patch properly (i.e. not like I did) on > 10.7 or 10.8 and test it on 10.5 (and 10.4, ideally) to make sure the > fallback really works. (I may be misunderstanding the code, but if > "msg (M_ERR..." doesn't return, then that's at least part of the > problem.) > > If fallback doesn't work in 10.4 and 10.5, then my view is that it > should be changed so it does work (mostly because Tunnelblick supports > 10.4 - 10.8 with a single OpenVPN binary). If OpenVPN doesn't want to > support 10.5 or 10.4 to this extent, or if the fallback failure is > caused by with the way I worked around not using the 10.7 SDK, I guess > I'll just have to deal with it. I changed the M_ERR to M_WARN. It should now work on 10.5.x but without a 10.5 to test on it is difficult to say... Arne |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X