Ticket #721: a813e1789d76.patch

File a813e1789d76.patch, 4.5 KB (added by Samuli Seppänen, 6 years ago)

Patch to implement option to disable source IP check of ARP requests for the tap-windows6 adapter

  • src/adapter.c

    diff --git a/src/adapter.c b/src/adapter.c
    index 2883b79..fd575f9 100644
    a b tapReadConfiguration( 
    222222    Adapter->MediaStateAlwaysConnected = FALSE;
    223223    Adapter->LogicalMediaState = FALSE;
    224224    Adapter->AllowNonAdmin = FALSE;
     225    // source check can not be set in the registry yet. This has to be set each
     226    // time the adapter is opened.
     227    Adapter->m_source_check = TRUE;
    225228    //
    226229    // Open the registry for this adapter to read advanced
    227230    // configuration parameters stored by the INF file.
  • src/adapter.h

    diff --git a/src/adapter.h b/src/adapter.h
    index 2f09d12..70a394d 100644
    a b  
    44 *
    55 *  This code was inspired by the CIPE-Win32 driver by Damion K. Wilson.
    66 *
     7 *  Copyright (C) 2016 Noel Kuntze <noel@familie-kuntze.de>
    78 *  This source code is Copyright (C) 2002-2014 OpenVPN Technologies, Inc.,
    89 *  and is released under the GPL version 2 (see below).
    910 *
    typedef struct _TAP_ADAPTER_CONTEXT 
    251252  BOOLEAN m_CalledAdapterFreeResources;
    252253  BOOLEAN m_RegisteredAdapterShutdownHandler;
    253254
     255   // This variable is initialised as TRUE. If it is set to FALSE, the adapter does
     256   // not check the source IP field of the ARP requests it receives on the adapter.
     257  BOOLEAN m_source_check;
     258
    254259} TAP_ADAPTER_CONTEXT, *PTAP_ADAPTER_CONTEXT;
    255260
    256261FORCEINLINE
  • src/device.c

    diff --git a/src/device.c b/src/device.c
    index 2b7ba9b..85897b6 100644
    a b  
    44 *
    55 *  This code was inspired by the CIPE-Win32 driver by Damion K. Wilson.
    66 *
     7 *  Copyright (C) 2016 Noel Kuntze <noel@familie-kuntze.de>
    78 *  This source code is Copyright (C) 2002-2014 OpenVPN Technologies, Inc.,
    89 *  and is released under the GPL version 2 (see below).
    910 *
    Return Value: 
    692693            }
    693694        }
    694695        break;
    695 
     696    case TAP_WIN_IOCTL_CONFIG_SET_SRC_CHECK:
     697        {
     698            if (inBufLength >= sizeof(ULONG))
     699            {
     700                adapter->m_source_check = (BOOLEAN) ((PULONG) (Irp->AssociatedIrp.SystemBuffer))[0];
     701                Irp->IoStatus.Information = 1;
     702            }
     703            else
     704            {
     705                NOTE_ERROR();
     706                Irp->IoStatus.Status = ntStatus = STATUS_INVALID_PARAMETER;
     707            }
     708        }
     709        break;
    696710    default:
    697711
    698712        //
  • src/tap-windows.h

    diff --git a/src/tap-windows.h b/src/tap-windows.h
    index d546a5b..0809c2e 100644
    a b  
    44 *
    55 *  This code was inspired by the CIPE-Win32 driver by Damion K. Wilson.
    66 *
     7 *  Copyright (C) 2016 Noel Kuntze <noel@familie-kuntze.de>
    78 *  This source code is Copyright (C) 2002-2014 OpenVPN Technologies, Inc.,
    89 *  and is released under the GPL version 2 (see below).
    910 *
     
    4950
    5051/* obsoletes TAP_WIN_IOCTL_CONFIG_POINT_TO_POINT */
    5152#define TAP_WIN_IOCTL_CONFIG_TUN            TAP_WIN_CONTROL_CODE (10, METHOD_BUFFERED)
    52 
     53#define TAP_WIN_IOCTL_CONFIG_SET_SRC_CHECK  TAP_WIN_CONTROL_CODE (11, METHOD_BUFFERED)
    5354/*
    5455 * =================
    5556 * Registry keys
  • src/txpath.c

    diff --git a/src/txpath.c b/src/txpath.c
    index f627934..8af5f21 100644
    a b  
    44 *
    55 *  This code was inspired by the CIPE-Win32 driver by Damion K. Wilson.
    66 *
     7 *  Copyright (C) 2016 Noel Kuntze <noel@familie-kuntze.de>
    78 *  This source code is Copyright (C) 2002-2014 OpenVPN Technologies, Inc.,
    89 *  and is released under the GPL version 2 (see below).
    910 *
    ProcessARP( 
    216217    //-----------------------------------------------
    217218    // Is this the kind of packet we are looking for?
    218219    //-----------------------------------------------
     220    BOOLEAN source_check = FALSE;
     221    if (Adapter->m_source_check)
     222    {
     223        source_check = (src->m_ARP_IP_Source == adapter_ip);
     224    }
     225    else
     226    {
     227        source_check = TRUE;
     228    }
    219229    if (src->m_Proto == htons (NDIS_ETH_TYPE_ARP)
    220230        && MAC_EQUAL (src->m_MAC_Source, Adapter->PermanentAddress)
    221231        && MAC_EQUAL (src->m_ARP_MAC_Source, Adapter->PermanentAddress)
    ProcessARP( 
    225235        && src->m_MAC_AddressSize == sizeof (MACADDR)
    226236        && src->m_PROTO_AddressType == htons (NDIS_ETH_TYPE_IPV4)
    227237        && src->m_PROTO_AddressSize == sizeof (IPADDR)
    228         && src->m_ARP_IP_Source == adapter_ip
     238        && source_check
    229239        && (src->m_ARP_IP_Destination & ip_netmask) == ip_network
    230240        && src->m_ARP_IP_Destination != adapter_ip)
    231241    {