Hi, While testing a patch, I failed to toggle AllowNonAdmin access to the tap-adapter. Looking at the sources it seems we do not respect that setting.
>From adapter.c ~line #if ENABLE_NONADMIN NdisReadConfiguration ( &localStatus, &configParameter, configHandle, &allowNonAdminKey, NdisParameterInteger ); if (localStatus == NDIS_STATUS_SUCCESS) { if (configParameter->ParameterType == NdisParameterInteger) { Adapter->AllowNonAdmin = TRUE; } } #endif The code does not appear to check the actual value read from registry which will be in configParameter->ParameterData.IntegerData, but enables AllowNonAdmin in any case. Would that mean we can assume that always allowing all users access to the tap (say, using the service to open it) would not be a regression? Or are there folks who use local builds of the driver and expect openvpn.exe to respect that setting? Thanks, Selva _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel