Hi,
While testing a patch, I failed to toggle AllowNonAdmin access to the
tap-adapter.
Looking at the sources it seems we do not respect that setting.
>From adapter.c ~line
#if ENABLE_NONADMIN
NdisReadConfiguration (
&localStatus,
&configParameter,
configHandle,
&allowNonAdminKey,
NdisParameterInteger
);
if (localStatus == NDIS_STATUS_SUCCESS)
{
if (configParameter->ParameterType == NdisParameterInteger)
{
Adapter->AllowNonAdmin = TRUE;
}
}
#endif
The code does not appear to check the actual value read from registry
which will be in configParameter->ParameterData.IntegerData, but
enables AllowNonAdmin in any case.
Would that mean we can assume that always allowing all users access to
the tap (say, using the service to open it) would not be a regression?
Or are there folks who use local builds of the driver and expect
openvpn.exe to respect that setting?
Thanks,
Selva
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
