Consider to commit to openvpn main branch via patch?
ihipop opened this issue · 3 comments
https://community.openvpn.net/openvpn/ticket/605#comment:20
Hi ValdikSS,
we've discussed this topic at the Hackathon today, and we think this is the best alternative today - namely:
integrate the code into src/openvpn/win32.c
add an option ("block-outside-dns" or something more creative)
this option would enable this protection feature on Win32, and be pushable from the server
on other platforms that do not need this or do not have a capability to enable this, it would be a
no-op or just print a warning, but not an error (so it can be always pushed)would you be willing to port over your plugin into a patch for openvpn general? Patch for master, please :-) - I can see that we need to have this in 2.3.9 as well, but backporting "should" not be too complicated.
Hi!
Yes, I will try to make a patch as soon as I end my work. Probably on this weekend.
Done!
OpenVPN 2.3.9 -- released on 2015.12.16
This release includes many small improvements and fixes. The biggest change is the addition of --block-outside-dns option, which can be used to fix DNS leaks in Windows 8.1 and 10. There are also improvements to behavior during suspend/resume on Windows and integration with external service managers such as NSSM. Client-side part of server restart notification is also included.