Click here to Skip to main content
65,938 articles
CodeProject is changing. Read more.
Articles / desktop / Win32

OpenVPN for Windows XP

5.00/5 (6 votes)
29 Jan 2022GPL327 min read 12K  
OpenVPN v2.5.4 patched for Windows XP and Windows Server 2003
This article describes in detail how you can rebuild OpenVPN v2.5.4 for use on older operating systems.

Image 1

Topic Overview

  1. Introduction
  2. Prerequisites
  3. Build Machine Setup
  4. Build OpenSSL v1.1.1m
  5. Build LZO v2.10 DLL
  6. Build PKCS11-Helper v1.28 DLL
  7. Build OpenVPN v2.5.4 include files
  8. Build OpenVPN v2.5.4
  9. Build OpenVPN-GUI v11.26 include files
  10. Build OpenVPN-GUI v11.26
  11. Build TAP-Driver v9.9.2
  12. Build NSIS-Installer
  13. OpenVPN configuration file changes for Windows XP
  14. Test if OpenVPN is working correctly
  15. OpenVPN v2.5.4 Windows XP SP3 bug
  16. Version and download link
  17. History

1. Introduction

OpenVPN v2.3.18 was the last version that officially supports Windows XP and Windows Server 2003. We lately had the need to use the newer version 2.5.4 of OpenVPN to support stronger data ciphers like AES-256-CBC. Therefore we decided to rebuild the whole package from the ground up to make it compatible with Windows XP and Windows Server 2003. The following article describes in detail how you can rebuild OpenVPN v2.5.4 for use on these older operating systems. The build process was a long journey, because it seems that all official build instructions are partly useless and lead to a dead end most of the time. For example, the official instructions state that OpenVPN for Windows is cross compiled on Linux, which is not true at all. We checked the binary and can say for sure that it is a native Windows Visual Studio build!

The benefits of this new version include:

  • support of stronger data ciphers like AES-256-CBC
  • new TAP-Driver with a network speed of 1 GBit/s instead of 10 MBit/s
  • severe bug on Windows XP SP3 solved where we can't connect to the VPN server

If you don't care about the build steps, simply install OpenVPN v2.5.4 on Windows XP and Windows Server 2003 by running the installer package "OpenVPN-v2.5.4.exe" in the root of this archive.

Important: The following steps to build OpenVPN can be done completely in offline mode. You do not need an internet connection at all.

Image 2

2. Prerequisites

We included all prerequisite packages in the download archive with the exception of the operating system, compiler suite and an unpacker for 7-Zip archives. We used the following listed packages to build the dependencies.

OpenSSL v1.1.1m

  • Operating System: Windows 10 x64 Build 21H2
  • Compiler Suite: Visual Studio 2019
  • OpenSSL_v1.1.1m\ActivePerl-5.20.2.2002-MSWin32-x86-64int-299195.msi
  • OpenSSL_v1.1.1m\dmake-4.11.20080107.ppd
  • OpenSSL_v1.1.1m\dmake-4.11.20080107.tar.gz
  • OpenSSL_v1.1.1m\nasm-2.15.05-installer-x86.exe
  • OpenSSL_v1.1.1m\openssl-v1.1.1m.7z

LZO v2.10 DLL

  • Operating System: Windows 10 x64 Build 21H2
  • Compiler Suite: Visual Studio 2019
  • LZO_v2.10\lzo-2.10.7z

PKCS11-Helper v1.28 DLL

  • Operating System: Windows 10 x64 Build 21H2
  • Compiler Suite: Visual Studio 2019
  • PKCS11-Helper_v1.28.0\pkcs11-helper-1.28.0.7z

OpenVPN v2.5.4 include files

  • Operating System: Windows 10 x64 Build 21H2
  • Compiler Suite: Visual Studio 2019
  • OpenVPN_v2.5.4\openvpn-2.5.4.7z

OpenVPN v2.5.4

  • Operating System: Windows 10 x64 Build 21H2
  • Compiler Suite: Visual Studio 2019
  • OpenVPN_v2.5.4\block_dns.c
  • OpenVPN_v2.5.4\config-msvc-version.h
  • OpenVPN_v2.5.4\openvpn-2.5.4.7z
  • OpenVPN_v2.5.4\route.c
  • OpenVPN_v2.5.4\tap-windows.h
  • OpenVPN_v2.5.4\tap-windows-master_for_XP.7z
  • OpenVPN_v2.5.4\tun.c
  • OpenVPN_v2.5.4\versionhelpers.h

OpenVPN-GUI v11.26 include files

  • Operating System: Windows 10 x64 Build 21H2
  • Compiler Suite: Visual Studio 2019
  • MSYS2\msys2-i686-20160205.exe
  • MSYS2\packages_20160205.7z
  • OpenVPN-GUI_v11.26\openvpn-gui-11.7z

OpenVPN-GUI v11.26

  • Operating System: Windows 10 x64 Build 21H2
  • Compiler Suite: Visual Studio 2019
  • OpenVPN-GUI_v11.26\config.h
  • OpenVPN-GUI_v11.26\openvpn-gui-11.7z
  • OpenVPN-GUI_v11.26\versionhelpers.h

TAP-Driver v9.9.2

  • Operating System: Windows XP SP3 or Windows Server 2003 R2 SP2
  • Compiler Suite: Windows Driver Development Kit v7.1.0 (7600.16385.1)
  • NSIS-Installer\nsis-2.50-setup.exe
  • TAP-Driver_v9.9.2\tap-windows-master_for_XP.7z

NSIS-Installer for OpenVPN v2.5.4

  • Operating System: Windows XP SP3 or Windows Server 2003 R2 SP2
  • NSIS-Installer\nsis-2.50-setup.exe
  • NSIS-Installer\openvpn.nsi
  • NSIS-Installer\openvpn-build-release-2.3.7z
  • NSIS-Installer\OpenVPN-v2.3.18_last_version_for_XP.exe
  • NSIS-Installer\VC-Redistributable_v14.27.29114.0_x86.exe

3. Build Machine Setup

We need two machines for building OpenVPN v2.5.4. The first one with "Windows XP SP3 x86" or "Windows Server 2003 R2 SP2 x86" and "Windows Driver Development Kit v7.1.0 (7600.16385.1)", the second one with "Windows 10 x64 Build 21H2" and "Visual Studio Enterprise 2019 Version 16.0.1". On both machines, we need an unpacker for 7-Zip archives.

Packages build on first machine

  • TAP-Driver v9.9.2
  • NSIS-Installer for OpenVPN v2.5.4

Packages build on second machine

  • OpenSSL v1.1.1m
  • LZO v2.10 DLL
  • PKCS11-Helper v1.28 DLL
  • OpenVPN v2.5.4 include files
  • OpenVPN v2.5.4
  • OpenVPN-GUI v11.26 include files
  • OpenVPN-GUI v11.26

Install Visual Studio 2019 on the second machine with the following workloads:

  • Desktop development with C++
  • On the "Installation details" on the right side check:
    • MSVC v141 - VS 2017 C++ x64/x86 build tools (v14.16)
  • Choose tab "Individual components" and select the following on the left side under the category "Compilers, build tools, and runtimes":
    • C++ Windows XP Support for VS 2017 (v141) tools [Deprecated]

4. Build OpenSSL v1.1.1m

  • Operating System: Windows 10 x64 Build 21H2
  • Compiler Suite: Visual Studio 2019
  • Install "OpenSSL_v1.1.1m\ActivePerl-5.20.2.2002-MSWin32-x86-64int-299195.msi" to "C:\Perl"
  • Install "OpenSSL_v1.1.1m\nasm-2.15.05-installer-x86.exe" to "C:\Program Files (x86)\NASM"
  • Copy "OpenSSL_v1.1.1m\dmake-4.11.20080107.ppd" to "C:\dmake-4.11.20080107.ppd"
  • Copy "OpenSSL_v1.1.1m\dmake-4.11.20080107.tar.gz" to "C:\dmake-4.11.20080107.tar.gz"
  • Unpack "OpenSSL_v1.1.1m\openssl-v1.1.1m.7z" to "C:\openssl-v1.1.1m"
  • To build the shared release version, open an administrative command prompt and type the following commands:
BAT
REM change directory to root of drive C:
cd C:\

REM install DMAKE Perl package
ppm install dmake-4.11.20080107.ppd

REM run VS2019 x86 command line and set correct variables
"C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Auxiliary\Build\vcvars32.bat"

REM add NASM assembler to path variable
set "PATH=C:\Program Files (x86)\NASM;%PATH%"

REM change current directory to OpenSSL source code directory
cd C:\openssl-v1.1.1m

REM We have to use the configure parameter "-D_WIN32_WINNT=0x0501" for Windows XP and Windows
REM Server 2003.
perl Configure VC-WIN32 -D_WIN32_WINNT=0x0501 --prefix=C:\openssl-v1.1.1m-shared

REM starts the build process and compiles all OpenSSL libraries and files
nmake

REM tests the inner workings of the OpenSSL libraries, this should be run mandatory to be sure
REM that everything works as designed later on
nmake test

REM After this command the installation can be found in the directory "C:\Program Files\OpenSSL".
nmake install

After these steps, the OpenSSL files will be present in the directory which you specified with the "--prefix" parameter for the perl Configure command. In our case, the shared release DLLs of OpenSSL are present in the directory "C:\openssl-v1.1.1m-shared". The include files we need are placed in "C:\openssl-v1.1.1m-shared\include\openssl". The library files we need are placed in "C:\openssl-v1.1.1m-shared\lib". We packed the complete directory into the included archive named "OpenSSL_v1.1.1m\openssl-v1.1.1m-shared.7z".

5. Build LZO v2.10 DLL

  • Operating System: Windows 10 x64 Build 21H2
  • Compiler Suite: Visual Studio 2019
  • unpack "LZO_v2.10\lzo-2.10.7z" to "C:\lzo-2.10"
  • to build the DLL release version, open an administrative command prompt and type the following commands:
BAT
REM run VS2019 x86 command line and set correct variables
"C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Auxiliary\Build\vcvars32.bat"

REM change current directory to LZO source code directory
cd C:\lzo-2.10

REM This will build the shared DLLs.
B\win32\vc_dll.bat

We packed the complete directory into the included archive named "LZO_v2.10\lzo-2.10-shared-DLL.7z".

6. Build PKCS11-Helper v1.28 DLL

  • Operating System: Windows 10 x64 Build 21H2
  • Compiler Suite: Visual Studio 2019
  • Unpack "PKCS11-Helper_v1.28.0\pkcs11-helper-1.28.0.7z" to "C:\pkcs11-helper-1.28.0"
  • To build the DLL release version, open an administrative command prompt and type the following commands:
BAT
REM run VS2019 x86 command line and set correct variables
"C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Auxiliary\Build\vcvars32.bat"

REM change current directory to PKCS11-Helper source code directory
cd C:\pkcs11-helper-1.28.0\lib

REM starts the build process and compiles the PKCS11-Helper library
nmake -f Makefile.w32-vc OPENSSL=1 OPENSSL_HOME=C:\openssl-v1.1.1m-shared

We packed the complete directory into the included archive named "PKCS11-Helper_v1.28.0\pkcs11-helper-1.28.0-shared-DLL.7z". The DLL we use is located at "PKCS11-Helper_v1.28.0\pkcs11-helper-1.28.0-shared-DLL.7z\lib\libpkcs11-helper-1.dll".

7. Build OpenVPN v2.5.4 Include Files

The include file config-msvc-version.h is auto generated by the Visual Studio solution of OpenVPN. The standard OpenVPN source code does not include this file, which is absolutely necessary to build OpenVPN. In the following steps, we describe how to generate the include file config-msvc-version.h. The generated include file by this procedure is already present in the directory "OpenVPN_v2.5.4".

  • Operating System: Windows 10 x64 Build 21H2
  • Compiler Suite: Visual Studio 2019
  • Unpack "OpenVPN_v2.5.4\openvpn-2.5.4.7z" to "C:\openvpn-2.5.4"
  • To build the file "config-msvc-version.h", open an administrative command prompt and type the following commands:
BAT
REM change current directory to OpenVPN msvc-generate source code directory
cd C:\openvpn-2.5.4\build\msvc\msvc-generate

REM run the java script file with parameters
cscript //Nologo msvc-generate.js --config="C:\openvpn-2.5.4\version.m4" 
                                  --input="C:\openvpn-2.5.4\config-msvc-version.h.in" 
                                  --output="C:\openvpn-2.5.4\config-msvc-version.h"

After these steps, the resulting file is located at "C:\openvpn-2.5.4\config-msvc-version.h".

Pay attention: This file does contain errors! It seems the PRODUCT_VERSION_PATCH has a wrong value
of ".4" instead of simply "4". Therefore also the PACKAGE_VERSION and PRODUCT_VERSION are wrong and
have both the value "2.5..4". This error is triggered by the file "C:\openvpn-2.5.4\version.m4" which has the following define:

C++
define([PRODUCT_VERSION_PATCH], [.4])

If we correct this line and remove the point, we get another error in the config-msvc-version.h file. After this change, the PACKAGE_STRING is "OpenVPN 2.54", which is missing a point, but both the PACKAGE_VERSION and PRODUCT_VERSION are correct. We already corrected these errors manually in the included file "OpenVPN_v2.5.4\config-msvc-version.h".

The file tap-windows.h is copied from the archive "OpenVPN_v2.5.4\tap-windows-master_for_XP.7z\src\tap-windows.h". The file versionhelpers.h is copied from the Windows 10 SDK version 10.0.17763.0 which comes with Visual Studio 2019. We slightly modified it to make it work without additional include files like winapifamily.h. The original file is located at "C:\Program Files (x86)\Windows Kits\10\Include\10.0.17763.0\um\VersionHelpers.h" after Visual Studio 2019 is installed.

8. Build OpenVPN v2.5.4

  • Operating System: Windows 10 x64 Build 21H2
  • Compiler Suite: Visual Studio 2019
  • unpack "OpenVPN_v2.5.4\openvpn-2.5.4.7z" to "C:\openvpn-2.5.4"
    This step is not necessary if you compiled OpenVPN v2.5.4 include files before!
  • Start Visual Studio 2019 > Create a new project > Empty Project > Next >
    Project name: openvpn
    Location: C:\Users\Public
    Solution name: openvpn
    check "Place solution and project in the same directory"
    > Create
  • Copy all files and directories from "C:\openvpn-2.5.4\src\openvpn" to "C:\Users\Public\openvpn".
    Do not overwrite the files "openvpn.vcxproj" and "openvpn.vcxproj.filters".
  • Delete the following files from the directory "C:\Users\Public\openvpn":
    Makefile.am
    Makefile.in
  • Copy the file "C:\openvpn-2.5.4\config-msvc.h" to "C:\Users\Public\openvpn"
  • Copy the file "C:\openvpn-2.5.4\include\openvpn-msg.h" to "C:\Users\Public\openvpn"
  • Copy the file "C:\openvpn-2.5.4\include\openvpn-plugin.h" to "C:\Users\Public\openvpn"
  • Copy the file "OpenVPN_v2.5.4\block_dns.c" to "C:\Users\Public\openvpn" and overwrite the existing file.
    This newly created C source file contains code to support DNS leak blocking for Windows XP.
  • Copy the file "OpenVPN_v2.5.4\config-msvc-version.h" to "C:\Users\Public\openvpn".
  • Copy the file "OpenVPN_v2.5.4\route.c" to "C:\Users\Public\openvpn" and overwrite the existing file.
    This changes the function get_default_gateway_ipv6 and simply returns, because Windows XP does not support IPv6 at all correctly without a dual stack in combination with IPv4. We can discard this completely and simply return from the function. The implementation of GetBestRoute in Windows XP does not support IPv6 at all.
  • Copy the file "OpenVPN_v2.5.4\tap-windows.h" to "C:\Users\Public\openvpn".
  • Copy the file "OpenVPN_v2.5.4\tun.c" to "C:\Users\Public\openvpn" and overwrite the existing file.
    This changes the function windows_set_mtu to compile on Windows XP. The patch and function will not work at all. We tried several methods to set the MTU without success. Read the comments inside the code for more details.
  • Copy the file "OpenVPN_v2.5.4\versionhelpers.h" to "C:\Users\Public\openvpn".
  • Copy "C:\openssl-v1.1.1m-shared" to "C:\Users\Public\openvpn\OpenSSL_v1.1.1m".
  • Delete the following directories:
    C:\Users\Public\openvpn\OpenSSL_v1.1.1m\bin
    C:\Users\Public\openvpn\OpenSSL_v1.1.1m\html
  • Copy "C:\lzo-2.10" to "C:\Users\Public\openvpn\lzo-2.10".
  • Delete all files and directories in the folder "C:\Users\Public\openvpn\lzo-2.10" except "include", "lzo2.dll" and "lzo2.lib".
  • Copy "C:\pkcs11-helper-1.28.0" to "C:\Users\Public\openvpn\pkcs11-helper-1.28.0".
  • Delete all files and directories in the folder "C:\Users\Public\openvpn\pkcs11-helper-1.28.0" except "include" and "lib".
  • Delete the following files:
    C:\Users\Public\openvpn\pkcs11-helper-1.28.0\include\Makefile.am
    C:\Users\Public\openvpn\pkcs11-helper-1.28.0\include\Makefile.in
    C:\Users\Public\openvpn\pkcs11-helper-1.28.0\include\pkcs11-helper-1.0\Makefile.am
    C:\Users\Public\openvpn\pkcs11-helper-1.28.0\include\pkcs11-helper-1.0\Makefile.in
    C:\Users\Public\openvpn\pkcs11-helper-1.28.0\include\pkcs11-helper-1.0\pkcs11h-version.h.in
  • Delete all files in the folder "C:\Users\Public\openvpn\pkcs11-helper-1.28.0\lib" except "libpkcs11-helper-1.dll" and "pkcs11-helper.dll.lib".
  • In VS2019 Solution Explorer, right click on openvpn "Header Files" > Add > Existing Item... > in the "File name" field, enter "*.h" and press Enter > select first header file. Press Shift and click on the last header file > Add.
  • Right click on openvpn "Resource Files" > Add > Existing Item... > select "openvpn_win32_resources.rc" > Add.
  • Right click on openvpn "Source Files" > Add > Existing Item... > in the "File name" field enter "*.c" and press Enter > select first C source file, press Shift and click on the last C source file > Add.
  • In Solution Explorer, right click on "Solution 'openvpn' (1 project)" > Add > New Project... >
    Empty Project > Next >
    Project Name: compat
    Location: C:\Users\Public
    > Create
  • Copy all files from "C:\openvpn-2.5.4\src\compat" to "C:\Users\Public\compat".
    Do not overwrite the files "openvpn.vcxproj" and "openvpn.vcxproj.filters".
  • Delete the following files from the directory "C:\Users\Public\compat":
    Debug.props
    Makefile.am
    Makefile.in
    PropertySheet.props
    Release.props
  • Copy the file, "C:\openvpn-2.5.4\config-msvc.h" to "C:\Users\Public\compat".
  • Copy the file, "OpenVPN_v2.5.4\config-msvc-version.h" to "C:\Users\Public\compat"
  • In VS2019 Solution Explorer, right click on compat "Header Files" > Add > Existing Item... > in the "File name" field, enter "*.h" and press Enter > select first header file, press Shift and click on the last header file > Add.
  • Right click on compat "Source Files" > Add > Existing Item... > in the "File name" field, enter "*.c" and press Enter > select first C source file, press Shift and click on the last C source file > Add.
  • In Solution Explorer, select compat > Menu > Project > Properties > choose Configuration:
    All Configurations > Platform: All Platforms and change the following values:
    Configuration Properties > General
    • Platform Toolset: Visual Studio 2017 - Windows XP (v141_xp)
    • Configuration Type: Static library (.lib)
    Configuration Properties > C/C++ > Preprocessor
    • Preprocessor Definitions > choose arrow > <Edit...> > enter
      _CRT_SECURE_NO_WARNINGS
      > OK
    Configuration Properties > C/C++ > Command Line
    • Additional Options > enter
      /D_WIN32_WINNT=0x0501
    Configuration Properties > Linker > Manifest File
    • Generate Manifest: No (/MANIFEST:NO)
      > OK
  • Open the file "C:\Users\Public\compat\config-msvc.h" and change code line 1 from
    C++
    #include <config-msvc-version.h>
    to:
    C++
    #include "config-msvc-version.h"
    In addition, add a new line before line 172 and insert the following code:
    C++
    #define _WIN32_WINNT_VISTA 0x0600
  • To solve the warning "Support for targeting Windows XP is deprecated and will not be present in future releases of Visual Studio.", do the following steps:
    In Solution Explorer, select compat > Menu > View > Property Manager > right click "compat" > Add New Project Property Sheet... > Add > expand "compat" > expand "Debug | Win32" > Right click on PropertySheet > Properties > Common Properties > User Macros > button "Add Macro":
    Name: XPDeprecationWarning
    Value: false
    > 2 x OK
    This property sheets gets added to every build configuration automatically.
  • In Solution Explorer, select openvpn > Menu > Project > Properties > choose Configuration: All Configurations > Platform: All Platforms and change the following values:
    Configuration Properties > General
    • Platform Toolset: Visual Studio 2017 - Windows XP (v141_xp)
    Configuration Properties > VC++ Directories
    • Include Directories > choose arrow > <Edit...> > choose a new line for every value listed here > enter
      ..\compat
      $(SolutionDir)\lzo-2.10\include
      $(SolutionDir)\OpenSSL_v1.1.1m\include
      $(SolutionDir)\pkcs11-helper-1.28.0\include

      > OK
    • Library Directories > choose arrow > <Edit...> > choose a new line for every value listed here > enter
      $(OutDir)
      This is used for compat.lib static library, otherwise the library is not found.
      $(SolutionDir)\lzo-2.10
      $(SolutionDir)\OpenSSL_v1.1.1m\lib
      $(SolutionDir)\pkcs11-helper-1.28.0\lib

      > OK
    Configuration Properties > C/C++ > General
    • Warning Level: Level2 (/W2)
      This will suppress 238 warnings. The developers also do this in the original openvpn VS2019 solution.
    Configuration Properties > C/C++ > Preprocessor
    • Preprocessor Definitions > choose arrow > <Edit...> > enter
      _CRT_NONSTDC_NO_DEPRECATE<br /> _CRT_SECURE_NO_WARNINGS
      > OK
    Configuration Properties > C/C++ > Command Line
    • Additional Options > enter
      /D_WIN32_WINNT=0x0501
    Configuration Properties > Linker > Input
    • Additional Dependencies > choose arrow > <Edit...> > enter
      compat.lib
      libssl.lib
      libcrypto.lib
      lzo2.lib
      pkcs11-helper.dll.lib
      gdi32.lib
      ws2_32.lib
      wininet.lib
      crypt32.lib
      iphlpapi.lib
      winmm.lib
      rpcrt4.lib
      setupapi.lib
      advapi32.lib
      > OK
    Configuration Properties > Linker > Manifest File
    • Generate Manifest: No (/MANIFEST:NO)
    > OK
  • In Solution Explorer, select openvpn > Menu > Project > Project Dependencies... > tab Dependencies > Project: choose openvpn > Depends on: check compat > OK
  • Open the file "C:\Users\Public\openvpn\config-msvc.h" and change code line 1 from:
    C++
    #include <config-msvc-version.h>
    to:
    C++
    #include "config-msvc-version.h"
    In addition, add a new line before line 172 and insert the following code:
    C++
    #define _WIN32_WINNT_VISTA 0x0600
  • Open file, "C:\Users\Public\openvpn\tun.h" and change the code line 29 from:
    C++
    #include <tap-windows.h>
    to:
    C++
    #include "tap-windows.h"
  • Open file "C:\Users\Public\openvpn\win32.c" and change the code line 50 from:
    C++
    #include <versionhelpers.h>
    to:
    C++
    #include "versionhelpers.h"
  • Open file "C:\Users\Public\openvpn\syshead.h" and change the code line 586 from:
    C++
    #define ENABLE_CRYPTOAPI
    to:
    C++
    //#define ENABLE_CRYPTOAPI
  • Open file "C:\Users\Public\openvpn\console_systemd.c" and change the code line 30 from:
    C++
    #include "config.h"
    to:
    C++
    //#include "config.h"
  • Open file "C:\Users\Public\openvpn\ssl_ncp.h" and change code line 53 from:
    C++
    check_pull_client_ncp(struct context *c, int found);
    to:
    C++
    check_pull_client_ncp(struct context *c, const int found);
  • Open file "C:\Users\Public\openvpn\auth_token.c" and change code line 62 from:
    C++
    const char *state;
    to:
    C++
    const char *state = "Invalid";
  • Open file "C:\Users\Public\openvpn\pkcs11-helper-1.28.0\include\pkcs11-helper-1.0\pkcs11.h" and change code line 1213 from:
    C++
    struct ck_interface **interface,
    to:
    C++
    struct ck_interface **Interface,
  • To solve the warning, "Support for targeting Windows XP is deprecated and will not be present in future releases of Visual Studio.", do the following steps:
    In Solution Explorer, select openvpn > Menu > View > Property Manager > right click "openvpn" > Add New Project Property Sheet... > Add > expand "openvpn" > expand "Debug | Win32" > right click on PropertySheet > Properties > Common Properties > User Macros > button "Add Macro":
    Name: XPDeprecationWarning
    Value: false
    > 2 x OK
    This property sheets gets added to every build configuration automatically.
  • Choose Menu > Build > Configuration Manager... > Active solution configuration: Release > Active solution platform: x86 > Close
  • In Solution Explorer, select compat > Menu > Project > Properties > choose Configuration: Active(Release) > Platform: Active(Win32) and change the following values:
    Configuration Properties > C/C++ > Optimization
    • Optimization: Maximum Optimization (Favor Size) (/O1)
    • Enable Intrinsic Functions: No
    • Favor Size Or Speed: Favor small code (/Os)
    > OK
  • In Solution Explorer, select openvpn > Menu > Project > Properties > choose Configuration: Active(Release) > Platform: Active(Win32) and change the following values:
    Configuration Properties > C/C++ > Optimization
    • Optimization: Maximum Optimization (Favor Size) (/O1)
    • Enable Intrinsic Functions: No
    • Favor Size Or Speed: Favor small code (/Os)
    Linker > Debugging
    • Generate Debug Info: No
    > OK
  • Choose Menu > Build > Rebuild Solution

We can now compile the debug and release configuration for Windows XP without any errors or warnings.
The final source code package is located at "OpenVPN_v2.5.4\openvpn_v2.5.4_20220123_for_XP.7z".

9. Build OpenVPN-GUI v11.26 Include Files

The include file config.h is auto generated on Linux platforms. The standard OpenVPN-GUI source code does not include this file, which is absolutely necessary to build the OpenVPN-GUI. In the following steps, we describe how to generate the include file config.h. The generated include file by this procedure is already present in the directory "OpenVPN-GUI_v11.26".

  • Operating System: Windows 10 x64 Build 21H2
  • Compiler Suite: Visual Studio 2019
  • Install "MSYS2\msys2-i686-20160205.exe" to "C:\msys32" > uncheck "Run MSYS2 32 bit now." after installation is finished > Finish
    Attention: We need at least 2 to 3 GB free space on drive C: to install MSYS2 with all necessary packages!
  • Unpack "MSYS2\packages_20160205.7z" to "C:\packages_20160205".
  • Copy all packages from "C:\packages_20160205\all-in-one" directory to "C:\msys32\var\cache\pacman\pkg" directory.
  • Run "C:\msys32\mingw32_shell.bat" as Administrator.
  • Run the following command in MINGW32 shell:
BAT
pacman -S autoconf automake libtool make mingw-w64-i686 
mingw-w64-i686-toolchain mingw-w64-x86_64 mingw-w64-x86_64-toolchain nasm pkg-config

Press 4 x Enter and 'Y' to install all packages.
This will install all 129 packages which are present inside the pkg directory.

  • Now we can delete all files in the directory "C:\msys32\var\cache\pacman\pkg"
  • Unpack "OpenVPN-GUI_v11.26\openvpn-gui-11.7z" to "C:\msys32\home\UserName\openvpn-gui"
  • Run the following commands in MINGW32 shell:
BAT
cd openvpn-gui
autoreconf -i -v
./configure --prefix=/ --host=i686-w64-mingw32 --build=i686-pc-mingw32 
--program-prefix='' OPENSSL_CRYPTO_CFLAGS="-I /home/UserName/openssl-v1.1.1m/include/" 
OPENSSL_CRYPTO_LIBS="-L /home/UserName/openssl-v1.1.1m/lib/ -lcrypto"

It does not matter if the OpenSSL directory is present or not for the configure command. After this configure command, the file "C:\msys32\home\UserName\openvpn-gui\config.h" is created. If we only want to build the OpenVPN-GUI on Visual Studio 2019, we can stop here. It is recommended to stop here and not try to build the OpenVPN-GUI with MSYS2, because even if we would manage to get a working executable, this is at least double the size of the Windows executable build with Visual Studio 2019.

The file versionhelpers.h is copied from the Windows 10 SDK version 10.0.17763.0 which comes with Visual Studio 2019. We slightly modified it to make it work without additional include files like winapifamily.h. The original file is located at "C:\Program Files (x86)\Windows Kits\10\Include\10.0.17763.0\um\VersionHelpers.h" after Visual Studio 2019 is installed.

10. Build OpenVPN-GUI v11.26

  • Operating System: Windows 10 x64 Build 21H2
  • Compiler Suite: Visual Studio 2019
  • Unpack "OpenVPN-GUI_v11.26\openvpn-gui-11.7z" to "C:\openvpn-gui".
  • Start Visual Studio 2019 > Create a new project > Empty Project > Next >
    Project name: openvpn-gui
    Location: C:\Users\Public
    Solution name: openvpn-gui
    Check "Place solution and project in the same directory"
    > Create
  • Copy all files and directories from "C:\openvpn-gui" to "C:\Users\Public\openvpn-gui".
  • Delete the following files from the directory "C:\Users\Public\openvpn-gui":
    aclocal.m4
    compile
    config.guess
    config.h.in
    config.sub
    configure
    configure.ac
    COPYING
    COPYRIGHT.GPL
    depcomp
    install-sh
    Makefile.am
    Makefile.in
    missing
  • Move all files from the directory "C:\Users\Public\openvpn-gui\res" to "C:\Users\Public\openvpn-gui".
  • Delete the directory "C:\Users\Public\openvpn-gui\res".
  • Copy the file "OpenVPN-GUI_v11.26\config.h" to "C:\Users\Public\openvpn-gui".
  • Copy the file "OpenVPN-GUI_v11.26\versionhelpers.h" to "C:\Users\Public\openvpn-gui".
  • Delete the directory "C:\OpenSSL_v1.1.1m" if it is present.
  • Unpack "OpenSSL_v1.1.1m\openssl-v1.1.1m-shared.7z" to "C:\OpenSSL_v1.1.1m".
  • Copy "C:\OpenSSL_v1.1.1m" to "C:\Users\Public\openvpn-gui\OpenSSL_v1.1.1m".
  • Delete the following directories:
    C:\Users\Public\openvpn-gui\OpenSSL_v1.1.1m\bin
    C:\Users\Public\openvpn-gui\OpenSSL_v1.1.1m\html
  • In VS2019 Solution Explorer, right click on openvpn-gui "Header Files" > Add > Existing Item... > in the "File name" field enter "*.h" and press Enter > select first header file, press Shift and click on the last header file > Add.
  • Right click on "Resource Files" > Add > Existing Item... > Select "openvpn-gui-res.rc" > Add
  • Right click on "Source Files" > Add > Existing Item... > in the "File name" field enter "*.c" and press Enter > select first C source file, press Shift and click on the last C source file > Add.
  • In Solution Explorer, select openvpn-gui > Menu > Project > Properties > choose Configuration: All Configurations > Platform: All Platforms and change the following values:
    Configuration Properties > General
    • Platform Toolset: Visual Studio 2017 - Windows XP (v141_xp)
    • Character Set: Use Unicode Character Set
    Configuration Properties > VC++ Directories
    • Include Directories > choose arrow > <Edit...> > choose New Line > enter
      $(SolutionDir)\OpenSSL_v1.1.1m\include
      > OK
    • Library Directories > choose arrow > <Edit...> > choose New Line > enter
      $(SolutionDir)\OpenSSL_v1.1.1m\lib
      > OK
    Configuration Properties > C/C++ > Preprocessor
    • Preprocessor Definitions > choose arrow > <Edit...> > enter
      _CRT_NONSTDC_NO_DEPRECATE
      _CRT_SECURE_NO_WARNINGS
      > OK
    Configuration Properties > C/C++ > Command Line
    • Additional Options > enter
      /D "HAVE_CONFIG_H"  /D "WIN32_LEAN_AND_MEAN" /D_WIN32_WINNT=0x0501
    Configuration Properties > Linker > Input
    • Additional Dependencies > choose arrow > <Edit...> > enter
      ws2_32.lib
      libcrypto.lib
      libssl.lib
      secur32.lib
      netapi32.lib
      comctl32.lib
      wininet.lib
      wtsapi32.lib
      crypt32.lib
      shlwapi.lib
      winhttp.lib

      > OK
    Configuration Properties > Linker > Manifest File
    • Generate Manifest: No (/MANIFEST:NO)
    Configuration Properties > Linker > System
    • SubSystem: Windows (/SUBSYSTEM:WINDOWS)
    Configuration Properties > Resources > Command Line
    • Additional Options > enter
      /D "HAVE_CONFIG_H"
    > OK
  • Menu > Build > Rebuild Solution > Menu > View > Error List
  • Click on all errors "Cannot open include file: 'config.h': No such file or directory" and change the line from:
    C++
    #include <config.h>
    to:
    C++
    #include "config.h"
  • Click on all errors "'wcstok': too few arguments for call" and change the first code location from:
    C++
    pch = wcstok(buf, L"\r\n");
    to:
    C++
    wchar_t *state;
    pch = wcstok(buf, L"\r\n", &state);
    Change the second code location from:
    C++
    pch = wcstok(NULL, L"\r\n");
    to:
    C++
    pch = wcstok(NULL, L"\r\n", &state);
  • Menu > Build > Rebuild Solution > Menu > View > Error List
  • Click on all errors "'wcstok': too few arguments for call" and change the first code location from:
    C++
    LPWSTR token = wcstok(proxy_str, delim);
    to:
    C++
    wchar_t *state;
    LPWSTR token = wcstok(proxy_str, delim, &state);
    Change the second code location from:
    C++
    token = wcstok(NULL, delim);
    to:
    C++
    token = wcstok(NULL, delim, &state);
  • Click on error "'AURL_ENABLEURL': undeclared identifier" and change the code from:
    C++
    SendMessage(hmsg, EM_AUTOURLDETECT, AURL_ENABLEURL, 0);
    to:
    C++
    #define AURL_ENABLEURL 1
    SendMessage(hmsg, EM_AUTOURLDETECT, AURL_ENABLEURL, 0);
  • Click on both errors "Cannot open include file 'versionhelpers.h': No such file or directory" and change the code location from:
    C++
    #include <versionhelpers.h>
    to:
    C++
    #include "versionhelpers.h"
  • Click on error "Cannot open include file 'combaseapi.h': No such file or directory" and change the code location from:
    C++
    #include <combaseapi.h>
    to:
    C++
    //#include <combaseapi.h>
  • Menu > Build > Rebuild Solution > Menu > View > Error List
  • Click on warning "formal parameter 2 different from declaration" right click on the function IsUserInGroup > Go To Declaration > change code location from:
    C++
    static BOOL IsUserInGroup(PSID sid, PTOKEN_GROUPS token_groups, const WCHAR *group_name);
    to:
    C++
    static BOOL IsUserInGroup(PSID sid, const PTOKEN_GROUPS token_groups, 
    const WCHAR *group_name);
  • Click on warning "'CompareStringOrdinal' undefined; assuming extern returning int" and change the code location from:
    C++
    int cmp = CompareStringOrdinal(nameval1, (int)len1, nameval2, (int)len2, ignore_case);
    to:
    C++
    //int cmp = CompareStringOrdinal(nameval1, (int)len1, nameval2, (int)len2, ignore_case);
    int cmp = wcsncmp(nameval1, nameval2, (len1 > len2 ? len2 : len1));
  • Click on warning "'=': conversion from 'DWORD' to 'LANGID', possible loss of data" and change code location from:
    C++
    gui_language = ( value != 0 ? value : GetUserDefaultUILanguage() );
    to:
    C++
    gui_language = (LANGID)( value != 0 ? value : GetUserDefaultUILanguage() );
  • Click on warning "formal parameter 2 different from declaration" and change code location from:
    C++
    LoadLocalizedStringBuf(PTSTR buffer, int bufferSize, const UINT stringId, ...)
    to:
    C++
    LoadLocalizedStringBuf(PTSTR buffer, const int bufferSize, const UINT stringId, ...)
  • Click on warning "'function': conversion from 'DWORD' to 'u_short', possible loss of data and change code location from:
    C++
    c->manage.skaddr.sin_port = htons(o.mgmt_port_offset + config);
    to:
    C++
    c->manage.skaddr.sin_port = htons((u_short)o.mgmt_port_offset + config);
  • Click on warning "'RegGetValueW' undefined; assuming extern returning int" and change code location from:
    C++
    if (RegGetValueW (regkey, NULL, L"version", RRF_RT_REG_BINARY, NULL, v, &len)
    to:
    C++
    //if (RegGetValueW (regkey, NULL, L"version", RRF_RT_REG_BINARY, NULL, v, &len)
    if (RegQueryValueEx(regkey, L"version", NULL, NULL, (LPBYTE)v, &len)
  • Click on warning "'RegCopyTree' undefined; assuming extern returning int" and change code location from:
    C++
    status = RegCopyTree (regkey_nilings, NULL, regkey_proxy);
    to:
    C++
    //status = RegCopyTree (regkey_nilings, NULL, regkey_proxy);
    status = SHCopyKey(regkey_nilings, NULL, regkey_proxy, 0);
  • Click on warning "'RegDeleteTree' undefined; assuming extern returning int" and change code location from:
    C++
    RegDeleteTree (HKEY_CURRENT_USER, GUI_REGKEY_HKCU); /* delete all values and subkeys */
    to:
    C++
    //RegDeleteTree (HKEY_CURRENT_USER, GUI_REGKEY_HKCU); /* delete all values and subkeys */
    SHDeleteKey(HKEY_CURRENT_USER, GUI_REGKEY_HKCU); /* delete all values and subkeys */
  • Go to the start of the C source file registry.c and place the following include after <shlobj.h>:
    C++
    #include <shlwapi.h>
  • Menu > Build > Rebuild Solution > Menu > View > Error List
  • Click on error "'TTI_ERROR_LARGE': undeclared identifier" and change the code location from:
    C++
    bt.ttiIcon = TTI_ERROR_LARGE;
    to:
    C++
    #define TTI_ERROR_LARGE 6
    bt.ttiIcon = TTI_ERROR_LARGE;
  • Click on error "'IID_IFileOpenDialog': undeclared identifier", comment out the complete function "BrowseFolder" and add the following replacement functions:
    C++
    INT CALLBACK BrowseCallbackProc(HWND hwnd, UINT uMsg, LPARAM lp, LPARAM pData)
    {
        if (uMsg == BFFM_INITIALIZED) SendMessage(hwnd, BFFM_SETSELECTION, TRUE, pData);
        return 0;
    }
    
    static BOOL BrowseFolder(const WCHAR * initial_path, 
                             WCHAR * selected_path, size_t selected_path_size)
    {
        HRESULT initResult = CoInitializeEx(NULL, COINIT_APARTMENTTHREADED);
        if (FAILED(initResult))
        {
            return false;
        }
    
        BROWSEINFO br;
        ZeroMemory(&br, sizeof(BROWSEINFO));
        br.lpfn = BrowseCallbackProc;
        br.ulFlags = BIF_RETURNONLYFSDIRS | BIF_NEWDIALOGSTYLE;
        br.hwndOwner = NULL;
        br.lParam = (LPARAM)initial_path;
    
        LPITEMIDLIST pidl = NULL;
        if ((pidl = SHBrowseForFolder(&br)) != NULL)
        {
            wchar_t path[MAX_PATH];
            if (SHGetPathFromIDList(pidl, path))
            {
                wcsncpy(selected_path, path, wcslen(path));
            }
        }
    
        CoUninitialize();
    
        return true;
    }
  • Menu > Build > Rebuild Solution > Menu > View > Error List
  • Click on error "cannot open include file '../openvpn-gui-res.h'." and change the code location from:
    C++
    #include "../openvpn-gui-res.h"
    to:
    C++
    #include "openvpn-gui-res.h"
  • Click on warning "'function': conversion from 'time_t' to 'unsigned int', possible loss of data" and change the code location from:
    C++
    srand(time(NULL));
    to:
    C++
    srand((unsigned int)time(NULL));
  • Click on warning "'initializing': conversion from 'unsigned __int64' to 'double', possible loss of data" and change the code location from:
    C++
    double x = c;
    to:
    C++
    double x = (double)c;
  • Click on warning "'function': conversion from 'time_t' to 'unsigned int', possible loss of data" and change the code location from:
    C++
    srand(time(NULL));
    to:
    C++
    srand((unsigned int)time(NULL));
  • Click on warning "'function': different 'const' qualifiers" and change the code location from:
    C++
    void *tmp = realloc(options->auto_connect, sizeof(wchar_t *)*options->max_auto_connect);
    to:
    C++
    void *tmp = realloc((void*)options->auto_connect, 
                sizeof(wchar_t *)*options->max_auto_connect);
  • To solve the warning "Support for targeting Windows XP is deprecated and will not be present in future releases of Visual Studio.", do the following steps:
    Menu > View > Property Manager > right click "openvpn-gui" > Add New Project Property Sheet... > Add > expand "openvpn-gui" > expand "Debug | Win32" > right click on PropertySheet > Properties > Common Properties > User Macros > button "Add Macro":
    Name: XPDeprecationWarning
    Value: false
    > 2 x OK
    This property sheets gets added to every build configuration automatically.
  • Choose Menu > Build > Configuration Manager... > Active solution configuration: Release > Active solution platform: x86 > Close
  • In Solution Explorer, select openvpn-gui > Menu > Project > Properties > choose Configuration: Active(Release) > Platform: Active(Win32) and change the following values:
    Configuration Properties > C/C++ > Optimization
    • Optimization: Maximum Optimization (Favor Size) (/O1)
    • Enable Intrinsic Functions: No
    • Favor Size Or Speed: Favor small code (/Os)
    Linker > Debugging
    • Generate Debug Info: No
    > OK
  • choose Menu > Build > Rebuild Solution

We can now compile the debug and release configuration for Windows XP without any errors or warnings.
The final source code package is located at "OpenVPN-GUI_v11.26\openvpn-gui_v11.26_20220123_for_XP.7z".

11. Build TAP-Driver v9.9.2

We have to rebuild the TAP-Driver for Windows XP, because the original driver of OpenVPN v2.3.18 does only support a speed of 10 MBit/s. This limits our connection dramatically. Therefore, we implemented a patch to support 1 GBit/s, although the theoretical VPN limit would be around 250 to 300 MBit/s.

  • Operating System: Windows XP SP3 or Windows Server 2003 R2 SP2
  • Compiler Suite: Windows Driver Development Kit v7.1.0 (7600.16385.1)
  • Install "NSIS-Installer\nsis-2.50-setup.exe"
  • Unpack "TAP-Driver_v9.9.2\tap-windows-master_for_XP.7z" to "C:\tap"
  • Open file "C:\tap\src\tapdrvr.c" and change code line 1142 from:
    C++
    l_Query.m_Long = 100000; // rate / 100 bps
    to:
    C++
    l_Query.m_Long = 10000000; // rate / 100 bps
  • To build the release driver, open an administrative command prompt and type the following commands:
    BAT
    REM change current directory to TAP-Driver source code directory
    cd C:\tap
    
    REM configure TAP-Driver
    configure.bat
    
    REM build TAP-Driver
    build.bat
  • The resulting NSIS-Installer package is located at "C:\tap\tap-windows-9.9.2.exe".

The final source code package is located at "TAP-Driver_v9.9.2\tap_v9.9.2_20220123_for_XP.7z".

12. Build NSIS-Installer

  • Operating System: Windows XP SP3 or Windows Server 2003 R2 SP2
  • Install "NSIS-Installer\nsis-2.50-setup.exe"
  • Create the directory "C:\nsis"
  • Unpack "NSIS-Installer\OpenVPN-v2.3.18_last_version_for_XP.exe" to "C:\nsis\OpenVPN-v2.3.18"
  • Unpack "NSIS-Installer\openvpn-build-release-2.3.7z" to "C:\nsis\openvpn-build-release-2.3"
  • Copy "C:\nsis\openvpn-build-release-2.3\windows-nsis\install-whirl.bmp" to "C:\nsis"
  • Copy "C:\nsis\openvpn-build-release-2.3\windows-nsis\nsProcess.dll" to "C:\nsis"
  • Copy "C:\nsis\openvpn-build-release-2.3\windows-nsis\nsProcess.nsh" to "C:\nsis"
  • Copy "NSIS-Installer\VC-Redistributable_v14.27.29114.0_x86.exe" to "C:\nsis"
  • Delete the directory "C:\nsis\OpenVPN-v2.3.18\$PLUGINSDIR"
  • Delete the file "C:\nsis\OpenVPN-v2.3.18\$TEMP\tap-windows.exe"
  • Delete all files and directories in the folder "C:\nsis\OpenVPN-v2.3.18\bin" except "openvpnserv.exe"
  • Unpack "OpenSSL_v1.1.1m\openssl-v1.1.1m-shared.7z" to "C:\OpenSSL_v1.1.1m"
  • Copy "C:\OpenSSL_v1.1.1m\bin\libcrypto-1_1.dll" to "C:\nsis\OpenVPN-v2.3.18\bin"
  • Copy "C:\OpenSSL_v1.1.1m\bin\libssl-1_1.dll" to "C:\nsis\OpenVPN-v2.3.18\bin"
  • Copy "C:\OpenSSL_v1.1.1m\bin\openssl.exe" to "C:\nsis\OpenVPN-v2.3.18\bin"
  • Unpack "PKCS11-Helper_v1.28.0\pkcs11-helper-1.28.0-shared-DLL.7z" to "C:\pkcs11-helper-1.28.0"
  • Copy "C:\pkcs11-helper-1.28.0\lib\libpkcs11-helper-1.dll" to "C:\nsis\OpenVPN-v2.3.18\bin"
  • Unpack "LZO_v2.10\lzo-2.10-shared-DLL.7z" to "C:\lzo-2.10"
  • Copy "C:\lzo-2.10\lzo2.dll" to "C:\nsis\OpenVPN-v2.3.18\bin"
  • Unpack "OpenVPN_v2.5.4\openvpn_v2.5.4_20220123_for_XP.7z" to "C:\openvpn_v2.5.4_20220123_for_XP"
  • Copy "C:\openvpn_v2.5.4_20220123_for_XP\bin\openvpn.exe" to "C:\nsis\OpenVPN-v2.3.18\bin"
  • Unpack "OpenVPN-GUI_v11.26\openvpn-gui_v11.26_20220123_for_XP.7z" to "C:\openvpn-gui_v11.26_20220123_for_XP"
  • Copy "C:\openvpn-gui_v11.26_20220123_for_XP\bin\openvpn-gui.exe" to "C:\nsis\OpenVPN-v2.3.18\bin"
  • Copy "C:\tap\tap-windows-9.9.2.exe" to "C:\nsis\OpenVPN-v2.3.18\$TEMP\tap-windows.exe"
  • Delete the directory "C:\nsis\openvpn-build-release-2.3"
  • Copy "NSIS-Installer\openvpn.nsi" to "C:\nsis\openvpn.nsi"
  • Start > Programs > NSIS > Compile NSI scripts
  • Menu > File > Load Script... > choose file "C:\nsis\openvpn.nsi" > Open > the NSI script is compiled automatically, we should not see any errors at the end of compilation > Close > close NSIS compiler window

The newly created OpenVPN installer is located at "C:\nsis\OpenVPN-v2.5.4.exe". The final source code package is located at "NSIS-Installer\NSIS_Installer_Package_20220123_for_XP.7z".

13. OpenVPN Configuration File Changes for Windows XP

We should change the following three parameters in the OpenVPN configuration file for Windows XP:

  • block-outside-dns
  • route-ipv6 ::/0
  • auth-nocache

The parameter "block-outside-dns" is used to block DNS traffic and remove a potential DNS leak. If this parameter is commented out in your VPN configuration file, you should enable it.

To completely disable IPv6 routing, we should comment out the parameter "route-ipv6 ::/0". Otherwise,
we see the following error message:

BAT
ERROR: Windows route add ipv6 command failed: returned error code 1

We also should enable the additional parameter "auth-nocache". This disables password caching in memory. Without this parameter, we see the following error message in the log:

BAT
WARNING: this configuration may cache passwords in memory 
-- use the auth-nocache option to prevent this

A correct example configuration file section will look like follows:

BAT
block-outside-dns
#route-ipv6 ::/0
auth-nocache

14. Test if OpenVPN is Working Correctly

To test the correct working of OpenVPN, we can use the following three internet sites:

  • https://hide.me/en/check
    Checks the IP address and the provider that uses this address. This should display only servers of your VPN network.

    Image 3

  • https://www.dnsleaktest.com
    Checks for DNS leaks. DNS leaks can show the internet browsing history if the traffic is not routed correctly.

    Image 4

  • https://ipleak.net
    Checks for DNS leaks and WebRTC leaks.

    Image 5

To disable a potential WebRTC leak in your browser, do the following steps based on your browser:

  • Mozilla Firefox: Type "about:config" in the address bar, scroll down to "media.peerconnection.enabled", double click to set it to false
  • Google Chrome: Install Google official extension WebRTC Network Limiter
  • Opera: Type "about:config" in the address bar or go to "Settings", select "Show advanced settings" and click on "Privacy & security". At "WebRTC", mark select "Disable non-proxied UDP".

15. OpenVPN v2.5.4 Windows XP SP3 Bug

OpenVPN v2.5.4 contains a severe bug on Windows XP SP3. If we try to connect to the VPN server, we see the following buffer size error in the log file:

BAT
2022-01-09 14:24:02 open_tun
2022-01-09 14:24:02 MANAGEMENT: Client disconnected
2022-01-09 14:24:02 fatal buffer size error, size=2089877947
2022-01-09 14:24:02 Exiting due to fatal error

The buffer size of 2089877947 can change randomly. This error is caused by the source code file "tun.c" and the function "get_device_instance_id_interface". The call to CM_Get_Device_Interface_List_Size returns CR_SUCCESS and a random interface list size, which is invalid and based on the value of the variable dev_interface_list_size on function entry. That is the reason why the following call to alloc_buf_gc fails, because the specified buffer size is too big. To solve this problem, we have to simply change code line 3672 from:

C++
ULONG dev_interface_list_size;

to:

C++
ULONG dev_interface_list_size = 0;

This initializes the device interface list size with zero and the returned list size is 1 on Windows XP SP3 for an empty list. The error does not occur on Windows Server 2003 R2 SP2, where a valid list size is returned without any problems.

16. Version and Download Link

The complete OpenVPN package with all necessary files can be downloaded from Sourceforge, because we have not managed to upload the 450 MB of data to CodeProject.

Thanks for your attention and interest in this topic.
Greets Kai Schtrom

History

  • 23rd January, 2022: Version 1.0

License

This article, along with any associated source code and files, is licensed under The GNU General Public License (GPLv3)