[Vpn-help] Development Update ...
Matthew Grooms
mgrooms at shrew.net
Sun Nov 29 03:34:33 CST 2009
All,
It probably seems as if development has slowed to a snails pace if you
go by the 2.1.5 release activity. However, I assure you that this is not
the case. Our primary focus shifted to stabilizing all kernel drivers
used by the VPN Client. Here is a brief synopsis of where we are at ...
Both the NDIS5 and NDIS6 filter drivers now pass Microsoft tests and are
more or less ready to be submitted for logo certification. However, we
hit a stumbling block with the virtual adapter drivers. Our adapters are
very simple. They don't actually transmit or receive data like a normal
NDIS miniport driver. They just act as a dummy target for the Windows IP
stack. As a result, there are no pre-defined Microsoft certifications
for such a driver. I spent around 150 hours over the last two weeks to
convert our miniport drivers into the equivalent of a *nix tap adapter.
With this additional functionality, we should be able to run standard
tests against the drivers to obtain Microsoft logo certification. With
any luck, our contract developer won't find any major problems with the
newly modified drivers and we will be back on track.
There are still a few lingering problems with the user mode components
of the code. The multiple address issue is still present. I have a test
case for this that I will be looking at soon. There is also a limitation
in how we handle SA negotiation with Cisco platforms. The Cisco client
only negotiates a single SA destined to 0.0.0.0/0 and routes specific
networks across the tunnel when required. The Shrew Soft VPN client
creates individual SAs for each remote network. This appears to work
well with some Cisco devices but not with others. There are a few other
lingering problems that need to be sorted, but these have been placed on
the back burner until the kernel drivers have been completely updated. I
appreciate everyones patience in this regard.
As far as our current release plans, now that I'm not stuck in a kernel
debugger we should post a final 2.1.5 in the next week or two. It won't
contain the new kernel driver versions. We will follow up with a quick
2.1.6 release that will contain the new drivers once they are certified.
This will be a big step forward for the Shrew Soft VPN software and all
its users. After that, we will be able to refocus on the remaining user
mode issues and to move forward with preparing the 2.2.0 branch for a
release.
I also wanted to say thank you to everyone who made a donation over the
last few months. We decided to move forward with the contract driver
development work even though we came nowhere near our target donation
goal of $7500. Hopefully we will see a healthy increase in donations to
help offset these costs in the future. In any case, thanks again to
everyone who contributed!
-Matthew
More information about the vpn-help
mailing list