[Vpn-help] Development Update ...

[Matthew Grooms]

All,

It probably seems as if development has slowed to a snails pace if you 
go by the 2.1.5 release activity. However, I assure you that this is not 
the case. Our primary focus shifted to stabilizing all kernel drivers 
used by the VPN Client. Here is a brief synopsis of where we are at ...

Both the NDIS5 and NDIS6 filter drivers now pass Microsoft tests and are 
more or less ready to be submitted for logo certification. However, we 
hit a stumbling block with the virtual adapter drivers. Our adapters are 
very simple. They don't actually transmit or receive data like a normal 
NDIS miniport driver. They just act as a dummy target for the Windows IP 
stack. As a result, there are no pre-defined Microsoft certifications 
for such a driver. I spent around 150 hours over the last two weeks to 
convert our miniport drivers into the equivalent of a *nix tap adapter. 
With this additional functionality, we should be able to run standard 
tests against the drivers to obtain Microsoft logo certification. With 
any luck, our contract developer won't find any major problems with the 
newly modified drivers and we will be back on track.

There are still a few lingering problems with the user mode components 
of the code. The multiple address issue is still present. I have a test 
case for this that I will be looking at soon. There is also a limitation 
in how we handle SA negotiation with Cisco platforms. The Cisco client 
only negotiates a single SA destined to 0.0.0.0/0 and routes specific 
networks across the tunnel when required. The Shrew Soft VPN client 
creates individual SAs for each remote network. This appears to work 
well with some Cisco devices but not with others. There are a few other 
lingering problems that need to be sorted, but these have been placed on 
the back burner until the kernel drivers have been completely updated. I 
appreciate everyones patience in this regard.

As far as our current release plans, now that I'm not stuck in a kernel 
debugger we should post a final 2.1.5 in the next week or two. It won't 
contain the new kernel driver versions. We will follow up with a quick 
2.1.6 release that will contain the new drivers once they are certified. 
This will be a big step forward for the Shrew Soft VPN software and all 
its users. After that, we will be able to refocus on the remaining user 
mode issues and to move forward with preparing the 2.2.0 branch for a 
release.

I also wanted to say thank you to everyone who made a donation over the 
last few months. We decided to move forward with the contract driver 
development work even though we came nowhere near our target donation 
goal of $7500. Hopefully we will see a healthy increase in donations to 
help offset these costs in the future. In any case, thanks again to 
everyone who contributed!

-Matthew