How do I programmatically disconnect an OpenVPN connection?

Question

I am creating a WinForms application to start and stop an OpenVPN connection on Windows. I am trying to achieve the same functionality as OpenVPN GUI for Windows (http://openvpn.se/) provides but using my own .NET based UI.

I am starting the connection using the following approach:

Process openVpnProcess = new Process();
openVpnProcess.StartInfo.CreateNoWindow = true;
openVpnProcess.EnableRaisingEvents = true;
openVpnProcess.StartInfo.Arguments = "--config client.ovpn";
openVpnProcess.StartInfo.FileName = "openvpn.exe";
openVpnProcess.StartInfo.WorkingDirectory = @"C:\Program Files\OpenVPN\config";
openVpnProcess.Start();

This invokes openvpn.exe and the connection is established successfully.

I am however unable to determine a way to terminate the connection once it is established. I have tried using Process.Kill()

foreach (var p in Process.GetProcessesByName("openvpn"))
{
    p.Kill();
}

This kills the process, but does not restore the initial routing state. Effectively, I cannot access the network until I manually disable/enable my LAN card.

Output of 'openvpn --show-net' before the VPN connection is established:

SYSTEM ROUTING TABLE
0.0.0.0 0.0.0.0 10.31.0.254 p=0 i=1376258 t=4 pr=3 a=21 h=0 m=1/-1/-1/-1/-1
10.31.0.0 255.255.240.0 10.31.10.235 p=0 i=1376258 t=3 pr=2 a=26 h=0 m=20/-1/-1/-1/-1
10.31.10.235 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=2 a=26 h=0 m=20/-1/-1/-1/-1
10.255.255.255 255.255.255.255 10.31.10.235 p=0 i=1376258 t=3 pr=2 a=26 h=0 m=20/-1/-1/-1/-1
127.0.0.0 255.0.0.0 127.0.0.1 p=0 i=1 t=3 pr=2 a=116753 h=0 m=1/-1/-1/-1/-1
224.0.0.0 240.0.0.0 10.31.10.235 p=0 i=1376258 t=3 pr=2 a=26 h=0 m=20/-1/-1/-1/-1
255.255.255.255 255.255.255.255 10.31.10.235 p=0 i=1376258 t=3 pr=2 a=26 h=0 m=1/-1/-1/-1/-1
255.255.255.255 255.255.255.255 10.31.10.235 p=0 i=1441796 t=3 pr=2 a=4 h=0 m=1/-1/-1/-1/-1
SYSTEM ADAPTER LIST
TAP-Win32 Adapter V8
  Index = 1441796
  GUID = {013AB57F-DFE6-4FD9-B25E-9589E77DA4EB}
  IP = 0.0.0.0/0.0.0.0
  MAC = 00:ff:01:3a:b5:7f
  GATEWAY =
  DHCP SERV = 172.16.0.0
  DHCP LEASE OBTAINED = Tue Jul 07 16:35:20 2009
  DHCP LEASE EXPIRES  = Wed Jul 07 16:35:20 2010
D-Link DFE-538TX 10/100 Adapter
  Index = 1376258
  GUID = {FB6051A1-E970-4F46-BB85-F442A194BA3D}
  IP = 10.31.10.235/255.255.240.0
  MAC = 00:08:a1:65:70:93
  GATEWAY = 10.31.0.254/0.0.0.0

'openvpn --show-net' after VPN connection is closed using Process.Kill():

SYSTEM ROUTING TABLE
10.31.0.0 255.255.240.0 10.31.10.235 p=0 i=1376258 t=3 pr=2 a=106 h=0 m=20/-1/-1/-1/-1
10.31.10.235 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=2 a=106 h=0 m=20/-1/-1/-1/-1
10.255.255.255 255.255.255.255 10.31.10.235 p=0 i=1376258 t=3 pr=2 a=106 h=0 m=20/-1/-1/-1/-1
127.0.0.0 255.0.0.0 127.0.0.1 p=0 i=1 t=3 pr=2 a=116833 h=0 m=1/-1/-1/-1/-1
208.94.64.10 255.255.255.255 10.31.0.254 p=0 i=1376258 t=4 pr=3 a=21 h=0 m=1/-1/-1/-1/-1
224.0.0.0 240.0.0.0 10.31.10.235 p=0 i=1376258 t=3 pr=2 a=106 h=0 m=20/-1/-1/-1/-1
255.255.255.255 255.255.255.255 10.31.10.235 p=0 i=1376258 t=3 pr=2 a=106 h=0 m=1/-1/-1/-1/-1
255.255.255.255 255.255.255.255 10.31.10.235 p=0 i=1441796 t=3 pr=2 a=84 h=0 m=1/-1/-1/-1/-1
SYSTEM ADAPTER LIST
TAP-Win32 Adapter V8
  Index = 1441796
  GUID = {013AB57F-DFE6-4FD9-B25E-9589E77DA4EB}
  IP = 0.0.0.0/0.0.0.0
  MAC = 00:ff:01:3a:b5:7f
  GATEWAY =
  DHCP SERV = 172.16.0.0
  DHCP LEASE OBTAINED = Tue Jul 07 17:02:30 2009
  DHCP LEASE EXPIRES  = Wed Jul 07 17:02:30 2010
D-Link DFE-538TX 10/100 Adapter
  Index = 1376258
  GUID = {FB6051A1-E970-4F46-BB85-F442A194BA3D}
  IP = 10.31.10.235/255.255.240.0
  MAC = 00:08:a1:65:70:93
  GATEWAY =

I also tried sending the process WM_CLOSE / WM_QUIT / WM_ENDMESSAGE messages but these did not produce any result.

const int WM_CLOSE = 0x10;
const int WM_QUIT = 0x12;
const int WM_ENDSESSION = 0x0016;

[DllImport("user32.dll")]
public static extern int SendMessage(int hwnd, int msg, int wparam, int lparam);

foreach (var p in Process.GetProcessesByName("openvpn"))
{
    SendMessage(p.Handle.ToInt32(), WM_CLOSE, 0, 0);
    SendMessage(p.Handle.ToInt32(), WM_QUIT, 0, 0);
    SendMessage(p.Handle.ToInt32(), WM_ENDSESSION, 0, 0);
}

---

Further info on the appropriate solution: See instructions in section titled Using the management interface in Controlling a running OpenVPN process.

More info on using Telnet from C#.

Answer 1

I haven't tried this on Windows but you can use the OpenVPN Management interface to send a SIGTERM signal with the signal command. You'll need to include the management interface configuration entries in your configuration file of course.

More information in the OpenVPN man page

You may want to look at the way OpenVPN-admin is doing things. It's working under Windows and Linux and developed with Mono.

Answer 2

You're sending messages to the process handle - these, however, are window messages, that's why they must be sent to a window handle.

EDIT
As you got the process already, you might try the following:

foreach (var p in Process.GetProcessesByName("openvpn"))
{
    p.CloseMainWindow();
}

or

[DllImport("user32.dll")]
public static extern int SendMessage(IntPtr hwnd, int msg, int wparam, int lparam);

foreach (var p in Process.GetProcessesByName("openvpn"))
{
    IntPtr hWnd = p.MainWindowHandle;
    // Send message to hWnd (mind SendMessage's changed signature)
}