[GSoC 2023] VPN Support Project | Haiku Project | Haiku Project

Hello everyone! My name is Sean Brady, and I am currently in my Sophomore year at Oregon State University studying Computer Science. In early January of this year, I decided to become a contributor for a Google Summer of Code (GSoC) project focused on operating systems where I researched Haiku and its projects which interested me and the VPN Support Project in particular. From what I can tell, interest in bringing a VPN to Haiku has been in the works since the BeOS days and more recently the tun.cpp file about 4 years ago.

This is a companion discussion topic for the original entry at https://www.haiku-os.org/blog/pairisto/2023-05-08_gsoc_2023_vpn_support_project__haiku_project/

Wishing you all the best with GSoC Sean! :ok_hand:


Fantastic! Looking forward to this.

1 Like

It would be fantastic to have OpenVPN on Haiku


Wouldn’t Wireguard be easier to port first before OpenVPN, due to being smaller? I do use OpenVPN more FWIW, but Wireguard is also being used more over time.


IIRC Haiku needs several things in the kernel before we can get either working. That being said, I feel like OpenVPN is relatively portable since it runs on about any Unix-like, and I’m sure with our POSIX layer we’ll get similar results.

1 Like

Wireguard is written in Go (at least parts of it) so we would need a working Go port first. That’s why OpenVPN was selected as the first goal.


Oh thanks, it makes sense now.

Great project. VPNs are very important these days.

Wireguard works in kernel mode, this is a problem for future maintenance and additions, OpenVPN works in user mode, it is easier to maintain and has a wider support base!


Mixing C with GO can cause problems in the code, same goes for Rust:

1 Like

but apart from the tun we need tap interface also, is the student going to support it too?

I agree with the general sentiment but , there is also the implementation from FreeBSD which as I understand it has seen some security review (they completely axed the first version due to this) as well as not being written in Go. There is also commercial support behind that implementation so I’d expect it to continue being developed and could get updates similar to imported wifi drivers on Haiku.

wireguard-freebsd - WireGuard implementation for the FreeBSD kernel Appears to be quite small and C only.
GitHub - WireGuard/wireguard-tools: Mirror only. Official repository is at https://git.zx2c4.com/wireguard-tools is also quite small an C only.

Just linking these for reference and in case some interest gets piqued… OpenVPN support would already be awesome.

Another good one to have eventually would be StrongSwan which implements IPSEC VPN.


How about OpenVPN-NL? Many insecure and less secure OpenVPN options stripped, hardened, otherwise unchanged. Uses mbed TLS instead of OpenSSL.


1 Like

openvpn is pretty straight forward on getting to build and packaged, took the liberty to check it out and already pushed a branch for that to my github account, you could take a look there if you are interested.
Not sure if underlying patches are needed, but looked ok so far launching the binary (no crashes). :slight_smile: