Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: 1338785107-592-1-git-send-email-alon.barlev@gmail.com
URL: http://article.gmane.org/gmane.network.openvpn.devel/6676
Signed-off-by: David Sommerseth <davids@redhat.com>
... | ... |
@@ -60,28 +60,30 @@ OPTIONAL (but recommended): |
60 | 60 |
(2) LZO real-time compression library, required for link compression, |
61 | 61 |
available from http://www.oberhumer.com/opensource/lzo/ |
62 | 62 |
OpenBSD users can use ports or packages to install lzo, but remember |
63 |
- to add "--with-lzo-headers" and "--with-lzo-lib" directives to |
|
64 |
- "configure", pointing to /usr/local/include and /usr/local/lib |
|
65 |
- respectively since gcc will not find them otherwise. |
|
63 |
+ to add CFLAGS="-I/usr/local/include" LDFLAGS="-L/usr/local/lib" |
|
64 |
+ directives to "configure", since gcc will not find them otherwise. |
|
66 | 65 |
(3) Pthread library. |
67 | 66 |
|
68 | 67 |
OPTIONAL (for developers only): |
69 |
- (1) Autoconf 2.50 or higher + Automake 1.5 or higher |
|
68 |
+ (1) Autoconf 2.59 or higher + Automake 1.9 or higher |
|
70 | 69 |
-- available from http://www.gnu.org/software/software.html |
71 | 70 |
(2) Dmalloc library |
72 | 71 |
-- available from http://dmalloc.com/ |
73 | 72 |
|
74 | 73 |
************************************************************************* |
75 | 74 |
|
76 |
-CHECK OUT SOURCE FROM SUBVERSION REPOSITORY: |
|
75 |
+CHECK OUT SOURCE FROM SOURCE REPOSITORY: |
|
76 |
+ |
|
77 |
+ git clone https://github.com/OpenVPN/openvpn |
|
77 | 78 |
|
78 | 79 |
Check out stable version: |
79 | 80 |
|
80 |
- svn checkout http://svn.openvpn.net/projects/openvpn/trunk/openvpn openvpn |
|
81 |
+ git checkout -b 2.2 remotes/origin/release/2.2 |
|
82 |
+ |
|
83 |
+ Check out master (unstable) branch: |
|
81 | 84 |
|
82 |
- Check out beta21 branch: |
|
85 |
+ git checkout master |
|
83 | 86 |
|
84 |
- svn checkout http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn openvpn |
|
85 | 87 |
|
86 | 88 |
************************************************************************* |
87 | 89 |
|
... | ... |
@@ -93,18 +95,18 @@ BUILD COMMANDS FROM TARBALL: |
93 | 93 |
|
94 | 94 |
************************************************************************* |
95 | 95 |
|
96 |
-BUILD COMMANDS FROM SUBVERSION REPOSITORY CHECKOUT: |
|
96 |
+BUILD COMMANDS FROM SOURCE REPOSITORY CHECKOUT: |
|
97 | 97 |
|
98 |
- autoreconf -i -v |
|
98 |
+ autoreconf -i -v -f |
|
99 | 99 |
./configure |
100 | 100 |
make |
101 | 101 |
make install |
102 | 102 |
|
103 | 103 |
************************************************************************* |
104 | 104 |
|
105 |
-BUILD A TARBALL FROM SUBVERSION REPOSITORY CHECKOUT: |
|
105 |
+BUILD A TARBALL FROM SOURCE REPOSITORY CHECKOUT: |
|
106 | 106 |
|
107 |
- autoreconf -i -v |
|
107 |
+ autoreconf -i -v -f |
|
108 | 108 |
./configure |
109 | 109 |
make dist |
110 | 110 |
|
... | ... |
@@ -121,36 +123,85 @@ Test Crypto: |
121 | 121 |
|
122 | 122 |
Test SSL/TLS negotiations (runs for 2 minutes): |
123 | 123 |
|
124 |
-./openvpn --config sample-config-files/loopback-client (In one window) |
|
125 |
-./openvpn --config sample-config-files/loopback-server (Simultaneously in another window) |
|
124 |
+./openvpn --config sample/sample-config-files/loopback-client (In one window) |
|
125 |
+./openvpn --config sample/sample-config-files/loopback-server (Simultaneously in another window) |
|
126 | 126 |
|
127 | 127 |
************************************************************************* |
128 | 128 |
|
129 | 129 |
OPTIONS for ./configure: |
130 | 130 |
|
131 |
- --enable-pthread Compile pthread support for |
|
132 |
- improved latency during SSL/TLS key |
|
133 |
- negotiations (Linux or Solaris only) |
|
134 |
- |
|
135 |
- --disable-lzo Do not compile LZO compression support |
|
136 |
- --disable-crypto Do not compile OpenSSL crypto support |
|
137 |
- --disable-ssl Do not compile OpenSSL SSL support for |
|
138 |
- TLS-based key exchange |
|
139 |
- |
|
140 |
- --with-ssl-headers=DIR Crypto/SSL Include files location |
|
141 |
- --with-ssl-lib=DIR Crypto/SSL Library location |
|
142 |
- --with-lzo-headers=DIR LZO Include files location |
|
143 |
- --with-lzo-lib=DIR LZO Library location |
|
144 |
- |
|
145 |
- --with-ifconfig-path=PATH Path to ifconfig tool (only need to |
|
146 |
- specify if in a non-standard location) |
|
147 |
- |
|
148 |
- --with-leak-check=TYPE Build with memory leak checking |
|
149 |
- TYPE = dmalloc or ssl |
|
150 |
- |
|
151 |
- --enable-strict Enable strict compiler warnings |
|
152 |
- |
|
153 |
- --enable-strict-options Enable strict options check between peers |
|
131 |
+ --disable-lzo disable LZO compression support [default=yes] |
|
132 |
+ --enable-lzo-stub don't compile LZO compression support but still |
|
133 |
+ allow limited interoperability with LZO-enabled |
|
134 |
+ peers [default=no] |
|
135 |
+ --disable-crypto disable crypto support [default=yes] |
|
136 |
+ --disable-ssl disable SSL support for TLS-based key exchange |
|
137 |
+ [default=yes] |
|
138 |
+ --enable-x509-alt-username |
|
139 |
+ enable the --x509-username-field feature |
|
140 |
+ [default=no] |
|
141 |
+ --disable-multi disable client/server support (--mode server + |
|
142 |
+ client mode) [default=yes] |
|
143 |
+ --disable-server disable server support only (but retain client |
|
144 |
+ support) [default=yes] |
|
145 |
+ --disable-plugins disable plug-in support [default=yes] |
|
146 |
+ --disable-eurephia disable support for the eurephia plug-in |
|
147 |
+ [default=yes] |
|
148 |
+ --disable-management disable management server support [default=yes] |
|
149 |
+ --enable-pkcs11 enable pkcs11 support [default=no] |
|
150 |
+ --disable-socks disable Socks support [default=yes] |
|
151 |
+ --disable-http-proxy disable HTTP proxy support [default=yes] |
|
152 |
+ --disable-fragment disable internal fragmentation support (--fragment) |
|
153 |
+ [default=yes] |
|
154 |
+ --disable-multihome disable multi-homed UDP server support (--multihome) |
|
155 |
+ [default=yes] |
|
156 |
+ --disable-port-share disable TCP server port-share support (--port-share) |
|
157 |
+ [default=yes] |
|
158 |
+ --disable-debug disable debugging support (disable gremlin and verb |
|
159 |
+ 7+ messages) [default=yes] |
|
160 |
+ --enable-small enable smaller executable size (disable OCC, usage |
|
161 |
+ message, and verb 4 parm list) [default=yes] |
|
162 |
+ --enable-password-save allow --askpass and --auth-user-pass passwords to be |
|
163 |
+ read from a file [default=yes] |
|
164 |
+ --enable-iproute2 enable support for iproute2 [default=no] |
|
165 |
+ --disable-def-auth disable deferred authentication [default=yes] |
|
166 |
+ --disable-pf disable internal packet filter [default=yes] |
|
167 |
+ --enable-strict enable strict compiler warnings (debugging option) |
|
168 |
+ [default=no] |
|
169 |
+ --enable-pedantic enable pedantic compiler warnings, will not generate |
|
170 |
+ a working executable (debugging option) [default=no] |
|
171 |
+ --enable-strict-options enable strict options check between peers (debugging |
|
172 |
+ option) [default=no] |
|
173 |
+ --enable-selinux enable SELinux support [default=no] |
|
174 |
+ --enable-systemd enable systemd suppport [default=no] |
|
175 |
+ |
|
176 |
+ENVIRONMENT for ./configure: |
|
177 |
+ |
|
178 |
+ IFCONFIG full path to ipconfig utility |
|
179 |
+ ROUTE full path to route utility |
|
180 |
+ IPROUTE full path to ip utility |
|
181 |
+ NETSTAT path to netstat utility |
|
182 |
+ MAN2HTML path to man2html utility |
|
183 |
+ GIT path to git utility |
|
184 |
+ TAP_CFLAGS C compiler flags for tap |
|
185 |
+ OPENSSL_CRYPTO_CFLAGS |
|
186 |
+ C compiler flags for OPENSSL_CRYPTO, overriding pkg-config |
|
187 |
+ OPENSSL_CRYPTO_LIBS |
|
188 |
+ linker flags for OPENSSL_CRYPTO, overriding pkg-config |
|
189 |
+ OPENSSL_SSL_CFLAGS |
|
190 |
+ C compiler flags for OPENSSL_SSL, overriding pkg-config |
|
191 |
+ OPENSSL_SSL_LIBS |
|
192 |
+ linker flags for OPENSSL_SSL, overriding pkg-config |
|
193 |
+ POLARSSL_CFLAGS |
|
194 |
+ C compiler flags for polarssl |
|
195 |
+ POLARSSL_LIBS |
|
196 |
+ linker flags for polarssl |
|
197 |
+ LZO_CFLAGS C compiler flags for lzo |
|
198 |
+ LZO_LIBS linker flags for lzo |
|
199 |
+ PKCS11_HELPER_CFLAGS |
|
200 |
+ C compiler flags for PKCS11_HELPER, overriding pkg-config |
|
201 |
+ PKCS11_HELPER_LIBS |
|
202 |
+ linker flags for PKCS11_HELPER, overriding pkg-config |
|
154 | 203 |
|
155 | 204 |
************************************************************************* |
156 | 205 |
|
... | ... |
@@ -316,28 +367,3 @@ CAVEATS & BUGS: |
316 | 316 |
IV for OFB and CFB modes. This is not an issue if you are |
317 | 317 |
using CBC cipher mode (the default), or if you are using OFB or CFB |
318 | 318 |
cipher mode with SSL/TLS authentication. |
319 |
- |
|
320 |
-****************************************************************************** |
|
321 |
- |
|
322 |
-Subject: [Openvpn-users] Re: Windows XP 64 bit |
|
323 |
-From: Hypherion |
|
324 |
-Date: Thu, 14 Apr 2005 07:01:17 +0000 (UTC) |
|
325 |
- |
|
326 |
-Well I managed to build a Windows XP 64 bit driver myself and it's working |
|
327 |
-great, I can connect to my server again :) |
|
328 |
- |
|
329 |
-I had to use the WinDDK for Windows 2003 Service Pack 1 and just built the |
|
330 |
-driver in the Windows 2003 AMD64 environment. I had to comment out the |
|
331 |
-MAPINFO:FIXUPS directive in the SOURCES file. |
|
332 |
- |
|
333 |
-Then I copied and renamed (devcon.exe/tapinstall.exe) from |
|
334 |
-C:\WINDDK\3790.1830\tools\devcon\amd64. |
|
335 |
- |
|
336 |
-I had to edit the file OemWin2k.inf and change the Manufactured + Product |
|
337 |
-Section to: |
|
338 |
- |
|
339 |
-[Manufacturer] |
|
340 |
- %Provider% = tap0901, NTamd64 |
|
341 |
- |
|
342 |
-[tap0901.NTamd64] |
|
343 |
- %DeviceDescription% = tap0901.ndi, tap0901 |