From 75debc78584681071685e17ae4c596662eeae3af Mon Sep 17 00:00:00 2001 From: "Kali Kaneko (leap communications)" Date: Tue, 16 May 2017 22:24:09 +0200 Subject: [pkg] update openvpn build script --- Makefile | 1 + pkg/thirdparty/openvpn/README | 6 - pkg/thirdparty/openvpn/Sources | 4 - pkg/thirdparty/openvpn/build.mk | 12 ++ pkg/thirdparty/openvpn/build.zsh.old | 191 -------------------------------- pkg/thirdparty/openvpn/build_openvpn.sh | 148 +++++++++++++++++++++++++ pkg/thirdparty/openvpn/openvpn.sh | 123 -------------------- 7 files changed, 161 insertions(+), 324 deletions(-) delete mode 100644 pkg/thirdparty/openvpn/README delete mode 100644 pkg/thirdparty/openvpn/Sources create mode 100644 pkg/thirdparty/openvpn/build.mk delete mode 100755 pkg/thirdparty/openvpn/build.zsh.old create mode 100755 pkg/thirdparty/openvpn/build_openvpn.sh delete mode 100755 pkg/thirdparty/openvpn/openvpn.sh diff --git a/Makefile b/Makefile index 80ef8654..001788f8 100644 --- a/Makefile +++ b/Makefile @@ -2,6 +2,7 @@ DIST=dist/bitmask NEXT_VERSION = $(shell cat pkg/next-version) DIST_VERSION = dist/bitmask-$(NEXT_VERSION)/ include pkg/pyinst/build.mk +include pkg/thirdparty/openvpn/build.mk clean: find . -type f -name "*.py[co]" -delete diff --git a/pkg/thirdparty/openvpn/README b/pkg/thirdparty/openvpn/README deleted file mode 100644 index bf2205c2..00000000 --- a/pkg/thirdparty/openvpn/README +++ /dev/null @@ -1,6 +0,0 @@ -OpenVPN binary, build scripts -Works using a GCC minGW32 cross-compiler on Debian/Ubuntu -Produces a working MS Windows executable -openvpn.exe: PE32 executable (DLL) (console) Intel 80386, for MS Windows -goes smooth for the 99%, might still need some slapping the flags around now and then - -jrml diff --git a/pkg/thirdparty/openvpn/Sources b/pkg/thirdparty/openvpn/Sources deleted file mode 100644 index e2fe7bb3..00000000 --- a/pkg/thirdparty/openvpn/Sources +++ /dev/null @@ -1,4 +0,0 @@ -lzo -2.06 .tar.gz -opensc -0.12.2 .tar.gz -openssl -1.0.1c .tar.gz -polarssl -1.1.4 .tgz diff --git a/pkg/thirdparty/openvpn/build.mk b/pkg/thirdparty/openvpn/build.mk new file mode 100644 index 00000000..dadc0bad --- /dev/null +++ b/pkg/thirdparty/openvpn/build.mk @@ -0,0 +1,12 @@ +build_static_openvpn: + pkg/thirdparty/openvpn/build_openvpn.sh + strip ~/openvpn_build/openvpn/install/sbin/openvpn + +upload_openvpn: + rsync --rsh='ssh' -avztlpog --progress --partial ~/openvpn_build/openvpn/install/sbin/openvpn downloads.leap.se:./public/thirdparty/linux/openvpn/ + +download_openvpn: + wget https://downloads.leap.se/thirdparty/linux/openvpn/openvpn + +clean_openvpn_build: + rm -rf ~/openvpn_build diff --git a/pkg/thirdparty/openvpn/build.zsh.old b/pkg/thirdparty/openvpn/build.zsh.old deleted file mode 100755 index b36717c1..00000000 --- a/pkg/thirdparty/openvpn/build.zsh.old +++ /dev/null @@ -1,191 +0,0 @@ -#!/bin/zsh -# -# Copyright (C) 2012 Denis Roio -# -# This source code is free software; you can redistribute it and/or -# modify it under the terms of the GNU Public License as published by -# the Free Software Foundation; either version 3 of the License, or -# (at your option) any later version. -# -# This source code is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -# Please refer to the GNU Public License for more details. -# -# You should have received a copy of the GNU Public License along with -# this source code; if not, write to: -# Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - - -REPO="http://files.dyne.org/leap/openvpn/sources" -TOPSRC=`pwd` -QUIET=0 -DEBUG=0 - - -autoload colors; colors -# standard output message routines -# it's always useful to wrap them, in case we change behaviour later -notice() { if [[ $QUIET == 0 ]]; then print "$fg_bold[green][*]$fg_no_bold[default] $1" >&2; fi } -error() { if [[ $QUIET == 0 ]]; then print "$fg[red][!]$fg[default] $1" >&2; fi } -func() { if [[ $DEBUG == 1 ]]; then print "$fg[blue][D]$fg[default] $1" >&2; fi } -act() { - if [[ $QUIET == 0 ]]; then - if [ "$1" = "-n" ]; then - print -n "$fg_bold[white] . $fg_no_bold[default] $2" >&2; - else - print "$fg_bold[white] . $fg_no_bold[default] $1" >&2; - fi - fi -} - -{ test "$1" = "clean" } && { - notice "Cleaning up all build in ${TOPSRC}" - for src in `cat Sources | awk ' -/^#/ {next} -/^./ { print $1 }'`; do - { test "$src" != "" } && { rm -rf "${src}" } - done - act "Done." - return 0 -} - -os="`uname -s`" -target="$1" -notice "OpenVPN build on $os for $target in ${TOPSRC}" - -prepare_sources() { - notice "Preparing sources" - # look for a file names "Sources", download and decompress entries - # format of file: name version compression (complete filename when merged) - { test -r Sources } || { - error "Sources not found, nothing to build here" - return 1 - } - for src in `cat Sources | awk ' -/^#/ {next} -/^./ { print $1 ";" $2 ";" $3 }'`; do - name="${src[(ws:;:)1]}" - ver="${src[(ws:;:)2]}" - arch="${src[(ws:;:)3]}" - file="${name}${ver}${arch}" - func "preparing source for ${name}${ver}" - - { test "$1" != "" } && { - test "$1" != "$name" } && { - continue } - - # download the file - { test -r ${file} } || { - act "downloading ${file}" - curl ${REPO}/${file} -o ${file} - } - # decompress the file - { test -r ${name} } || { - act "decompressing ${name}" - case $arch in - ## BARE SOURCE - .tar.gz) tar xfz ${file}; mv ${name}${ver} ${name} ;; - .tar.bz2) tar xfj ${file}; mv ${name}${ver} ${name} ;; - .tgz) tar xfz ${file}; mv ${name}${ver} ${name} ;; - *) error "compression not supported: $arch" - esac - } - act "${name} source ready" - done -} - -act "Downloading sources" - -# git clone latest openvpn -{ test -r openvpn } || { git clone https://github.com/OpenVPN/openvpn.git } - -case "$os" in - Darwin) - prepare_sources lzo - prepare_sources polarssl - ;; - Linux) # Cross-compile for Win32 - prepare_sources lzo - prepare_sources opensc - prepare_sources openssl - # tap windows - { test -r tap-windows } || { git clone https://github.com/OpenVPN/tap-windows.git } - ;; -esac - -notice "Sources ready, now compiling..." -LOG="`pwd`/build.log"; touch ${LOG} -act "logs saved in build.log" - -case "$target" in - osx) - { test -r polarssl/library/libpolarssl.a } || { - act "building PolarSSL..." - pushd polarssl - CC=clang cmake . >> ${LOG} - make -C library clean - cat CMakeCache.txt | awk ' -/^CMAKE_C_COMPILER/ { print "CMAKE_C_COMPILER:FILEPATH=/usr/bin/clang"; next } -/^CMAKE_BUILD_TYPE/ { print $1 "Release"; next } -/^CMAKE_C_FLAGS:STRING/ { print "CMAKE_C_FLAGS:STRING=-arch x86_64 -arch i386"; next } -{ print $0 } -' > CMakeCache.leap - cp CMakeCache.leap CMakeCache.txt - make -C library >> ${LOG} - popd - act "done." - } - - act "building OpenVPN" - pushd openvpn - CC=clang CFLAGS="-arch x86_64 -arch i386" \ - LZO_LIBS="/opt/local/lib/liblzo2.a" LZO_CFLAGS="-I/opt/local/include" \ - POLARSSL_CFLAGS="-I${TOPSRC}/polarssl/include" \ - POLARSSL_LIBS="${TOPSRC}/polarssl/library/libpolarssl.a" \ - ./configure --with-crypto-library=polarssl >> ${LOG} - make src/openvpn/openvpn - popd - act "done." - ;; - - win32) - { test -r lzo/src/liblzo2.la } || { pushd lzo - act "building LZO lib" - ./configure --host=i586-mingw32msvc >> ${LOG} - make >> ${LOG}; popd } - # openssl - { test -r openssl/libssl.a } || { - act "building OpenSSL lib" - pushd openssl - ./Configure --cross-compile-prefix=i586-mingw32msvc- mingw >> ${LOG} - make ${LOG}; popd } - - pushd openvpn - act "building latest OpenVPN" - { test -r configure } || { - sed -i -e 's/-municode//' src/openvpn/Makefile.am - autoreconf -i >> ${LOG} - } - CFLAGS="-I/usr/i586-mingw32msvc/include/ddk -D_WIN32_WINNT=0x0501" \ - LZO_LIBS="${TOPSRC}/lzo/src/liblzo2.la" \ - LZO_CFLAGS="-I${TOPSRC}/lzo/include" \ - TAP_CFLAGS="-I${TOPSRC}/tap-windows/src" \ - OPENSSL_SSL_CFLAGS="-I${TOPSRC}/openssl/include" \ - OPENSSL_CRYPTO_CFLAGS="-I${TOPSRC}/openssl/crypto" \ - OPENSSL_SSL_LIBS="${TOPSRC}/openssl/libssl.a" \ - OPENSSL_CRYPTO_LIBS="${TOPSRC}/openssl/libcrypto.a" \ - ./configure --host=i586-mingw32msvc >> ${LOG} - make >> ${LOG} - popd - - act "If OpenVPN build reports a final error on linkage, it might be due to a libtool bug" - act "(something like undefined reference to _WinMain@16)" - act "You need to go inside openvpn/src/openvpn and issue the last compile line manually" - act "adding an flat '-shared' at the end of it, then do 'cp .libs/openvpn.exe .'" - act "Happy hacking." - ;; - *) - error "Unknown target: $target" - ;; -esac diff --git a/pkg/thirdparty/openvpn/build_openvpn.sh b/pkg/thirdparty/openvpn/build_openvpn.sh new file mode 100755 index 00000000..a9007aa7 --- /dev/null +++ b/pkg/thirdparty/openvpn/build_openvpn.sh @@ -0,0 +1,148 @@ +#!/bin/bash + +############################################################################# +# Builds OpenVPN statically against polarssl. +# Requirements: cmake +############################################################################# + +set -e +set -x + +platform='unknown' +unamestr=`uname` +if [[ "$unamestr" == 'Linux' ]]; then + platform='linux' +elif [[ "$unamestr" == 'Darwin' ]]; then + platform='osx' +fi + +BUILDDIR="openvpn_build" +mkdir -p ~/$BUILDDIR && cd ~/$BUILDDIR + +BASE=`pwd` +SRC=$BASE/src +mkdir -p $SRC + +LZO="lzo-2.10" +ZLIB="zlib-1.2.11" +MBEDTLS="mbedtls-2.4.2" +OPENVPN="openvpn-2.4.1" + +WGET="wget --prefer-family=IPv4" +DEST=$BASE/install +LDFLAGS="-L$DEST/lib -L$DEST/usr/local/lib -W" +CPPFLAGS="-I$DEST/include" +CFLAGS="-D_FORTIFY_SOURCE=2 -O1 -Wformat -Wformat-security -fstack-protector -pie -fPIE" +CXXFLAGS=$CFLAGS +CONFIGURE="./configure --prefix=/install" +MAKE="make -j2" + + +######## #################################################################### +# ZLIB # #################################################################### +######## #################################################################### + +function build_zlib() +{ + mkdir $SRC/zlib && cd $SRC/zlib + + if [ ! -f $ZLIB.tar.gz ]; then + $WGET http://zlib.net/$ZLIB.tar.gz + fi + tar zxvf $ZLIB.tar.gz + cd $ZLIB + + LDFLAGS=$LDFLAGS \ + CPPFLAGS=$CPPFLAGS \ + CFLAGS=$CFLAGS \ + CXXFLAGS=$CXXFLAGS \ + ./configure \ + --prefix=/install + + $MAKE + make install DESTDIR=$BASE +} + +############ ################################################################# +# POLARSSL # ################################################################# +############ ################################################################# + +function build_mbedtls() +{ + mkdir -p $SRC/polarssl && cd $SRC/polarssl + if [ ! -f $MBEDTLS-gpl.tgz ]; then + $WGET https://tls.mbed.org/download/$MBEDTLS-gpl.tgz + fi + tar zxvf $MBEDTLS-gpl.tgz + cd $MBEDTLS + mkdir -p build + cd build + cmake .. + $MAKE + make install DESTDIR=$BASE/install +} + +######## #################################################################### +# LZO2 # #################################################################### +######## #################################################################### + +function build_lzo2() +{ + mkdir $SRC/lzo2 && cd $SRC/lzo2 + if [ ! -f $LZO.tar.gz ]; then + $WGET http://www.oberhumer.com/opensource/lzo/download/$LZO.tar.gz + fi + tar zxvf $LZO.tar.gz + cd $LZO + + LDFLAGS=$LDFLAGS \ + CPPFLAGS=$CPPFLAGS \ + CFLAGS=$CFLAGS \ + CXXFLAGS=$CXXFLAGS \ + $CONFIGURE --enable-static --disable-debug + + $MAKE + make install DESTDIR=$BASE +} + +########### ################################################################# +# OPENVPN # ################################################################# +########### ################################################################# + +function build_openvpn() +{ + mkdir $SRC/openvpn && cd $SRC/openvpn + if [ ! -f $OPENVPN.tar.gz ]; then + $WGET http://swupdate.openvpn.org/community/releases/$OPENVPN.tar.gz + fi + tar zxvf $OPENVPN.tar.gz + cd $OPENVPN + + POLARSSL_CFLAGS=-I$DEST/usr/local/include \ + POLARSSL_LIBS=$DEST/lib/ \ + LDFLAGS=$LDFLAGS \ + CPPFLAGS=$CPPFLAGS \ + CFLAGS=$CFLAGS \ + CXXFLAGS=$CXXFLAGS \ + $CONFIGURE \ + --disable-plugin-auth-pam \ + --enable-password-save \ + --with-crypto-library=mbedtls \ + --enable-small \ + --disable-debug + + $MAKE LIBS="-all-static -lssl -lcrypto -lz -llzo2" + make install DESTDIR=$BASE/openvpn +} + +function main() +{ + if [[ $platform == 'linux' ]]; then + build_zlib + build_mbedtls + build_lzo2 + build_openvpn + fi +} + +main "$@" diff --git a/pkg/thirdparty/openvpn/openvpn.sh b/pkg/thirdparty/openvpn/openvpn.sh deleted file mode 100755 index db63c987..00000000 --- a/pkg/thirdparty/openvpn/openvpn.sh +++ /dev/null @@ -1,123 +0,0 @@ -#!/bin/bash - -set -e -set -x - -mkdir -p ~/openvpn && cd ~/openvpn - -BASE=`pwd` -SRC=$BASE/src -WGET="wget --prefer-family=IPv4" -DEST=$BASE/stuff -LDFLAGS="-L$DEST/lib -Wl" -CPPFLAGS="-I$DEST/include" -CFLAGS="-O3" -CXXFLAGS=$CFLAGS -CONFIGURE="./configure --prefix=/stuff" -MAKE="make -j2" -mkdir -p $SRC - -######## #################################################################### -# ZLIB # #################################################################### -######## #################################################################### - -mkdir $SRC/zlib && cd $SRC/zlib - -if [ ! -f zlib-1.2.8.tar.gz ]; then - $WGET http://zlib.net/zlib-1.2.8.tar.gz -fi -tar zxvf zlib-1.2.8.tar.gz -cd zlib-1.2.8 - -LDFLAGS=$LDFLAGS \ -CPPFLAGS=$CPPFLAGS \ -CFLAGS=$CFLAGS \ -CXXFLAGS=$CXXFLAGS \ -./configure \ ---prefix=/stuff - -$MAKE -make install DESTDIR=$BASE - -########### ################################################################# -# OPENSSL # ################################################################# -########### ################################################################# - -#mkdir -p $SRC/openssl && cd $SRC/openssl -#if [ ! -f openssl-1.0.2f.tar.gz ]; then -# $WGET https://www.openssl.org/source/openssl-1.0.2f.tar.gz -#fi -#tar zxvf openssl-1.0.2f.tar.gz -#cd openssl-1.0.2f - -#./Configure darwin64-x86_64-cc \ -#-Wl \ -#--prefix=/opts zlib \ -#--with-zlib-lib=$DEST/lib \ -#--with-zlib-include=$DEST/include - -#$MAKE -#make install INSTALLTOP=$DEST OPENSSLDIR=$DEST/ssl - -############ ################################################################# -# POLARSSL # ################################################################# -############ ################################################################# - -mkdir -p $SRC/polarssl && cd $SRC/polarssl -if [ ! -f polarssl-1.3.9-gpl.tgz ]; then - $WGET https://tls.mbed.org/download/polarssl-1.3.9-gpl.tgz -fi -tar zxvf polarssl-1.3.9-gpl.tgz -cd polarssl-1.3.9 -mkdir build -cd build -cmake .. -$MAKE -make install DESTDIR=$BASE - -######## #################################################################### -# LZO2 # #################################################################### -######## #################################################################### - -mkdir $SRC/lzo2 && cd $SRC/lzo2 -if [ ! -f lzo-2.09.tar.gz ]; then - $WGET http://www.oberhumer.com/opensource/lzo/download/lzo-2.09.tar.gz -fi -tar zxvf lzo-2.09.tar.gz -cd lzo-2.09 - -LDFLAGS=$LDFLAGS \ -CPPFLAGS=$CPPFLAGS \ -CFLAGS=$CFLAGS \ -CXXFLAGS=$CXXFLAGS \ -$CONFIGURE - -$MAKE -make install DESTDIR=$BASE - -########### ################################################################# -# OPENVPN # ################################################################# -########### ################################################################# - -mkdir $SRC/openvpn && cd $SRC/openvpn -if [ ! -f openvpn-2.3.10.tar.gz ]; then - $WGET http://swupdate.openvpn.org/community/releases/openvpn-2.3.10.tar.gz -fi -tar zxvf openvpn-2.3.10.tar.gz -cd openvpn-2.3.10 - -# OPENSSL_SSL_LIBS=$DEST/lib/ - -POLARSSL_CFLAGS=-I$DEST/usr/local/include \ -POLARSSL_LIBS=$DEST/lib/libpolarssl.a \ -LDFLAGS=$LDFLAGS \ -CPPFLAGS=$CPPFLAGS \ -CFLAGS=$CFLAGS \ -CXXFLAGS=$CXXFLAGS \ -$CONFIGURE \ ---disable-plugin-auth-pam \ ---enable-password-save \ ---with-crypto-library=polarssl - -$MAKE LIBS="-all-static -lssl -lcrypto -lz -llzo2" -make install DESTDIR=$BASE/openvpn -- cgit v1.2.3