From patchwork Fri Apr 12 10:20:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Sommerseth X-Patchwork-Id: 724 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director7.mail.ord1d.rsapps.net ([172.27.255.1]) by backend30.mail.ord1d.rsapps.net with LMTP id mL5mFW3zsFzGIgAAIUCqbw for ; Fri, 12 Apr 2019 16:22:05 -0400 Received: from proxy20.mail.iad3a.rsapps.net ([172.27.255.1]) by director7.mail.ord1d.rsapps.net with LMTP id IDf6Em3zsFwvEwAAovjBpQ ; Fri, 12 Apr 2019 16:22:05 -0400 Received: from smtp38.gate.iad3a ([172.27.255.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy20.mail.iad3a.rsapps.net with LMTP id AJ/QDW3zsFxdWQAAtfLT2w ; Fri, 12 Apr 2019 16:22:05 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp38.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=openvpn.net X-Suspicious-Flag: YES X-Classification-ID: a264c616-5d60-11e9-b225-525400000c92-1-1 Received: from [216.105.38.7] ([216.105.38.7:17015] helo=lists.sourceforge.net) by smtp38.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 38/3F-29261-C63F0BC5; Fri, 12 Apr 2019 16:22:04 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1hF2fL-0005ch-Uc; Fri, 12 Apr 2019 20:20:51 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1hF2fK-0005cZ-R9 for openvpn-devel@lists.sourceforge.net; Fri, 12 Apr 2019 20:20:50 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To: From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=5NSe5C5XbjB/loN5hpJe3WcZLU3/3JGi/JP5sXL3j1Q=; b=ciGcvzs8iSisDmCnzhqhj+3lFJ DLnt90+COnD9zg9lyHUtTe49XcUNZgTkit1N+Cj8rc7MvPwHjjo9Q9k+T+/PZL8cacKOAY19WN5pQ ri25dpCbKaTPF3ucUFjLqT2zie8vlLgx7rM1FEFdjvXGgOTOKBZf+Cz7lQDTrYqOfNVE=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=5NSe5C5XbjB/loN5hpJe3WcZLU3/3JGi/JP5sXL3j1Q=; b=FpCPO0vKOcLNvaMGBIzP23iIn0 mhR2NRkTL+2PQhWpBmf9jL8aMwjxH7wWeLG6EOzu4223pla+p1p/692AyzKY5O66OcvgTOC3sSxhm XKAjBbH/BxWLJsKY2JfQ7WQ+w7YBKdVmRKBYwiYB4lL3XKlEdmdjZjOz/aACSA/F+5eE=; Received: from mx0.basenordic.cloud ([185.212.44.139]) by sfi-mx-4.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) id 1hF2fF-001Nhe-NZ for openvpn-devel@lists.sourceforge.net; Fri, 12 Apr 2019 20:20:48 +0000 Received: from localhost (unknown [IPv6:::1]) by mx0.basenordic.cloud (Postfix) with ESMTP id 06EFD80AD8A for ; Fri, 12 Apr 2019 20:20:37 +0000 (UTC) Received: from mx0.basenordic.cloud ([127.0.0.1]) by localhost (winterfell.topphemmelig.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Pq-M2UePOED for ; Fri, 12 Apr 2019 22:20:34 +0200 (CEST) Received: from zimbra.sommerseth.email (zimbra.sommerseth.email [172.16.33.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx0.basenordic.cloud (Postfix) with ESMTPS id AB7F880AD63 for ; Fri, 12 Apr 2019 22:20:34 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by zimbra.sommerseth.email (Postfix) with ESMTP id 20A204061E0D for ; Fri, 12 Apr 2019 22:20:34 +0200 (CEST) Received: from zimbra.sommerseth.email ([127.0.0.1]) by localhost (zimbra.sommerseth.email [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id avZ0Nfn21JTe for ; Fri, 12 Apr 2019 22:20:33 +0200 (CEST) Received: from optimus.homebase.sommerseths.net (unknown [10.35.7.45]) by zimbra.sommerseth.email (Postfix) with ESMTPS id 730664061E06 for ; Fri, 12 Apr 2019 22:20:33 +0200 (CEST) From: David Sommerseth To: openvpn-devel@lists.sourceforge.net Date: Fri, 12 Apr 2019 22:20:20 +0200 Message-Id: <20190412202020.24045-1-davids@openvpn.net> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190402093714.8581-1-davids@openvpn.net> References: <20190402093714.8581-1-davids@openvpn.net> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: openvpn.net] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1hF2fF-001Nhe-NZ Subject: [Openvpn-devel] [PATCH v2] docs: Update INSTALL X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox The INSTALL file contained several minor errors, typos and was generally not up-to-date in regards to what ./configure provides today. In addition, several URL references have moved around to new homes. This is just a backport of git master 6099ab67122429c0 adjusting for the slight changes in release/2.4. The contents is the same as git master, as it is still valid for v2.4. Signed-off-by: David Sommerseth Acked-by: Gert Doering --- v2 - Fixing incorrect OpenSSL version dependency --- INSTALL | 104 +++++++++++++++++++++++++++++++++++--------------------- 1 file changed, 65 insertions(+), 39 deletions(-) diff --git a/INSTALL b/INSTALL index a4ad87cc..a5936b38 100644 --- a/INSTALL +++ b/INSTALL @@ -1,6 +1,6 @@ Installation instructions for OpenVPN, a Secure Tunneling Daemon -Copyright (C) 2002-2018 OpenVPN Inc. This program is free software; +Copyright (C) 2002-2019 OpenVPN Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation. @@ -10,26 +10,30 @@ as published by the Free Software Foundation. QUICK START: Unix: - ./configure && make && make-install + ./configure && make && make install ************************************************************************* -To download OpenVPN, go to: +To download OpenVPN source code of releases, go to: - http://openvpn.net/download.html + https://openvpn.net/community-downloads/ OpenVPN releases are also available as Debian/RPM packages: https://community.openvpn.net/openvpn/wiki/OpenvpnSoftwareRepos +OpenVPN development versions can be found here: + + https://github.com/OpenVPN/openvpn + https://gitlab.com/OpenVPN/openvpn + https://sourceforge.net/p/openvpn/openvpn/ci/master/tree/ + +They should all be in sync at any time. + To download easy-rsa go to: https://github.com/OpenVPN/easy-rsa -To download tap-windows (NDIS 5) driver source code go to: - - https://github.com/OpenVPN/tap-windows - To download tap-windows (NDIS 6) driver source code go to: https://github.com/OpenVPN/tap-windows6 @@ -40,15 +44,11 @@ To get the cross-compilation environment go to: For step-by-step instructions with real-world examples see: - http://openvpn.net/howto.html + https://community.openvpn.net/openvpn/wiki/GettingStartedwithOVPN https://community.openvpn.net/openvpn/wiki + https://openvpn.net/community-resources/ -For examples see: - - http://openvpn.net/examples.html - -Also see the man page for more information, usage examples, and information on -firewall configuration. +Also see the man page for more information. ************************************************************************* @@ -100,11 +100,12 @@ CHECK OUT SOURCE FROM SOURCE REPOSITORY: Clone the repository: git clone https://github.com/OpenVPN/openvpn + git clone https://gitlab.com/OpenVPN/openvpn git clone git://openvpn.git.sourceforge.net/gitroot/openvpn/openvpn Check out stable version: - git checkout -b 2.2 remotes/origin/release/2.2 + git checkout release/2.4 Check out master (unstable) branch: @@ -134,7 +135,7 @@ BUILD A TARBALL FROM SOURCE REPOSITORY CHECKOUT: autoreconf -i -v -f ./configure - make dist + make distcheck ************************************************************************* @@ -160,24 +161,19 @@ environment. See tests/t_client.rc-sample for details. OPTIONS for ./configure: --disable-lzo disable LZO compression support [default=yes] - --enable-lzo-stub don't compile LZO compression support but still - allow limited interoperability with LZO-enabled - peers [default=no] + --disable-lz4 Disable LZ4 compression support + --enable-comp-stub Don't compile compression support but still allow limited interoperability with compression-enabled peers --disable-crypto disable crypto support [default=yes] - --disable-ssl disable SSL support for TLS-based key exchange + --disable-ofb-cfb disable support for OFB and CFB cipher modes [default=yes] --enable-x509-alt-username enable the --x509-username-field feature [default=no] - --disable-multi disable client/server support (--mode server + - client mode) [default=yes] --disable-server disable server support only (but retain client support) [default=yes] --disable-plugins disable plug-in support [default=yes] --disable-management disable management server support [default=yes] --enable-pkcs11 enable pkcs11 support [default=no] - --disable-socks disable Socks support [default=yes] - --disable-http-proxy disable HTTP proxy support [default=yes] --disable-fragment disable internal fragmentation support (--fragment) [default=yes] --disable-multihome disable multi-homed UDP server support (--multihome) @@ -187,44 +183,74 @@ OPTIONS for ./configure: --disable-debug disable debugging support (disable gremlin and verb 7+ messages) [default=yes] --enable-small enable smaller executable size (disable OCC, usage - message, and verb 4 parm list) [default=yes] - --enable-password-save allow --askpass and --auth-user-pass passwords to be - read from a file [default=yes] + message, and verb 4 parm list) [default=no] --enable-iproute2 enable support for iproute2 [default=no] --disable-def-auth disable deferred authentication [default=yes] --disable-pf disable internal packet filter [default=yes] + --disable-plugin-auth-pam + disable auth-pam plugin [default=platform specific] + --disable-plugin-down-root + disable down-root plugin [default=platform specific] + --enable-pam-dlopen dlopen libpam [default=no] --enable-strict enable strict compiler warnings (debugging option) [default=no] --enable-pedantic enable pedantic compiler warnings, will not generate a working executable (debugging option) [default=no] + --enable-werror promote compiler warnings to errors, will cause + builds to fail if the compiler issues warnings + (debugging option) [default=no] --enable-strict-options enable strict options check between peers (debugging option) [default=no] --enable-selinux enable SELinux support [default=no] - --enable-systemd enable systemd suppport [default=no] + --enable-systemd enable systemd support [default=no] + --enable-async-push enable async-push support for plugins providing + deferred authentication [default=no] ENVIRONMENT for ./configure: + PLUGINDIR Path of plug-in directory [default=LIBDIR/openvpn/plugins] IFCONFIG full path to ipconfig utility ROUTE full path to route utility IPROUTE full path to ip utility NETSTAT path to netstat utility MAN2HTML path to man2html utility GIT path to git utility + SYSTEMD_ASK_PASSWORD + path to systemd-ask-password utility + SYSTEMD_UNIT_DIR + Path of systemd unit directory [default=LIBDIR/systemd/system] + TMPFILES_DIR + Path of tmpfiles directory [default=LIBDIR/tmpfiles.d] + +ENVIRONMENT variables adjusting parameters related to dependencies + TAP_CFLAGS C compiler flags for tap - OPENSSL_CFLAGS - C compiler flags for OpenSSL, overriding pkg-config - OPENSSL_LIBS - linker flags for OpenSSL, overriding pkg-config - POLARSSL_CFLAGS - C compiler flags for polarssl - POLARSSL_LIBS - linker flags for polarssl - LZO_CFLAGS C compiler flags for lzo - LZO_LIBS linker flags for lzo + LIBPAM_CFLAGS + C compiler flags for libpam + LIBPAM_LIBS linker flags for libpam PKCS11_HELPER_CFLAGS C compiler flags for PKCS11_HELPER, overriding pkg-config PKCS11_HELPER_LIBS linker flags for PKCS11_HELPER, overriding pkg-config + OPENSSL_CFLAGS + C compiler flags for OpenSSL + OPENSSL_LIBS + linker flags for OpenSSL + MBEDTLS_CFLAGS + C compiler flags for mbedtls + MBEDTLS_LIBS + linker flags for mbedtls + LZO_CFLAGS C compiler flags for lzo + LZO_LIBS linker flags for lzo + LZ4_CFLAGS C compiler flags for lz4 + LZ4_LIBS linker flags for lz4 + libsystemd_CFLAGS + C compiler flags for libsystemd, overriding pkg-config + libsystemd_LIBS + linker flags for libsystemd, overriding pkg-config + P11KIT_CFLAGS + C compiler flags for P11KIT, overriding pkg-config + P11KIT_LIBS linker flags for P11KIT, overriding pkg-config *************************************************************************