@@ -39,230 +39,94 @@ jobs:
strategy:
fail-fast: false
matrix:
- osslver: [1.1.1q, 3.0.5]
- target: [mingw64, mingw]
- include:
- - target: mingw64
- chost: x86_64-w64-mingw32
- - target: mingw
- chost: i686-w64-mingw32
+ arch: [x86, x64]
- name: "gcc-mingw - ${{matrix.target}} - OSSL ${{ matrix.osslver }}"
+ name: "gcc-mingw - ${{ matrix.arch }} - OSSL"
runs-on: ubuntu-22.04
env:
- MAKEFLAGS: -j3
- LZO_VERSION: "2.10"
- PKCS11_HELPER_VERSION: "1.29.0"
- OPENSSL_VERSION: "${{ matrix.osslver }}"
- TAP_WINDOWS_VERSION: "9.23.3"
- CMOCKA_VERSION: "1.1.5"
+ VCPKG_ROOT: ${{ github.workspace }}/vcpkg
steps:
- name: Install dependencies
- run: sudo apt update && sudo apt install -y mingw-w64 libtool automake autoconf man2html unzip cmake ninja-build build-essential wget
+ run: sudo apt update && sudo apt install -y mingw-w64 unzip cmake ninja-build build-essential wget python3-docutils man2html-base
- name: Checkout OpenVPN
uses: actions/checkout@v3
- with:
- path: openvpn
- - name: autoconf
- run: autoreconf -fvi
- working-directory: openvpn
-
- - name: Cache dependencies
- id: cache
- uses: actions/cache@v3
+ - name: Restore from cache and install vcpkg
+ uses: lukka/run-vcpkg@v10
with:
- path: '~/mingw/'
- key: ${{ matrix.target }}-mingw-${{ matrix.osslver }}-${{ env.LZO_VERSION }}-${{ env.PKCS11_HELPER_VERSION }}-${{ env.TAP_WINDOWS_VERSION }}--${{ env.CMOCKA_VERSION }}
-
- # Repeating if: steps.cache.outputs.cache-hit != 'true'
- # on every step for building dependencies is ugly but
- # I haven't found a better solution so far.
-
- - name: Download mingw dependencies
- if: steps.cache.outputs.cache-hit != 'true'
- run: |
- wget -c -P download-cache/ "https://build.openvpn.net/downloads/releases/tap-windows-${TAP_WINDOWS_VERSION}.zip"
- wget -c -P download-cache/ "https://www.oberhumer.com/opensource/lzo/download/lzo-${LZO_VERSION}.tar.gz"
- wget -c -P download-cache/ "https://github.com/OpenSC/pkcs11-helper/releases/download/pkcs11-helper-${PKCS11_HELPER_VERSION}/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.bz2"
- wget -c -P download-cache/ "https://github.com/coreboot/cmocka/archive/refs/tags/cmocka-${CMOCKA_VERSION}.tar.gz"
- tar jxf "download-cache/pkcs11-helper-${PKCS11_HELPER_VERSION}.tar.bz2"
- wget -c -P download-cache/ "https://www.openssl.org/source/old/1.1.1/openssl-${OPENSSL_VERSION}.tar.gz" || wget -c -P download-cache/ "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz"
- tar zxf "download-cache/openssl-${OPENSSL_VERSION}.tar.gz"
- tar zxf "download-cache/lzo-${LZO_VERSION}.tar.gz"
- tar zxf "download-cache/cmocka-${CMOCKA_VERSION}.tar.gz"
- unzip download-cache/tap-windows-${TAP_WINDOWS_VERSION}.zip
-
- - name: create cmocka build directory
- if: steps.cache.outputs.cache-hit != 'true'
- run: mkdir cmocka-build
-
- - name: configure cmocka
- if: steps.cache.outputs.cache-hit != 'true'
- working-directory: "./cmocka-build"
- run: cmake -GNinja -DCMAKE_C_COMPILER=${{ matrix.chost }}-gcc -DCMAKE_CXX_COMPILER=${{ matrix.chost }}-g++ -DCMAKE_SYSTEM_NAME=Windows -DCMAKE_SHARED_LINKER_FLAGS=-static-libgcc -DCMAKE_PREFIX_PATH=${HOME}/mingw/opt/lib/pkgconfig/ -DCMAKE_INCLUDE_PATH=${HOME}/mingw/opt/lib/include -DCMAKE_LIBRARY_PATH=${HOME}/mingw/opt/lib -DCMAKE_INSTALL_PREFIX=${HOME}/mingw/opt/ ../cmocka-cmocka-${{ env.CMOCKA_VERSION }}
-
- - name: build cmocka
- if: steps.cache.outputs.cache-hit != 'true'
- working-directory: "./cmocka-build"
- run: ninja
-
- - name: install cmocka
- if: steps.cache.outputs.cache-hit != 'true'
- working-directory: "./cmocka-build"
- run: ninja install
-
- - name: Configure OpenSSL
- if: steps.cache.outputs.cache-hit != 'true'
- run: ./Configure --cross-compile-prefix=${{ matrix.chost }}- shared ${{ matrix.target }} no-capieng --prefix="${HOME}/mingw/opt" --openssldir="${HOME}/mingw/opt" -static-libgcc
- working-directory: "./openssl-${{ env.OPENSSL_VERSION }}"
-
- - name: Build OpenSSL
- if: steps.cache.outputs.cache-hit != 'true'
- run: make
- working-directory: "./openssl-${{ env.OPENSSL_VERSION }}"
-
- # OpenSSL 3.0.5 installs itself into mingw/opt/lib64 instead of
- # mingw/opt/lib, so we include both dirs in the following steps
- # (pkcs11-helper and OpenVPN) so the libraries will be found
- - name: Install OpenSSL
- if: steps.cache.outputs.cache-hit != 'true'
- run: make install
- working-directory: "./openssl-${{ env.OPENSSL_VERSION }}"
-
- - name: autoreconf pkcs11-helper
- if: steps.cache.outputs.cache-hit != 'true'
- run: autoreconf -iv
- working-directory: "./pkcs11-helper-${{ env.PKCS11_HELPER_VERSION }}"
-
- - name: configure pkcs11-helper
- if: steps.cache.outputs.cache-hit != 'true'
- run: OPENSSL_LIBS="-L${HOME}/mingw/opt/lib -L${HOME}/mingw/opt/lib64 -lssl -lcrypto" OPENSSL_CFLAGS=-I$HOME/mingw/opt/include PKG_CONFIG_PATH=${HOME}/mingw/opt/lib/pkgconfig ./configure --host=${{ matrix.chost }} --program-prefix='' --libdir=${HOME}/mingw/opt/lib --prefix=${HOME}/mingw/opt --build=x86_64-pc-linux-gnu --disable-crypto-engine-gnutls --disable-crypto-engine-nss --disable-crypto-engine-polarssl --disable-crypto-engine-mbedtls
- working-directory: "./pkcs11-helper-${{ env.PKCS11_HELPER_VERSION }}"
-
- - name: build pkcs11-helper
- if: steps.cache.outputs.cache-hit != 'true'
- run: make all
- working-directory: "./pkcs11-helper-${{ env.PKCS11_HELPER_VERSION }}"
-
- - name: install pkcs11-helper
- if: steps.cache.outputs.cache-hit != 'true'
- run: make install
- working-directory: "./pkcs11-helper-${{ env.PKCS11_HELPER_VERSION }}"
-
- - name: Configure lzo
- if: steps.cache.outputs.cache-hit != 'true'
- run: ./configure --host=${{ matrix.chost }} --program-prefix='' --libdir=${HOME}/mingw/opt/lib --prefix=${HOME}/mingw/opt --build=x86_64-pc-linux-gnu
- working-directory: "./lzo-${{ env.LZO_VERSION }}"
-
- - name: build lzo
- if: steps.cache.outputs.cache-hit != 'true'
- working-directory: "./lzo-${{ env.LZO_VERSION }}"
- run: make
-
- - name: install lzo
- if: steps.cache.outputs.cache-hit != 'true'
- working-directory: "./lzo-${{ env.LZO_VERSION }}"
- run: make install
-
- - name: copy tap-windows.h header
- if: steps.cache.outputs.cache-hit != 'true'
- run: cp ./tap-windows-${TAP_WINDOWS_VERSION}/include/tap-windows.h ${HOME}/mingw/opt/include/
-
- - name: configure OpenVPN
- run: PKG_CONFIG_PATH=${HOME}/mingw/opt/lib/pkgconfig LDFLAGS=-L$HOME/mingw/opt/lib CFLAGS=-I$HOME/mingw/opt/include OPENSSL_LIBS="-L${HOME}/opt/lib -L$HOME/mingw/opt/lib64 -lssl -lcrypto" OPENSSL_CFLAGS=-I$HOME/mingw/opt/include PREFIX=$HOME/mingw/opt LZO_CFLAGS=-I$HOME/mingw/opt/include LZO_LIBS="-L${HOME}/mingw/opt/lib -llzo2" ./configure --host=${{ matrix.chost }} --disable-lz4
- working-directory: openvpn
-
- - name: build OpenVPN
- run: make -j3
- working-directory: openvpn
- - name: build OpenVPN unittests
- run: make -j3 check
- working-directory: openvpn
+ vcpkgGitCommitId: 'd10d511f25620ca0f315cd83dcef6485efc63010'
+ vcpkgJsonGlob: '**/mingw/vcpkg.json'
+ appendedCacheKey: mingw_${{ matrix.arch }}
- # We use multiple upload-artifact here, so it becomes a flat folder
- # structure since we need the dlls on the same level as the binaries
- - name: Archive cmocka/openssl/lzo dlls
- uses: actions/upload-artifact@v3
+ - name: Run CMake with vcpkg.json manifest
+ uses: lukka/run-cmake@v10
with:
- retention-days: 1
- name: mingw-unittest-${{matrix.target}}-ossl${{ matrix.osslver }}-dlls
- path: '~/mingw/opt/bin/*.dll'
-
- # libtool puts some wrapper binaries in openvpn/tests/unit_tests/openvpn/
- # and the real binaries in openvpn/tests/unit_tests/openvpn/.libs/
- - name: Archive unittest artifacts
- uses: actions/upload-artifact@v3
+ configurePreset: mingw-${{ matrix.arch }}
+ buildPreset: mingw-${{ matrix.arch }}
+
+ - uses: actions/upload-artifact@v3
with:
- retention-days: 1
- name: mingw-unittest-${{matrix.target}}-ossl${{ matrix.osslver }}-tests
- path: openvpn/tests/unit_tests/openvpn/.libs/*.exe
-
- # Currently not used by the unit test but might in the future and also
- # helpful if manually downloading and running openvpn.exe from a mingw
- # build
- - name: Archive openvpn binary
- uses: actions/upload-artifact@v3
+ name: openvpn-mingw-${{ matrix.arch }}
+ path: |
+ ${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/*.exe
+ ${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/*.dll
+ !${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/test_*.exe
+
+ - uses: actions/upload-artifact@v3
with:
- retention-days: 1
- name: mingw-unittest-${{matrix.target}}-ossl${{ matrix.osslver }}-tests
- path: openvpn/src/openvpn/.libs/*.exe
+ name: openvpn-mingw-${{ matrix.arch }}-tests
+ path: |
+ ${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/test_*.exe
+ ${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/*.dll
mingw-unittest:
needs: [ mingw ]
strategy:
fail-fast: false
matrix:
- osslver: [ 1.1.1q, 3.0.5 ]
- target: [ mingw64, mingw ]
+ arch: [x86, x64]
runs-on: windows-latest
- name: "mingw unittests - ${{matrix.target}} - OSSL ${{ matrix.osslver }}"
+ name: "mingw unittests - ${{ matrix.arch }} - OSSL"
steps:
- - name: Retrieve mingw unittest dlls
- uses: actions/download-artifact@v3
- with:
- name: mingw-unittest-${{matrix.target}}-ossl${{ matrix.osslver }}-dlls
- path: unittests
-
- name: Retrieve mingw unittest
uses: actions/download-artifact@v3
with:
- name: mingw-unittest-${{matrix.target}}-ossl${{ matrix.osslver }}-tests
+ name: openvpn-mingw-${{ matrix.arch }}-tests
path: unittests
- name: List unittests directory
run: "dir unittests"
- - name: Run argvunit test
- run: ./unittests/argv_testdriver.exe
+ - name: Run argv unit test
+ run: ./unittests/test_argv.exe
- - name: Run auth_tokenunit test
- run: ./unittests/auth_token_testdriver.exe
+ - name: Run auth_token unit test
+ run: ./unittests/test_auth_token.exe
- - name: Run bufferunit test
- run: ./unittests/buffer_testdriver.exe
+ - name: Run buffer unit test
+ run: ./unittests/test_buffer.exe
- name: Run cryptoapi unit test
- run: ./unittests/cryptoapi_testdriver.exe
+ run: ./unittests/test_cryptoapi.exe
- - name: Run cryptounit test
- run: ./unittests/crypto_testdriver.exe
+ - name: Run crypto unit test
+ run: ./unittests/test_crypto.exe
- - name: Run miscunit test
- run: ./unittests/misc_testdriver.exe
+ - name: Run misc unit test
+ run: ./unittests/test_misc.exe
- - name: Run ncpunit test
- run: ./unittests/ncp_testdriver.exe
+ - name: Run ncp unit test
+ run: ./unittests/test_ncp.exe
- - name: Run packet idunit test
- run: ./unittests/packet_id_testdriver.exe
+ - name: Run packet id unit test
+ run: ./unittests/test_packet_id.exe
- - name: Run pktunit test
- run: ./unittests/pkt_testdriver.exe
+ - name: Run pkt unit test
+ run: ./unittests/test_pkt.exe
- - name: Run providerunit test
- run: ./unittests/provider_testdriver.exe
+ - name: Run provider unit test
+ run: ./unittests/test_provider.exe
ubuntu:
strategy:
@@ -411,60 +275,51 @@ jobs:
strategy:
fail-fast: false
matrix:
- plat: [ARM64, Win32, x64]
- include:
- - plat: ARM64
- triplet: arm64
- - plat: Win32
- triplet: x86
- - plat: x64
- triplet: x64
-
- name: "msbuild - ${{matrix.triplet}} - openssl"
+ arch: [amd64, x86, arm64]
+
+ name: "msbuild - ${{ matrix.arch }} - openssl"
env:
BUILD_CONFIGURATION: Release
- VCPKG_OVERLAY_PORTS: ${{ github.workspace }}/contrib/vcpkg-ports
- VCPKG_OVERLAY_TRIPLETS: ${{ github.workspace }}/contrib/vcpkg-triplets
runs-on: windows-latest
steps:
- uses: actions/checkout@v3
-
- - name: Add MSBuild to PATH
- uses: microsoft/setup-msbuild@v1.1
-
- - name: Set up Python
- uses: actions/setup-python@v4
- with:
- python-version: '3.x'
+ - uses: lukka/get-cmake@latest
- name: Install rst2html
- run: python -m pip install --upgrade pip rst2html
+ run: python -m pip install --upgrade pip docutils
- name: Restore artifacts, or setup vcpkg (do not install any package)
uses: lukka/run-vcpkg@v10
with:
vcpkgGitCommitId: 'd10d511f25620ca0f315cd83dcef6485efc63010'
- vcpkgJsonGlob: '**/openvpn/vcpkg.json'
- appendedCacheKey: '${{matrix.triplet}}'
+ vcpkgJsonGlob: '**/windows/vcpkg.json'
+ appendedCacheKey: msvc_${{ matrix.arch }}
- - name: Run MSBuild consuming vcpkg.json
- working-directory: ${{env.GITHUB_WORKSPACE}}
- run: |
- # workaround for GHA runner bug where vcpkg installation is detected at c:\vcpkg
- # see https://github.com/lukka/run-vcpkg/issues/170
- ${{ github.workspace }}/vcpkg/vcpkg.exe integrate install
- msbuild /m /p:Configuration=${{env.BUILD_CONFIGURATION}} /p:Platform="${{ matrix.plat }}" .
+ - name: Run CMake with vcpkg.json manifest (NO TESTS)
+ uses: lukka/run-cmake@v10
+ if: ${{ matrix.arch == 'arm64' }}
+ with:
+ configurePreset: win-${{ matrix.arch }}
+ buildPreset: win-${{ matrix.arch }}
+
+ - name: Run CMake with vcpkg.json manifest
+ uses: lukka/run-cmake@v10
+ if: ${{ matrix.arch != 'arm64' }}
+ with:
+ configurePreset: win-${{ matrix.arch }}
+ buildPreset: win-${{ matrix.arch }}
+ testPreset: win-${{ matrix.arch }}
- - name: Archive artifacts
- uses: actions/upload-artifact@v3
+ - uses: actions/upload-artifact@v3
with:
- name: artifacts-${{ matrix.plat }}
+ name: openvpn-msvc-${{ matrix.arch }}
path: |
- ${{ matrix.plat }}-Output/${{env.BUILD_CONFIGURATION}}/*.exe
- ${{ matrix.plat }}-Output/${{env.BUILD_CONFIGURATION}}/*.dll
- ${{ matrix.plat }}-Output/${{env.BUILD_CONFIGURATION}}/*.pdb
- doc/openvpn.8.html
+ ${{ github.workspace }}/out/**/*.exe
+ ${{ github.workspace }}/out/**/*.dll
+ !${{ github.workspace }}/out/**/test_*.exe
+ !${{ github.workspace }}/out/**/CMakeFiles/**
+ !${{ github.workspace }}/out/**/vcpkg_installed/**
trigger_openvpn_build:
runs-on: windows-latest
@@ -17,6 +17,7 @@
Release
Debug
Win32-Output
+out
.vs
.deps
.libs
@@ -1,4 +1,5 @@
- cmake_minimum_required(VERSION 3.3)
+cmake_minimum_required(VERSION 3.12)
+set(CMAKE_CONFIGURATION_TYPES "Release;Debug;ASAN")
project(openvpn)
# This CMake file implements building OpenVPN with CMAKE
@@ -11,10 +12,6 @@ project(openvpn)
# and OpenSSL having version 1.1.1+ and generally does not offer the same
# configurability like autoconf
-# -DCMAKE_TOOLCHAIN_FILE=C:/Users/User/source/repos/vcpkg/scripts/buildsystems/vcpkg.cmake
-#-DVCPKG_OVERLAY_PORTS=C:/Users/User/source/repos/openvpn/contrib/vcpkg-ports
-#-GNinja
-
option(UNSUPPORTED_BUILDS "Allow unsupported builds" OFF)
if (NOT WIN32 AND NOT ${UNSUPPORTED_BUILDS})
@@ -23,48 +20,67 @@ endif()
option(MBED "BUILD with mbed" OFF)
option(WOLFSSL "BUILD with wolfSSL" OFF)
+option(ENABLE_LZ4 "BUILD with lz4" ON)
+option(ENABLE_LZO "BUILD with lzo" ON)
+option(ENABLE_PKCS11 "BUILD with pkcs11-helper" ON)
if (MSVC)
option(USE_WERROR "Treat compiler warnings as errors (-Werror)" OFF)
else ()
option(USE_WERROR "Treat compiler warnings as errors (-Werror)" ON)
endif ()
-option(PLUGIN_DIR "Location of the plugin directory" /usr/local/lib/openvpn/plugins)
+
+set(PLUGIN_DIR /usr/local/lib/openvpn/plugins CACHE FILEPATH "Location of the plugin directory")
# AddressSanitize - use CXX=clang++ CC=clang cmake -DCMAKE_BUILD_TYPE=asan to build with ASAN
set(CMAKE_C_FLAGS_ASAN
- "-fsanitize=address,undefined -fno-sanitize-recover=all -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1"
- CACHE STRING "Flags used by the C compiler during AddressSanitizer builds."
- FORCE)
+ "-fsanitize=address,undefined -fno-sanitize-recover=all -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1"
+ CACHE STRING "Flags used by the C compiler during AddressSanitizer builds."
+ FORCE)
set(CMAKE_CXX_FLAGS_ASAN
- "-fsanitize=address,undefined -fno-sanitize-recover=all -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1"
- CACHE STRING "Flags used by the C++ compiler during AddressSanitizer builds."
- FORCE)
+ "-fsanitize=address,undefined -fno-sanitize-recover=all -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1"
+ CACHE STRING "Flags used by the C++ compiler during AddressSanitizer builds."
+ FORCE)
if (MSVC)
- target_compile_options(${target} PRIVATE /W3)
+ add_compile_options(/W3 /Qspectre /GL)
+ add_definitions(-D_CRT_SECURE_NO_WARNINGS -D_CRT_NONSTDC_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS)
+ add_link_options(/Brepro /LTCG)
+ if (USE_WERROR)
+ add_compile_options(/WX)
+ endif ()
else ()
- add_compile_options(-Wall -Wuninitialized)
+ set(CMAKE_C_FLAGS_RELEASE "-O2")
+ set(CMAKE_CXX_FLAGS_RELEASE "-O2")
+ set(CMAKE_C_FLAGS_DEBUG "-g -O1")
+ set(CMAKE_CXX_FLAGS_DEBUG "-g -O1")
+ add_compile_options(-Wall -Wuninitialized -Wno-stringop-truncation)
# We are not ready for this
#add_compile_options(-Wsign-compare)
+ if (USE_WERROR)
+ add_compile_options(-Werror)
+ endif ()
endif ()
-find_package(PkgConfig)
-INCLUDE(CheckSymbolExists)
-INCLUDE(CheckIncludeFiles)
-INCLUDE(CheckTypeSize)
-INCLUDE(CheckStructHasMember)
+find_package(PkgConfig REQUIRED)
+include(CheckSymbolExists)
+include(CheckIncludeFiles)
+include(CheckTypeSize)
+include(CheckStructHasMember)
+include(CTest)
-set(OPENVPN_VERSION_MAJOR 2)
-set(OPENVPN_VERSION_MINOR 6)
-set(OPENVPN_VERSION_PATCH _git)
+find_program(PYTHON NAMES python3 python)
+execute_process(
+ COMMAND ${PYTHON} ${CMAKE_CURRENT_SOURCE_DIR}/contrib/cmake/parse-version.m4.py ${CMAKE_CURRENT_SOURCE_DIR}/version.m4
+ WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
+ )
+include(${CMAKE_CURRENT_BINARY_DIR}/version.cmake)
-if (NOT WIN32)
- add_definitions(-DPLUGIN_LIBDIR=\"${PLUGIN_DIR}\")
-endif ()
-
-# TODO remove later when msvc-config.h is removed and we can always include config.h
-add_definitions(-DHAVE_CONFIG_H)
+set(OPENVPN_VERSION_MAJOR ${PRODUCT_VERSION_MAJOR})
+set(OPENVPN_VERSION_MINOR ${PRODUCT_VERSION_MINOR})
+set(OPENVPN_VERSION_PATCH ${PRODUCT_VERSION_PATCH})
+set(OPENVPN_VERSION_RESOURCE ${PRODUCT_VERSION_RESOURCE})
+set(CMAKE_C_STANDARD 99)
# Set the various defines for config.h.cmake.in
if (${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
@@ -97,139 +113,133 @@ elseif (WIN32)
set(TARGET_WIN32 YES)
endif ()
-CHECK_SYMBOL_EXISTS(chroot unistd.h HAVE_CHROOT)
-CHECK_SYMBOL_EXISTS(chdir unistd.h HAVE_CHDIR)
-CHECK_SYMBOL_EXISTS(dup unistd.h HAVE_DUP)
-CHECK_SYMBOL_EXISTS(dup2 unistd.h HAVE_DUP2)
-CHECK_SYMBOL_EXISTS(fork unistd.h HAVE_FORK)
-CHECK_SYMBOL_EXISTS(execve unistd.h HAVE_EXECVE)
-CHECK_SYMBOL_EXISTS(ftruncate unistd.h HAVE_FTRUNCATE)
-CHECK_SYMBOL_EXISTS(setgid unistd.h HAVE_SETGID)
-CHECK_SYMBOL_EXISTS(setuid unistd.h HAVE_SETUID)
-CHECK_SYMBOL_EXISTS(getpeereid unistd.h HAVE_GETPEEREID)
-
-CHECK_SYMBOL_EXISTS(epoll_create sys/epoll.h HAVE_EPOLL_CREATE)
-
-CHECK_SYMBOL_EXISTS(gettimeofday sys/time.h HAVE_GETTIMEOFDAY)
-CHECK_SYMBOL_EXISTS(basename libgen.h HAVE_BASENAME)
-CHECK_SYMBOL_EXISTS(chsize io.h HAVE_CHSIZE)
-CHECK_SYMBOL_EXISTS(daemon stdlib.h HAVE_DAEMON)
-CHECK_SYMBOL_EXISTS(dirname libgen.h HAVE_DIRNAME)
-CHECK_SYMBOL_EXISTS(getrlimit sys/resource.h HAVE_GETRLIMIT)
-CHECK_SYMBOL_EXISTS(mlockall sys/mman.h HAVE_MLOCKALL)
-
-CHECK_SYMBOL_EXISTS(sendmsg sys/socket.h HAVE_SENDMSG)
-CHECK_SYMBOL_EXISTS(recvmsg sys/socket.h HAVE_RECVMSG)
-CHECK_SYMBOL_EXISTS(cmsghdr sys/socket.h HAVE_CMSGHDR)
-CHECK_SYMBOL_EXISTS(openlog syslog.h HAVE_OPENLOG)
-CHECK_SYMBOL_EXISTS(syslog syslog.h HAVE_SYSLOG)
-CHECK_SYMBOL_EXISTS(getgrnam grp.h HAVE_GETGRNAM)
-CHECK_SYMBOL_EXISTS(getpwnam pwd.h HAVE_GETPWNAM)
-CHECK_SYMBOL_EXISTS(getsockname sys/socket.h HAVE_GETSOCKNAME)
+check_symbol_exists(chroot unistd.h HAVE_CHROOT)
+check_symbol_exists(chdir unistd.h HAVE_CHDIR)
+check_symbol_exists(dup unistd.h HAVE_DUP)
+check_symbol_exists(dup2 unistd.h HAVE_DUP2)
+check_symbol_exists(fork unistd.h HAVE_FORK)
+check_symbol_exists(execve unistd.h HAVE_EXECVE)
+check_symbol_exists(ftruncate unistd.h HAVE_FTRUNCATE)
+check_symbol_exists(setgid unistd.h HAVE_SETGID)
+check_symbol_exists(setuid unistd.h HAVE_SETUID)
+check_symbol_exists(getpeereid unistd.h HAVE_GETPEEREID)
+
+check_symbol_exists(epoll_create sys/epoll.h HAVE_EPOLL_CREATE)
+
+check_symbol_exists(gettimeofday sys/time.h HAVE_GETTIMEOFDAY)
+check_symbol_exists(basename libgen.h HAVE_BASENAME)
+check_symbol_exists(chsize io.h HAVE_CHSIZE)
+check_symbol_exists(daemon stdlib.h HAVE_DAEMON)
+check_symbol_exists(dirname libgen.h HAVE_DIRNAME)
+check_symbol_exists(getrlimit sys/resource.h HAVE_GETRLIMIT)
+check_symbol_exists(mlockall sys/mman.h HAVE_MLOCKALL)
+
+check_symbol_exists(sendmsg sys/socket.h HAVE_SENDMSG)
+check_symbol_exists(recvmsg sys/socket.h HAVE_RECVMSG)
+check_symbol_exists(cmsghdr sys/socket.h HAVE_CMSGHDR)
+check_symbol_exists(openlog syslog.h HAVE_OPENLOG)
+check_symbol_exists(syslog syslog.h HAVE_SYSLOG)
+check_symbol_exists(getgrnam grp.h HAVE_GETGRNAM)
+check_symbol_exists(getpwnam pwd.h HAVE_GETPWNAM)
+check_symbol_exists(getsockname sys/socket.h HAVE_GETSOCKNAME)
# Some OS (e.g. FreeBSD) need some basic headers to allow
# including network headers
-SET(NETEXTRA sys/types.h)
-CHECK_INCLUDE_FILES("${NETEXTRA};netinet/in.h" HAVE_NETINET_IN_H)
+set(NETEXTRA sys/types.h)
+check_include_files("${NETEXTRA};netinet/in.h" HAVE_NETINET_IN_H)
if (HAVE_NETINET_IN_H)
- LIST(APPEND NETEXTRA netinet/in.h)
+ list(APPEND NETEXTRA netinet/in.h)
endif ()
-CHECK_INCLUDE_FILES("${NETEXTRA};netinet/in6.h" HAVE_NETINET_IN_H)
-CHECK_INCLUDE_FILES(linux/if_tun.h HAVE_LINUX_IF_TUN_H)
-CHECK_INCLUDE_FILES(linux/sockios.h HAVE_LINUX_SOCKIOS_H)
-CHECK_INCLUDE_FILES(dlfcn.h HAVE_DLFCN_H)
-CHECK_INCLUDE_FILES(fcntl.h HAVE_FCNTL_H)
-CHECK_INCLUDE_FILES(dmalloc.h HAVE_DMALLOC_H)
-CHECK_INCLUDE_FILES(err.h HAVE_ERR_H)
-CHECK_INCLUDE_FILES(sys/epoll.h HAVE_SYS_EPOLL_H)
-CHECK_INCLUDE_FILES(poll.h HAVE_POLL_H)
-CHECK_INCLUDE_FILES(sys/socket.h HAVE_SYS_SOCKET_H)
-CHECK_INCLUDE_FILES(sys/time.h HAVE_SYS_TIME_H)
-CHECK_INCLUDE_FILES(netdb.h HAVE_NETDB_H)
-CHECK_INCLUDE_FILES(unistd.h HAVE_UNISTD_H)
-CHECK_INCLUDE_FILES(sys/un.h HAVE_SYS_UN_H)
-CHECK_INCLUDE_FILES(libgen.h HAVE_LIBGEN_H)
-CHECK_INCLUDE_FILES(net/if.h HAVE_NET_IF_H)
-CHECK_INCLUDE_FILES("${NETEXTRA};netinet/ip.h" HAVE_NETINET_IP_H)
-CHECK_INCLUDE_FILES(arpa/inet.h HAVE_ARPA_INET_H)
-CHECK_INCLUDE_FILES(net/if_utun.h HAVE_NET_UTUN_H)
-CHECK_INCLUDE_FILES(sys/ioctl.h HAVE_SYS_IOCTL_H)
-CHECK_INCLUDE_FILES(sys/inotify.h HAVE_SYS_INOTIFY_H)
-CHECK_INCLUDE_FILES("${NETEXTRA};sys/uio.h" HAVE_SYS_UIO_H)
-CHECK_INCLUDE_FILES(syslog.h HAVE_SYSLOG_H)
-CHECK_INCLUDE_FILES(sys/wait.h HAVE_SYS_WAIT_H)
-CHECK_INCLUDE_FILES(grp.h HAVE_GRP_H)
-CHECK_INCLUDE_FILES(pwd.h HAVE_PWD_H)
-CHECK_INCLUDE_FILES(sys/mman.h HAVE_SYS_MMAN_H)
-
-
-CHECK_INCLUDE_FILES("${NETEXTRA};resolv.h" HAVE_RESOLV_H)
-CHECK_INCLUDE_FILES("${NETEXTRA};net/if_tun.h" HAVE_NET_IF_TUN_H)
-
-# Is this obscure header needed anywhere?!
-CHECK_INCLUDE_FILES(netinet/in_systm.h HAVE_NETINET_IN_SYSTM_H)
-
-
-SET(CMAKE_EXTRA_INCLUDE_FILES netinet/ip.h)
-CHECK_TYPE_SIZE("struct in_pktinfo" IN_PKTINFO)
-CHECK_STRUCT_HAS_MEMBER("struct in_pktinfo" ipi_spec_dst netinet/ip.h HAVE_IPI_SPEC_DST)
-CHECK_TYPE_SIZE("struct msghdr" MSGHDR)
-SET(CMAKE_EXTRA_INCLUDE_FILES)
+check_include_files("${NETEXTRA};netinet/in6.h" HAVE_NETINET_IN_H)
+check_include_files(linux/if_tun.h HAVE_LINUX_IF_TUN_H)
+check_include_files(linux/sockios.h HAVE_LINUX_SOCKIOS_H)
+check_include_files(dlfcn.h HAVE_DLFCN_H)
+check_include_files(fcntl.h HAVE_FCNTL_H)
+check_include_files(dmalloc.h HAVE_DMALLOC_H)
+check_include_files(err.h HAVE_ERR_H)
+check_include_files(sys/epoll.h HAVE_SYS_EPOLL_H)
+check_include_files(poll.h HAVE_POLL_H)
+check_include_files(sys/socket.h HAVE_SYS_SOCKET_H)
+check_include_files(sys/time.h HAVE_SYS_TIME_H)
+check_include_files(netdb.h HAVE_NETDB_H)
+check_include_files(unistd.h HAVE_UNISTD_H)
+check_include_files(sys/un.h HAVE_SYS_UN_H)
+check_include_files(libgen.h HAVE_LIBGEN_H)
+check_include_files(net/if.h HAVE_NET_IF_H)
+check_include_files("${NETEXTRA};netinet/ip.h" HAVE_NETINET_IP_H)
+check_include_files(arpa/inet.h HAVE_ARPA_INET_H)
+check_include_files(net/if_utun.h HAVE_NET_UTUN_H)
+check_include_files(sys/ioctl.h HAVE_SYS_IOCTL_H)
+check_include_files(sys/inotify.h HAVE_SYS_INOTIFY_H)
+check_include_files("${NETEXTRA};sys/uio.h" HAVE_SYS_UIO_H)
+check_include_files(syslog.h HAVE_SYSLOG_H)
+check_include_files(sys/wait.h HAVE_SYS_WAIT_H)
+check_include_files(grp.h HAVE_GRP_H)
+check_include_files(pwd.h HAVE_PWD_H)
+check_include_files(sys/mman.h HAVE_SYS_MMAN_H)
+
+
+check_include_files("${NETEXTRA};resolv.h" HAVE_RESOLV_H)
+check_include_files("${NETEXTRA};net/if_tun.h" HAVE_NET_IF_TUN_H)
+
+set(CMAKE_EXTRA_INCLUDE_FILES netinet/ip.h)
+check_type_size("struct in_pktinfo" IN_PKTINFO)
+check_struct_has_member("struct in_pktinfo" ipi_spec_dst netinet/ip.h HAVE_IPI_SPEC_DST)
+check_type_size("struct msghdr" MSGHDR)
+set(CMAKE_EXTRA_INCLUDE_FILES)
find_program(IFCONFIG_PATH ifconfig)
find_program(IPROUTE_PATH ip)
find_program(ROUTE_PATH route)
+if (${ENABLE_LZ4})
+ pkg_search_module(liblz4 liblz4 REQUIRED IMPORTED_TARGET)
+endif ()
+
+if (${ENABLE_LZO})
+ pkg_search_module(lzo2 lzo2 REQUIRED IMPORTED_TARGET)
+endif ()
-if (NOT WIN32)
- set(ENABLE_LZ4 YES)
- set(ENABLE_LZO YES)
+if (${ENABLE_PKCS11})
+ pkg_search_module(pkcs11-helper libpkcs11-helper-1 REQUIRED IMPORTED_TARGET)
endif ()
function(add_library_deps target)
if (${MBED})
- target_include_directories(${target} PRIVATE $ENV{HOME}/oss/mbedtls2/include)
- message("Building ${target} for mbed TLS")
- target_link_libraries(${target} PUBLIC -L$ENV{HOME}/oss/mbedtls2/library -L/usr/local/opt/lzo/lib -lmbedtls -lmbedx509 -lmbedcrypto)
+ target_link_libraries(${target} -lmbedtls -lmbedx509 -lmbedcrypto)
elseif (${WOLFSSL})
pkg_search_module(wolfssl wolfssl REQUIRED)
target_link_libraries(${target} PUBLIC ${wolfssl_LINK_LIBRARIES})
target_include_directories(${target} PRIVATE ${wolfssl_INCLUDE_DIRS}/wolfssl)
- message("Building ${target} for WolfSSL: ${wolfssl_LINK_LIBRARIES} ${wolfssl_INCLUDE_DIRS}/wolfsll")
else ()
set(ENABLE_X509ALTUSERNAME YES)
find_package(OpenSSL REQUIRED)
- target_link_libraries(${target} PUBLIC OpenSSL::SSL)
-
- message("Building ${target} for default OpenSSL")
- endif ()
-
+ target_link_libraries(${target} PUBLIC OpenSSL::SSL OpenSSL::Crypto)
+ if (WIN32)
+ target_link_libraries(${target} PUBLIC
+ ws2_32.lib crypt32.lib fwpuclnt.lib iphlpapi.lib
+ wininet.lib setupapi.lib rpcrt4.lib wtsapi32.lib ncrypt.lib bcrypt.lib)
+ endif ()
- if (${ENABLE_LZ4})
- pkg_search_module(liblz4 liblz4 REQUIRED IMPORTED_TARGET)
- target_link_libraries(${target} PUBLIC PkgConfig::liblz4)
endif ()
- if (${ENABLE_LZO})
- pkg_search_module(lzo2 lzo2 REQUIRED IMPORTED_TARGET)
- target_link_libraries(${target} PUBLIC PkgConfig::lzo2)
- endif ()
+ # optional dependencies
+ target_link_libraries(${target} PUBLIC
+ $<TARGET_NAME_IF_EXISTS:PkgConfig::liblz4>
+ $<TARGET_NAME_IF_EXISTS:PkgConfig::lzo2>
+ $<TARGET_NAME_IF_EXISTS:PkgConfig::pkcs11-helper>
+ )
if (${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
- target_include_directories(${target} PUBLIC ${LIBNL_INCLUDE_DIRS})
- target_link_libraries(${target} PUBLIC ${LIBNL_LIBRARIES})
- endif ()
+ pkg_search_module(libcapng REQUIRED libcap-ng IMPORTED_TARGET)
+ pkg_search_module(libnl REQUIRED libnl-genl-3.0 IMPORTED_TARGET)
- if (USE_WERROR)
- if (MSVC)
- target_compile_options(${target} PRIVATE /WX)
- else ()
- target_compile_options(${target} PRIVATE -Werror)
- endif ()
+ target_link_libraries(${target} PUBLIC PkgConfig::libcapng PkgConfig::libnl)
endif ()
+
endfunction()
if (${MBED})
@@ -245,240 +255,254 @@ endif ()
include_directories(${CMAKE_CURRENT_SOURCE_DIR} src/compat include)
-if (WIN32)
- find_package(OpenSSL REQUIRED)
-
- link_libraries(OpenSSL::SSL OpenSSL::Crypto ws2_32.lib Crypt32.lib fwpuclnt.lib iphlpapi.lib
- wininet.lib setupapi.lib rpcrt4.lib wtsapi32.lib Ncrypt.lib)
- add_definitions(-D_CRT_SECURE_NO_WARNINGS -D_CRT_NONSTDC_NO_DEPRECATE -D _WINSOCK_DEPRECATED_NO_WARNINGS -D_CONSOLE)
-endif ()
+add_custom_command(
+ OUTPUT always_rebuild config-version.h
+ COMMAND ${PYTHON} ${CMAKE_CURRENT_SOURCE_DIR}/contrib/cmake/git-version.py
+ )
+set(HAVE_CONFIG_VERSION_H YES)
configure_file(config.h.cmake.in config.h)
configure_file(include/openvpn-plugin.h.in openvpn-plugin.h)
+# TODO remove later when msvc-config.h is removed and we can always include config.h
+add_definitions(-DHAVE_CONFIG_H)
include_directories(${CMAKE_CURRENT_BINARY_DIR})
-set(SOURCE_FILES
- ${CMAKE_CURRENT_BINARY_DIR}/config.h
- ${CMAKE_CURRENT_BINARY_DIR}/openvpn-plugin.h
+add_subdirectory(doc)
+add_subdirectory(src/openvpnmsica)
+add_subdirectory(src/openvpnserv)
+add_subdirectory(src/tapctl)
- src/compat/compat-basename.c
- src/compat/compat-daemon.c
- src/compat/compat-dirname.c
- src/compat/compat-gettimeofday.c
- src/compat/compat-strsep.c
- src/compat/compat-versionhelpers.h
- src/openvpn/argv.c
- src/openvpn/argv.h
- src/openvpn/base64.c
- src/openvpn/base64.h
- src/openvpn/basic.h
- src/openvpn/block_dns.h
- src/openvpn/block_dns.c
- src/openvpn/buffer.c
- src/openvpn/buffer.h
- src/openvpn/circ_list.h
- src/openvpn/clinat.c
- src/openvpn/clinat.h
- src/openvpn/common.h
- src/openvpn/comp-lz4.c
- src/openvpn/comp-lz4.h
- src/openvpn/comp.c
- src/openvpn/comp.h
- src/openvpn/compstub.c
- src/openvpn/console.c
- src/openvpn/console_builtin.c
- src/openvpn/console.h
- src/openvpn/crypto.c
- src/openvpn/crypto.h
- src/openvpn/crypto_backend.h
- src/openvpn/crypto_openssl.c
- src/openvpn/crypto_openssl.h
- src/openvpn/crypto_mbedtls.c
- src/openvpn/crypto_mbedtls.h
- src/openvpn/cryptoapi.c
- src/openvpn/cryptoapi.h
- src/openvpn/dco.c
- src/openvpn/dco.h
- src/openvpn/dco_win.c
- src/openvpn/dco_win.h
- src/openvpn/dco_linux.c
- src/openvpn/dco_linux.h
- src/openvpn/dco_freebsd.c
- src/openvpn/dco_freebsd.h
- src/openvpn/dhcp.c
- src/openvpn/dhcp.h
- src/openvpn/dns.c
- src/openvpn/dns.h
- src/openvpn/errlevel.h
- src/openvpn/env_set.c
- src/openvpn/env_set.h
- src/openvpn/error.c
- src/openvpn/error.h
- src/openvpn/event.c
- src/openvpn/event.h
- src/openvpn/fdmisc.c
- src/openvpn/fdmisc.h
- src/openvpn/forward.c
- src/openvpn/forward.h
- src/openvpn/fragment.c
- src/openvpn/fragment.h
- src/openvpn/gremlin.c
- src/openvpn/gremlin.h
- src/openvpn/helper.c
- src/openvpn/helper.h
- src/openvpn/httpdigest.c
- src/openvpn/httpdigest.h
- src/openvpn/init.c
- src/openvpn/init.h
- src/openvpn/integer.h
- src/openvpn/interval.c
- src/openvpn/interval.h
- src/openvpn/list.c
- src/openvpn/list.h
- src/openvpn/lladdr.c
- src/openvpn/lladdr.h
- src/openvpn/lzo.c
- src/openvpn/lzo.h
- src/openvpn/manage.c
- src/openvpn/manage.h
- src/openvpn/mbuf.c
- src/openvpn/mbuf.h
- src/openvpn/memdbg.h
- src/openvpn/misc.c
- src/openvpn/misc.h
- src/openvpn/mroute.c
- src/openvpn/mroute.h
- src/openvpn/mss.c
- src/openvpn/mss.h
- src/openvpn/mstats.c
- src/openvpn/mstats.h
- src/openvpn/mtcp.c
- src/openvpn/mtcp.h
- src/openvpn/mtu.c
- src/openvpn/mtu.h
- src/openvpn/mudp.c
- src/openvpn/mudp.h
- src/openvpn/multi.c
- src/openvpn/multi.h
- src/openvpn/ntlm.c
- src/openvpn/ntlm.h
- src/openvpn/occ.c
- src/openvpn/occ.h
- src/openvpn/openvpn.c
- src/openvpn/openvpn.h
- src/openvpn/options.c
- src/openvpn/options.h
- src/openvpn/options_util.c
- src/openvpn/options_util.h
- src/openvpn/otime.c
- src/openvpn/otime.h
- src/openvpn/ovpn_dco_win.h
- src/openvpn/packet_id.c
- src/openvpn/packet_id.h
- src/openvpn/perf.c
- src/openvpn/perf.h
- src/openvpn/ping.c
- src/openvpn/ping.h
- src/openvpn/pkcs11.c
- src/openvpn/pkcs11.h
- src/openvpn/pkcs11_backend.h
- src/openvpn/pkcs11_openssl.c
- src/openvpn/pkcs11_mbedtls.c
- src/openvpn/platform.c
- src/openvpn/platform.h
- src/openvpn/plugin.c
- src/openvpn/plugin.h
- src/openvpn/pool.c
- src/openvpn/pool.h
- src/openvpn/proto.c
- src/openvpn/proto.h
- src/openvpn/proxy.c
- src/openvpn/proxy.h
- src/openvpn/ps.c
- src/openvpn/ps.h
- src/openvpn/push.c
- src/openvpn/push.h
- src/openvpn/pushlist.h
- src/openvpn/reliable.c
- src/openvpn/reliable.h
- src/openvpn/route.c
- src/openvpn/route.h
- src/openvpn/run_command.c
- src/openvpn/run_command.h
- src/openvpn/schedule.c
- src/openvpn/schedule.h
- src/openvpn/session_id.c
- src/openvpn/session_id.h
- src/openvpn/shaper.c
- src/openvpn/shaper.h
- src/openvpn/sig.c
- src/openvpn/sig.h
- src/openvpn/socket.c
- src/openvpn/socket.h
- src/openvpn/socks.c
- src/openvpn/socks.h
- src/openvpn/ssl.c
- src/openvpn/ssl.h
- src/openvpn/ssl_backend.h
- src/openvpn/ssl_common.h
- src/openvpn/ssl_openssl.c
- src/openvpn/ssl_openssl.h
- src/openvpn/ssl_mbedtls.c
- src/openvpn/ssl_mbedtls.h
- src/openvpn/ssl_verify.c
- src/openvpn/ssl_verify.h
- src/openvpn/ssl_verify_backend.h
- src/openvpn/ssl_verify_openssl.c
- src/openvpn/ssl_verify_openssl.h
- src/openvpn/ssl_verify_mbedtls.c
- src/openvpn/ssl_verify_mbedtls.h
- src/openvpn/status.c
- src/openvpn/status.h
- src/openvpn/syshead.h
- src/openvpn/tls_crypt.c
- src/openvpn/tun.c
- src/openvpn/tun.h
- src/openvpn/networking_sitnl.c
- src/openvpn/networking_freebsd.c
- src/openvpn/auth_token.c
- src/openvpn/auth_token.h
- src/openvpn/ssl_ncp.c
- src/openvpn/ssl_ncp.h
- src/openvpn/ssl_pkt.c
- src/openvpn/ssl_pkt.h
- src/openvpn/ssl_util.c
- src/openvpn/ssl_util.h
- src/openvpn/vlan.c
- src/openvpn/vlan.h
- src/openvpn/win32.c
- src/openvpn/win32-util.c
- src/openvpn/win32.h
- src/openvpn/win32-util.h
- src/openvpn/xkey_helper.c
- src/openvpn/xkey_provider.c
- )
+set(SOURCE_FILES
+ ${CMAKE_CURRENT_BINARY_DIR}/config.h
+ ${CMAKE_CURRENT_BINARY_DIR}/config-version.h
+ ${CMAKE_CURRENT_BINARY_DIR}/openvpn-plugin.h
+
+ src/compat/compat-basename.c
+ src/compat/compat-daemon.c
+ src/compat/compat-dirname.c
+ src/compat/compat-gettimeofday.c
+ src/compat/compat-strsep.c
+ src/compat/compat-versionhelpers.h
+ src/openvpn/argv.c
+ src/openvpn/argv.h
+ src/openvpn/base64.c
+ src/openvpn/base64.h
+ src/openvpn/basic.h
+ src/openvpn/block_dns.h
+ src/openvpn/block_dns.c
+ src/openvpn/buffer.c
+ src/openvpn/buffer.h
+ src/openvpn/circ_list.h
+ src/openvpn/clinat.c
+ src/openvpn/clinat.h
+ src/openvpn/common.h
+ src/openvpn/comp-lz4.c
+ src/openvpn/comp-lz4.h
+ src/openvpn/comp.c
+ src/openvpn/comp.h
+ src/openvpn/compstub.c
+ src/openvpn/console.c
+ src/openvpn/console_builtin.c
+ src/openvpn/console.h
+ src/openvpn/crypto.c
+ src/openvpn/crypto.h
+ src/openvpn/crypto_backend.h
+ src/openvpn/crypto_openssl.c
+ src/openvpn/crypto_openssl.h
+ src/openvpn/crypto_mbedtls.c
+ src/openvpn/crypto_mbedtls.h
+ src/openvpn/cryptoapi.c
+ src/openvpn/cryptoapi.h
+ src/openvpn/dco.c
+ src/openvpn/dco.h
+ src/openvpn/dco_win.c
+ src/openvpn/dco_win.h
+ src/openvpn/dco_linux.c
+ src/openvpn/dco_linux.h
+ src/openvpn/dco_freebsd.c
+ src/openvpn/dco_freebsd.h
+ src/openvpn/dhcp.c
+ src/openvpn/dhcp.h
+ src/openvpn/dns.c
+ src/openvpn/dns.h
+ src/openvpn/errlevel.h
+ src/openvpn/env_set.c
+ src/openvpn/env_set.h
+ src/openvpn/error.c
+ src/openvpn/error.h
+ src/openvpn/event.c
+ src/openvpn/event.h
+ src/openvpn/fdmisc.c
+ src/openvpn/fdmisc.h
+ src/openvpn/forward.c
+ src/openvpn/forward.h
+ src/openvpn/fragment.c
+ src/openvpn/fragment.h
+ src/openvpn/gremlin.c
+ src/openvpn/gremlin.h
+ src/openvpn/helper.c
+ src/openvpn/helper.h
+ src/openvpn/httpdigest.c
+ src/openvpn/httpdigest.h
+ src/openvpn/init.c
+ src/openvpn/init.h
+ src/openvpn/integer.h
+ src/openvpn/interval.c
+ src/openvpn/interval.h
+ src/openvpn/list.c
+ src/openvpn/list.h
+ src/openvpn/lladdr.c
+ src/openvpn/lladdr.h
+ src/openvpn/lzo.c
+ src/openvpn/lzo.h
+ src/openvpn/manage.c
+ src/openvpn/manage.h
+ src/openvpn/mbuf.c
+ src/openvpn/mbuf.h
+ src/openvpn/memdbg.h
+ src/openvpn/misc.c
+ src/openvpn/misc.h
+ src/openvpn/mroute.c
+ src/openvpn/mroute.h
+ src/openvpn/mss.c
+ src/openvpn/mss.h
+ src/openvpn/mstats.c
+ src/openvpn/mstats.h
+ src/openvpn/mtcp.c
+ src/openvpn/mtcp.h
+ src/openvpn/mtu.c
+ src/openvpn/mtu.h
+ src/openvpn/mudp.c
+ src/openvpn/mudp.h
+ src/openvpn/multi.c
+ src/openvpn/multi.h
+ src/openvpn/ntlm.c
+ src/openvpn/ntlm.h
+ src/openvpn/occ.c
+ src/openvpn/occ.h
+ src/openvpn/openvpn.c
+ src/openvpn/openvpn.h
+ src/openvpn/openvpn_win32_resources.rc
+ src/openvpn/options.c
+ src/openvpn/options.h
+ src/openvpn/options_util.c
+ src/openvpn/options_util.h
+ src/openvpn/otime.c
+ src/openvpn/otime.h
+ src/openvpn/ovpn_dco_win.h
+ src/openvpn/packet_id.c
+ src/openvpn/packet_id.h
+ src/openvpn/perf.c
+ src/openvpn/perf.h
+ src/openvpn/ping.c
+ src/openvpn/ping.h
+ src/openvpn/pkcs11.c
+ src/openvpn/pkcs11.h
+ src/openvpn/pkcs11_backend.h
+ src/openvpn/pkcs11_openssl.c
+ src/openvpn/pkcs11_mbedtls.c
+ src/openvpn/platform.c
+ src/openvpn/platform.h
+ src/openvpn/plugin.c
+ src/openvpn/plugin.h
+ src/openvpn/pool.c
+ src/openvpn/pool.h
+ src/openvpn/proto.c
+ src/openvpn/proto.h
+ src/openvpn/proxy.c
+ src/openvpn/proxy.h
+ src/openvpn/ps.c
+ src/openvpn/ps.h
+ src/openvpn/push.c
+ src/openvpn/push.h
+ src/openvpn/pushlist.h
+ src/openvpn/reflect_filter.c
+ src/openvpn/reflect_filter.h
+ src/openvpn/reliable.c
+ src/openvpn/reliable.h
+ src/openvpn/route.c
+ src/openvpn/route.h
+ src/openvpn/run_command.c
+ src/openvpn/run_command.h
+ src/openvpn/schedule.c
+ src/openvpn/schedule.h
+ src/openvpn/session_id.c
+ src/openvpn/session_id.h
+ src/openvpn/shaper.c
+ src/openvpn/shaper.h
+ src/openvpn/sig.c
+ src/openvpn/sig.h
+ src/openvpn/socket.c
+ src/openvpn/socket.h
+ src/openvpn/socks.c
+ src/openvpn/socks.h
+ src/openvpn/ssl.c
+ src/openvpn/ssl.h
+ src/openvpn/ssl_backend.h
+ src/openvpn/ssl_common.h
+ src/openvpn/ssl_openssl.c
+ src/openvpn/ssl_openssl.h
+ src/openvpn/ssl_mbedtls.c
+ src/openvpn/ssl_mbedtls.h
+ src/openvpn/ssl_verify.c
+ src/openvpn/ssl_verify.h
+ src/openvpn/ssl_verify_backend.h
+ src/openvpn/ssl_verify_openssl.c
+ src/openvpn/ssl_verify_openssl.h
+ src/openvpn/ssl_verify_mbedtls.c
+ src/openvpn/ssl_verify_mbedtls.h
+ src/openvpn/status.c
+ src/openvpn/status.h
+ src/openvpn/syshead.h
+ src/openvpn/tls_crypt.c
+ src/openvpn/tun.c
+ src/openvpn/tun.h
+ src/openvpn/networking_sitnl.c
+ src/openvpn/networking_freebsd.c
+ src/openvpn/auth_token.c
+ src/openvpn/auth_token.h
+ src/openvpn/ssl_ncp.c
+ src/openvpn/ssl_ncp.h
+ src/openvpn/ssl_pkt.c
+ src/openvpn/ssl_pkt.h
+ src/openvpn/ssl_util.c
+ src/openvpn/ssl_util.h
+ src/openvpn/vlan.c
+ src/openvpn/vlan.h
+ src/openvpn/win32.c
+ src/openvpn/win32-util.c
+ src/openvpn/win32.h
+ src/openvpn/win32-util.h
+ src/openvpn/xkey_helper.c
+ src/openvpn/xkey_provider.c
+ )
add_executable(openvpn ${SOURCE_FILES})
add_library_deps(openvpn)
-if (${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
- target_link_libraries(openvpn PUBLIC -ldl)
-
- find_package(PkgConfig)
- pkg_search_module(LIBNL REQUIRED libnl-genl-3.0)
-
- target_link_libraries(openvpn PUBLIC ${LIBNL_LIBRARIES})
- target_include_directories(openvpn PRIVATE ${LIBNL_INCLUDE_DIRS})
-endif ()
-
-
if (MINGW)
+ target_compile_options(openvpn PRIVATE
+ -DWIN32_LEAN_AND_MEAN
+ -DNTDDI_VERSION=NTDDI_VISTA -D_WIN32_WINNT=_WIN32_WINNT_VISTA
+ )
+ target_compile_options(openvpn PRIVATE -municode -UUNICODE)
target_link_options(openvpn PRIVATE -municode)
+endif()
+
+if (MSVC)
+ # we have our own manifest
+ target_link_options(openvpn PRIVATE /MANIFEST:NO)
+endif()
+
+if (${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
+ target_link_libraries(openvpn PUBLIC -ldl)
endif ()
if (NOT WIN32)
+ target_compile_options(openvpn PRIVATE -DPLUGIN_LIBDIR=\"${PLUGIN_DIR}\")
+
find_library(resolv resolv)
# some platform like BSDs already include resolver functionality in the libc and not have an extra resolv library
if (${resolv} OR APPLE)
@@ -487,58 +511,155 @@ if (NOT WIN32)
endif ()
-pkg_search_module(cmocka cmocka REQUIRED IMPORTED_TARGET)
-enable_testing()
+if (BUILD_TESTING)
+ find_package(cmocka CONFIG)
+ if (TARGET cmocka::cmocka)
+ set(CMOCKA_LIBRARIES cmocka::cmocka)
+ else ()
+ pkg_search_module(cmocka cmocka REQUIRED IMPORTED_TARGET)
+ set(CMOCKA_LIBRARIES PkgConfig::cmocka)
+ endif ()
-SET(unit_tests "test_packet_id" "test_crypto" "test_ncp" "test_auth_token" "test_misc" "test_buffer" "test_provider" "test_pkt")
+ set(unit_tests
+ "test_auth_token"
+ "test_buffer"
+ "test_crypto"
+ "test_misc"
+ "test_ncp"
+ "test_packet_id"
+ "test_pkt"
+ "test_provider"
+ )
-# These tests work on only on Linux since they depend on special linker features
-if (WIN32)
- LIST(APPEND unit_tests "test_cryptoapi")
-elseif (${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
- LIST(APPEND unit_tests "test_networking" "test_tls_crypt" "test_argv")
-endif ()
+ if (WIN32)
+ list(APPEND unit_tests
+ "test_cryptoapi"
+ )
+ endif ()
+
+ if (NOT MSVC)
+ # MSVC does not support --wrap
+ list(APPEND unit_tests
+ "test_argv"
+ )
+ endif ()
+
+ # These tests work on only on Linux since they depend on special linker features
+ if (${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
+ list(APPEND unit_tests
+ "test_networking"
+ "test_tls_crypt"
+ )
+ endif ()
+ if (NOT WIN32 AND ${ENABLE_PKCS11})
+ set(_HAVE_SOFTHSM2 YES)
+ find_program(P11TOOL p11tool)
+ find_program(SOFTHSM2_UTIL softhsm2-util)
+ find_library(SOFTHSM2_MODULE softhsm2 PATH_SUFFIXES softhsm)
+
+ if (P11TOOL STREQUAL "P11TOOL-NOTFOUND")
+ message(STATUS "p11tool not found, pkcs11 UT disabled")
+ set(_HAVE_SOFTHSM2 NO)
+ elseif (SOFTHSM2_UTIL STREQUAL "SOFTHSM2_UTIL-NOTFOUND")
+ message(STATUS "softhsm2-util not found, pkcs11 UT disabled")
+ set(_HAVE_SOFTHSM2 NO)
+ elseif (SOFTHSM2_MODULE STREQUAL "SOFTHSM2_MODULE-NOTFOUND")
+ message(STATUS "softhsm2 module not found, pkcs11 UT disabled")
+ set(_HAVE_SOFTHSM2 NO)
+ endif ()
+
+ if (_HAVE_SOFTHSM2)
+ message(VERBOSE "pkcs11 UT enabled")
+ list(APPEND unit_tests
+ "test_pkcs11"
+ )
+ endif ()
+ endif ()
-FOREACH (test_name ${unit_tests})
- add_executable(${test_name}
+ foreach (test_name ${unit_tests})
+ # test_networking needs special environment
+ if (NOT ${test_name} STREQUAL "test_networking")
+ add_test(${test_name} ${test_name})
+ endif ()
+ add_executable(${test_name}
tests/unit_tests/openvpn/${test_name}.c
tests/unit_tests/openvpn/mock_msg.c
+ tests/unit_tests/openvpn/mock_msg.h
src/openvpn/platform.c
- src/openvpn/crypto_mbedtls.c
- src/openvpn/crypto_openssl.c
- src/openvpn/crypto.c
- src/openvpn/otime.c
- src/openvpn/packet_id.c
- src/openvpn/base64.c
src/openvpn/win32-util.c
- src/openvpn/mtu.c
- src/openvpn/networking_sitnl.c
- src/compat/compat-strsep.c
src/compat/compat-gettimeofday.c
- src/openvpn/ssl_util.c
- src/openvpn/reliable.c
- src/openvpn/session_id.c
- src/openvpn/mss.c
- src/openvpn/xkey_provider.c
)
- add_library_deps(${test_name})
- target_link_libraries(${test_name} PUBLIC PkgConfig::cmocka)
+ add_library_deps(${test_name})
+ target_link_libraries(${test_name} PUBLIC ${CMOCKA_LIBRARIES})
- target_include_directories(${test_name} PRIVATE src/openvpn)
+ target_include_directories(${test_name} PRIVATE src/openvpn)
- if (NOT ${test_name} STREQUAL "test_buffer")
- target_sources(${test_name} PRIVATE
+ if (NOT ${test_name} STREQUAL "test_buffer")
+ target_sources(${test_name} PRIVATE
src/openvpn/buffer.c
)
- endif ()
- add_test(NAME ${test_name} COMMAND ${test_name})
-ENDFOREACH ()
+ endif ()
+
+ endforeach()
+
+ target_sources(test_auth_token PRIVATE
+ src/openvpn/base64.c
+ src/openvpn/crypto_mbedtls.c
+ src/openvpn/crypto_openssl.c
+ src/openvpn/crypto.c
+ src/openvpn/otime.c
+ src/openvpn/packet_id.c
+ )
+
+ target_sources(test_buffer PRIVATE
+ tests/unit_tests/openvpn/mock_get_random.c
+ )
+
+ target_sources(test_crypto PRIVATE
+ src/openvpn/crypto_mbedtls.c
+ src/openvpn/crypto_openssl.c
+ src/openvpn/crypto.c
+ src/openvpn/otime.c
+ src/openvpn/packet_id.c
+ src/openvpn/mtu.c
+ src/openvpn/mss.c
+ )
+
+ target_sources(test_misc PRIVATE
+ tests/unit_tests/openvpn/mock_get_random.c
+ src/openvpn/options_util.c
+ src/openvpn/ssl_util.c
+ )
+
+ target_sources(test_ncp PRIVATE
+ src/openvpn/crypto_mbedtls.c
+ src/openvpn/crypto_openssl.c
+ src/openvpn/crypto.c
+ src/openvpn/otime.c
+ src/openvpn/packet_id.c
+ src/openvpn/ssl_util.c
+ src/compat/compat-strsep.c
+ )
+
+ target_sources(test_packet_id PRIVATE
+ tests/unit_tests/openvpn/mock_get_random.c
+ src/openvpn/otime.c
+ src/openvpn/packet_id.c
+ src/openvpn/reliable.c
+ src/openvpn/session_id.c
+ )
-target_sources(test_pkt PRIVATE
+ target_sources(test_pkt PRIVATE
src/openvpn/argv.c
+ src/openvpn/base64.c
+ src/openvpn/crypto_mbedtls.c
+ src/openvpn/crypto_openssl.c
+ src/openvpn/crypto.c
src/openvpn/env_set.c
+ src/openvpn/otime.c
+ src/openvpn/packet_id.c
src/openvpn/reliable.c
src/openvpn/run_command.c
src/openvpn/session_id.c
@@ -546,46 +667,83 @@ target_sources(test_pkt PRIVATE
src/openvpn/tls_crypt.c
)
-if (TARGET test_cryptoapi)
- target_sources(test_cryptoapi PRIVATE
- src/openvpn/xkey_helper.c
- src/openvpn/xkey_provider.c
- )
-endif ()
-
-target_sources(test_provider PRIVATE
+ target_sources(test_provider PRIVATE
+ tests/unit_tests/openvpn/mock_get_random.c
src/openvpn/xkey_provider.c
src/openvpn/xkey_helper.c
+ src/openvpn/base64.c
)
-target_sources(test_misc PRIVATE
- src/openvpn/options_util.c
- )
-
-IF (TARGET test_tls_crypt)
- target_sources(test_tls_crypt PRIVATE
- src/openvpn/argv.c
- src/openvpn/env_set.c
- src/openvpn/run_command.c)
-endif ()
-
-if (TARGET test_argv)
- target_sources(test_argv PRIVATE
+ if (TARGET test_argv)
+ target_link_options(test_argv PRIVATE -Wl,--wrap=parse_line)
+ target_sources(test_argv PRIVATE
+ tests/unit_tests/openvpn/mock_get_random.c
src/openvpn/argv.c
- src/openvpn/env_set.c
- src/openvpn/run_command.c)
-endif ()
+ )
+ endif ()
+ if (TARGET test_cryptoapi)
+ target_sources(test_cryptoapi PRIVATE
+ tests/unit_tests/openvpn/mock_get_random.c
+ tests/unit_tests/openvpn/cert_data.h
+ tests/unit_tests/openvpn/pkey_test_utils.c
+ src/openvpn/xkey_provider.c
+ src/openvpn/xkey_helper.c
+ src/openvpn/base64.c
+ )
+ endif ()
-FOREACH (test_name "networking" "tls_crypt" "argv")
- if (TARGET test_${test_name})
- target_link_options(test_${test_name} PRIVATE -Wl,--wrap=parse_line)
+ if (TARGET test_networking)
+ target_link_options(test_networking PRIVATE -Wl,--wrap=parse_line)
+ target_compile_options(test_networking PRIVATE -UNDEBUG)
+ target_sources(test_networking PRIVATE
+ src/openvpn/networking_sitnl.c
+ src/openvpn/crypto_mbedtls.c
+ src/openvpn/crypto_openssl.c
+ src/openvpn/crypto.c
+ src/openvpn/otime.c
+ src/openvpn/packet_id.c
+ )
endif ()
-ENDFOREACH ()
-if (TARGET test_tls_crypt)
- target_link_options("test_tls_crypt" PRIVATE
+ if (TARGET test_tls_crypt)
+ target_link_options(test_tls_crypt PRIVATE -Wl,--wrap=parse_line)
+ target_link_options(test_tls_crypt PRIVATE
-Wl,--wrap=buffer_read_from_file
-Wl,--wrap=buffer_write_file
-Wl,--wrap=rand_bytes)
-ENDIF ()
\ No newline at end of file
+ target_sources(test_tls_crypt PRIVATE
+ src/openvpn/argv.c
+ src/openvpn/base64.c
+ src/openvpn/crypto_mbedtls.c
+ src/openvpn/crypto_openssl.c
+ src/openvpn/crypto.c
+ src/openvpn/env_set.c
+ src/openvpn/otime.c
+ src/openvpn/packet_id.c
+ src/openvpn/run_command.c
+ )
+ endif ()
+
+ if (TARGET test_pkcs11)
+ target_compile_options(test_pkcs11 PRIVATE
+ -DP11TOOL_PATH=\"${P11TOOL}\"
+ -DSOFTHSM2_MODULE_PATH=\"${SOFTHSM2_MODULE}\"
+ -DSOFTHSM2_UTIL_PATH=\"${SOFTHSM2_UTIL}\"
+ )
+ target_sources(test_pkcs11 PRIVATE
+ tests/unit_tests/openvpn/mock_get_random.c
+ tests/unit_tests/openvpn/pkey_test_utils.c
+ src/openvpn/argv.c
+ src/openvpn/base64.c
+ src/openvpn/env_set.c
+ src/openvpn/otime.c
+ src/openvpn/pkcs11.c
+ src/openvpn/pkcs11_openssl.c
+ src/openvpn/run_command.c
+ src/openvpn/xkey_helper.c
+ src/openvpn/xkey_provider.c
+ )
+ endif ()
+
+endif (BUILD_TESTING)
new file mode 100644
@@ -0,0 +1,183 @@
+{
+ "version": 3,
+ "configurePresets": [
+ {
+ "name": "base",
+ "hidden": true,
+ "cacheVariables": {
+ "CMAKE_TOOLCHAIN_FILE": {
+ "value": "$env{VCPKG_ROOT}/scripts/buildsystems/vcpkg.cmake",
+ "type": "FILEPATH"
+ },
+ "VCPKG_OVERLAY_TRIPLETS": {
+ "value": "${sourceDir}/contrib/vcpkg-triplets",
+ "type": "FILEPATH"
+ },
+ "VCPKG_OVERLAY_PORTS": {
+ "value": "${sourceDir}/contrib/vcpkg-ports",
+ "type": "FILEPATH"
+ }
+ }
+ },
+ {
+ "name": "base-windows",
+ "hidden": true,
+ "generator": "Visual Studio 17 2022",
+ "cacheVariables": {
+ "VCPKG_MANIFEST_DIR": "${sourceDir}/contrib/vcpkg-manifests/windows",
+ "VCPKG_HOST_TRIPLET": "x64-windows"
+ },
+ "vendor": { "microsoft.com/VisualStudioSettings/CMake/1.0": { "hostOS": [ "Windows" ] } }
+ },
+ {
+ "name": "base-mingw",
+ "hidden": true,
+ "generator": "Ninja",
+ "cacheVariables": {
+ "CMAKE_SYSTEM_NAME": {
+ "value": "Windows",
+ "type": "STRING"
+ },
+ "VCPKG_MANIFEST_DIR": "${sourceDir}/contrib/vcpkg-manifests/mingw"
+ }
+ },
+ {
+ "name": "x64",
+ "hidden": true,
+ "binaryDir": "out/build/msvc/amd64",
+ "architecture": {
+ "value": "x64"
+ },
+ "cacheVariables": {
+ "VCPKG_TARGET_TRIPLET": "x64-windows-ovpn"
+ }
+ },
+ {
+ "name": "x64-mingw",
+ "hidden": true,
+ "binaryDir": "out/build/mingw/x64",
+ "cacheVariables": {
+ "CMAKE_C_COMPILER": {
+ "value": "x86_64-w64-mingw32-gcc",
+ "type": "STRING"
+ },
+ "CMAKE_CXX_COMPILER": {
+ "value": "x86_64-w64-mingw32-g++",
+ "type": "STRING"
+ },
+ "VCPKG_TARGET_TRIPLET": "x64-mingw-ovpn"
+ }
+ },
+ {
+ "name": "arm64",
+ "hidden": true,
+ "binaryDir": "out/build/msvc/arm64",
+ "architecture": {
+ "value": "arm64"
+ },
+ "cacheVariables": {
+ "VCPKG_TARGET_TRIPLET": "arm64-windows-ovpn"
+ }
+ },
+ {
+ "name": "x86",
+ "hidden": true,
+ "binaryDir": "out/build/msvc/x86",
+ "architecture": {
+ "value": "Win32"
+ },
+ "cacheVariables": {
+ "VCPKG_TARGET_TRIPLET": "x86-windows-ovpn"
+ }
+ },
+ {
+ "name": "i686-mingw",
+ "hidden": true,
+ "binaryDir": "out/build/mingw/x86",
+ "cacheVariables": {
+ "CMAKE_C_COMPILER": {
+ "value": "i686-w64-mingw32-gcc",
+ "type": "STRING"
+ },
+ "CMAKE_CXX_COMPILER": {
+ "value": "i686-w64-mingw32-g++",
+ "type": "STRING"
+ },
+ "VCPKG_TARGET_TRIPLET": "x86-mingw-ovpn"
+ }
+ },
+ {
+ "name": "mingw-x64",
+ "inherits": [ "base", "base-mingw", "x64-mingw" ]
+ },
+ {
+ "name": "mingw-x86",
+ "inherits": [ "base", "base-mingw", "i686-mingw" ]
+ },
+ {
+ "name": "win-amd64",
+ "inherits": [ "base", "base-windows", "x64" ]
+ },
+ {
+ "name": "win-arm64",
+ "inherits": [ "base", "base-windows", "arm64" ]
+ },
+ {
+ "name": "win-amd64_arm64",
+ "inherits": [ "base", "base-windows", "arm64" ]
+ },
+ {
+ "name": "win-x86",
+ "inherits": [ "base", "base-windows", "x86" ]
+ },
+ {
+ "name": "unix-native",
+ "generator": "Ninja Multi-Config",
+ "binaryDir": "out/build/unix"
+ }
+ ],
+ "buildPresets": [
+ {
+ "name": "mingw-x64",
+ "configurePreset": "mingw-x64"
+ },
+ {
+ "name": "mingw-x86",
+ "configurePreset": "mingw-x86"
+ },
+ {
+ "name": "win-amd64",
+ "configurePreset": "win-amd64"
+ },
+ {
+ "name": "win-arm64",
+ "configurePreset": "win-arm64"
+ },
+ {
+ "name": "win-amd64_arm64",
+ "configurePreset": "win-arm64"
+ },
+ {
+ "name": "win-x86",
+ "configurePreset": "win-x86"
+ },
+ {
+ "name": "unix-native",
+ "configurePreset": "unix-native"
+ }
+ ],
+ "testPresets": [
+ {
+ "name": "win-amd64",
+ "configurePreset": "win-amd64"
+ },
+ {
+ "name": "win-x86",
+ "configurePreset": "win-x86"
+ },
+ {
+ "name": "unix-native",
+ "configurePreset": "unix-native"
+ }
+ ]
+}
@@ -42,7 +42,7 @@
#define ENABLE_OFB_CFB_MODE
/* Enable PKCS11 */
-/* #undef ENABLE_PKCS11 */
+#cmakedefine ENABLE_PKCS11
/* Enable plug-in support */
#define ENABLE_PLUGIN 1
@@ -83,6 +83,9 @@
/* struct cmsghdr needed for extended socket error support */
#cmakedefine HAVE_CMSGHDR
+/* git version information in config-version.h */
+#cmakedefine HAVE_CONFIG_VERSION_H
+
/* Define to 1 if you have the `daemon' function. */
#cmakedefine HAVE_DAEMON
@@ -193,9 +196,6 @@ don't. */
/* Define to 1 if you have the <netinet/in.h> header file. */
#cmakedefine HAVE_NETINET_IN_H
-/* Define to 1 if you have the <netinet/in_systm.h> header file. */
-#undef HAVE_NETINET_IN_SYSTM_H
-
/* Define to 1 if you have the <netinet/ip.h> header file. */
#cmakedefine HAVE_NETINET_IP_H
@@ -399,14 +399,17 @@ don't. */
#define ROUTE_PATH "@ROUTE_PATH@"
/* OpenVPN major version - integer */
-#undef OPENVPN_VERSION_MAJOR
+#define OPENVPN_VERSION_MAJOR @OPENVPN_VERSION_MAJOR@
/* OpenVPN minor version - integer */
-#undef OPENVPN_VERSION_MINOR
+#define OPENVPN_VERSION_MINOR @OPENVPN_VERSION_MINOR@
/* OpenVPN patch level - may be a string or integer */
#define OPENVPN_VERSION_PATCH "@OPENVPN_VERSION_PATCH@"
+/* OpenVPN version in Windows resource format - string */
+#define OPENVPN_VERSION_RESOURCE @OPENVPN_VERSION_RESOURCE@
+
/* Name of package */
#define PACKAGE "openvpn"
@@ -422,12 +425,6 @@ don't. */
/* Define to the version of this package. */
#define PACKAGE_VERSION "@OPENVPN_VERSION_MAJOR@.@OPENVPN_VERSION_MINOR@@OPENVPN_VERSION_PATCH@"
-/* OpenVPN major version - integer */
-#define OPENVPN_VERSION_MAJOR @OPENVPN_VERSION_MAJOR@
-
-/* OpenVPN minor version - integer */
-#define OPENVPN_VERSION_MINOR @OPENVPN_VERSION_MINOR@
-
/* Path to systemd-ask-password tool */
#undef SYSTEMD_ASK_PASSWORD_PATH
@@ -481,7 +478,6 @@ typedef SSIZE_T ssize_t;
#define strncasecmp strnicmp
#define strcasecmp _stricmp
-
#define S_IRUSR 0
#define S_IWUSR 0
#define R_OK 4
new file mode 100644
@@ -0,0 +1,75 @@
+#
+# OpenVPN -- An application to securely tunnel IP networks
+# over a single UDP port, with support for SSL/TLS-based
+# session authentication and key exchange,
+# packet encryption, packet authentication, and
+# packet compression.
+#
+# Copyright (C) 2022-2023 OpenVPN Inc <sales@openvpn.net>
+# Copyright (C) 2022-2022 Lev Stipakov <lev@lestisoftware.fi>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+import os
+import sys
+import subprocess
+
+def run_command(args):
+ sp = subprocess.Popen(args, stdout=subprocess.PIPE, stderr=subprocess.DEVNULL)
+ o, _ = sp.communicate()
+ return o.decode("utf-8")[:-1]
+
+def get_branch_commit_id():
+ commit_id = run_command(["git", "rev-parse", "--short=16", "HEAD"])
+ if not commit_id:
+ raise
+ branch = run_command(["git", "describe", "--exact-match"])
+ if not branch:
+ # this returns an array like ["master"] or ["release", "2.6"]
+ branch = run_command(["git", "rev-parse", "--symbolic-full-name", "HEAD"]).split("/")[2:]
+ if not branch:
+ branch = ["none"]
+ branch = "/" .join(branch) # handle cases like release/2.6
+
+ return branch, commit_id
+
+def main():
+ try:
+ branch, commit_id = get_branch_commit_id()
+ except:
+ branch, commit_id = "unknown", "unknown"
+
+ prev_content = ""
+
+ name = os.path.join("%s" % (sys.argv[1] if len(sys.argv) > 1 else "."), "config-version.h")
+ try:
+ with open(name, "r") as f:
+ prev_content = f.read()
+ except:
+ # file doesn't exist
+ pass
+
+ content = "#define CONFIGURE_GIT_REVISION \"%s/%s\"\n" % (branch, commit_id)
+ content += "#define CONFIGURE_GIT_FLAGS \"\"\n"
+
+ if prev_content != content:
+ print("Writing %s" % name)
+ with open(name, "w") as f:
+ f.write(content)
+ else:
+ print("Content of %s hasn't changed" % name)
+
+if __name__ == "__main__":
+ main()
new file mode 100644
@@ -0,0 +1,58 @@
+#
+# OpenVPN -- An application to securely tunnel IP networks
+# over a single UDP port, with support for SSL/TLS-based
+# session authentication and key exchange,
+# packet encryption, packet authentication, and
+# packet compression.
+#
+# Copyright (C) 2022-2023 OpenVPN Inc <sales@openvpn.net>
+# Copyright (C) 2022-2022 Lev Stipakov <lev@lestisoftware.fi>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+import os
+import re
+import sys
+
+def main():
+ assert len(sys.argv) > 1
+ version_path = sys.argv[1]
+ output = []
+ with open(version_path, 'r') as version_file:
+ for line in version_file:
+ match = re.match(r'[ \t]*define\(\[(.*)\],[ \t]*\[(.*)\]\)[ \t]*', line)
+ if match is not None:
+ output.append(match.expand(r'set(\1 \2)'))
+ out_path = os.path.join("%s" % (sys.argv[2] if len(sys.argv) > 2 else "."), "version.cmake")
+
+ prev_content = ""
+ try:
+ with open(out_path, "r") as out_file:
+ prev_content = out_file.read()
+ except:
+ # file doesn't exist
+ pass
+
+ content = "\n".join(output) + "\n"
+ if prev_content != content:
+ print("Writing %s" % out_path)
+ with open(out_path, "w") as out_file:
+ out_file.write(content)
+ else:
+ print("Content of %s hasn't changed" % out_path)
+
+if __name__ == "__main__":
+ main()
+
new file mode 100644
@@ -0,0 +1,13 @@
+{
+ "$schema": "https://raw.githubusercontent.com/microsoft/vcpkg/master/scripts/vcpkg.schema.json",
+ "name": "openvpn",
+ "version": "2.7",
+ "dependencies": [
+ "openssl",
+ "tap-windows6",
+ "lzo",
+ "lz4",
+ "pkcs11-helper",
+ "cmocka"
+ ]
+}
new file mode 100644
@@ -0,0 +1,20 @@
+{
+ "$schema": "https://raw.githubusercontent.com/microsoft/vcpkg/master/scripts/vcpkg.schema.json",
+ "name": "openvpn",
+ "version": "2.7",
+ "dependencies": [
+ {
+ "name": "openssl",
+ "features": ["tools"]
+ },
+ "tap-windows6",
+ "lzo",
+ "lz4",
+ "pkcs11-helper",
+ "cmocka",
+ {
+ "name": "pkgconf",
+ "host": true
+ }
+ ]
+}
@@ -28,12 +28,28 @@ if(VCPKG_TARGET_IS_WINDOWS AND NOT VCPKG_TARGET_IS_MINGW)
OPENSSL_HOME=${CURRENT_PACKAGES_DIR}/../openssl_${TARGET_TRIPLET}
)
- file(INSTALL ${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-rel/lib/pkcs11-helper.dll.lib DESTINATION ${CURRENT_PACKAGES_DIR}/lib)
- file(INSTALL ${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-dbg/lib/pkcs11-helper.dll.lib DESTINATION ${CURRENT_PACKAGES_DIR}/debug/lib)
+ file(INSTALL ${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-rel/lib/pkcs11-helper.dll.lib DESTINATION ${CURRENT_PACKAGES_DIR}/lib RENAME pkcs11-helper.lib)
+ file(INSTALL ${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-dbg/lib/pkcs11-helper.dll.lib DESTINATION ${CURRENT_PACKAGES_DIR}/debug/lib RENAME pkcs11-helper.lib)
file(INSTALL ${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-rel/lib/libpkcs11-helper-1.dll DESTINATION ${CURRENT_PACKAGES_DIR}/bin)
file(INSTALL ${CURRENT_BUILDTREES_DIR}/${TARGET_TRIPLET}-dbg/lib/libpkcs11-helper-1.dll DESTINATION ${CURRENT_PACKAGES_DIR}/debug/bin)
+ set(PACKAGE_VERSION "${VERSION}")
+ set(libdir [[${prefix}/lib]])
+ set(exec_prefix [[${prefix}]])
+ set(PKCS11H_FEATURES key_prompt openssl engine_crypto_cryptoapi engine_crypto_openssl debug threading token data certificate slotevent engine_crypto)
+ set(LIBS -lkernel32 -luser32 -lgdi32 -lwinspool -lshell32 -lole32 -loleaut32 -luuid -lcomdlg32 -ladvapi32)
+ if(NOT DEFINED VCPKG_BUILD_TYPE OR VCPKG_BUILD_TYPE STREQUAL "release")
+ set(includedir [[${prefix}/include]])
+ set(outfile "${CURRENT_PACKAGES_DIR}/lib/pkgconfig/libpkcs11-helper-1.pc")
+ configure_file("${SOURCE_PATH}/lib/libpkcs11-helper-1.pc.in" "${outfile}" @ONLY)
+ endif()
+ if(NOT DEFINED VCPKG_BUILD_TYPE OR VCPKG_BUILD_TYPE STREQUAL "debug")
+ set(includedir [[${prefix}/../include]])
+ set(outfile "${CURRENT_PACKAGES_DIR}/debug/lib/pkgconfig/libpkcs11-helper-1.pc")
+ configure_file("${SOURCE_PATH}/lib/libpkcs11-helper-1.pc.in" "${outfile}" @ONLY)
+ endif()
+
file(INSTALL ${SOURCE_PATH}/include/pkcs11-helper-1.0 DESTINATION ${CURRENT_PACKAGES_DIR}/include/)
else()
@@ -45,11 +61,11 @@ else()
--disable-crypto-engine-polarssl --disable-crypto-engine-mbedtls
)
vcpkg_install_make()
- vcpkg_fixup_pkgconfig()
file(REMOVE_RECURSE "${CURRENT_PACKAGES_DIR}/debug/share")
endif()
+vcpkg_fixup_pkgconfig()
vcpkg_copy_pdbs()
file(INSTALL ${SOURCE_PATH}/COPYING DESTINATION ${CURRENT_PACKAGES_DIR}/share/${PORT} RENAME copyright)
new file mode 100644
@@ -0,0 +1,81 @@
+set(_GENERATE_HTML_DOC YES)
+set(_GENERATE_MAN_DOC YES)
+find_program(RST2HTML NAMES rst2html rst2html.py)
+find_program(RST2MAN NAMES rst2man rst2man.py)
+
+if (RST2HTML STREQUAL "RST2HTML-NOTFOUND")
+ message(STATUS "rst2html not found, not generating HTML documentation")
+ set(_GENERATE_HTML_DOC NO)
+endif ()
+if (RST2MAN STREQUAL "RST2MAN-NOTFOUND")
+ message(STATUS "rst2man not found, not generating HTML documentation")
+ set(_GENERATE_MAN_DOC NO)
+endif ()
+
+set(OPENVPN_SECTIONS
+ man-sections/advanced-options.rst
+ man-sections/cipher-negotiation.rst
+ man-sections/client-options.rst
+ man-sections/connection-profiles.rst
+ man-sections/encryption-options.rst
+ man-sections/generic-options.rst
+ man-sections/inline-files.rst
+ man-sections/link-options.rst
+ man-sections/log-options.rst
+ man-sections/management-options.rst
+ man-sections/network-config.rst
+ man-sections/pkcs11-options.rst
+ man-sections/plugin-options.rst
+ man-sections/protocol-options.rst
+ man-sections/proxy-options.rst
+ man-sections/renegotiation.rst
+ man-sections/signals.rst
+ man-sections/script-options.rst
+ man-sections/server-options.rst
+ man-sections/tls-options.rst
+ man-sections/unsupported-options.rst
+ man-sections/virtual-routing-and-forwarding.rst
+ man-sections/vpn-network-options.rst
+ man-sections/windows-options.rst
+ )
+
+set(OPENVPN_EXAMPLES_SECTIONS
+ man-sections/example-fingerprint.rst
+ man-sections/examples.rst
+ )
+
+set(RST_FLAGS --strict)
+
+if (_GENERATE_HTML_DOC)
+ list(APPEND ALL_DOCS openvpn.8.html openvpn-examples.5.html)
+ add_custom_command(
+ OUTPUT openvpn.8.html
+ COMMAND ${PYTHON} ${RST2HTML} ${RST_FLAGS} ${CMAKE_CURRENT_SOURCE_DIR}/openvpn.8.rst ${CMAKE_CURRENT_BINARY_DIR}/openvpn.8.html
+ MAIN_DEPENDENCY openvpn.8.rst
+ DEPENDS ${OPENVPN_SECTIONS}
+ )
+ add_custom_command(
+ OUTPUT openvpn-examples.5.html
+ COMMAND ${PYTHON} ${RST2HTML} ${RST_FLAGS} ${CMAKE_CURRENT_SOURCE_DIR}/openvpn-examples.5.rst ${CMAKE_CURRENT_BINARY_DIR}/openvpn-examples.5.html
+ MAIN_DEPENDENCY openvpn-examples.5.rst
+ DEPENDS ${OPENVPN_EXAMPLES_SECTIONS}
+ )
+endif ()
+if (_GENERATE_MAN_DOC)
+ list(APPEND ALL_DOCS openvpn.8 openvpn-examples.5)
+ add_custom_command(
+ OUTPUT openvpn.8
+ COMMAND ${PYTHON} ${RST2MAN} ${RST_FLAGS} ${CMAKE_CURRENT_SOURCE_DIR}/openvpn.8.rst ${CMAKE_CURRENT_BINARY_DIR}/openvpn.8
+ MAIN_DEPENDENCY openvpn.8.rst
+ DEPENDS ${OPENVPN_SECTIONS}
+ )
+ add_custom_command(
+ OUTPUT openvpn-examples.5
+ COMMAND ${PYTHON} ${RST2MAN} ${RST_FLAGS} ${CMAKE_CURRENT_SOURCE_DIR}/openvpn-examples.5.rst ${CMAKE_CURRENT_BINARY_DIR}/openvpn-examples.5
+ MAIN_DEPENDENCY openvpn-examples.5.rst
+ DEPENDS ${OPENVPN_EXAMPLES_SECTIONS}
+ )
+endif ()
+
+add_custom_target(documentation ALL DEPENDS ${ALL_DOCS})
+
new file mode 100644
@@ -0,0 +1,36 @@
+if (NOT WIN32)
+ return ()
+endif ()
+
+project(openvpnmsica)
+
+add_library(openvpnmsica SHARED)
+
+target_include_directories(openvpnmsica PRIVATE
+ ${CMAKE_CURRENT_BINARY_DIR}/../../
+ ../../include/
+ ../compat/
+ )
+target_sources(openvpnmsica PRIVATE
+ dllmain.c
+ msiex.c msiex.h
+ msica_arg.c msica_arg.h
+ openvpnmsica.c openvpnmsica.h
+ ../tapctl/basic.h
+ ../tapctl/error.c ../tapctl/error.h
+ ../tapctl/tap.c ../tapctl/tap.h
+ openvpnmsica_resources.rc
+ )
+target_compile_options(openvpnmsica PRIVATE
+ -D_UNICODE
+ -UNTDDI_VERSION
+ -D_WIN32_WINNT=_WIN32_WINNT_VISTA
+ )
+target_link_libraries(openvpnmsica
+ advapi32.lib ole32.lib msi.lib setupapi.lib iphlpapi.lib shell32.lib shlwapi.lib version.lib newdev.lib)
+if (MINGW)
+ target_compile_options(openvpnmsica PRIVATE -municode)
+ target_link_options(openvpnmsica PRIVATE -municode)
+ target_link_options(openvpnmsica PRIVATE
+ -Wl,--kill-at)
+endif ()
new file mode 100644
@@ -0,0 +1,34 @@
+if (NOT WIN32)
+ return ()
+endif ()
+
+project(openvpnserv)
+
+add_executable(openvpnserv)
+
+target_include_directories(openvpnserv PRIVATE
+ ${CMAKE_CURRENT_BINARY_DIR}/../../
+ ../../include/
+ ../openvpn/
+ ../compat/
+ )
+target_sources(openvpnserv PRIVATE
+ common.c
+ interactive.c
+ service.c service.h
+ validate.c validate.h
+ ../openvpn/block_dns.c ../openvpn/block_dns.h
+ openvpnserv_resources.rc
+ ../openvpn/ring_buffer.h
+ )
+target_compile_options(openvpnserv PRIVATE
+ -D_UNICODE
+ -UNTDDI_VERSION
+ -D_WIN32_WINNT=_WIN32_WINNT_VISTA
+ )
+target_link_libraries(openvpnserv
+ advapi32.lib userenv.lib iphlpapi.lib fwpuclnt.lib rpcrt4.lib shlwapi.lib netapi32.lib ws2_32.lib ntdll.lib)
+if (MINGW)
+ target_compile_options(openvpnserv PRIVATE -municode)
+ target_link_options(openvpnserv PRIVATE -municode)
+endif ()
new file mode 100644
@@ -0,0 +1,31 @@
+if (NOT WIN32)
+ return ()
+endif ()
+
+project(tapctl)
+
+add_executable(tapctl)
+
+target_include_directories(tapctl PRIVATE
+ ${CMAKE_CURRENT_BINARY_DIR}/../../
+ ../../include/
+ ../compat/
+ )
+target_sources(tapctl PRIVATE
+ basic.h
+ error.c error.h
+ main.c
+ tap.c tap.h
+ tapctl_resources.rc
+ )
+target_compile_options(tapctl PRIVATE
+ -D_UNICODE
+ -UNTDDI_VERSION
+ -D_WIN32_WINNT=_WIN32_WINNT_VISTA
+ )
+target_link_libraries(tapctl
+ advapi32.lib ole32.lib setupapi.lib)
+if (MINGW)
+ target_compile_options(tapctl PRIVATE -municode)
+ target_link_options(tapctl PRIVATE -municode)
+endif ()
This is based on the initial CMake patch by Arne Schwabe, but extends that to provide a complete replacement for existing MinGW build (autotools based) and MSVC build (openvpn.sln). The following features are added while switching these builds to CMake: - vcpkg support for MinGW build, allowing for trivial cross-compilation on Linux - Add unittests to MSVC build - Rework MSVC config header generation, removing need for separate headers between autotools and MSVC The following advantages are reasons for switching to CMake over the existing MSVC build: - Easier to maintain CMake files without IDE than the sln and vcxproj files - Able to maintain MSVC and MinGW build side-by-side The plan is to completely remove the existing MSVC build system but leave the existing autotools builds in place as-is, including MinGW support. CMake is not the intended build system for Unix-like platforms and there are no current plans to switch to it. Change-Id: I237f28eca618d4fc476225b887c0be26cca362b1 Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> --- .github/workflows/build.yaml | 297 ++---- .gitignore | 1 + CMakeLists.txt | 980 ++++++++++-------- CMakePresets.json | 183 ++++ config.h.cmake.in | 22 +- contrib/cmake/git-version.py | 75 ++ contrib/cmake/parse-version.m4.py | 58 ++ contrib/vcpkg-manifests/mingw/vcpkg.json | 13 + contrib/vcpkg-manifests/windows/vcpkg.json | 20 + .../vcpkg-ports/pkcs11-helper/portfile.cmake | 22 +- doc/CMakeLists.txt | 81 ++ src/openvpnmsica/CMakeLists.txt | 36 + src/openvpnserv/CMakeLists.txt | 34 + src/tapctl/CMakeLists.txt | 31 + 14 files changed, 1205 insertions(+), 648 deletions(-) create mode 100644 CMakePresets.json create mode 100644 contrib/cmake/git-version.py create mode 100644 contrib/cmake/parse-version.m4.py create mode 100644 contrib/vcpkg-manifests/mingw/vcpkg.json create mode 100644 contrib/vcpkg-manifests/windows/vcpkg.json create mode 100644 doc/CMakeLists.txt create mode 100644 src/openvpnmsica/CMakeLists.txt create mode 100644 src/openvpnserv/CMakeLists.txt create mode 100644 src/tapctl/CMakeLists.txt