From patchwork Fri Jul 7 15:05:23 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Frank Lichtenheld X-Patchwork-Id: 3277 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:1496:b0:d7:3b0f:3938 with SMTP id b22csp1285369dyh; Fri, 7 Jul 2023 08:06:44 -0700 (PDT) X-Google-Smtp-Source: APBJJlFYGmeU+jA8xJnOnaH5hJmqaIok+V9RWLXvEW3cGmv0Yns1vHD4K3Jz5NMmk+cvI5Y05vn8 X-Received: by 2002:a05:6a00:10c7:b0:666:ae6b:c476 with SMTP id d7-20020a056a0010c700b00666ae6bc476mr4766853pfu.25.1688742403860; Fri, 07 Jul 2023 08:06:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1688742403; cv=none; d=google.com; s=arc-20160816; b=AgtusokkUPhiqCIxw3NigfYqid42/ecAkBc+0U1DbRfIiUdGtTgsDMwNS7NYLWc9ai wX8jjuhUiK0D04+zRLWqK4+1fm/0rGznn6p8BPdSlC6F7RVM0bI/dvFlhd5kijtNIftU MwbP2IfufmrI+aPELpaLEyBFp8PfmhOgE1Pzc2BrI2Zd8AwM2buI3/ib/2kjd30HnGMA koq/73B5wMx1p+SRcpuE3/EyoAR6SMycctryTNx4tLfXMlAoZXF9LXORiIlIWfw65Yle 2JTFoGpgRFJ+dF9xqld6sMaJX6sPbJ5+khcy89Wzv500ITX5hFLF9R4ACywJCVvC2uWA ZNLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:message-id:date:to:from:dkim-signature:dkim-signature :dkim-signature; bh=BNgUK21SL4jyEIRjOTM7XPaTY84YzFBa5ZQE+yhYDOc=; fh=egyvB+kLBJ/aa1TEhA8W5cB7oZMSWBoneH8q5SCMHc0=; b=PWe97+gkOn2g3E/2GS0VY3Ko1O0gItByYDbcdAcDT6GkRltaApieWWZ/UU7KQplMd1 yTvD3gyG+NRhWRkAZvvh8BRwmKx0WyZ+hqkBx6sEAdzLe+6cOzvsot9GJJuuSKvPF7yp h5QXCAKYMDHialuqlPLLTIu+6Y3GBjyv/9NFlgHM6LTV8BVomF08kQwbObHxortxvjeK AYlPtjwDnyQYWSMw17QntW+GePsinIHgt7fY8qkCH7GAYJaUgng75aHZmFlSHM8lF2/2 X/T6g/uit1O6iG4SnangJEE/4imYv18x1HdEe5+FL4LRb0PWsqBkmIdT2bb6eKPoVFBd bS8A== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=eCW+t1GS; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=g2Dz1Pxp; dkim=neutral (body hash did not verify) header.i=@lichtenheld.com header.s=MBO0001 header.b=Ifx0X9og; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id bx12-20020a056a00428c00b00682d7cb12cesi2742418pfb.309.2023.07.07.08.06.43 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 07 Jul 2023 08:06:43 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=eCW+t1GS; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=g2Dz1Pxp; dkim=neutral (body hash did not verify) header.i=@lichtenheld.com header.s=MBO0001 header.b=Ifx0X9og; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1qHn1o-0001pW-ID; Fri, 07 Jul 2023 15:05:48 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1qHn1h-0001ox-0M for openvpn-devel@lists.sourceforge.net; Fri, 07 Jul 2023 15:05:41 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=XA8ARpSKXxQuPKWSpjXtMbZiD2+oelSMIdPuLZd77Ic=; b=eCW+t1GSkvO1us0vZTynAKBINv H/pQ3/17gnUt9yQPhKqUczOZmdekcKEUdpoUdJ3gz0/OB0P6NfxSufpQyPavVC4oIWmsGGmItzXWv WSNMSbe74n24ORhcwy5a/bv/z+EAb57B5rpgSCRS3jgA7tHr3c5QzZ8L7cdG//kY6wEg=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:To:From: Sender:Reply-To:Cc:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=XA8ARpSKXxQuPKWSpjXtMbZiD2+oelSMIdPuLZd77Ic=; b=g 2Dz1PxpyeV5+CXo0+pxkxJ+EBZpmObMI/sEkjLC/Gr+xV/DCjYyxeWEFXCpKBg/Uhs6m+Y66sDuKp bLgTAl7Kkol1QtMYOXzMssgEMaMEQ6wvDwpZa7X9UIQmV+ayqTgvcLffirmKDB6qZ9th+Kx/+qoac KiPiS1jHe1fCvLNw=; Received: from mout-p-102.mailbox.org ([80.241.56.152]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1qHn1d-0001Zp-FX for openvpn-devel@lists.sourceforge.net; Fri, 07 Jul 2023 15:05:39 +0000 Received: from smtp102.mailbox.org (smtp102.mailbox.org [10.196.197.102]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-102.mailbox.org (Postfix) with ESMTPS id 4QyGsw2zbzz9smr for ; Fri, 7 Jul 2023 17:05:24 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lichtenheld.com; s=MBO0001; t=1688742324; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=XA8ARpSKXxQuPKWSpjXtMbZiD2+oelSMIdPuLZd77Ic=; b=Ifx0X9ogiLKHb0ihA1MXmrgxrfK4mpsiN7+cnh7LiIFJRnLXG71+iBZsuuJai1mDlD82aT J/eToDxRVu1MHpgEdSBGROgYo+bCu9gwZO/DdtxAleeqzus7eVz1EJTj0LbMUE0IpYxjL4 VS13sC4e9/2necOtDij5atkJ3o8sMWdVsTWVjCNTY7l0wSnbrA+4wQrOps/gNPtdhrrArG O24r1UzXSdMWIiQk3IDoZEs/C3Flzc9YzEmpknXqmRUzuSDYjTM34kLuVKszEKDUjFCIXd BNKfnBwUC6M4aVI91IJCGXQjDMREKI+yns8Wd0UrAAZY5/bvi6XFrKMNYw+9Pw== From: Frank Lichtenheld To: openvpn-devel@lists.sourceforge.net Date: Fri, 7 Jul 2023 17:05:23 +0200 Message-Id: <20230707150523.385264-1-frank@lichtenheld.com> MIME-Version: 1.0 X-Spam-Score: 1.1 (+) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: While here, adapt and update some of the Windows-build references in the other README files. Change-Id: Id067774bde7511a736e156fc599b07837242336c Signed-off-by: Frank Lichtenheld --- Makefile.am | 1 + README | 6 ++- README.cmake.md | 137 +++++++++++++++++++++++++++++++ [...] Content analysis details: (1.1 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [80.241.56.152 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 2.0 URI_TRY_3LD "Try it" URI, suspicious hostname X-Headers-End: 1qHn1d-0001Zp-FX Subject: [Openvpn-devel] [PATCH] README.cmake.md: Add new documentation for CMake buildsystem X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1770774754976428330?= X-GMAIL-MSGID: =?utf-8?q?1770774754976428330?= While here, adapt and update some of the Windows-build references in the other README files. Change-Id: Id067774bde7511a736e156fc599b07837242336c Signed-off-by: Frank Lichtenheld Acked-by: Gert Doering --- Makefile.am | 1 + README | 6 ++- README.cmake.md | 137 ++++++++++++++++++++++++++++++++++++++++++++++++ README.dco.md | 7 ++- 4 files changed, 147 insertions(+), 4 deletions(-) create mode 100644 README.cmake.md diff --git a/Makefile.am b/Makefile.am index 24c47ae9..2305ab42 100644 --- a/Makefile.am +++ b/Makefile.am @@ -67,6 +67,7 @@ dist_noinst_DATA = \ .gitattributes \ CONTRIBUTING.rst \ PORTS \ + README.cmake.md \ README.dco.md \ README.ec \ README.wolfssl diff --git a/README b/README index 04eb16ff..8576dbaa 100644 --- a/README +++ b/README @@ -21,6 +21,9 @@ To Build and Install, or see the file INSTALL for more info. +For information on how to build OpenVPN on/for Windows with MinGW +or MSVC see README.cmake.md. + ************************************************************************* For detailed information on OpenVPN, including examples, see the man page @@ -69,8 +72,7 @@ Their source code is available here: https://github.com/OpenVPN/easy-rsa https://github.com/OpenVPN/tap-windows6 -The old cross-compilation environment (domake-win) and the Python-based -buildsystem have been replaced with openvpn-build: +Community-provided Windows installers (MSI) and Debian packages are built from https://github.com/OpenVPN/openvpn-build diff --git a/README.cmake.md b/README.cmake.md new file mode 100644 index 00000000..599d8dc1 --- /dev/null +++ b/README.cmake.md @@ -0,0 +1,137 @@ +OpenVPN Builds with CMake +========================= + +For Windows builds we do not use the autotools-based buildsystem that we use +for our Unix-like (Linux, BSDs, macOS, etc.) builds. Instead we added a +separate (CMake)[https://cmake.org/]-based buildsystem. + +This buildsystem supports building for Windows both with MSVC (i.e. Visual +Studio) and MinGW. MinGW builds are also supported as cross-compile +from Linux. + +The official builds, which are also available as CMake presets (see +`cmake --list-presets` and `CMakePresets.json`) all use +(VCPKG)[https://github.com/microsoft/vcpkg/#vcpkg-overview] for dependency +management. This allows us to do proper supply-chain management and +also makes cross-building with MinGW on Linux much simpler. However, +builds are also possible by providing the build dependencies manually, +but that might require specifying more information to CMake. + +If you're looking to build the full Windows installer MSI, take a look +at https://github.com/OpenVPN/openvpn-build.git . + +MSVC builds +----------- + +The following tools are expected to be present on the system, you +can them install with a package manager of your choice (e.g. +chocolatey, winget) or manually: + +* CMake +* Git +* Python (3.x), plus the Python module `docutils` +* Visual Studion 17 (2022), C/C++ Enviroment + +For example, to prepare the required tools with chocolatey, you +can use the following commands (Powershell): + + # Installing Chocolatey + Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1')) + & choco.exe install -y git --params "/GitAndUnixToolsOnPath" + & choco.exe install -y python + & python.exe -m ensurepip + & python.exe -m pip install --upgrade pip + & python.exe -m pip install docutils + & choco.exe install -y cmake --installargs 'ADD_CMAKE_TO_PATH=System' + & choco.exe install -y "visualstudio2022buildtools" + & choco.exe install -y "visualstudio2022-workload-vctools" --params "--add Microsoft.VisualStudio.Component.UWP.VC.ARM64 --add Microsoft.VisualStudio.Component.VC.Tools.ARM64 --add Microsoft.VisualStudio.Component.VC.ATL.Spectre --add Microsoft.VisualStudio.Component.VC.ATLMFC.Spectre --add Microsoft.VisualStudio.Component.VC.ATL.ARM64.Spectre --add Microsoft.VisualStudio.Component.VC.MFC.ARM64.Spectre --add Microsoft.VisualStudio.Component.VC.Runtimes.ARM64.Spectre --add Microsoft.VisualStudio.Component.VC.Runtimes.x86.x64.Spectre --quiet" + & choco.exe install -y windows-sdk-10-version-2004-windbg + +One or more restarts of Powershell might be required to pick up new additions +to `PATH` between steps. A Windows restart is probably required after +installing Visual Studio before being able to use it. +You can find the exact commands we use to set up the community build machines +at https://github.com/OpenVPN/openvpn-buildbot/blob/master/jenkins/windows-server/msibuild.pkr.hcl + +To do a default build, assuming you are in a MSVC 17 2022 environment: + + mkdir C:\OpenVPN + cd C:\OpenVPN + git clone https://github.com/microsoft/vcpkg.git + git clone https://github.com/OpenVPN/openvpn.git + set VCPKG_ROOT=C:\OpenVPN\vcpkg + cd openvpn + cmake --preset win-amd64-release + cmake --build --preset win-amd64-release + ctest --preset win-amd64-release + +When using the presets, the build directory is +`out/build//`, you can find the output files there. +No install support is provided directly in OpenVPN build, take a look +at https://github.com/OpenVPN/openvpn-build.git instead. + +MinGW builds (cross-compile on Linux) +------------------------------------- + +To build the Windows executables on a Linux system: + + # install mingw with the package manager of your choice, e.g. + sudo apt-get install -y mingw-w64 + # in addition to mingw we also need a toolchain for host builds, e.g. + sudo apt-get install -y build-essential + # minimum required tools for vcpkg bootstrap: curl, zip, unzip, tar, e.g. + sudo apt-get install -y curl zip unzip tar + # additionally vcpkg requires powershell when building Windows binaries. + # See https://learn.microsoft.com/en-us/powershell/scripting/install/installing-powershell-on-linux + # e.g. + sudo apt-get install -y wget apt-transport-https software-properties-common + wget -q "https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/packages-microsoft-prod.deb" + sudo dpkg -i packages-microsoft-prod.deb + sudo apt-get update + sudo apt-get install -y powershell + # minimum required tools for build: cmake, docutils, git, ninja, + # pkg-config, python e.g. + sudo apt-get install -y cmake git ninja-build pkg-config python3 python3-docutils + # additionally required to build pkcs11-helper: automake, autoconf, + # man2html, e.g. + sudo apt-get install -y automake autoconf man2html-base + mkdir mingw + cd mingw + git clone https://github.com/microsoft/vcpkg.git + git clone https://github.com/OpenVPN/openvpn.git + export VCPKG_ROOT=$PWD/vcpkg + cd openvpn + cmake --preset mingw-x64 + cmake --build --preset mingw-x64 + # unit tests are built, but no testPreset is provided. You need to copy + # them to a Windows system manually + +The instructions have been verified on a Ubuntu 22.04 LTS system in a +bash shell, and might need adaptions to other Linux distributions/versions. + +Note that the MinGW preset builds use the `Ninja multi-config` generator, so +if you want to build the Debug binaries, use + + cmake --build --preset mingw-x64 --config Debug + +The default build is equivalent to specifying `--config Release`. + +When using the presets, the build directory is +`out/build/mingw/`, you can find the actual output files in +sub-directories called ``. +No install support is provided directly in OpenVPN build, take a look +at https://github.com/OpenVPN/openvpn-build.git instead. + +Unsupported builds +------------------ + +The CMake buildsystem also supports builds on Unix-like platforms. These builds +are sometimes useful for OpenVPN developers (e.g. when they use IDEs with +integrated CMake support). However, they are not officially supported, do not +include any install support and should not be used to distribute/package +OpenVPN. To emphasize this fact, you need to specify `-DUNSUPPORTED_BUILDS=ON` +to cmake to be able to use these builds. + +The `unix-native` CMake preset is available for these builds. This preset does +not require VCPKG and instead assumes all build-dependencies are provided by +the system natively. diff --git a/README.dco.md b/README.dco.md index aa93d667..3f7e00c4 100644 --- a/README.dco.md +++ b/README.dco.md @@ -59,8 +59,11 @@ in your log. Getting started (Windows) ------------------------- -The simplest way to test DCO under Windows is to download the latest installer -from https://build.openvpn.net/downloads/snapshots/github-actions/openvpn2/ . +Official releases published at https://openvpn.net/community-downloads/ +include ovpn-dco-win driver since 2.6.0. + +There are also snapshot releases available at +https://build.openvpn.net/downloads/snapshots/github-actions/openvpn2/ . This installer contains the latest OpenVPN code and the ovpn-dco-win driver.