OpenVPN 原始碼編譯 在 Linux 平臺,Android IOS 原始碼編譯
OpenVPN 原始碼編譯,基於 Linux 環境。
Using development versions of OpenVPN
Getting OpenVPN snapshots
We offer several different kinds of development builds and snapshots:
- FreeBSD openvpn-devel port. Also usable as a standalone source snapshot on other platforms.
Note that these snapshots are either entirely untested
Fetching sources using git
Second option is to fetch sources using Git. This method is preferred, as it allows you to easily keep using the latest code. For instructions take a look
Source for OpenVPN for Android
Source code for OpenVPN for Android is available on GitHub.
Source for OpenVPN Connect (android/IOS)
The latest source code snapshot for OpenVPN 3 is available here.
Building
If you're using source snapshots / ports you can extract them like this:
gzip -dc openvpn-<something>.tar.gz | tar xvf - cd openvpn-<something>/
With Git you can skip this step. Next prepare for building (not required for stable releases):
autoreconf -vi
Next configure (see ./configure --help for available build-time options):
./configure
Finally compile:
make [-j <num CPU cores + 1>]
Once you've ran make, you can install OpenVPN using
make install
Building on MacOS X with homebrew
Homebrew does not install the openssl libraries in the standard paths. If you get errors like Undefined symbols for architecture x86_64: "_SSL_CTX_get0_certificate" ..., you need to pass CPPFLAGS/LDFLAGS (the correct values are shown by brew info openssl).
make [-j <num CPU cores + 1>] CPPFLAGS=-I/usr/local/opt/openssl/include LDFLAGS=-L/usr/local/opt/openssl/lib
TAP-driver debugging
Please take a look here.
OpenVPN Debugging
If OpenVPN crashes, you can help developers figure out the problem by giving them a backtrace of the crash. If you're running released (stable) version of OpenVPN, you should install the openvpn debug and gdb packages and then run openvpn via gdb. On "testing" turn on debugging before compilation. In either case you can get a backtrace of the crash like this:
$ gdb /usr/sbin/openvpn [gdb info message...blablabla...] (gdb) run --config <your config file> [--other-arguments-you-might-pass] [wait for the crash] (gdb) bt [full backtrace should appear]
Enable core dump
In some cases, it's not possible to trigger the bug when running via gdb directly. In this case, you can enable core dumps. On most distributions and *nix OSes today, you need to enable this from your shell before starting OpenVPN.
$ ulimit -c unlimited
Then run OpenVPN with the normal arguments. When OpenVPN crashes, it will now most likely create a core file which can be used for debugging the state of OpenVPN when it crashed.
$ gdb openvpn {core file} [gdb info message...blablabla...] (gdb) bt [full backtrace should appear]
Please save the core files for a little while before deleting them. It might be that the developers would ask for a copy of the core file in some situations, to investigate more carefully the state OpenVPN was in when it crashed. But be also aware of that these core files can (will most likely) contain sensitive data, like encryption keys and certificates. So share with care.
Beware that if you start OpenVPN via init scripts, it will most likely not dump core files, unless you change the ulimit inside the init script.
Reporting bugs
If you're not sure if your problem is really a bug, you can ask about it on OpenVPN support channels.
If you've genuinely found a bug, have a look if the same issue has been reported to Trac, and if it has been fixed already. If you've found a new, unfixed bug, make sure you know how to report bugs efficiently; good bug reports help resolv the problem quickly. In each bug report you should document a few things:
- Operating system (e.g. OpenBSD 4.3)
- The complete output of openvpn --version, or...
- ...the full filename of the Windows installer you used
- Relevant parts of OpenVPN client and/or server logs (when available) at verb 5 verbosity (see the man page)
- If you built OpenVPN youself: the ./configure command line you used
- Plus fill in all the fields in Trac according to your best ability
If the bug you've found is a regression and you want to see it fixed as soon as possible, you can help by doing a Git bisect. This technique is described here:
Bisecting is an advanced technique and you're not expected to do it before filing bug reports.