Zavier's Blog

一次OpenVPN交叉编译笔记

说明


为了让家宽打VPN隧道到IDC机房提高QOS级别,决定将OpenVPN移植到mips架构的openwrt出口路由器上,而路由器本身不带编译器,所以必须通过交叉编译的方式将openvpn源码编译成路由器(mips)平台可执行的二进制文件。

编译环境及说明


在编译OpenVPN之前必须先编译openssl和LZO,全程应以root身份运行

编译程序的主机系统:CentOS6.9 X86_64(VMware)

执行程序的主机系统:OpenWrt,Barrier Breaker14.07,mips架构(QCA9533)

下载相关工具链及确定安装目录


mkdir -p /usr/local/openwrt/openssl
mkdir -p /usr/local/openwrt/lzo
mkdir -p /usr/local/openwrt/openvpn
cd /usr/local/openwrt && wget http://archive.openwrt.org/barrier_breaker/14.07/atheros/generic/OpenWrt-Toolchain-atheros-for-mips_mips32-gcc-4.8-linaro_uClibc-0.9.33.2.tar.bz2 
tar -xvf OpenWrt-Toolchain-atheros-for-mips_mips32-gcc-4.8-linaro_uClibc-0.9.33.2.tar.bz2
mv OpenWrt-Toolchain-atheros-for-mips_mips32-gcc-4.8-linaro_uClibc-0.9.33.2/toolchain-mips_mips32_gcc-4.8-linaro_uClibc-0.9.33.2 ./toolchain

编译OpenSSL


cd /usr/local/openwrt && wget https://www.openssl.org/source/openssl-1.0.2o.tar.gz  
tar -zxvf openssl-1.0.2o.tar.gz
cd openssl-1.0.2o && ./config --prefix=/usr/local/openwrt/openssl no-asm shared

确保Makefile文件中有以下行,并且删除所有-m64选项

CC=/usr/local/openwrt/toolchain/bin/mips-openwrt-Linux-gcc
AR=/usr/local/openwrt/toolchain/bin/mips-openwrt-linux-ar
RANLIB=/usr/local/openwrt/toolchain/bin/mips-openwrt-linux-ranlib

sed命令快速更改:

sed -i 's/CC= gcc/CC=\/usr\/local\/openwrt\/toolchain\/bin\/mips-openwrt-linux-gcc/' Makefile
sed -i 's/AR= ar/AR=\/usr\/local\/openwrt\/toolchain\/bin\/mips-openwrt-linux-ar/' Makefile
sed -i 's/RANLIB=\/usr\/bin\/ranlib/RANLIB= \/usr\/local\/openwrt\/toolchain\/bin\/mips-openwrt-linux-ranlib/' Makefile
sed -i 's/\-m64//g' Makefile
make -j4 && make install

此时安装完毕,安装目录在/usr/local/openwrt/openssl目录下

编译LZO

cd /usr/local/openwrt && wget http://www.oberhumer.com/opensource/lzo/download/lzo-2.10.tar.gz
tar -zxvf lzo-2.10.tar.gz && cd lzo-2.10
./configure CC=/usr/local/openwrt/toolchain/bin/mips-openwrt-linux-gcc --host=mips-linux --prefix=/usr/local/openwrt/lzo
make && make install

编译OpenVPN

cd /usr/local/openwrt && wget http://swupdate.openvpn.org/community/releases/openvpn-2.3.1.tar.gz
tar -zxvf openvpn-2.3.1.tar.gz && cd openvpn-2.3.1
./configure \
CC=/usr/local/openwrt/toolchain/bin/mips-openwrt-linux-gcc \
--host=mips-linux  \
--prefix=/usr/local/openwrt/openvpn/ \
LZO_CFLAGS="-I/usr/local/openwrt/lzo/include" \
LZO_LIBS="-L/usr/local/openwrt/lzo/lib -llzo2"  \
OPENSSL_CRYPTO_CFLAGS="-I/usr/local/openwrt/openssl/include" \
OPENSSL_SSL_CFLAGS="-I/usr/local/openwrt/openssl/include" \
OPENSSL_SSL_LIBS="-L/usr/local/openwrt/openssl/lib -lssl" \
OPENSSL_CRYPTO_LIBS="-L/usr/local/openwrt/openssl/lib -lcrypto" \
--disable-plugin-auth-pam \
--with-ssl-lib=/usr/local/openwrt/openssl/lib \
export C_INCLUDE_PATH=/usr/local/openwrt/openssl/include
make -j4 && make install

将程序上传到OpenWrt路由器


此时编译已全部完成,目录分别为

/usr/local/openwrt/lzo

/usr/local/openwrt/openssl

/usr/local/openwrt/openvpn

通过SCP将/usr/local/openwrt/openvpn/sbin/openvpn和/usr/local/openwrt/openssl/lib/libcrypto.so.1.0.0上传到路由器的/sbin和/lib目录下并赋予/sbin/openvpn执行权限即可

chmod +x /sbin/openvpn



该文章为本站原创,转载请注明来源,本文永久链接:https://zavierlab.com/post/65.html

发表评论:

◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。

Copyright © 2017-2019 Zavier的博客.网站地图