DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Packages and Ports

OpenBSD Packages and Ports Installation and upgrading of packages and ports on OpenBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 17th May 2008
s2scott's Avatar
s2scott s2scott is offline
Package Pilot
 
Join Date: May 2008
Location: Toronto, Ontario Canada
Posts: 198
Default openvpn 2.1_rc7 from ports (not packages)

Two part post -- (1) Advisory; and (2) who do I tell question.

(1) ADVISORY

The rc7 port doesn't compile and make successfully. I downloaded the port of openvpn-2.1_rc7 from ftp://ftp.openbsd.org/pub/OpenBSD/distfiles. Unpacked and did

Code:
./configure --disable-lzo
make
...
tun.c: In function `open_tun':
tun.c: error: `IFF_MULTICAST' undeclared (first use in this function)
tun.c: error: (Each undeclared identifier is reported only once
tun.c: error: for each function it appears in.)
*** Error code 1
...
/*then vital signs absent */
:-(
After rummaging around and dusting of my once-upon-a-time C language skills, it alighted up doing the following...

Code:
tun.c
#include <net/if.h>
#include <sys/types.h> 
#include <sys/socket.h>
Then re-performed...

Code:
./configure --disable-lzo
make clean
make /* worked this time */
make install
So any of you 2.1_rc7 adapters be warm and aware.

/S
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience.
Reply With Quote
  #2   (View Single Post)  
Old 17th May 2008
s2scott's Avatar
s2scott s2scott is offline
Package Pilot
 
Join Date: May 2008
Location: Toronto, Ontario Canada
Posts: 198
Default

PART (2) THE QUESTION

Who should I tell ...

  1. openBSD ports (and who's that), or
  2. openVPN, or
  3. others ... ?
I'm usually a packages guy, but I want/need the features of 2.1, and rc7 has been out and stable for ages, so to the ports I went.

/S
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience.
Reply With Quote
  #3   (View Single Post)  
Old 17th May 2008
s2scott's Avatar
s2scott s2scott is offline
Package Pilot
 
Join Date: May 2008
Location: Toronto, Ontario Canada
Posts: 198
Default

Just sharing ...

One of the reasons I don't do ports is because I don't have "spare" hardware to keep an openBSD box -- with compiler tools -- around. My oBSD boxes are in service and it's just not good practice to put developer tools on production machines.

So, in this case, enter VM Server (free edition). I downloaded the openBSD cd43.iso image. In VMware you can boot a virtual machine straight off this .iso. I then ran an over-the-network install of full blown openBSD, replete with compiler and related stuff. (I likely could have booted install43.iso too and avoided the over-the-net install.)

OpenBSD 4.3 installed and runs beautifully as a guest O/S inside VM Server (368MB RAM allocation). I made (make'd) my openVPN 2.1 and transfered (scp) the install files -- one openVPN binary, and one openvpn.8 man page -- to my in service firewaall/vpn gateway machines.

/S
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience.

Last edited by s2scott; 17th May 2008 at 01:50 AM.
Reply With Quote
  #4   (View Single Post)  
Old 17th May 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 8,052
Default

I am not exactly sure what you were doing. Were you trying to use the -current port with a -release or -stable system? If so, you don't report your troubles anyone, as this is unsupported per FAQ 15.4.1.

If you have a problem with the -current port on a -current system, then the most helpful thing would work up a patch and submit it to the port maintainer:
$ cd /usr/ports/net/openvpn
$ make show=MAINTAINER
Patches are most easily worked up with cvs(1) diff. Be sure to use diff(1)'s -u operand, as unified diffs are used for OpenBSD maintenance.

If you cannot work up a patch, you can still contact the port maintainer with questions or concerns ... as long as you are running a supported environment. If you don't get a response from the maintainer after a reasonable period of time, you can post to the ports@ mailing list.
Reply With Quote
  #5   (View Single Post)  
Old 21st May 2008
hex hex is offline
New User
 
Join Date: May 2008
Posts: 3
Default

I also got the port version of openvpn-2.1rc7. It seems to be the same file as from the http://openvpn.net/index.php/downloads.html. I too ha the same error with `IFF_MULTICAST' and I followed the s2scott's fix but now I get

/usr/include/net/if.h:224: error: `AF_MAX' undeclared here (not in a function)
/usr/include/net/if.h:556: error: field `ifru_addr' has incomplete type
/usr/include/net/if.h:557: error: field `ifru_dstaddr' has incomplete type
/usr/include/net/if.h:558: error: field `ifru_broadaddr' has incomplete type
/usr/include/net/if.h:575: error: field `ifra_addr' has incomplete type
/usr/include/net/if.h:576: error: field `ifra_dstaddr' has incomplete type
/usr/include/net/if.h:578: error: field `ifra_mask' has incomplete type
/usr/include/net/if.h:616: error: field `addr' has incomplete type
/usr/include/net/if.h:617: error: field `dstaddr' has incomplete type
In file included from /usr/include/net/if.h:634,
from tun.c:40:
/usr/include/net/if_arp.h:79: error: field `arp_pa' has incomplete type
/usr/include/net/if_arp.h:80: error: field `arp_ha' has incomplete type
*** Error code 1

Stop in /usr/src/openvpn-2.1_rc7 (line 92 of /usr/share/mk/sys.mk).


Anybody encountered this?
Reply With Quote
  #6   (View Single Post)  
Old 21st May 2008
hex hex is offline
New User
 
Join Date: May 2008
Posts: 3
Default

ok, never mind, I found the problem. I also had to add
<code>
#include <arpa/inet.h>
</code>
to tun.c
Reply With Quote
  #7   (View Single Post)  
Old 22nd May 2008
s2scott's Avatar
s2scott s2scott is offline
Package Pilot
 
Join Date: May 2008
Location: Toronto, Ontario Canada
Posts: 198
Default

Quote:
Originally Posted by jggimi View Post
I am not exactly sure what you were doing. Were you trying to use the -current port with a -release or -stable system?
  1. build system (running system) stock cd43.iso (install43.iso); and
  2. openvpn-2.1_rc7 from ftp://ftp.openbsd.org/pub/OpenBSD/distfiles
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience.

Last edited by s2scott; 22nd May 2008 at 06:37 AM.
Reply With Quote
  #8   (View Single Post)  
Old 22nd May 2008
s2scott's Avatar
s2scott s2scott is offline
Package Pilot
 
Join Date: May 2008
Location: Toronto, Ontario Canada
Posts: 198
Default

Quote:
Originally Posted by hex View Post
...I also had to add
Code:
#include <arpa/inet.h>
to tun.c
...I definitely did not have that problem.

/S
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience.
Reply With Quote
  #9   (View Single Post)  
Old 22nd May 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 8,052
Default

You guys need to reread FAQ 15.4.1. You're running unsupported.
Reply With Quote
Old 22nd May 2008
hex hex is offline
New User
 
Join Date: May 2008
Posts: 3
Default

Yes, we probably do. If you know any other way to run openvpn 2.1rc7 on stable OpenBSD, please share. I really need the Vista support. If not then let's continue. I now run into a problem while initializing the server. The initialization is stuck at:
TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
There's no error message and it just stis there untill I kill it. Normally, the next line should be:
TUN/TAP device tun1 opened
Did anyone experience this yet?
Reply With Quote
Old 22nd May 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 8,052
Default

Quote:
Originally Posted by hex View Post
...I really need the Vista support. ..
Then you need to run -current.

In this way, you can either install OpenVPN from snapshot packages, or you can build it from ports. Both of those would be supported. By supported, I mean you could report your problem on the ports@ mailing list if it was a usability problem, or to the port maintainer directly if there was something wrong with the port.

As it is, you are running blind, and praying someone will be able to help.

Good luck.
Reply With Quote
Old 22nd May 2008
s2scott's Avatar
s2scott s2scott is offline
Package Pilot
 
Join Date: May 2008
Location: Toronto, Ontario Canada
Posts: 198
Default

Okay, for clarity, I fixed my own problem at the time of my original post. I figured out the deficiency, corrected the #includes and have been up and running happily ever since.

As a community member, I was, (1) sharing to the community the error and my "answer," and (2) simply seeking advise from you fine folks who work more often with ports then I do, with whom --back upstream-- I might (or should) tell/advise/share -- just so they know (not to support me). I wasn't seeking to get unsupported support from the ports keeper or developers. Just wanted to advise --after all, it is a release_candidate and this is exactly the purpose of RCs.

Sorry if my postings read differently then intended.
/S
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience.
Reply With Quote
Old 22nd May 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 8,052
Default

Scott, if your correction applies to a -current system, then by all means, send a patch to the maintainer. But if it only applies to -release/-stable, it's not applicable.

AFAICT from hex's posts, hex isn't using the ports scaffolding at all, but instead, is trying to port the application directly. If that's the case, it would explain why you both were seeing different results.
Reply With Quote
Old 22nd May 2008
s2scott's Avatar
s2scott s2scott is offline
Package Pilot
 
Join Date: May 2008
Location: Toronto, Ontario Canada
Posts: 198
Default

Quote:
Originally Posted by hex View Post
... If you know any other way to run openvpn 2.1rc7 on stable OpenBSD, please share.
I am --successfully-- running openVPN-2.1_rc7 on general release openBSD 4.3. Nothing fancy required, except my three #include *.h fixes. To recap...

  1. running openBSD 4.3 (ftp://ftp.openbsd.org/pub/OpenBSD/4..../install43.iso);
  2. sourced openVPN-2.1_rc7 (ftp://ftp.openbsd.org/pub/OpenBSD/distfiles/openvpn-2.1_rc7.tar.gz)
  3. fixed up tun.c with the three #include .h cited in my earlier post; and
  4. ran ./configure --disable-lzo (because I was in a hurry and skipped the separate downloads)
  5. make
  6. make install
  7. On the production machine (not the build machine), created/mimicked the _openvpn uid/gid framework that the "official" 2.0.n packages, not ports, would create
  8. transferred from the build machine to the production machine the freshly make'd 2.1rc7 openvpn (executable) and the openvpn.8 man page to the production gateway box and started using it.
Wrestled a bit with the server.ovpn config and the pf.conf (I'm about to post that separately), but otherwise the 2.1rc7 and un-changed openBSD 4.3 is running just perfectly.

/S
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience.
Reply With Quote
Old 23rd May 2008
s2scott's Avatar
s2scott s2scott is offline
Package Pilot
 
Join Date: May 2008
Location: Toronto, Ontario Canada
Posts: 198
Default

And in case anyone wonders "why 2.1rc7"... openvpn was born as a one-to-one vpn. While the 2.0 code stream evolved to support many-to-one connection topologies, the 2.1 code base is much more evolved in these regards (i.e. vpn server).

In my vpn topology, my openBSD machine is the "one" that the "many" clients (of various O/S's) will be connecting to, I wanted (needed) the 2.1rc7 on the openBSD 4.3 gateway.

/S
__________________
Never argue with an idiot. They will bring you down to their level and beat you with experience.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
packages vs ports zelut FreeBSD Ports and Packages 17 28th October 2009 08:19 AM
Packages vs. Ports guitarscn OpenBSD Packages and Ports 3 1st October 2008 04:43 AM
Upgrading and rebuilding ALL packages/ports chill FreeBSD Ports and Packages 8 16th June 2008 04:55 AM
openVPN 2.1_rc7 (server) on openBSD 4.3 config examples s2scott Guides 2 23rd May 2008 06:16 PM
FAQ: FreeBSD Ports and Packages Carpetsmoker FreeBSD Ports and Packages 0 1st May 2008 03:38 PM


All times are GMT. The time now is 03:46 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick