Domů Procházet Nápověda
Přihlásit se
vimacs
/
openconnect
Sledovat 1
Oblíbit 0
Rozštěpit 0
Soubory Úkoly 0 Pull Requesty 0 Wiki
Strom: a8c89f9683
Větve Značky
openconnect
/
www
/
building.xml

building.xml 6.8 KB
Historie Surový

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141 
  1. <PAGE>
    2. 

  2. 	<INCLUDE file="inc/header.tmpl" />
    3. 

  3. 

  4. 	<VAR match="VAR_SEL_STARTED" replace="selected" />
    5. 

  5. 	<VAR match="VAR_SEL_BUILDING" replace="selected" />
    6. 

  6. 	<PARSE file="menu1.xml" />
    7. 

  7. 	<PARSE file="menu2-started.xml" />
    8. 

  8. 

  9. 	<INCLUDE file="inc/content.tmpl" />
    10. 

  10. 

  11.     	<h1>Building OpenConnect</h1>
    12. 

  12. 

  13. <p>Unless you need to test the very latest version, you should not
    14. 

  14. need to build OpenConnect for yourself. See the <a href="packages.html">packages</a>
    15. 

  15. page for information about your operating system or distribution. If there
    16. 

  16. is none, then you can file a bug or enhancement request asking for
    17. 

  17. one.</p>
    18. 

  18. 

  19. <h2>Requirements</h2>
    20. 

  20. <p>To build OpenConnect from its source code, you will need the following
    21. 

  21. libraries and tools installed:</p>
    22. 

  22. 

  23. <ul>
    24. 

  24.   <li><b><tt>libxml2</tt></b></li>
    25. 

  25.   <li><b><tt>zlib</tt></b></li>
    26. 

  26.   <li>Either <b><tt>OpenSSL</tt></b> or <b><tt>GnuTLS</tt></b> <i>(v3.2.10+)</i></li>
    27. 

  27.   <li><b><tt>pkg-config</tt></b></li>
    28. 

  28. </ul>
    29. 

  29. And <em>optionally</em> also:
    30. 

  30. <ul>
    31. 

  31.   <li><b><tt><a href="https://p11-glue.github.io/p11-glue/p11-kit.html">p11-kit</a></tt></b> <i>(for PKCS#11 support)</i></li>
    32. 

  32.   <li><b><tt><a href="https://github.com/OpenSC/libp11/wiki">libp11</a></tt></b> <i>(also needed for PKCS#11 support if using OpenSSL)</i></li>
    33. 

  33.   <li><b><tt><a href="https://code.google.com/archive/p/libproxy/">libproxy</a></tt></b></li>
    34. 

  34.   <li><b><tt><a href="http://trousers.sourceforge.net/">trousers</a></tt></b> <i>(for TPMv1 support if using GnuTLS)</i></li>
    35. 

  35.   <li><b><tt><a href="https://www.gnu.org/software/libtasn1/">libtasn1</a></tt></b> and <em>either</em> <b><tt><a href="https://github.com/tpm2-software/tpm2-tss">tss2-esys</a></tt></b> or <b><tt><a href="https://sourceforge.net/projects/ibmtpm20tss/">IBM's TPM 2.0 TSS</a></tt></b>. <i>(for TPMv2 support if using GnuTLS)</i></li>
    36. 

  36.   <li><b><tt><a href="http://stoken.sf.net/">libstoken</a></tt></b> <i>(for SecurID software token support)</i></li>
    37. 

  37.   <li><b><tt><a href="https://www.nongnu.org/oath-toolkit/">libpskc</a></tt></b> <i>(for RFC6030 PSKC file storage of HOTP/TOTP keys)</i></li>
    38. 

  38.   <li><b><tt><a href="https://pcsclite.alioth.debian.org/pcsclite.html">libpcsclite</a></tt></b> <i>(for Yubikey hardware HOTP/HOTP support)</i></li>
    39. 

  39. </ul>
    40. 

  40. <p>OpenConnect supports the use of HTTP and SOCKS proxies to connect to the
    41. 

  41. AnyConnect service, even without using libproxy. You may wish to use libproxy
    42. 

  42. if you want OpenConnect to automatically use the appropriate proxies for your
    43. 

  43. environment, without having to manually give it the <tt>--proxy</tt> argument
    44. 

  44. on the command line.</p>
    45. 

  45. 

  46. <h2>Install vpnc-script</h2>
    47. 

  47.  <p>OpenConnect should be given a default <a href="vpnc-script.html">vpnc-script</a>
    48. 

  48.  for network configuration (routing and DNS) at compile-time. This can be overridden
    49. 

  49.  at runtime (with <tt>--script</tt>).</p>
    50. 

  50.  <p>The <tt>configure</tt> script will check whether either
    51. 

  51.  <tt>/etc/vpnc/vpnc-script</tt> or <tt>/usr/share/vpnc-scripts/vpnc-script</tt>
    52. 

  52.  exists and can be executed, and will fail if not. If you don't already have
    53. 

  53.  a copy then you should install one. It might be in a separate <tt>vpnc-script</tt>
    54. 

  54.  package for your operating system, it might be part of their <tt>vpnc</tt> package,
    55. 

  55.  and there's one linked from the <a href="vpnc-script.html">vpnc-script page</a>, if
    56. 

  56.  you need to download it manually. Install it as <tt>/etc/vpnc/vpnc-script</tt>.</p>
    57. 

  57. 

  58. <p>If you do not want to OpenConnect to use a vpnc-script from one of these
    59. 

  59.  standard locations, you can configure OpenConnect to
    60. 

  60.  use a different location by default. When running the <tt>./configure</tt> script
    61. 

  61.  in the instructions below, you can append an argument such as <tt>--with-vpnc-script=<i>/where/I/put/vpnc-script</i></tt> to its command line. Note that the path you give will not be checked; the script doesn't have to be present when you <b>build</b> OpenConnect. But of course OpenConnect won't work very
    62. 

  62. well without it, so you'll still have to install it later.</p>
    63. 

  63. 

  64. 

  65. <h2>Building OpenConnect</h2>
    66. 

  66. 

  67. <p>If you checked the source code out from git rather from a release tarball
    68. 

  68.   then run this command first to prepare the build system:</p>
    69. 

  69.   <ul>
    70. 

  70.     <li><tt>./autogen.sh</tt></li>
    71. 

  71.   </ul>
    72. 

  72.   <p>Then to build it, run the following commands:</p>
    73. 

  73.   <ul>
    74. 

  74.     <li><tt>./configure</tt></li>
    75. 

  75.     <li><tt>make</tt></li>
    76. 

  76.     <li><tt>make install</tt> <i>(If you want to install it)</i></li>
    77. 

  77.   </ul>
    78. 

  78. 

  79. <p>Note that OpenConnect will attempt to use the GnuTLS library by default.
    80. 

  80. If you want it to use OpenSSL instead, then add <tt>--without-gnutls</tt> to the
    81. 

  81. <tt>./configure</tt> command above.</p>
    82. 

  82. 

  83. <p>If compilation fails, please make sure you have a working compiler and the
    84. 

  84. <b>development</b> packages for all the required libraries mentioned above. If
    85. 

  85. it still doesn't build, please send the full output in a plain-text mail to the
    86. 

  86. <a href="mail.html">mailing list</a>.</p>
    87. 

  87. 

  88. 

  89. <h2>Test suite</h2>
    90. 

  90. 

  91. <p>The included test suite can be run as <tt>make check</tt>.</p>
    92. 

  92. 

  93. <p>It depends on the following programs and libraries being available:</p>
    94. 

  94. <ul>
    95. 

  95.   <li><a href="/ocserv">ocserv</a></li>
    96. 

  96.   <li><a href="https://cwrap.org/socket_wrapper.html">socket_wrapper</a></li>
    97. 

  97.   <li><a href="https://cwrap.org/uid_wrapper.html">uid_wrapper</a></li>
    98. 

  98. </ul>
    99. 

  99. 

  100. 

  101. 

  102. <h2>Test suite</h2>
    103. 

  103. 

  104. <p>The included test suite can be run as <tt>make check</tt>.</p>
    105. 

  105. 

  106. <p>It depends on the following programs and libraries being available:</p>
    107. 

  107. <ul>
    108. 

  108.   <li><a href="/ocserv">ocserv</a></li>
    109. 

  109.   <li><a href="https://cwrap.org/socket_wrapper.html">socket_wrapper</a></li>
    110. 

  110.   <li><a href="https://cwrap.org/uid_wrapper.html">uid_wrapper</a></li>
    111. 

  111. </ul>
    112. 

  112. 

  113. 

  114. <h2>TUN/TAP driver</h2>
    115. 

  115. 

  116. <h3>Mac OS</h3>
    117. 

  117. 

  118. <p>Mac OS X users with OS X 10.6 or older, or using OpenConnect 6.00 or older,
    119. 

  119. will also need to install the <a href="http://tuntaposx.sourceforge.net/">Mac OS X tun/tap driver</a>.
    120. 

  120. Newer versions of OpenConnect will use the <tt>utun</tt> device on OS X which does not
    121. 

  121. require additional kernel modules to be installed.</p>
    122. 

  122. <p>Solaris/OpenIndiana users will need the <a href="http://www.whiteboard.ne.jp/~admin2/tuntap/">Solaris TAP driver</a>.
    123. 

  123. Note that for IPv6 support, the Solaris tun/tap driver from 16th Nov 2009 or newer is required.</p>
    124. 

  124. 

  125. <h3>Windows</h3>
    126. 

  126. 

  127. <p>On Windows, OpenConnect uses the
    128. 

  128. <a href="https://community.openvpn.net/openvpn/wiki/GettingTapWindows">TAP-Windows driver from OpenVPN</a> (version 9.9 or
    129. 

  129. later; requires Windows 2003 or newer). This driver is only available for the 32-bit and 64-bit x86
    130. 

  130. architectures.</p>
    131. 

  131. 

  132. <p>OpenConnect v9.00 also contains <b><i>experimental</i></b> support for the
    133. 

  133. <a href="https://www.wintun.net">Wintun layer-3 driver from Wireguard</a>
    134. 

  134. (requires Windows 7 or newer). This is a more modern driver, and supports 32-bit and 64-bit ARM
    135. 

  135. architectures as well, however it does not yet appear to be fully stable
    136. 

  136. (see <a href="https://gitlab.com/openconnect/openconnect/-/issues/338">issue #338</a>).
    137. 

  137. OpenConnect v9.00 will only attempt to use Wintun if TAP-Windows is unavailable.</p>
    138. 

  138. 

  139. 	<INCLUDE file="inc/footer.tmpl" />
    140. 

  140. </PAGE>
    141. 

  141.