On Mon, Jul 16, 2012 at 12:45 PM, Alon Bar-Lev <alon.bar...@gmail.com>wrote:
> > (1) Is there a way to disable building "openvpnserv" and the "auth-pam" > > plugin? > --disable-plugin-auth-pam > Thanks. I have found the configure documentation. However, I can't get it to do what I want it to do: I want to build a single openvpn binary that includes (is statically linked to) lzo, openssl, and pkcs11-helper) and a separate openvpn-down-root.so that can be used by the binary. (I now understand that pkcs11 shouldn't be statically linked, but right now I'm just trying to duplicate the openvpn setup that Tunnelblick has used for years.) Do you build for windows? if not, please send me the compile error and > config.log. > The windows service should not be built on none windows. > No. On OS X, for OS X. And you're right, it does not build the service. Sorry for my confusion. > (3) I want to build "compat" as a static library. How can I do that? > <snip> > You don't need the above... just add LDFLAGS="-static", I guess. > That doesn't work -- it doesn't make compat static. I still get the same "Warning: Linking the shared library libcompat.la" message, and no libcompat.a is produced. I've fiddled around and haven't been able to get it to build as static, so I'll just move compat/*.* into src/openvpn and not have a compat library at all. compat seems to be needed only by openvpn and openvpnserv, apparently, but not by the down-root plugin. Since I'm not using openvpnserv, I don't need it as a separate library. To compile static, you need to build openvpn without plugins > (--disable-plugins) and all dependencies such as openssl the same. > This seems like an unnecessary restriction and breaks what can be done now. The plugins should always be dynamic, but there is no reason I shouldn't be able to static-link OpenVPN with OpenSSL and LZO. I do that now, and OpenVPN builds with plugin support. Then I build the plugin separately. It all works. (I had been hoping to be able to use something like xxx_LIBTOOLSFLAGS="-static" for libraries I want to be static, letting the other(s) default to shared. That way one build would generate an OpenVPN binary with everything statically linked into it and a down-root plugin as a shared library. That's was my goal until another comment mentioned that pkcs11-helper can't be static. It's been static for years in Tunnelblick, but that's a whole other issue that I will have to address.) All this plugin stuff is moot if plugin paths can no longer be absolute paths, so I'll wait and if that ends up being the case (and it looks like it will), I will drop plugin support from Tunnelblick. However, the same problem apparently exists for pkcs11-helper -- it must be shared. So I may drop support for that in Tunnelblick as well, although I'll probably leave it in for earlier versions of OpenVPN. (Tunnelblick contains multiple versions of OpenVPN and lets the user select which one to use.) Again, thanks for your help.
