openconnect client building for windows on linux box

项目需求

通过openconnect client源码编译出windows环境下32位client。使用版本:openconnect v7.08

点击下载

编译环境及方式

操作系统:Fedora-Server 25

编译方式:cross-compiling

准备工作

升级系统,安装系统组件:

#yum update -y
yum install -y gcc wget pcre-devel tar net-tools \
    openssl openssl-devel curl-devel bind-utils git dh-autoreconf

安装依赖包:

To build OpenConnect from its source code, you will need the following libraries and tools installed:

  • libxml2
  • zlib
  • Either OpenSSL or GnuTLS
  • pkg-config

And optionally also:
– p11-kit (for PKCS#11 support)
– libp11 (also needed for PKCS#11 support if using OpenSSL)
– libproxy
– trousers (for TPM support if using GnuTLS)
– libstoken (for SecurID software token support)
– libpskc (for RFC6030 PSKC file storage of HOTP/TOTP keys)
– libpcsclite (for Yubikey hardware HOTP/HOTP support)

  1. 安装openconnect client依赖包命令如下:
yum install -y gnutls gnutls-utils gnutls-devel p11-kit libp11 libproxy \
                trousers libstoken libxml2-devel libpskc
  1. 下载包:libstoken the download page

for example:

tar -zxvf stoken-0.91.tar.gz
cd stoken-0.91/
./configure
make install & make
  1. 下载包:libpcsclite 
git clone git://anonscm.debian.org/pcsclite/PCSC.git
cd PCSC
./bootstrap
./configure
make
  1. Building for Windows is fairly trivial. On a Fedora box, just:
yum install mingw32-gnutls mingw32-libxml2

开始安装

  1. 下载 vpnc-script.下载地址

    放到目录:/etc/vpnc/ 下

  2. 上传openconnect v7.08 源码包到/usr/local/openconnectclient下,执行如下命令:

tar -zxvf openconnect-7.08.tar.gz
cd openconnect-7.08/
./configure --with-vpnc-script=/etc/vpnc/vpnc-script
mingw32-configure
make

编译完成后会报错,如下图:
image

libtool:   error: Could not determine the host path corresponding to
libtool:   error:   '/usr/local/openconnectclient/openconnect-7.08/.libs'
libtool:   error: Continuing, but uninstalled executables may not work.
libtool:   error: Could not determine the host path corresponding to
libtool:   error:   '/usr/i686-w64-mingw32/sys-root/mingw/lib:/usr/i686-w64-mingw32/sys-root/mingw/bin:/usr/local/openconnectclient/o
penconnect-7.08/.libs'libtool:   error: Continuing, but uninstalled executables may not work.
make[2]: Leaving directory '/usr/local/openconnectclient/openconnect-7.08/tests'

......

不过不影响openconnect.exe 的生成。

  1. 把目录/usr/local/openconnectclient/openconnect-7.08/.libs下文件:openconnect.exe和libopenconnect-5.dll 拷贝出来;再把目录/usr/i686-w64-mingw32/sys-root/mingw/bin下所有dll文件拷贝出来,和刚才两个文件放在一起。还有vpnc-script-win.js 也放到该文件夹下。如下图:

image

  1. 执行测试成功

image
image

note 1:

安装包:libpcsclite

./bootstrap has a error :

[root@localhost PCSC]# ./bootstrap 
+ test -f Makefile
+ rm -rf '*.cache' '*.m4' config.guess config.log config.status config.sub depcomp ltmain.sh
+ autoreconf --verbose --install
Errno architecture (x86_64-linux-thread-multi-4.6.4-301.fc24.x86_64) does not match executable architecture (x86_64-linux-thread-mult
i-4.10.0-0.rc4.git0.2.fc26.x86_64) at /usr/lib64/perl5/Errno.pm line 11.Compilation failed in require at /usr/share/autoconf/Autom4te/XFile.pm line 76.
BEGIN failed--compilation aborted at /usr/share/autoconf/Autom4te/XFile.pm line 76.
Compilation failed in require at /usr/bin/autoreconf line 44.
BEGIN failed--compilation aborted at /usr/bin/autoreconf line 44.

是个系统BUG,点击查看

note 2:

–with-vpnc-script=/etc/vpnc/vpnc-script
官方文档让带vpnc-script ,在linux下用windows的vpnc-script-win下载地址
,执行命令:./configure –with-vpnc-script=/etc/vpnc/vpnc-script-win.js 。
编译成功后也是可以连接ocserv。