This document provides a step-by-step tutorial for cross-compiling the
program vpnc
(a client for cisco vpn concentrator) for the
Nokia N900 using the Maemo development tool
MADDE (version 0.6.14, published
2010-02-05) on a 64-bit linux box running Fedora 12, and instructions are
given to get cross-compiled vpnc
running on the N900.
vpnc
version 0.5.3 .
libgcrypt
version 1.4.5
fixed-width font
.
>
#
Problem: vpnc
depends on libgcrypt
which itself depends on libgpg-error
. Both libraries are
missing in MADDE version 0.6.14 resulting in the following basic
workflow:
libgpg-error
and libgcrypt
using MADDE version 0.6.14.
libgpg-error
and libgcrypt
.
vpnc
with the patched MADDE.
libgpg-error
Luckily we don't have to build libgpg-error
, because
the Maemo
fremental repository provides a precompiled debian armel package with
the static library and all the headers needed
(libgpg-error-dev_1.4-2_armel.deb
).
Debian packages are archive files containing the three
files debian-binary
, control.tar.gz
and data.tar.gz
. The needed archived files reside in
data.tar.gz
.
Basically the only thing we have to do is
> mkdir ~/TMP > cd ~/TMP > wget -v http://repository.maemo.org/extras-devel/pool/fremantle/free/libg/libgpg-error/libgpg-error-dev_1.4-2_armel.deb > ar p libgpg-error-dev_1.4-2_armel.deb data.tar.gz | tar zxf - ./usr/include/gpg-error.h > ar p libgpg-error-dev_1.4-2_armel.deb data.tar.gz | tar zxf - ./usr/lib/libgpg-error.a > ar p libgpg-error-dev_1.4-2_armel.deb data.tar.gz | tar zxf - ./usr/lib/libgpg-error.la
> cd ~/.madde/0.6.14/sysroots/fremantle-arm-sysroot-2.2009-51-1-qt453/usr/lib > cp ~/TMP/usr/lib/libgpg-error.a . > cp ~/TMP/usr/lib/libgpg-error.la . > cd ../include/ > cp ~/TMP/usr/include/gpg-error.h .
libgcrypt
Next download the sources of libgcrypt
, cross-compile them
using the libgpg-error
-patched MADDE and finally patch MADDE
with the freshly build library and headers of libgcrypt
.
libgcrypt
> cd ~/TMP > wget -v ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.5.tar.bz2 > tar jxvf libgcrypt-1.4.5.tar.bz2 > cd libgcrypt-1.4.5 > mad ./configure --host=arm > mad make
> cd ~/.madde/0.6.14/sysroots/fremantle-arm-sysroot-2.2009-51-1-qt453/usr/lib > cp ~/TMP/libgcrypt-1.4.5/src/libgcrypt.a . > cp ~/TMP/libgcrypt-1.4.5/src/libgcrypt.la . > cd ../include > cp ~/TMP/libgcrypt-1.4.5/gcrypt.h . > cp ~/TMP/libgcrypt-1.4.5/gcrypt-module.h .
vpnc
using the patched MADDEFinally the stage is set to cross-compile vpnc
> cd ~/TMP > wget -v http://www.unix-ag.uni-kl.de/~massar/vpnc/vpnc-0.5.3.tar.gz > tar zxvf vpnc-0.5.3.tar.gz > cd vpnc-0.5.3 > mad make -i > mad strip vpnc
(Note: You will encounter a make error after vpnc
and
utilities smoothly compiled and linked. Don't be worried!! The error
occures during generation of vpnc
's man page, which is done
by the Perl script makeman.pl
. The script tries to execute
the cross-compiled vnpc
to get the long version number of
the program, which must fail for obvious reasons. We can
not run an ARM executable on an i386 plattform.)
Next we have to transfer the vpnc
build to the N900.
vpnc
and utilities to the N900Since we have to copy a bunch of files to the N900, we will make a tar archive
> mkdir ~/TMP/vpnc-N900 > cd ~/TMP/vpnc-N900 > cp ../vpnc-0.5.3/vpnc . > cp ../vpnc-0.5.3/vpnc-script . > cp ../vpnc-0.5.3/vpnc-disconnect .
Create a vpnc configuration file named default.conf
(replace all my.dummys in the following example with your vpn
connection details)
IPSec gateway my.vpn.gateway IPSec ID my.ipsec.id IPSec secret my.secret Xauth username my.username
Create a shell script named vpnc.sh
with the following
content
#!/bin/sh case "$1" in start) shift /usr/local/sbin/vpnc $* ;; stop) /usr/local/sbin/vpnc-disconnect ;; *) echo $0 "{start|stop}" exit 1 esac # End of fileFinally pack the files into a tar archive (
vpnc-N900.tar.gz
)
and copy this file to /home/user
on your N900.
> cd .. > tar cvf - vpnc-N900 | gzip --best -> vpnc-N900.tar.gz
vpnc
on N900Copy vpnc-N900.tar.gz
to /home/user
on your
N900. Open a xterm
and
unpack vpnc-N900.tar.gz
> tar zxvf vpnc-N900.tar.gz > cd vpnc-N900 > chmod +x vpnc.sh vpnc vpnc-disconnect vpnc-script > cp vpnc.sh ../
If you have not done yet, edit default.conf
and fill in
your vpn connection details !!!
> vi default.conf
The next 2 steps require root access on you N900.
Warning: Root Access enables users to change the file-system and gives full access to all system files. DON'T PLAY WITH IT, if you don't know what you are doing. (You can easily break your N900)
Copy files to system location
> sudo gainroot # cp vpnc vpnc-disconnect /usr/local/sbin # mkdir /etc/vpnc # cp default.conf vpnc-script /etc/vpnc
Edit the /etc/sudoers
file (using the visudo
utility) to allow the user to run vpnc
,
vpnc-disconnect
and /home/user/vpnc.sh
as sudo
without passwd
# EDITOR=/usr/bin/vi visudo
add the following three lines at the end of
the /etc/sudoers
file
user ALL = NOPASSWD /usr/local/sbin/vpnc user ALL = NOPASSWD /usr/local/sbin/vpnc-disconnect user ALL = NOPASSWD /home/user/vpnc.sh
Warning: Root Access enables users to change the file-system and gives full access to all system files. DON'T PLAY WITH IT, if you don't know what you are doing. (You can easily break your N900)
Finally leave root shell by pressing Ctrl-D
Activate/deactivate the vpn connection in the xterm as follows
> sudo ./vpnc.sh start (enter passwd when propted) > sudo ./vpnc.sh stop
Remove vpnc-N900.tar.gz
and the
directory vpnc-N900/
to save space.
> rm vpnc-N900.tar.gz > rm -rf vpnc-N900
I hope this document was helpful. In case of questions
feel free to send email to xtof@tbi.univie.ac.at
(Please
quote N900 in the subject)