This document provides a step-by-step tutorial for cross-compiling the
program vpnc (a client for cisco vpn concentrator) for the
Nokia N900 using the Maemo development tool
MADDE (version 0.6.14, published
2010-02-05) on a 64-bit linux box running Fedora 12, and instructions are
given to get cross-compiled vpnc running on the N900.
vpnc
version 0.5.3 .
libgcrypt
version 1.4.5
fixed-width font.
>
#
Problem: vpnc depends on libgcrypt
which itself depends on libgpg-error. Both libraries are
missing in MADDE version 0.6.14 resulting in the following basic
workflow:
libgpg-error
and libgcrypt using MADDE version 0.6.14.
libgpg-error
and libgcrypt.
vpnc with the patched MADDE.
libgpg-errorLuckily we don't have to build libgpg-error, because
the Maemo
fremental repository provides a precompiled debian armel package with
the static library and all the headers needed
(libgpg-error-dev_1.4-2_armel.deb).
Debian packages are archive files containing the three
files debian-binary, control.tar.gz
and data.tar.gz. The needed archived files reside in
data.tar.gz.
Basically the only thing we have to do is
> mkdir ~/TMP > cd ~/TMP > wget -v http://repository.maemo.org/extras-devel/pool/fremantle/free/libg/libgpg-error/libgpg-error-dev_1.4-2_armel.deb > ar p libgpg-error-dev_1.4-2_armel.deb data.tar.gz | tar zxf - ./usr/include/gpg-error.h > ar p libgpg-error-dev_1.4-2_armel.deb data.tar.gz | tar zxf - ./usr/lib/libgpg-error.a > ar p libgpg-error-dev_1.4-2_armel.deb data.tar.gz | tar zxf - ./usr/lib/libgpg-error.la
> cd ~/.madde/0.6.14/sysroots/fremantle-arm-sysroot-2.2009-51-1-qt453/usr/lib > cp ~/TMP/usr/lib/libgpg-error.a . > cp ~/TMP/usr/lib/libgpg-error.la . > cd ../include/ > cp ~/TMP/usr/include/gpg-error.h .
libgcryptNext download the sources of libgcrypt, cross-compile them
using the libgpg-error-patched MADDE and finally patch MADDE
with the freshly build library and headers of libgcrypt.
libgcrypt> cd ~/TMP > wget -v ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.5.tar.bz2 > tar jxvf libgcrypt-1.4.5.tar.bz2 > cd libgcrypt-1.4.5 > mad ./configure --host=arm > mad make
> cd ~/.madde/0.6.14/sysroots/fremantle-arm-sysroot-2.2009-51-1-qt453/usr/lib > cp ~/TMP/libgcrypt-1.4.5/src/libgcrypt.a . > cp ~/TMP/libgcrypt-1.4.5/src/libgcrypt.la . > cd ../include > cp ~/TMP/libgcrypt-1.4.5/gcrypt.h . > cp ~/TMP/libgcrypt-1.4.5/gcrypt-module.h .
vpnc using the patched MADDEFinally the stage is set to cross-compile vpnc
> cd ~/TMP > wget -v http://www.unix-ag.uni-kl.de/~massar/vpnc/vpnc-0.5.3.tar.gz > tar zxvf vpnc-0.5.3.tar.gz > cd vpnc-0.5.3 > mad make -i > mad strip vpnc
(Note: You will encounter a make error after vpnc and
utilities smoothly compiled and linked. Don't be worried!! The error
occures during generation of vpnc's man page, which is done
by the Perl script makeman.pl. The script tries to execute
the cross-compiled vnpc to get the long version number of
the program, which must fail for obvious reasons. We can
not run an ARM executable on an i386 plattform.)
Next we have to transfer the vpnc build to the N900.
vpnc and utilities to the N900Since we have to copy a bunch of files to the N900, we will make a tar archive
> mkdir ~/TMP/vpnc-N900 > cd ~/TMP/vpnc-N900 > cp ../vpnc-0.5.3/vpnc . > cp ../vpnc-0.5.3/vpnc-script . > cp ../vpnc-0.5.3/vpnc-disconnect .
Create a vpnc configuration file named default.conf
(replace all my.dummys in the following example with your vpn
connection details)
IPSec gateway my.vpn.gateway IPSec ID my.ipsec.id IPSec secret my.secret Xauth username my.username
Create a shell script named vpnc.sh with the following
content
#!/bin/sh
case "$1" in
start)
shift
/usr/local/sbin/vpnc $*
;;
stop)
/usr/local/sbin/vpnc-disconnect
;;
*)
echo $0 "{start|stop}"
exit 1
esac
# End of file
Finally pack the files into a tar archive (vpnc-N900.tar.gz)
and copy this file to /home/user on your N900.
> cd .. > tar cvf - vpnc-N900 | gzip --best -> vpnc-N900.tar.gz
vpnc on N900Copy vpnc-N900.tar.gz to /home/user on your
N900. Open a xterm and
unpack vpnc-N900.tar.gz
> tar zxvf vpnc-N900.tar.gz > cd vpnc-N900 > chmod +x vpnc.sh vpnc vpnc-disconnect vpnc-script > cp vpnc.sh ../
If you have not done yet, edit default.conf and fill in
your vpn connection details !!!
> vi default.conf
The next 2 steps require root access on you N900.
Warning: Root Access enables users to change the file-system and gives full access to all system files. DON'T PLAY WITH IT, if you don't know what you are doing. (You can easily break your N900)
Copy files to system location
> sudo gainroot # cp vpnc vpnc-disconnect /usr/local/sbin # mkdir /etc/vpnc # cp default.conf vpnc-script /etc/vpnc
Edit the /etc/sudoers file (using the visudo
utility) to allow the user to run vpnc,
vpnc-disconnect and /home/user/vpnc.sh as sudo
without passwd
# EDITOR=/usr/bin/vi visudo
add the following three lines at the end of
the /etc/sudoers file
user ALL = NOPASSWD /usr/local/sbin/vpnc user ALL = NOPASSWD /usr/local/sbin/vpnc-disconnect user ALL = NOPASSWD /home/user/vpnc.sh
Warning: Root Access enables users to change the file-system and gives full access to all system files. DON'T PLAY WITH IT, if you don't know what you are doing. (You can easily break your N900)
Finally leave root shell by pressing Ctrl-D
Activate/deactivate the vpn connection in the xterm as follows
> sudo ./vpnc.sh start (enter passwd when propted) > sudo ./vpnc.sh stop
Remove vpnc-N900.tar.gz and the
directory vpnc-N900/ to save space.
> rm vpnc-N900.tar.gz > rm -rf vpnc-N900
I hope this document was helpful. In case of questions
feel free to send email to xtof@tbi.univie.ac.at (Please
quote N900 in the subject)