OpenVPN Support Forum

NOOB here so please be gentle.

Attempting to install OpenVPN on clean Raspberry Pi 3. After installing OS, performed update/upgrade, installed Samba and then successfully updated existing OpenSSL to 1.0.2l Finally, attempted to install OpenVPN 2.4.2 using dpkg-buildpackage resulting in the following:

-- start snippet --
libtool: link: gcc -DPLUGIN_LIBDIR=\"/usr/lib/arm-linux-gnueabihf/openvpn/plugins\" -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -std=c99 -Wl,-z -Wl,relro -o openvpn argv.o base64.o buffer.o clinat.o comp.o compstub.o comp-lz4.o crypto.o crypto_openssl.o crypto_mbedtls.o dhcp.o error.o event.o fdmisc.o forward.o fragment.o gremlin.o helper.o httpdigest.o lladdr.o init.o interval.o list.o lzo.o manage.o mbuf.o misc.o platform.o console.o console_builtin.o console_systemd.o mroute.o mss.o mstats.o mtcp.o mtu.o mudp.o multi.o ntlm.o occ.o pkcs11.o pkcs11_openssl.o pkcs11_mbedtls.o openvpn.o options.o otime.o packet_id.o perf.o pf.o ping.o plugin.o pool.o proto.o proxy.o ps.o push.o reliable.o route.o schedule.o session_id.o shaper.o sig.o socket.o socks.o ssl.o ssl_openssl.o ssl_mbedtls.o ssl_verify.o ssl_verify_openssl.o ssl_verify_mbedtls.o status.o tls_crypt.o tun.o win32.o cryptoapi.o ../../src/compat/.libs/libcompat.a -lnsl -lresolv -llzo2 -lssl -lcrypto -ldl
ssl_openssl.o: In function `tls_ctx_check_cert_time':
/home/pi/source/openvpn/openvpn-2.4.2/src/openvpn/ssl_openssl.c:396: undefined reference to `SSL_CTX_get0_certificate'
collect2: error: ld returned 1 exit status
Makefile:575: recipe for target 'openvpn' failed
make[4]: *** [openvpn] Error 1
make[4]: Leaving directory '/home/pi/source/openvpn/openvpn-2.4.2/src/openvpn'
Makefile:418: recipe for target 'all-recursive' failed
make[3]: *** [all-recursive] Error 1
make[3]: Leaving directory '/home/pi/source/openvpn/openvpn-2.4.2/src'
Makefile:604: recipe for target 'all-recursive' failed
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory '/home/pi/source/openvpn/openvpn-2.4.2'
Makefile:491: recipe for target 'all' failed
make[1]: *** [all] Error 2
make[1]: Leaving directory '/home/pi/source/openvpn/openvpn-2.4.2'
dh_auto_build: make -j1 returned exit code 2
-- end snippet --

Diagnosing this is way beyond my skill level. So ... can anybody assist me please?

have you installed the dependencies ?

Short answer: no.

One of the problems of not knowing a lot is that you do have to guess what you think is appropriate. So:

1. I am generating openvpn 2.4.2 from source because (AFAIK) the debian repositories are back level - otherwise
I would have used apt-get
2. I do not know how to authoritatively derive the dependency list (help here would be appreciated)
3. When I run your command, I am told I need to add URI's to the sources list. Well, that seems like
Catch-22 to me
4. Eventually, I did what most people would do: used google and made an educated guess

For what it is worth, this is the list I used. But, I stress, it is still a guess and I would prefer to refer to an official list of dependencies. Again, remember that I am installing into an empty Raspbian system so some elements in the following list may seem strange:
regards, Banjo

maybe try these you need to run the commands as root

banjo wrote:1. I am generating openvpn 2.4.2 from source because (AFAIK) the debian repositories are back level - otherwise I would have used apt-get

Which is why the poeple at OpenVPN go to all this trouble ..

https://community.openvpn.net/openvpn/w ... twareRepos

@TinCanTech: I might be a noob but that does not mean that I do not research to the best of my ability. I am fully aware of that page, am certainly appreciative of the effort, have long ago tried what is mentioned and it does not appear to work. The RPI is an armhf architecture and it would appear (at least to me) that builds are thin on the ground for it. For completeness, after updating the sources.list fragment with what I think are the correct values, apt-get update yields "W: Failed to fetch http://build.openvpn.net/debian/openvpn ... ie/Release Unable to find expected entry 'main/binary-armhf/Packages' in Release file (Wrong sources.list entry or malformed file)"

@TiTex: thanks for that. I tried your suggestion but unfortunately, that didn't work as the source.list fragment is pointing at Raspbian and it does not have an openvpn package

... which is why I have taken to building both packages from source. A task that I thought would be relatively simple but has proven to be anything but.

banjo wrote: The RPI is an armhf architecture

Please see To build for Arm on Linux 64bit:
https://community.openvpn.net/openvpn/w ... ngthebuild

You may find some more help if you contact the OpenVPN users mailing list

banjo wrote:@TiTex: thanks for that. I tried your suggestion but unfortunately, that didn't work as the source.list fragment is pointing at Raspbian and it does not have an openvpn package

sorry , i do not have a device with ARM CPU to test , those are the steps i've used on ubuntu/debian.

by the way , there is an openvpn package for RPi (raspbian) http://archive.raspbian.org/raspbian/po ... o/openvpn/
you can also install ubuntu for arm or other distributions.
you sould edit your /etc/apt/sources.list and check if you have any commented lines starting with
deb http://... or ftp://... and deb-src

https://www.raspbian.org/RaspbianRepository
https://www.raspbian.org/RaspbianFAQ#Wh ... ository.3F

Your SSL library does not contain this function, it may be outdated. Try different versions.