macos catalina, compile openvpn 2.5.2 staticly

compile_openvpn_2_5_2_staticly.sh

#!/bin/zsh

# https://gist.github.com/lecksfrawen/fab1a1690ab7b80b4acac617cb5be403

export OTHER_CODE_SIGN_FLAGS=--options=runtime

export OPENVPN_COMPILE_PATH=$HOME/openvpn_source
# Uncomment this if you'd like to clean up the folders before compiling
if [[ -d $OPENVPN_COMPILE_PATH ]] ; then
    rm -rf $OPENVPN_COMPILE_PATH
fi
mkdir -p $OPENVPN_COMPILE_PATH

export OPENVPN_OUTPUT_PATH=$HOME/openvpn_build
# Uncomment this if you'd like to clean up the folders before compiling
if [[ -d $OPENVPN_OUTPUT_PATH ]] ; then
    rm -rf $OPENVPN_OUTPUT_PATH
fi
mkdir -p $OPENVPN_OUTPUT_PATH

_install_homebrew_if_not_present() {
    echo "Checking for homebrew installation"
    if type brew >/dev/null 2>&1; then
        echo "Homebrew already installed!"
        echo "Updating homebrew..."
        brew update
        # echo "Updating homebrew packages"
        # brew upgrade
    else
        echo "Homebrew not found. Installing..."
        /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
    fi
}

_install_compilation_tools() {
    brew install autoconf automake libtool pkg-config
    brew upgrade autoconf automake libtool pkg-config
}

_compile_ssl() {
    cd $OPENVPN_COMPILE_PATH
    wget https://www.openssl.org/source/openssl-1.1.1k.tar.gz
    tar -xzvf openssl-1.1.1k.tar.gz
    cd openssl-1.1.1k
    autoreconf -i -v -f
    # Staticly linked
    ./config -static -no-shared --prefix=$OPENVPN_OUTPUT_PATH
    make -j4
    make install
}

_compile_lzo() {
    cd $OPENVPN_COMPILE_PATH
    wget http://www.oberhumer.com/opensource/lzo/download/lzo-2.10.tar.gz
    tar -xzvf lzo-2.10.tar.gz
    cd lzo-2.10
    # Staticly linked
    ./configure --prefix=$OPENVPN_OUTPUT_PATH --enable-static 
    make -j4
    make install
}

_compile_openvpn() {
    cd $OPENVPN_COMPILE_PATH
    wget https://swupdate.openvpn.org/community/releases/openvpn-2.5.2.tar.gz
    tar -xzvf openvpn-2.5.2.tar.gz
    cd openvpn-2.5.2
    autoreconf -i -v -f
    
    export LDFLAGS="-L$OPENVPN_OUTPUT_PATH/lib"
    export CPPFLAGS="-I$OPENVPN_OUTPUT_PATH/include"
    
    # Staticly linked
    ./configure \
    --prefix=$OPENVPN_OUTPUT_PATH \
    --enable-static \
    --disable-shared \
    --disable-debug \
    --disable-plugins \
    OPENSSL_SSL_LIBS="-L$OPENVPN_OUTPUT_PATH/lib -lssl" \
    OPENSSL_SSL_CFLAGS="-I$OPENVPN_OUTPUT_PATH/include" \
    OPENSSL_CRYPTO_LIBS="-L$OPENVPN_OUTPUT_PATH/lib -lcrypto" \
    OPENSSL_CRYPTO_CFLAGS="-I$OPENVPN_OUTPUT_PATH/include" \
    LZO_CFLAGS="-I$OPENVPN_OUTPUT_PATH/include" \
    LZO_LIBS="-L$OPENVPN_OUTPUT_PATH/lib -llzo2"
    make LIBS="-all-static" -j4
    make install
}

# So we have git
xcode-select --install
_install_homebrew_if_not_present
_install_compilation_tools

# We compile everything step by step till we get 
_compile_ssl
_compile_lzo
_compile_openvpn

# After this, we can compile this in either arm64 or intel macs and then use lipo to merge the two executables
# lipo \
# -create \
# "path/to/intel/openvpn" \
# "path/to/arm64/openvpn" \
# -output "openvpn"

#### Sources:
# OpenVPN guides
# https://www.reddit.com/r/recalbox/comments/d10176/adding_openvpn_to_recalbox_60dragonblaze/
# https://gist.github.com/Anubisss/afea82b97058e418e8030ee35e40f54f
# https://www.programmersought.com/article/30631492434/
# OpenSSL guides
# https://mac-dev-env.patrickbougie.com/openssl/

Review executable arch, you'll see

~/o/sbin ❯❯❯ file openvpn
openvpn: Mach-O 64-bit executable x86_64

Review shared libraries, you should get something like this:

~/o/sbin ❯❯❯ otool -L openvpn
openvpn:
	/usr/lib/libresolv.9.dylib (compatibility version 1.0.0, current version 1.0.0)
	/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1281.100.1)

Review generated openvpn version, you'll get:

~/o/sbin ❯❯❯ openvpn --version
OpenVPN 2.5.2 [git:build/xxx-openvpn/23ae78e657052748] x86_64-apple-darwin19.6.0 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on May  3 2021
library versions: OpenSSL 1.1.1k  25 Mar 2021, LZO 2.10
Originally developed by James Yonan
Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto_ofb_cfb=yes enable_debug=no enable_def_auth=yes enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=no enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_management=yes enable_multihome=yes enable_pam_dlopen=no enable_pedantic=no enable_pf=yes enable_pkcs11=no enable_plugin_auth_pam=no enable_plugin_down_root=no enable_plugins=no enable_port_share=yes enable_selinux=no enable_shared=no enable_shared_with_static_runtimes=no enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=no enable_werror=no enable_win32_dll=yes enable_x509_alt_username=no with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=no with_mem_check=no with_sysroot=no
~/o/sbin ❯❯❯

You should be able to just use the openvpn executable