Compile and Install OpenVPN 2.4.X on XenServer 6.5

It’s a pain in the ass, but this is the fast recipe, XenServer 6.5 is based on Centos 5.11, so:

Edit CentOS:

sudo nano /etc/yum.repos.d/CentOS-Base.repo

Change ‘baseurl=‘ and comment ‘mirrorlist

CentOS-Base.repo
CentOS-Base.repo

Then downgrade to CentOS packages:

yum downgrade glibc glibc-common glibc-devel glibc-headers

Install GCC

yum install gcc

Download OpenSSL Sources (Tested with 1.0.1u version):

wget https://www.openssl.org/source/old/1.0.1/openssl-1.0.1u.tar.gz

Download LZO Sources:

wget http://www.oberhumer.com/opensource/lzo/download/lzo-2.10.tar.gz

Download OpenVPN Sources:

wget --no-check-certificate https://swupdate.openvpn.org/community/releases/openvpn-2.4.6.tar.gz

Configure, Compile And Install OpenSSL Libs:

./Config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl enable-shared -Wa,--noexecstack no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-ssl2 no-store no-unit-test no-weak-ssl-ciphers no-zlib no-zlib-dynamic no-static-engine
make
sudo make install

Configure, Compile and Install LZO Libs:

./configure --prefix=/usr/local --enable-shared
make
sudo make install

Adding OpenSSL and LZO to ldconfig:

sudo nano /etc/ld.so.conf.d/sslzo.conf

and write:

/usr/local/ssl/lib
/usr/local/lib

Then you can check with ‘ldconfig -v‘ command that the libs was added.

Screenshot from 2019-02-15 00-59-36

Configure, Compile and Install Openvpn

./configure OPENSSL_LIBS="-L/usr/local/ssl/lib -lssl -lcrypto" OPENSSL_CFLAGS="-I/usr/local/ssl/include" LZO_LIBS="-L/usr/local/lib -llzo2" LZO_CFLAGS="-I/usr/local/include/lzo" --disable-debug --with-crypto-library=openssl --disable-lz4 --disable-plugins
make

And now you can use the binary on “src/openvpn/openvpn“, its up to you install OpenVPN binaries specifying the prefix option, like “–prefix=/opt/” in the configure command line, but right now you have openvpn 2.4.x compiled and ready to lunch an ovpn file:

src/openvpn/openvpn --config ./your-ovpn-file.conf

Byes

Alejandro M.

Ingeniero Mexicano especialista en Seguridad Informática. Conocimientos en Cisco con la certificación Cisco Certified Network Professional - Security, Fortinet con ahora NSE-4, Certified Ethical Hacker. Trabajo con sistema operativos Linux para servidores de servicios web, dns, balanceo de carga, etc... Fanático de los MMORPG