Osh is an experimental mesh VPN made as a fun and learning project.
- OpenSSL
- easyconf (which is a submodule of this repository and compiled automatically)
- Criterion (optional, only needed if unit tests are enabled)
apt install make git gcc pkg-config libssl-dev cmake
pacman -S --needed make git gcc pkgconf openssl cmake
pacman -S --needed base-devel git mingw-w64-x86_64-toolchain mingw-w64-x86_64-toolchain-libwinpthread mingw-w64-x86_64-pkgconf mingw-w64-x86_64-make mingw-w64-x86_64-cmake mingw-w64-x86_64-openssl
Clone the repository and navigate to it, then run
git submodule update --init
cmake -B build
cmake --build build
The binary will be located inside the build directory.
The cmake -B build command can be invoked again to change build parameters.
Build options can be set by adding -D<option>=<value> to the cmake command.
Build types can be changed with -DCMAKE_BUILD_TYPE=<build_type>
| Build type | Description |
|---|---|
| Debug | Disables compiler optimizations and enables more debug information (default) |
| Release | Enables compiler optimizations (level 2) |
| MinSizeRel | Enables compiler optimizations for smaller file sizes |
| RelWithDebInfo | Same as Release but also enables default debug information |
| NativeRelease | Same as Release with optimizations specific to the host CPU |
| Option | Default value | Description |
|---|---|---|
ENABLE_UNIT_TESTS |
OFF |
Build unit tests, they can be run with ctest --output-on-failure or directly with ./oshd_tests. |
AIO_BACKEND |
auto |
Choose the backend used for polling I/O events. auto automatically chooses the best available from the following backends: epoll, poll, windows. |
ENABLE_SYSTEMD |
OFF |
Configure systemd service files |
DISABLE_EVENTS_TIMERFD |
OFF |
Disable the use of timerfd for timed events even when it is available |
ENABLE_HARDENING |
ON |
Enable hardening flags for release builds (https://wiki.debian.org/Hardening) |
TUNTAP_DISABLE_EMULATION |
OFF |
Disable TUN/TAP emulation layers |
ENABLE_PIC |
ON |
Compile executables and libraries with position independent code |
It is possible to install Osh with cmake --install <builddir> after compiling.
The installation prefix can be changed to install files to another location by setting -DCMAKE_INSTALL_PREFIX=<path> (defaults to /usr/local on Unix and C:\Program Files on Windows).
After installing there will be an install_manifest.txt in your build directory, which lists all the files that were installed.
include/tuntap/tap-windows.hwas copied from https://github.com/OpenVPN/tap-windows6/blob/master/src/tap-windows.h (licensed under MIT: https://github.com/OpenVPN/tap-windows6/blob/master/COPYRIGHT.MIT)include/tuntap/wintun.hwas copied from https://git.zx2c4.com/wintun/tree/api/wintun.h
Noise protocol was implemented following specification revision 34 https://noiseprotocol.org/
Test vectors for Noise are copied from external sources:
tests/noise/cacophony.txtfrom https://github.com/haskell-cryptography/cacophony/blob/master/vectors/cacophony.txttests/noise/snow.txtfrom https://github.com/mcginty/snow/blob/main/tests/vectors/snow.txt