[strongSwan] Error while running Charon
Thomas Egerer
hakke_007 at gmx.de
Tue Oct 18 21:03:27 CEST 2016
Rajeev,
I guess, the config option '--enable-monolithic' option
builds charon with all plugins compiled into one binary
blob. Try and remove this option. Then remove the
load_modular option from your strongwan.conf, or place
the configuration snippets in your file system as
described in [1]. Then of course, you would have to
remove the load keyword from your strongswan.conf.
Cheers,
Thomas
[1] https://wiki.strongswan.org/projects/strongswan/wiki/Strongswandirectory
On 10/18/2016 04:37 PM, rajeev nohria wrote:
> Noel,
>
> I still having issue after going through many hit and trial method to
> fix this,
>
> root at Xilinx-ZCU102-2016_1:~# charon
> 00[DMN] Starting IKE charon daemon (strongSwan 5.5.0, Linux 4.4.0, aarch64)
> 00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet
> dependency: NONCE_GEN
> 00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon'
> has unmet dependency: HASHER:HASH_SHA1
> 00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin 'charon'
> has unmet dependency: HASHER:HASH_SHA1
> 00[LIB] failed to load 3 critical plugin features
> 00[DMN] initialization failed - aborting charon
>
>
> Makefile:
>
> CONF_OPTS += --disable-gmp --enable-monolithic --enable-openssl
> --enable-pkcs11 --enable-vici --enable-x509 --enable-nonce
>
>
>
>
> strongswan.conf
> # strongswan.conf - strongSwan configuration file
> #
> # Refer to the strongswan.conf(5) manpage for details
> #
> # Configuration changes should be made in the included files
>
> swanctl {
> load = pem pkcs1 x509 revocation constraints pubkey openssl random
> }
>
> charon {
> load_modular = yes
> load = sha1 pem pkcs1 x509 revocation constraints pubkey openssl random
> nonce curl kernel-netlink socket-default updown vici
>
> plugins {
> include strongswan.d/charon/*.conf
> }
> }
>
> filelog {
> /var/log/charon.log {
> # add a timestamp prefix
> time_format = %b %e %T
> # prepend connection name, simplifies grepping
> ike_name = yes
> # overwrite existing files
> append = no
> # increase default loglevel for all daemon subsystems
> default = 10
> # flush each line to disk
> flush_line = yes
> }
> stderr {
> # more detailed loglevel for a specific subsystem,
> overriding the
> # default loglevel.
> ike = 4
> cfg = 4
> asn = 4
> app = 4
> tls = 4
> esp = 4
> chd = 4
> knl = 0
>
> }
> }
>
>
> On Sat, Oct 8, 2016 at 7:41 PM, Noel Kuntze <noel at familie-kuntze.de
> <mailto:noel at familie-kuntze.de>> wrote:
>
> Hello Rajeevm
> >
> > 00[DMN] Starting IKE charon daemon (strongSwan 5.5.0, Linux 4.4.0, aarch64)
> > 00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet dependency: NONCE_GEN
> > 00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon' has unmet dependency: HASHER:HASH_SHA1
> > 00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin 'charon' has unmet dependency: HASHER:HASH_SHA1
> > 00[LIB] failed to load 3 critical plugin features
> > 00[DMN] initialization failed - aborting charon
>
> You need the sha1 or the openssl plugin, as well as the nonce plugin.
> Please use google[1] next time.
>
> [1]
> https://encrypted.google.com/search?hl=en&q=site%3Awiki.strongswan.org%20%22libcharon%20in%20critical%20plugin%20%27charon%27%20has%20unmet%20dependency%3A%20NONCE_GEN%22
> <https://encrypted.google.com/search?hl=en&q=site%3Awiki.strongswan.org%20%22libcharon%20in%20critical%20plugin%20%27charon%27%20has%20unmet%20dependency%3A%20NONCE_GEN%22>
>
> --
>
> Mit freundlichen Grüßen/Kind Regards,
> Noel Kuntze
>
> GPG Key ID: 0x63EC6658
> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
>
>
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
>
More information about the Users
mailing list