<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal">Hi,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I cross compiled strongSwan5.2.0 for MIPS thus (build machine x86) –<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">./configure CC=mips64-octeon-linux-gnu-gcc --host mips64 LDFLAGS=-L/home/prashant/gmp/lib CPPFLAGS=-I/home/prashant/gmp/include --prefix=/home/prashant/strongswan<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Followed by make, make install<o:p></o:p></p>
<p class="MsoNormal">I cross compiled the gmp library separately and provided to the build above hence the additional LDFLAGS/CPPFLAGS<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Then I picked all the install stuff and took it to the MIPS target, just used the factory default config files, no additional config as I just wanted to see if the whole thing starts up (will deal with additional config subsequently)<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Now at the MIPS target system, when I do “ipsec start”, I get the following logs –<o:p></o:p></p>
<p class="MsoNormal">====<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">/home/prashant/strongswan/sbin # ./ipsec start<o:p></o:p></p>
<p class="MsoNormal">Starting strongSwan 5.2.0 IPsec [starter]...<o:p></o:p></p>
<p class="MsoNormal">Jan 1 00:03:45 (none) authpriv.info ipsec_starter[714]: Starting strongSwan 5.2.0 IPsec [starter]...
<o:p></o:p></p>
<p class="MsoNormal">insmod /lib/modules/2.6.27.7-Cavium-Octeon/net/key/af_key.ko
<o:p></o:p></p>
<p class="MsoNormal">NET: Registered protocol family 15<o:p></o:p></p>
<p class="MsoNormal">insmod /lib/modules/2.6.27.7-Cavium-Octeon/net/ipv4/ah4.ko <o:p>
</o:p></p>
<p class="MsoNormal">insmod /lib/modules/2.6.27.7-Cavium-Octeon/crypto/aead.ko <o:p>
</o:p></p>
<p class="MsoNormal">insmod /lib/modules/2.6.27.7-Cavium-Octeon/net/ipv4/esp4.ko <o:p>
</o:p></p>
<p class="MsoNormal">insmod /lib/modules/2.6.27.7-Cavium-Octeon/net/xfrm/xfrm_user.ko
<o:p></o:p></p>
<p class="MsoNormal">Initializing XFRM netlink socket<o:p></o:p></p>
<p class="MsoNormal"><b>Jan 1 00:03:45 (none) authpriv.info scepclient[740]: building CRED_PRIVATE_KEY - RSA failed, tried 0 builders
<o:p></o:p></b></p>
<p class="MsoNormal">error: no RSA private key available<o:p></o:p></p>
<p class="MsoNormal">Jan 1 00:03:45 (none) daemon.info charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.2.0, Linux 2.6.27.7-Cavium-Octeon, mips64)
<o:p></o:p></p>
<p class="MsoNormal"><b>Jan 1 00:03:45 (none) daemon.info charon: 00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet dependency: NONCE_GEN
<o:p></o:p></b></p>
<p class="MsoNormal"><b>Jan 1 00:03:45 (none) daemon.info charon: 00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon' has unmet dependency: HASHER:HASH_SHA1</b>
<o:p></o:p></p>
<p class="MsoNormal">Jan 1 00:03:45 (none) daemon.info charon: 00[LIB] failed to load 2 critical plugin features
<o:p></o:p></p>
<p class="MsoNormal">Jan 1 00:03:45 (none) daemon.info charon: 00[DMN] initialization failed - aborting charon
<o:p></o:p></p>
<p class="MsoNormal">/home/prashant/strongswan/sbin # Jan 1 00:04:00 (none) authpriv.info ipsec_starter[743]: charon too long to start... - kill kill
<o:p></o:p></p>
<p class="MsoNormal">Jan 1 00:04:09 (none) authpriv.info ipsec_starter[743]: starter_stop_charon(): charon does not respond, sending KILL
<o:p></o:p></p>
<p class="MsoNormal">Jan 1 00:04:11 (none) authpriv.info ipsec_starter[743]: starter_stop_charon(): can't stop charon !!!
<o:p></o:p></p>
<p class="MsoNormal">Jan 1 00:04:11 (none) authpriv.info ipsec_starter[743]: ipsec starter stopped<o:p></o:p></p>
<p class="MsoNormal">====<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I did try the command –<o:p></o:p></p>
<p class="MsoNormal">ipsec pki –gen > myKey.der<o:p></o:p></p>
<p class="MsoNormal">and it failed with the same message highlighted above i.e. <b>
building CRED_PRIVATE_KEY - RSA failed, tried 0 builders</b><o:p></o:p></p>
<p class="MsoNormal">Am I missing something basic in the build itself or there is something wrong with my target setup/kernel, would appreciate any advice.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Regards<o:p></o:p></p>
<p class="MsoNormal">-Prashant<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<br>
<font face="Arial" color="Gray" size="1"><br>
"DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what
it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this
message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."<br>
</font>
</body>
</html>