[strongSwan] Error while running Charon
rajeev nohria
rajnohria at gmail.com
Wed Oct 19 20:43:37 CEST 2016
Thomas,
I tired both way and did not help. Not sure what I could be missing. In
following I also tried removing swanctl section, that also did not work.
# strongswan.conf - strongSwan configuration file
#
# Refer to the strongswan.conf(5) manpage for details
#
# Configuration changes should be made in the included files
swanctl {
load = pem pkcs1 x509 revocation constraints pubkey openssl random
}
charon {
load_modular = yes
plugins {
include strongswan.d/charon/*.conf
}
}
filelog {
/var/log/charon.log {
# add a timestamp prefix
time_format = %b %e %T
# prepend connection name, simplifies grepping
ike_name = yes
# overwrite existing files
append = no
# increase default loglevel for all daemon subsystems
default = 10
# flush each line to disk
flush_line = yes
}
stderr {
# more detailed loglevel for a specific subsystem, overriding
the
# default loglevel.
ike = 4
cfg = 4
asn = 4
app = 4
tls = 4
esp = 4
chd = 4
knl = 0
}
}
include strongswan.d/charon/*.conf
*root at Xilinx-ZCU102-2016_1:/usr/etc/strongswan.d/charon# ls*
aes.conf pem.conf sha1.conf
attr.conf pgp.conf sha2.conf
cmac.conf pkcs1.conf socket-default.conf
constraints.conf pkcs11.conf sshkey.conf
des.conf pkcs12.conf stroke.conf
dnskey.conf pkcs7.conf updown.conf
fips-prf.conf pkcs8.conf vici.conf
hmac.conf pubkey.conf x509.conf
kernel-netlink.conf random.conf xauth-generic.conf
md5.conf rc2.conf xcbc.conf
nonce.conf resolve.conf
openssl.conf revocation.conf
root at Xilinx-ZCU102-2016_1:/usr/etc/strongswan.d/charon# *cat nonce.conf*
nonce {
# Whether to load the plugin. Can also be an integer to increase the
# priority of this plugin.
load = yes
}
On Tue, Oct 18, 2016 at 3:03 PM, Thomas Egerer <hakke_007 at gmx.de> wrote:
> Rajeev,
>
> I guess, the config option '--enable-monolithic' option
> builds charon with all plugins compiled into one binary
> blob. Try and remove this option. Then remove the
> load_modular option from your strongwan.conf, or place
> the configuration snippets in your file system as
> described in [1]. Then of course, you would have to
> remove the load keyword from your strongswan.conf.
>
> Cheers,
> Thomas
>
> [1] https://wiki.strongswan.org/projects/strongswan/wiki/Strongs
> wandirectory
>
>
> On 10/18/2016 04:37 PM, rajeev nohria wrote:
>
>> Noel,
>>
>> I still having issue after going through many hit and trial method to
>> fix this,
>>
>> root at Xilinx-ZCU102-2016_1:~# charon
>> 00[DMN] Starting IKE charon daemon (strongSwan 5.5.0, Linux 4.4.0,
>> aarch64)
>> 00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet
>> dependency: NONCE_GEN
>> 00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon'
>> has unmet dependency: HASHER:HASH_SHA1
>> 00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin 'charon'
>> has unmet dependency: HASHER:HASH_SHA1
>> 00[LIB] failed to load 3 critical plugin features
>> 00[DMN] initialization failed - aborting charon
>>
>>
>> Makefile:
>>
>> CONF_OPTS += --disable-gmp --enable-monolithic --enable-openssl
>> --enable-pkcs11 --enable-vici --enable-x509 --enable-nonce
>>
>>
>>
>>
>> strongswan.conf
>> # strongswan.conf - strongSwan configuration file
>> #
>> # Refer to the strongswan.conf(5) manpage for details
>> #
>> # Configuration changes should be made in the included files
>>
>> swanctl {
>> load = pem pkcs1 x509 revocation constraints pubkey openssl random
>> }
>>
>> charon {
>> load_modular = yes
>> load = sha1 pem pkcs1 x509 revocation constraints pubkey openssl random
>> nonce curl kernel-netlink socket-default updown vici
>>
>> plugins {
>> include strongswan.d/charon/*.conf
>> }
>> }
>>
>> filelog {
>> /var/log/charon.log {
>> # add a timestamp prefix
>> time_format = %b %e %T
>> # prepend connection name, simplifies grepping
>> ike_name = yes
>> # overwrite existing files
>> append = no
>> # increase default loglevel for all daemon subsystems
>> default = 10
>> # flush each line to disk
>> flush_line = yes
>> }
>> stderr {
>> # more detailed loglevel for a specific subsystem,
>> overriding the
>> # default loglevel.
>> ike = 4
>> cfg = 4
>> asn = 4
>> app = 4
>> tls = 4
>> esp = 4
>> chd = 4
>> knl = 0
>>
>> }
>> }
>>
>>
>> On Sat, Oct 8, 2016 at 7:41 PM, Noel Kuntze <noel at familie-kuntze.de
>> <mailto:noel at familie-kuntze.de>> wrote:
>>
>> Hello Rajeevm
>> >
>> > 00[DMN] Starting IKE charon daemon (strongSwan 5.5.0, Linux 4.4.0,
>> aarch64)
>> > 00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has
>> unmet dependency: NONCE_GEN
>> > 00[LIB] feature CUSTOM:libcharon-receiver in critical plugin
>> 'charon' has unmet dependency: HASHER:HASH_SHA1
>> > 00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin
>> 'charon' has unmet dependency: HASHER:HASH_SHA1
>> > 00[LIB] failed to load 3 critical plugin features
>> > 00[DMN] initialization failed - aborting charon
>>
>> You need the sha1 or the openssl plugin, as well as the nonce plugin.
>> Please use google[1] next time.
>>
>> [1]
>> https://encrypted.google.com/search?hl=en&q=site%3Awiki.stro
>> ngswan.org%20%22libcharon%20in%20critical%20plugin%20%27char
>> on%27%20has%20unmet%20dependency%3A%20NONCE_GEN%22
>> <https://encrypted.google.com/search?hl=en&q=site%3Awiki.str
>> ongswan.org%20%22libcharon%20in%20critical%20plugin%20%27cha
>> ron%27%20has%20unmet%20dependency%3A%20NONCE_GEN%22>
>>
>> --
>>
>> Mit freundlichen Grüßen/Kind Regards,
>> Noel Kuntze
>>
>> GPG Key ID: 0x63EC6658
>> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
>>
>>
>>
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.strongswan.org
>> https://lists.strongswan.org/mailman/listinfo/users
>>
>>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20161019/a5c7e0bb/attachment.html>
More information about the Users
mailing list