[strongSwan] charon unmet dependency on native android build

Nathan Bahr nbahr at atcorp.com
Thu May 25 17:45:45 CEST 2017


Thanks for the response Andreas.

I have double checked and I am certain the plugins are available.

As I stated in my previous message, I am doing a monolithic build 
because without it I am having additional problems, but the libraries 
are installed in the same location as I specify during configure.

root at kltetmo:/ # ls -l /etc/strongswan/ipsec/
-rw------- root     root      1231756 2017-05-25 11:24 libcharon.a
-rw------- root     root          997 2017-05-25 11:24 libcharon.la
-rw------- root     root       906240 2017-05-25 11:24 libcharon.so
-rw------- root     root      1269370 2017-05-25 11:24 libstrongswan.a
-rw------- root     root          970 2017-05-25 11:24 libstrongswan.la
-rw------- root     root      2859228 2017-05-25 11:24 libstrongswan.so
-rw------- root     root        10568 2017-05-25 11:24 libtpmtss.a
-rw------- root     root          997 2017-05-25 11:24 libtpmtss.la
-rw------- root     root        12116 2017-05-25 11:24 libtpmtss.so
-rw------- root     root        25612 2017-05-25 11:24 libvici.a
-rw------- root     root          987 2017-05-25 11:24 libvici.la
-rw------- root     root        27948 2017-05-25 11:24 libvici.so

I've gone through the make output and the nonce and sha1 plugins are 
being built and both linked into the libstrongswan library.

I have verified that the symbols are in the libstrongswan.so file.

All the conf files look ok as far as I know, I haven't changed them from 
what was generated during make install.

root at kltetmo:/ # cat /etc/strongswan.conf
# strongswan.conf - strongSwan configuration file
#
# Refer to the strongswan.conf(5) manpage for details
#
# Configuration changes should be made in the included files

charon {
     load_modular = yes
     plugins {
         include strongswan.d/charon/*.conf
     }
}

include strongswan.d/*.conf


root at kltetmo:/ # ls -l /etc/strongswan.d/
drwx------ root     root              2017-05-24 23:17 charon
-rw------- root     root         1792 2017-05-25 11:24 charon-logging.conf
-rw------- root     root        10309 2017-05-25 11:24 charon.conf
-rw------- root     root           65 2017-05-25 11:24 pki.conf
-rw------- root     root           79 2017-05-25 11:24 scepclient.conf
-rw------- root     root          173 2017-05-25 11:24 starter.conf
-rw------- root     root           62 2017-05-25 11:24 swanctl.conf


root at kltetmo:/ # ls -l /etc/strongswan.d/charon
-rw------- root     root          130 2017-05-25 11:24 aes.conf
-rw------- root     root          138 2017-05-25 11:24 android-log.conf
-rw------- root     root          362 2017-05-25 11:24 attr.conf
-rw------- root     root          131 2017-05-25 11:24 cmac.conf
-rw------- root     root          138 2017-05-25 11:24 constraints.conf
-rw------- root     root          137 2017-05-25 11:24 curve25519.conf
-rw------- root     root          130 2017-05-25 11:24 des.conf
-rw------- root     root          133 2017-05-25 11:24 dnskey.conf
-rw------- root     root          135 2017-05-25 11:24 fips-prf.conf
-rw------- root     root          130 2017-05-25 11:24 gmp.conf
-rw------- root     root          131 2017-05-25 11:24 hmac.conf
-rw------- root     root         2239 2017-05-25 11:24 kernel-netlink.conf
-rw------- root     root          130 2017-05-25 11:24 md5.conf
-rw------- root     root          132 2017-05-25 11:24 nonce.conf
-rw------- root     root          301 2017-05-25 11:24 openssl.conf
-rw------- root     root          130 2017-05-25 11:24 pem.conf
-rw------- root     root          130 2017-05-25 11:24 pgp.conf
-rw------- root     root          132 2017-05-25 11:24 pkcs1.conf
-rw------- root     root          133 2017-05-25 11:24 pkcs12.conf
-rw------- root     root          132 2017-05-25 11:24 pkcs7.conf
-rw------- root     root          132 2017-05-25 11:24 pkcs8.conf
-rw------- root     root          133 2017-05-25 11:24 pubkey.conf
-rw------- root     root          425 2017-05-25 11:24 random.conf
-rw------- root     root          130 2017-05-25 11:24 rc2.conf
-rw------- root     root          340 2017-05-25 11:24 resolve.conf
-rw------- root     root          283 2017-05-25 11:24 revocation.conf
-rw------- root     root          131 2017-05-25 11:24 sha1.conf
-rw------- root     root          131 2017-05-25 11:24 sha2.conf
-rw------- root     root          402 2017-05-25 11:24 socket-default.conf
-rw------- root     root          133 2017-05-25 11:24 sshkey.conf
-rw------- root     root          986 2017-05-25 11:24 stroke.conf
-rw------- root     root          297 2017-05-25 11:24 updown.conf
-rw------- root     root          221 2017-05-25 11:24 vici.conf
-rw------- root     root          131 2017-05-25 11:24 x509.conf
-rw------- root     root          140 2017-05-25 11:24 xauth-generic.conf
-rw------- root     root          131 2017-05-25 11:24 xcbc.conf


root at kltetmo:/ # cat /etc/strongswan.d/charon/nonce.conf
nonce {

     # Whether to load the plugin. Can also be an integer to increase the
     # priority of this plugin.
     load = yes

}


root at kltetmo:/ # cat /etc/strongswan.d/charon/sha1.conf
sha1 {

     # Whether to load the plugin. Can also be an integer to increase the
     # priority of this plugin.
     load = yes

}


On 05/25/2017 02:34 AM, Andreas Steffen wrote:
> Hi Nathan,
>
> you are missing the nonce and sha1 plugins which are required for
> charon to start up successfully.
>
> Regards
>
> Andreas
>
> On 25.05.2017 01:37, Nathan Bahr wrote:
>> Hello,
>>
>> I've been trying to cross compile strongswan to run on android natively
>> and I am having trouble starting the charon daemon.
>>
>> The output I get is (I get the same log output if I do ipsec start
>> instead of executing charon directly):
>>
>> root at kltetmo:/ # charon
>> 00[DMN] Starting IKE charon daemon (strongSwan 5.5.2, Linux 3.4.0, 
>> armv7l)
>> 00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet
>> dependency: NONCE_GEN
>> 00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon'
>> has unmet dependency: HASHER:HASH_SHA1
>> 00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin 'charon'
>> has unmet dependency: HASHER:HASH_SHA1
>> 00[LIB] failed to load 3 critical plugin features
>
>> > 00[DMN] initialization failed - aborting charon
>> root at kltetmo:/ # pki --help
>> strongSwan 5.5.2 PKI tool
>> loaded plugins: aes des rc2 sha2 sha1 md5 random x509 revocation pkcs1
>> pkcs7 pkcs8 pkcs12 dnskey sshkey pem gmp hmac
>
> ======================================================================
> Andreas Steffen andreas.steffen at strongswan.org
> strongSwan - the Open Source VPN Solution! www.strongswan.org
> Institute for Networked Solutions
> University of Applied Sciences Rapperswil
> CH-8640 Rapperswil (Switzerland)
> ===========================================================[INS-HSR]==
>

-- 
Nathan Bahr
Architecture Technology Corp.
952-829-5864 x174



More information about the Users mailing list