[strongSwan] charon daemon does not load the vici plugin

Guy Amit guy4amit at gmail.com
Sun Jul 7 10:54:13 CEST 2019


Hi,

could you please advise what am I missing here, in order to enable the vici
plugin,

I am cross compiling the charon daemon (version 5.6.2) to be loaded and
executed on a mips platform.

My configure options are:
            --host=$TARGET --enable-openssl --disable-gmp
--enable-monolithic \
            --prefix=/ --sysconfdir=/etc

in the configure log /source/config.log I notice the vici plugin is enabled
charon_plugins=' aes des rc2 sha2 sha1 md5 random nonce x509 revocation
constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl
fips-prf curve25519 xcbc cmac hmac attr kernel-netlink resolve
socket-default stroke vici updown xauth-generic counters'
...
configure:29605: result:
configure:29607: result:  strongSwan will be built with the following
plugins
configure:29609: result:
-----------------------------------------------------
configure:29612: result: libstrongswan: aes des rc2 sha2 sha1 md5 random
nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp
dnskey sshkey pem openssl fips-prf curve25519 xcbc cmac hmac
configure:29614: result: libcharon:     attr kernel-netlink resolve
socket-default stroke vici updown xauth-generic counters

But, when I execute charon I don't see vici being listed as one of the
active plugins,

/ #./charon &
/ # 00[DMN] Starting IKE charon daemon (strongSwan 5.6.2, Linux 3.10.104,
mips)
00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
00[CFG] loading crls from '/etc/ipsec.d/crls'
00[CFG] loading secrets from '/etc/ipsec.secrets'
00[LIB] loaded plugins: charon aes des rc2 sha2 sha1 md5 random nonce x509
revocation constraints pubkey pkcs1 pgp dnskey sshkey pem fips-prf xcbc
hmac attr kernel-netlink resolve
socket-default stroke updown xauth-generic

and trying to use swanctl fails (as expected) due to vici plugin absence
# ./swanctl --stats &
# connecting to 'unix:///var/run/charon.vici' failed: No such file or
directory
Error: connecting to 'default' URI failed: No such file or directory
strongSwan 5.6.2 swanctl
usage:
  swanctl --stats [--raw|--pretty]
           --help            (-h)  show usage information
           --raw             (-r)  dump raw response message
           --pretty          (-P)  dump raw response message in pretty print
           --debug           (-v)  set debug level, default: 1
           --options         (-+)  read command line options from file
           --uri             (-u)  service URI to connect to

Thanks,
Guy.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20190707/850d5380/attachment.html>


More information about the Users mailing list