subject:"\[strongSwan\] Error while running Charon"

Re: [strongSwan] Error while running Charon

2016-10-27 Thread rajeev nohria

Ok, I will register on the issue tracker.

On Thu, Oct 27, 2016 at 2:37 PM, Noel Kuntze  wrote:

> On 27.10.2016 20:34, rajeev nohria wrote:
> >
> > I am getting similar to following issue. Not sure how it was resolved.
> > https://wiki.strongswan.org/issues/1299
> It wasn't resolved. The person didn't answer to Tobias' question and then
> the issue was closed.
> If you care enough about your problem to want it be resolved, register on
> the issue tracker and comment on it.
>
> --
>
> Mit freundlichen Grüßen/Kind Regards,
> Noel Kuntze
>
> GPG Key ID: 0x63EC6658
> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
>
>
>
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Error while running Charon

2016-10-27 Thread rajeev nohria

Problem 1:
root@Xilinx-ZCU102-2016_1:/lib# charon
00[DMN] Starting IKE charon daemon (strongSwan 5.5.0, Linux 4.4.0, aarch64)
00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet
dependency: NONCE_GEN
00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon' has
unmet dependency: HASHER:HASH_SHA1
00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin 'charon'
has unmet dependency: HASHER:HASH_SHA1
00[LIB] failed to load 3 critical plugin features
00[DMN] initialization failed - aborting charon

How does charon knows that where to look for the plugins?  I used
--enable-monolithic options and that means all the plugins should be there
in libstrongswan and libcharon and libvici.

I am getting similar to following issue. Not sure how it was resolved.
https://wiki.strongswan.org/issues/1299


root@Xilinx-ZCU102-2016_1:~# cd /usr/lib/ipsec

root@Xilinx-ZCU102-2016_1:/usr/lib/ipsec# ls

libcharon.a   libstrongswan.a   libvici.a plugins

libcharon.la  libstrongswan.la  libvici.la

root@Xilinx-ZCU102-2016_1:/usr/lib/ipsec# cd plugins/

root@Xilinx-ZCU102-2016_1:/usr/lib/ipsec/plugins# ls

libstrongswan-aes.a  libstrongswan-pkcs7.a

libstrongswan-aes.la libstrongswan-pkcs7.la

libstrongswan-attr.a libstrongswan-pkcs8.a

libstrongswan-attr.lalibstrongswan-pkcs8.la

libstrongswan-cmac.a libstrongswan-pubkey.a

libstrongswan-cmac.lalibstrongswan-pubkey.la

libstrongswan-constraints.a  libstrongswan-random.a

libstrongswan-constraints.la libstrongswan-random.la

libstrongswan-des.a  libstrongswan-rc2.a

libstrongswan-des.la libstrongswan-rc2.la

libstrongswan-dnskey.a   libstrongswan-resolve.a

libstrongswan-dnskey.la  libstrongswan-resolve.la

libstrongswan-fips-prf.a libstrongswan-revocation.a

libstrongswan-fips-prf.lalibstrongswan-revocation.la

libstrongswan-hmac.a libstrongswan-sha1.a

libstrongswan-hmac.lalibstrongswan-sha1.la

libstrongswan-kernel-netlink.a   libstrongswan-sha2.a

libstrongswan-kernel-netlink.la  libstrongswan-sha2.la

libstrongswan-md5.a  libstrongswan-socket-default.a

libstrongswan-md5.la libstrongswan-socket-default.la

libstrongswan-nonce.alibstrongswan-sshkey.a

libstrongswan-nonce.la   libstrongswan-sshkey.la

libstrongswan-openssl.a  libstrongswan-stroke.a

libstrongswan-openssl.la libstrongswan-stroke.la

libstrongswan-pem.a  libstrongswan-updown.a

libstrongswan-pem.la libstrongswan-updown.la

libstrongswan-pgp.a  libstrongswan-vici.a

libstrongswan-pgp.la libstrongswan-vici.la

libstrongswan-pkcs1.alibstrongswan-x509.a

libstrongswan-pkcs1.la   libstrongswan-x509.la

libstrongswan-pkcs11.a   libstrongswan-xauth-generic.a

libstrongswan-pkcs11.la  libstrongswan-xauth-generic.la

libstrongswan-pkcs12.a   libstrongswan-xcbc.a

libstrongswan-pkcs12.la  libstrongswan-xcbc.la





Problem 2:

When running swanctl, I am getting following issue? Any pointer?


root@Xilinx-ZCU102-2016_1:/lib#
root@Xilinx-ZCU102-2016_1:/lib#
root@Xilinx-ZCU102-2016_1:/lib# swanctl
strongSwan 5.5.0 swanctl
loaded plugins:
usage:
  swanctl --initiate (-i)  initiate a connection
  swanctl --terminate(-t)  terminate a connection
  swanctl --redirect (-d)  redirect an IKE_SA
  swanctl --uninstall(-u)  uninstall a trap or shunt policy
  swanctl --install  (-p)  install a trap or shunt policy
  swanctl --list-sas (-l)  list currently active IKE_SAs
  swanctl --monitor-sa   (-m)  monitor for IKE_SA and CHILD_SA changes
  swanctl --list-pols(-P)  list currently installed policies
  swanctl --list-authorities (-B)  list loaded authority configurations
  swanctl --list-conns   (-L)  list loaded configurations
  swanctl --list-certs   (-x)  list stored certificates
  swanctl --list-pools   (-A)  list loaded pool configurations
  swanctl --list-algs(-g)  show loaded algorithms
  swanctl --load-all (-q)  load credentials, authorities, pools and
connections
  swanctl --load-authorities (-b)  (re-)load authority configuration
  swanctl --load-conns   (-c)  (re-)load connection configuration
  swanctl --load-creds   (-s)  (re-)load credentials
  swanctl --load-pools   (-a)  (re-)load pool configuration
  swanctl --log  (-T)  trace logging output
  swanctl --version  (-v)  show version information
  swanctl --stats(-S)  show daemon stats information
  swanctl --reload-settings  (-r)  reload daemon strongswan.conf
  swanctl --help (-h)  show usage information
libgcc_s.so.1 must be installed for pthread_cancel to work
Aborted



On Wed, Oct 19, 2016 at 2:43 PM, rajeev nohria  wrote:

> Thomas,
>
> I

Re: [strongSwan] Error while running Charon

2016-10-19 Thread rajeev nohria

Thomas,

I tired both way and did not help. Not sure what I could be missing.  In
following I also tried removing swanctl section, that also did not work.


# strongswan.conf - strongSwan configuration file
#
# Refer to the strongswan.conf(5) manpage for details
#
# Configuration changes should be made in the included files

swanctl {
  load = pem pkcs1 x509 revocation constraints pubkey openssl random
}


charon {
load_modular = yes
plugins {
include strongswan.d/charon/*.conf
}
}

 filelog {
/var/log/charon.log {
# add a timestamp prefix
time_format = %b %e %T
# prepend connection name, simplifies grepping
ike_name = yes
# overwrite existing files
append = no
# increase default loglevel for all daemon subsystems
default = 10
# flush each line to disk
flush_line = yes
}
stderr {
# more detailed loglevel for a specific subsystem, overriding
the
# default loglevel.
ike = 4
   cfg = 4
   asn = 4
   app = 4
tls = 4
 esp = 4
chd = 4
knl = 0

}
}



include strongswan.d/charon/*.conf





*root@Xilinx-ZCU102-2016_1:/usr/etc/strongswan.d/charon# ls*
aes.conf pem.conf sha1.conf
attr.confpgp.conf sha2.conf
cmac.confpkcs1.conf   socket-default.conf
constraints.conf pkcs11.conf  sshkey.conf
des.conf pkcs12.conf  stroke.conf
dnskey.conf  pkcs7.conf   updown.conf
fips-prf.confpkcs8.conf   vici.conf
hmac.confpubkey.conf  x509.conf
kernel-netlink.conf  random.conf  xauth-generic.conf
md5.conf rc2.conf xcbc.conf
nonce.conf   resolve.conf
openssl.conf revocation.conf


root@Xilinx-ZCU102-2016_1:/usr/etc/strongswan.d/charon# *cat nonce.conf*
nonce {

# Whether to load the plugin. Can also be an integer to increase the
# priority of this plugin.
load = yes

}







On Tue, Oct 18, 2016 at 3:03 PM, Thomas Egerer  wrote:

> Rajeev,
>
> I guess, the config option '--enable-monolithic' option
> builds charon with all plugins compiled into one binary
> blob. Try and remove this option. Then remove the
> load_modular option from your strongwan.conf, or place
> the configuration snippets in your file system as
> described in [1]. Then of course, you would have to
> remove the load keyword from your strongswan.conf.
>
> Cheers,
> Thomas
>
> [1] https://wiki.strongswan.org/projects/strongswan/wiki/Strongs
> wandirectory
>
>
> On 10/18/2016 04:37 PM, rajeev nohria wrote:
>
>> Noel,
>>
>> I still having issue after going through many hit and trial method to
>> fix this,
>>
>> root@Xilinx-ZCU102-2016_1:~# charon
>> 00[DMN] Starting IKE charon daemon (strongSwan 5.5.0, Linux 4.4.0,
>> aarch64)
>> 00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet
>> dependency: NONCE_GEN
>> 00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon'
>> has unmet dependency: HASHER:HASH_SHA1
>> 00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin 'charon'
>> has unmet dependency: HASHER:HASH_SHA1
>> 00[LIB] failed to load 3 critical plugin features
>> 00[DMN] initialization failed - aborting charon
>>
>>
>> Makefile:
>>
>> CONF_OPTS +=  --disable-gmp --enable-monolithic --enable-openssl
>> --enable-pkcs11 --enable-vici --enable-x509 --enable-nonce
>>
>>
>>
>>
>> strongswan.conf
>> # strongswan.conf - strongSwan configuration file
>> #
>> # Refer to the strongswan.conf(5) manpage for details
>> #
>> # Configuration changes should be made in the included files
>>
>> swanctl {
>>   load = pem pkcs1 x509 revocation constraints pubkey openssl random
>> }
>>
>> charon {
>> load_modular = yes
>>  load = sha1 pem pkcs1 x509 revocation constraints pubkey openssl random
>> nonce curl kernel-netlink socket-default updown vici
>>
>> plugins {
>> include strongswan.d/charon/*.conf
>> }
>> }
>>
>>  filelog {
>> /var/log/charon.log {
>> # add a timestamp prefix
>> time_format = %b %e %T
>> # prepend connection name, simplifies grepping
>> ike_name = yes
>> # overwrite existing files
>> append = no
>> # increase default loglevel for all daemon subsystems
>> default = 10
>> # flush each line to disk
>> flush_line = yes
>> }
>> stderr {
>> # more detailed loglevel for a specific subsystem,
>> overriding the
>> # default loglevel.
>> ike = 4
>>cfg = 4
>>asn = 4
>>app = 4
>> tls = 4
>>  esp = 4
>> chd = 4
>> knl = 0
>>
>> }
>> }
>>
>>
>> On Sat, Oct 8, 2016 at 7:41 PM, Noel Kuntze > > wrote:
>>
>>

Re: [strongSwan] Error while running Charon

2016-10-18 Thread Thomas Egerer


Rajeev,

I guess, the config option '--enable-monolithic' option
builds charon with all plugins compiled into one binary
blob. Try and remove this option. Then remove the
load_modular option from your strongwan.conf, or place
the configuration snippets in your file system as
described in [1]. Then of course, you would have to
remove the load keyword from your strongswan.conf.

Cheers,
Thomas

[1] https://wiki.strongswan.org/projects/strongswan/wiki/Strongswandirectory

On 10/18/2016 04:37 PM, rajeev nohria wrote:

Noel,

I still having issue after going through many hit and trial method to
fix this,

root@Xilinx-ZCU102-2016_1:~# charon
00[DMN] Starting IKE charon daemon (strongSwan 5.5.0, Linux 4.4.0, aarch64)
00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet
dependency: NONCE_GEN
00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon'
has unmet dependency: HASHER:HASH_SHA1
00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin 'charon'
has unmet dependency: HASHER:HASH_SHA1
00[LIB] failed to load 3 critical plugin features
00[DMN] initialization failed - aborting charon


Makefile:

CONF_OPTS +=  --disable-gmp --enable-monolithic --enable-openssl
--enable-pkcs11 --enable-vici --enable-x509 --enable-nonce




strongswan.conf
# strongswan.conf - strongSwan configuration file
#
# Refer to the strongswan.conf(5) manpage for details
#
# Configuration changes should be made in the included files

swanctl {
  load = pem pkcs1 x509 revocation constraints pubkey openssl random
}

charon {
load_modular = yes
 load = sha1 pem pkcs1 x509 revocation constraints pubkey openssl random
nonce curl kernel-netlink socket-default updown vici

plugins {
include strongswan.d/charon/*.conf
}
}

 filelog {
/var/log/charon.log {
# add a timestamp prefix
time_format = %b %e %T
# prepend connection name, simplifies grepping
ike_name = yes
# overwrite existing files
append = no
# increase default loglevel for all daemon subsystems
default = 10
# flush each line to disk
flush_line = yes
}
stderr {
# more detailed loglevel for a specific subsystem,
overriding the
# default loglevel.
ike = 4
   cfg = 4
   asn = 4
   app = 4
tls = 4
 esp = 4
chd = 4
knl = 0

}
}


On Sat, Oct 8, 2016 at 7:41 PM, Noel Kuntze > wrote:

Hello Rajeevm
>
> 00[DMN] Starting IKE charon daemon (strongSwan 5.5.0, Linux 4.4.0, 
aarch64)
> 00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet 
dependency: NONCE_GEN
> 00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon' has 
unmet dependency: HASHER:HASH_SHA1
> 00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin 'charon' 
has unmet dependency: HASHER:HASH_SHA1
> 00[LIB] failed to load 3 critical plugin features
> 00[DMN] initialization failed - aborting charon

You need the sha1 or the openssl plugin, as well as the nonce plugin.
Please use google[1] next time.

[1]

https://encrypted.google.com/search?hl=en=site%3Awiki.strongswan.org%20%22libcharon%20in%20critical%20plugin%20%27charon%27%20has%20unmet%20dependency%3A%20NONCE_GEN%22



--

Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze

GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658





___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users



___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Error while running Charon

2016-10-18 Thread rajeev nohria

Noel,

I still having issue after going through many hit and trial method to fix
this,

root@Xilinx-ZCU102-2016_1:~# charon
00[DMN] Starting IKE charon daemon (strongSwan 5.5.0, Linux 4.4.0, aarch64)
00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet
dependency: NONCE_GEN
00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon' has
unmet dependency: HASHER:HASH_SHA1
00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin 'charon'
has unmet dependency: HASHER:HASH_SHA1
00[LIB] failed to load 3 critical plugin features
00[DMN] initialization failed - aborting charon


Makefile:

CONF_OPTS +=  --disable-gmp --enable-monolithic --enable-openssl
--enable-pkcs11 --enable-vici --enable-x509 --enable-nonce




strongswan.conf
# strongswan.conf - strongSwan configuration file
#
# Refer to the strongswan.conf(5) manpage for details
#
# Configuration changes should be made in the included files

swanctl {
  load = pem pkcs1 x509 revocation constraints pubkey openssl random
}

charon {
load_modular = yes
 load = sha1 pem pkcs1 x509 revocation constraints pubkey openssl random
nonce curl kernel-netlink socket-default updown vici

plugins {
include strongswan.d/charon/*.conf
}
}

 filelog {
/var/log/charon.log {
# add a timestamp prefix
time_format = %b %e %T
# prepend connection name, simplifies grepping
ike_name = yes
# overwrite existing files
append = no
# increase default loglevel for all daemon subsystems
default = 10
# flush each line to disk
flush_line = yes
}
stderr {
# more detailed loglevel for a specific subsystem, overriding
the
# default loglevel.
ike = 4
   cfg = 4
   asn = 4
   app = 4
tls = 4
 esp = 4
chd = 4
knl = 0

}
}


On Sat, Oct 8, 2016 at 7:41 PM, Noel Kuntze  wrote:

> Hello Rajeevm
> >
> > 00[DMN] Starting IKE charon daemon (strongSwan 5.5.0, Linux 4.4.0,
> aarch64)
> > 00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet
> dependency: NONCE_GEN
> > 00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon'
> has unmet dependency: HASHER:HASH_SHA1
> > 00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin 'charon'
> has unmet dependency: HASHER:HASH_SHA1
> > 00[LIB] failed to load 3 critical plugin features
> > 00[DMN] initialization failed - aborting charon
>
> You need the sha1 or the openssl plugin, as well as the nonce plugin.
> Please use google[1] next time.
>
> [1] https://encrypted.google.com/search?hl=en=site%3Awiki.
> strongswan.org%20%22libcharon%20in%20critical%20plugin%20%
> 27charon%27%20has%20unmet%20dependency%3A%20NONCE_GEN%22
>
> --
>
> Mit freundlichen Grüßen/Kind Regards,
> Noel Kuntze
>
> GPG Key ID: 0x63EC6658
> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
>
>
>
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Error while running Charon

2016-10-08 Thread Noel Kuntze

Hello Rajeevm
> 
> 00[DMN] Starting IKE charon daemon (strongSwan 5.5.0, Linux 4.4.0, aarch64)
> 00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet 
> dependency: NONCE_GEN
> 00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon' has 
> unmet dependency: HASHER:HASH_SHA1
> 00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin 'charon' has 
> unmet dependency: HASHER:HASH_SHA1
> 00[LIB] failed to load 3 critical plugin features
> 00[DMN] initialization failed - aborting charon

You need the sha1 or the openssl plugin, as well as the nonce plugin.
Please use google[1] next time.

[1] 
https://encrypted.google.com/search?hl=en=site%3Awiki.strongswan.org%20%22libcharon%20in%20critical%20plugin%20%27charon%27%20has%20unmet%20dependency%3A%20NONCE_GEN%22

-- 

Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze

GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658




signature.asc
Description: OpenPGP digital signature
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Re: [strongSwan] Error while running Charon

Re: [strongSwan] Error while running Charon

Re: [strongSwan] Error while running Charon

Re: [strongSwan] Error while running Charon

Re: [strongSwan] Error while running Charon

Re: [strongSwan] Error while running Charon

6 matches

Site Navigation

Mail list logo

Footer information