Comments (4)
strongX509
commented on July 3, 2024
Hello Herb,
there seems to be a problem with the liboqs library which crashes.
I see that you are running strongSwan on a very old Linux 3.10 kernel
which might cause the problem.
00[DMN] Starting IKE charon daemon (strongSwan 6.0dr10, Linux
3.10.0-1127.18.2.el7.x86_64, x86_64)
Best regards
Andreas
…On 15.10.21 11:57, Herb wrote:
Hello, when I follow the readme step by step to set up the strongswan,
the following problem comes when I enter the docker and execute ./charon.
Any advises for solving this problem. Thanks.
00[DMN] Starting IKE charon daemon (strongSwan 6.0dr10, Linux
3.10.0-1127.18.2.el7.x86_64, x86_64)
00[LIB] loaded plugins: charon random nonce x509 constraints pubkey
pkcs1 pkcs8 pkcs12 pem openssl frodo oqs drbg kernel-netlink resolve
socket-default vici updown
00[JOB] spawning 16 worker threads
00[DMN] executing start script 'creds' (swanctl --load-creds)
13[CFG] loaded certificate 'C=CH, O=Cyber, ***@***.***
***@***.***>'
05[DMN] thread 5 received 4
05[LIB] dumping 2 stack frame addresses:
05[LIB] /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7f7e06253000
[0x7f7e062683c0]
sh: 1: addr2line: not found
05[LIB] ->
05[LIB] /lib/liboqs.so.0 @ 0x7f7e04e49000 (KeccakP1600_Initialize+0x0)
[0x7f7e057d4640]
sh: 1: addr2line: not found
05[LIB] ->
dumping 2 stack frame addresses:
/lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7f7e06253000 [0x7f7e062683c0]
sh: 1: addr2line: not found
->
/lib/liboqs.so.0 @ 0x7f7e04e49000 (KeccakP1600_Initialize+0x0)
[0x7f7e057d4640]
sh: 1: addr2line: not found
->
05[DMN] killing ourself, received critical signal
Aborted (core dumped)
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#1>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABFV775UUO36QVGCUSBUUK3UG73J3ANCNFSM5GBTJU4Q>.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
--
======================================================================
Andreas Steffen ***@***.***
strongSwan - the Open Source VPN Solution! www.strongswan.org
strongSec GmbH, 8952 Schlieren (Switzerland)
======================================================================
from docker.
cschmutzer
commented on July 3, 2024
hi,
trying to resurrect this topic as I am seeing the same problem with an up2date linux kernel (ubuntu 22.04) right now.
I have pulled the pq-strongswan docker images from docker hub as instructed in the README of https://github.com/strongX509/docker/tree/master/pq-strongswan
when I try to start the daemon in docker "moon" I get the follow errors
root@5c7516ada6bf:/# ./charon
00[DMN] Starting IKE charon daemon (strongSwan 6.0.0beta3, Linux 5.19.0-43-generic, x86_64)
00[LIB] providers loaded by OpenSSL: legacy default
00[CFG] install DNS servers in '/etc/resolv.conf'
00[KNL] unable to create IPv4 routing table rule
00[KNL] unable to create IPv6 routing table rule
00[LIB] loaded plugins: charon random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pgp dnskey sshkey pem openssl pkcs8 xcbc cmac kdf frodo oqs drbg attr kernel-netlink resolve socket-default vici updown
00[DMN] removing pidfile '/var/run/charon.pid', process not running
00[JOB] spawning 16 worker threads
00[DMN] executing start script 'creds' (swanctl --load-creds)
03[CFG] loaded certificate 'C=CH, O=Cyber, CN=moon.strongswan.org'
09[DMN] thread 9 received 4
09[LIB] dumping 19 stack frame addresses:
09[LIB] /lib/x86_64-linux-gnu/libc.so.6 @ 0x7f14ee839000 [0x7f14ee87b520]
sh: 1: addr2line: not found
09[LIB] ->
09[LIB] /lib/x86_64-linux-gnu/liboqs.so.2 @ 0x7f14ed801000 [0x7f14ede559aa]
sh: 1: addr2line: not found
09[LIB] ->
09[LIB] /lib/x86_64-linux-gnu/liboqs.so.2 @ 0x7f14ed801000 [0x7f14ede734e2]
sh: 1: addr2line: not found
.
.
.
/lib/x86_64-linux-gnu/libc.so.6 @ 0x7f14ee839000 [0x7f14ee95fa00]
sh: 1: addr2line: not found
->
09[DMN] killing ourself, received critical signal
load-cert request failed: Connection reset by peer
Aborted (core dumped)
root@5c7516ada6bf:/# load-key request failed: Broken pipe
unsupported key type in '/etc/swanctl/pkcs8/moonKey.pem'
load-key request failed: Broken pipe
root@5c7516ada6bf:/#
does anybody have some advice? this does sound too basic and I wonder what I am doing wrong
Christian
from docker.
strongX509
commented on July 3, 2024
The problem is stated in the following error message:
unsupported key type in '/etc/swanctl/pkcs8/moonKey.pem
Did you take the existing moonKey.pem File from the docker distro or did you regenerate the key with the gen_certs.sh script?
from docker.
cschmutzer
commented on July 3, 2024
hi,
I took the one included in the docker distro. i.e just followed the instructions from https://github.com/strongX509/docker/tree/master/pq-strongswan#create-docker-containers-and-local-networks
I suspect some issue with pki on the 6.0beta version. here an example of trying to create a key. error messages are spit out but a key is created and can also be printed
root@5c7516ada6bf:/etc/swanctl# pki --gen --type ecdsa --size 384 --outform pem > test_ecdsa_384.pem
plugin 'plugins:': failed to load - plugins:_plugin_create not found and no plugin file available
plugin 'pkcs12': failed to load - pkcs12_plugin_create not found and no plugin file available
root@5c7516ada6bf:/etc/swanctl#
root@5c7516ada6bf:/etc/swanctl# ls | grep test
test_ecdsa_384.pem
root@5c7516ada6bf:/etc/swanctl# pki --print --in test_ecdsa_384.pem --type ecdsa
plugin 'plugins:': failed to load - plugins:_plugin_create not found and no plugin file available
plugin 'pkcs12': failed to load - pkcs12_plugin_create not found and no plugin file available
privkey: ECDSA 384 bits
keyid: d1:03:61:81:69:6b:70:56:d4:3b:3c:2b:6f:70:16:e1:a0:00:36:63
subjkey: e7:88:55:f1:02:91:f4:79:50:1e:64:83:1f:ef:ab:c8:77:fc:8e:c4
root@5c7516ada6bf:/etc/swanctl#
on 5.9 creating the same key does not show the error messages
root@94658b516ca8:/etc/swanctl# pki --gen --type ecdsa --size 384 --outform pem > test2_ecdsa_384.pem
root@94658b516ca8:/etc/swanctl# pki --print --in test2_ecdsa_384.pem --type ecdsa
privkey: ECDSA 384 bits
keyid: 13:40:12:e6:b0:40:00:e9:d7:bc:b7:83:16:56:e8:b3:c3:91:1e:6c
subjkey: 3b:59:4a:39:2c:62:ac:2d:03:38:9f:a6:1e:1d:06:d6:11:7f:27:96
root@94658b516ca8:/etc/swanctl#
Christian
from docker.
Related Issues (7)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker.