strongswan交叉编译

#strongswan交叉编译
在./pki的时候报错：
plugin 'aes' failed to load: dlopen failed: cannot locate symbol "memwipe_noinline" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-aes.so"...
plugin 'des' failed to load: dlopen failed: cannot locate symbol "memwipe_noinline" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-des.so"...
plugin 'sm4' failed to load: dlopen failed: cannot locate symbol "dbg" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-sm4.so"...
plugin 'rc2' failed to load: dlopen failed: cannot locate symbol "memxor" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-rc2.so"...
plugin 'sha2' failed to load: dlopen failed: cannot locate symbol "chunk_empty" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-sha2.so"...
plugin 'mgf1' failed to load: dlopen failed: cannot locate symbol "lib" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-mgf1.so"...
plugin 'random' failed to load: dlopen failed: cannot locate symbol "lib" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-random.so"...
plugin 'x509' failed to load: dlopen failed: cannot locate symbol "dbg" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-x509.so"...
plugin 'revocation' failed to load: dlopen failed: cannot locate symbol "lib" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-revocation.so"...
plugin 'pubkey' failed to load: dlopen failed: cannot locate symbol "chunk_empty" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-pubkey.so"...
plugin 'pkcs1' failed to load: dlopen failed: cannot locate symbol "lib" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-pkcs1.so"...
plugin 'pkcs7' failed to load: dlopen failed: cannot locate symbol "chunk_empty" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-pkcs7.so"...
plugin 'pkcs8' failed to load: dlopen failed: cannot locate symbol "chunk_empty" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-pkcs8.so"...
plugin 'pkcs12' failed to load: dlopen failed: cannot locate symbol "chunk_empty" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-pkcs12.so"...
plugin 'dnskey' failed to load: dlopen failed: cannot locate symbol "lib" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-dnskey.so"...
plugin 'sshkey' failed to load: dlopen failed: cannot locate symbol "lib" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-sshkey.so"...
plugin 'pem' failed to load: dlopen failed: cannot locate symbol "lib" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-pem.so"...
plugin 'openssl' failed to load: dlopen failed: cannot locate symbol "lib" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-openssl.so"...
plugin 'gmp' failed to load: dlopen failed: cannot locate symbol "dbg" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-gmp.so"...
plugin 'curve25519' failed to load: dlopen failed: cannot locate symbol "lib" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-curve25519.so"...
plugin 'hmac' failed to load: dlopen failed: cannot locate symbol "lib" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-hmac.so"...
plugin 'drbg' failed to load: dlopen failed: cannot locate symbol "lib" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-drbg.so"...
plugin 'sm2' failed to load: dlopen failed: cannot locate symbol "lib" referenced by "/data/local/usr/local/lib/ipsec/plugins/libstrongswan-sm2.so"...

但是这几个插件可以：
strongSwan 5.8.3 PKI tool
loaded plugins: sha1 md5 sm3

强力安全网关（StrongSwan）是一个开源的IPsec VPN解决方案，用于建立和管理虚拟专用网络（VPN）连接。在一些嵌入式设备或特定平台上，可能需要对StrongSwan进行交叉编译以适配目标系统的架构和环境。本文将介绍StrongSwan的交叉编译过程，并提供一些实用的技巧。

准备交叉编译工具链
在开始交叉编译之前，您需要准备好适用于目标平台的交叉编译工具链。这个工具链通常由交叉编译器、交叉链接器和相关的库文件组成。您可以通过官方渠道获取适用于目标平台的工具链，或者根据目标平台的架构手动构建工具链。

配置StrongSwan源代码
下载StrongSwan的源代码，并在交叉编译环境中解压。然后，切换到StrongSwan源代码目录，并执行以下命令配置编译选项：

./configure --host=<目标平台架构> --prefix=<安装路径>

请替换<目标平台架构>为您的目标平台架构，例如arm-linux-gnueabihf，而<安装路径>为您希望安装StrongSwan的路径，例如/opt/strongswan。

编译和安装
在配置完成后，执行以下命令进行编译和安装：

make
make install

编译过程可能需要一些时间，请耐心等待。成功完成后，StrongSwan将被安装到指定的安装路径中。

配置交叉编译选项
StrongSwan提供了一些选项用于配置交叉编译环境。您可以在配置命令中添加以下选项来适配目标平台：

--enable-static：启用静态编译，以便在目标平台上运行时不依赖外部库。
--disable-shared：禁用动态链接库的生成。
--disable-defaults：禁用默认的配置文件和插件，可以手动配置所需的功能。
处理依赖关系
在交叉编译StrongSwan时，可能还需要处理一些依赖关系。例如，如果StrongSwan使用到了某些库，在交叉编译环境中可能找不到对应的库文件。在这种情况下，您需要手动将这些库文件拷贝到交叉编译环境中，或者使用交叉编译工具链来编译这些库文件。

测试和调试
完成交叉编译后，您可以将生成的StrongSwan二进制文件和相关文件拷贝到目标平台上，并在目标平台上进行测试和调试。您可以使用适当的工具和命令来验证StrongSwan在目标平台上的运行情况，并确保其功能正常。

交叉编译StrongSwan对于在特定环境中部署VPN解决方案非常有用。通过上述步骤，您可以轻松地将StrongSwan交叉编译到目标平台，并根据需要进行自定义配置。请注意，不同的目标平台可能需要不同的设置和调整，因此建议查阅StrongSwan官方文档以获取更多详细的信息和指导。

根据报错可以看出是strongswan的交叉编译配置上,编译生成的插件so文件中缺少一些符号没有正确解析。
解决方案
1、检查交叉编译工具链是否正确,是否使用的是针对目标平台的编译器和链接器。
2、在配置strongswan时指定--enable-static-markers,这个选项可以帮助定位undefined symbol。
3、尝试在配置时去掉一些可选插件,比如:--disable-aes --disable-des等,先编译少部分plugins。
4、查看so文件是否包含未定义符号:readelf -s libstrongswan-xxx.so | grep 'UND'。
5、确保链接包含相关的静态库,比如libgmp等。
6、尝试指定不同的链接器选项,如-static-libgcc -Wl,--no-as-needed等。
7、编译安装strongswan依赖库,比如gmp,openssl等。