[Openswan dev] Possible Memory Leak in Openswan 2.4.5

Paul Wouters paul at xelerance.com
Mon Jul 31 17:06:16 CEST 2006

On Mon, 31 Jul 2006, Jim Barber wrote:

> I am running the Debian packaged version of Openswan on one of our servers
> here at work.
> The Debian Package version is openswan 2.4.5+dfsg-0.2.

What is "dfsg"?

> What would happen is that Phase 1 of the IPSec tunnel did the shared key
> exchange and successfully completed.
> The phase 2 part failed with an error about INVALID_ID_INFORMATION due to the
> mismatched vs

Can you check and see if this problem is similar to:

> With a mis-configuration like this, after a while the pluto process starts to
> take up a huge amount of memory.

> In the logs you can see messages such as 'starting keying attempt $X of an
> unlimited number' where $X is a number.

Could you reomcpile openswan and edit programs/pluto/Makefile and enable

then run it until you see a lot of memory being eaten, and nicely restart
openswan (/etc/init.d/openswan restart). This should log a lot of memory
debugging to syslog, which I would be interested in seeing.

Building and integrating Virtual Private Networks with Openswan:

More information about the Dev mailing list