[Openswan dev] connections.c

Anthony Tong atong at TrustedCS.com
Tue Apr 22 12:25:19 EDT 2008


This is in regards to 

alg_ike and alg_esp needs to be cloned in unshare_connection_strings() 
to avoid the possible double free.

However for our build, we chose to avoid this issue by not saving the 
alg_ike & alg_esp strings in add_connection() in the first place, as 
they never seem to be used anyway. (well, except for a log message in 2.6)

I havent extensively tested 2.6.x yet, but in 2.4.x it solved one of the 
last pluto memory leaks for us; a heavily loaded pluto stayed at around 
15m and nothing unreasonable reported from LEAK_DETECTIVE.


More information about the Dev mailing list