[Openswan Users] FATAL ERROR: unable to malloc 0 bytes for state array
Paul Wouters
paul at xelerance.com
Fri May 9 11:04:37 EDT 2008
On Fri, 9 May 2008, Ming-Ching Tiew wrote:
> I am using a fairly new distro, kernel 2.6.25.2 and openswan 2.4.12. The only "peculiarity" is that I am using uclibc 0.9.28.3.
>
> My problem is that I could not establish ipsec tunnel with openswan with NET_KEY using pluto.
>
> The "client end" does not hit the malloc problem but it just try and try and give up after hitting maximum retries.
It looks like a configuration mismatch is causing a memory leak. Please
enable -DLEAK_DETECTIVE in pluto's Makefile, then run in the same scenario,
but before it dies, do a proper shutdown. And you will see memory allocation
information. That should help us find the leak.
ibtw, if you are simulating with virtual machines (low on memory), you
might want to look at "make check" and the testing/ directory, where we
use uml instead of qemu to test openswan.
You should also try these patches below, to address two memory issues
that have not been released in the 2.4 series yet:
diff --git a/programs/pluto/connections.c b/programs/pluto/connections.c
index 8319099..6e7fa0e 100644
--- a/programs/pluto/connections.c
+++ b/programs/pluto/connections.c
@@ -1172,7 +1172,6 @@ add_connection(const struct whack_message *wm)
, ugh? ugh : "Unknown");
return;
}
- c->alg_esp = clone_str(wm->esp, "esp string");
}
#endif
diff --git a/programs/pluto/connections.h b/programs/pluto/connections.h
index dfc94ee..2bbacc6 100644
--- a/programs/pluto/connections.h
+++ b/programs/pluto/connections.h
@@ -238,8 +238,7 @@ struct connection {
next one to apply */
struct gw_info *gw_info;
- char *alg_esp; /* string the admin provided */
- char *alg_ike; /* ditto. may be NULL */
struct alg_info_esp *alg_info_esp;
struct alg_info_ike *alg_info_ike;
diff --git a/programs/pluto/connections.c b/programs/pluto/connections.c
index 6e7fa0e..aedbc13 100644
--- a/programs/pluto/connections.c
+++ b/programs/pluto/connections.c
@@ -1200,7 +1200,6 @@ add_connection(const struct whack_message *wm)
, ugh? ugh : "Unknown");
return;
}
- c->alg_ike = clone_str(wm->ike, "ike string");
}
#endif
c->sa_ike_life_seconds = wm->sa_ike_life_seconds;
diff --git a/programs/pluto/spdb_v1_struct.c b/programs/pluto/spdb_v1_struct.c
index c40dd57..b388758 100644
--- a/programs/pluto/spdb_v1_struct.c
+++ b/programs/pluto/spdb_v1_struct.c
@@ -132,26 +132,13 @@ out_sa(pb_stream *outs
if(oakley_mode) {
- const char *modestr;
- const char *alginfo;
-
revised_sadb=oakley_alg_makedb(st->st_connection->alg_info_ike
, sadb
, aggressive_mode ? 1 : -1);
- modestr = "ike";
- alginfo = st->st_connection->alg_ike;
-
- /* this is really checked upon load, but we double check here. */
- if(revised_sadb == NULL && alginfo!=NULL) {
- loglog(RC_NOALGO, "%s algorithm string: \"%s\" results in no permit
- , modestr, alginfo);
- return FALSE;
- }
} else {
revised_sadb=kernel_alg_makedb(st->st_connection->policy
, st->st_connection->alg_info_esp
, TRUE);
-
}
/* more sanity */
More information about the Users
mailing list