[Openswan Users] FATAL ERROR: unable to malloc... after kernel update
Nels Lindquist
nlindq at maei.ca
Wed Aug 20 16:08:58 EDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
For posterity, in case anyone else encounters this...
On 8/18/2014 8:10 AM, Nels Lindquist wrote:
> I'm running OpenSWAN 2.6.41 on CentOS 6 (x86_64 arch). Recently
> we rebooted our VPN endpoint after some updates (including a new
> kernel) and now IPSEC (particularly pluto) fails to start.
>
> Here's the startup logs from /var/log/secure:
>
[ SNIP ]
> Aug 16 21:17:55 yeggate pluto[42107]: FATAL ERROR: unable to
> malloc 9223372036854775807 bytes for CA cert
>
> I tried rebuilding OpenSWAN against the new kernel headers, but it
> didn't make any difference.
I turned up the logging on plutodebug and noticed that the error
occurred while trying to parse /etc/ipsec.d/cacerts. I switched to
using NSS and removed /cacerts entirely, and now everything appears to
be working as usual.
- --
Nels Lindquist
<nlindq at maei.ca>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
iEYEARECAAYFAlP1AFkACgkQh6z5POoOLgSjEgCfcFyoolyy0UoiYISdUsFNfo5q
VHsAn0VHkpJWIWUbdKXu9WaNrNVQXPv4
=g7B/
-----END PGP SIGNATURE-----
More information about the Users
mailing list