[Swan-dev] Pluto memory consumption
andrew.cagney at gmail.com
Tue Feb 28 16:20:39 UTC 2017
On 28 February 2017 at 10:41, Paul Wouters <paul at nohats.ca> wrote:
> On Tue, 28 Feb 2017, Andrew Cagney wrote:
>> /* Clean up. */
>> free_any_symkey("sym_key", &sym_key);
>> so from our POV the key was freed. However NSS has kept a handle on
>> that memory and will recycle it repeatedly.
> Why would this be different between IKEv1 and IKEv2 though? Since the
> report says the leak is much worse for IKEv2?
That has me puzzled. For connection negotiation, while the PRF+
calculation would be different the underlying PRF / HASH code is the
same (provided the same protocols are negotiated).
I've looked at some of the calls and, as best I can tell, the key is
released. So, if there is a leak, it has something to do with the key
been later recycled (or NSS not wanting to re-use the memory).
More information about the Swan-dev