[Swan-dev] Pluto memory consumption
Andrew Cagney
andrew.cagney at gmail.com
Thu Mar 2 00:54:28 UTC 2017
I hacked up some awk to count symkey new/frees in pluto's log (I'll
push it and some logging tweaks to make it work tomorrow).
It looks like we're leaking 'skeyseed' from calc_skeyseed_v2(). The
code carefully saves it in 'struct pcr_skeycalc_v2_r.skeyseed' but
nothing seems to read it :-(
On 28 February 2017 at 15:41, Andrew Cagney <andrew.cagney at gmail.com> wrote:
> So they are using the same PRF and DH, good (although I'm still mystified).
>
> more thinking,
> Andrew
>
> On 28 February 2017 at 13:09, Erik Andersson <erik at ingate.com> wrote:
>> * For IKEv2:
>>
>> IKEv2 algorithm newest:
>> AES_CBC_128-AUTH_HMAC_SHA2_256_128-PRF_HMAC_SHA2_256-MODP2048
>>
>> ESP algorithm newest: AES_128-HMAC_SHA2_256; pfsgroup=<Phase1>
>>
>> * For IKEv1:
>>
>> IKE algorithm newest: AES_CBC_128-SHA2_256-MODP2048
>>
>> ESP algorithm newest: AES_128-HMAC_SHA2_256; pfsgroup=<Phase1>
>>
>> /Erik
>>
>>
>> On 2017-02-28 18:39, Andrew Cagney wrote:
>>>
>>> On 28 February 2017 at 10:30, Erik Andersson <erik at ingate.com> wrote:
>>>>
>>>> I can also add that when running with IKEv1 instead of IKEv2 the memory
>>>> consumption doesn't seem to grow at all. Or very modest at least.
>>>
>>>
>>> With IKEv1 vs IKEv2 was the negotiated crypto suite the same?
>>>
>>
More information about the Swan-dev
mailing list