[Swan-dev] Pluto memory consumption
Andrew Cagney
andrew.cagney at gmail.com
Thu Mar 2 01:52:54 UTC 2017
On 1 March 2017 at 20:29, Paul Wouters <paul at nohats.ca> wrote:
> On Wed, 1 Mar 2017, Andrew Cagney wrote:
>
>> I hacked up some awk to count symkey new/frees in pluto's log (I'll
>> push it and some logging tweaks to make it work tomorrow).
>>
>> It looks like we're leaking 'skeyseed' from calc_skeyseed_v2(). The
>> code carefully saves it in 'struct pcr_skeycalc_v2_r.skeyseed' but
>> nothing seems to read it :-(
>
>
> Hmm that might be a pre-NSS thing? I guess we store a pointer to the
> real skeyseed inside NSS in st->st_skeyseed_nss and use that whenever we
> need more keying material for this SA ? Or do we initialize the PRF with
> skeyseed and then just call the PRF/PRFPLUS and thus never need to
> skeyseed ever again?
Yea, could be pre-NSS, I didn't do any archaeology; and yea, re-using
SKEYSEED (actually skeyid) is an IKEv1 thing. For IKEv2, SKEYSEED is
just an intermediate variable.
I deleted the field and things still seem to work ...
More information about the Swan-dev
mailing list