Hi,
 
I have provided a workaround/possible fix for this issue in the ticket, https://trac.ipsec-tools.net/ticket/333 . Please let me know your comments.
 
Regards,
Laser

On Thu, Mar 18, 2010 at 10:18 PM, s S <getlaser@gmail.com> wrote:
Hi Yvan,

The fix suggested in https://trac.ipsec-tools.net/ticket/269 does not solve the fd leak that I am getting.

On further analysis it was found that the function yycf_set_buffer() copies fds and file names to the array incstack[incstackp], only using first three indices i.e. 0,1 and 2. Even if we have, say 5 include files in the racoon.conf file the array incstack does not go beyond 2. As a result the entry at index 2 gets overwritten again and again.

As a result the open fds are lost. The function yycf_clean_buffer closes only the fds in the incstack array and the others are left open.

I am yet to find a solution for it, though decrementing incstackp at line#3572 in cftoken.c is found to be related to this issue.

Please let me know your thoughts.

Thanks in advance.

Regards,
Laser





On 3/2/10, s S <getlaser@gmail.com> wrote:
Hi Yvan,
 
Thanks for the reply.
 
I came across a similar issue (https://trac.ipsec-tools.net/ticket/269),  guess this is the one that you have mentioned in your reply. I am going to try the fix given for this issue.
 
Thanks and Regards,
Laser

On Fri, Feb 26, 2010 at 9:51 PM, VANHULLEBUS Yvan <vanhu@free.fr> wrote:
On Fri, Feb 26, 2010 at 09:25:14PM +0530, s S wrote:
> Hi,

Hi.
Kept the mail on @devel only, see below....


[...]
> Now the questions are,
>
> 1. Why Racoon has so many files at open state?

Sounds like a fd leak....


> 2. When will these files get closed?

In next release :-)
If I remember correctly, this is a known issue which have been fixed
in HEAD branch (so which will be in 0.8 release), can someone confirm
that ?


> 3. Is this a bug in Racoon?

Sounds like, yes.


> 4. Are there any other ways to configure racoon without facing this issue?
>
> Please share your views and help me in solving this issue.

If the fd leak is on file's fd, you can reduce it by generating a
single racoon.conf and stop using includes.... but it will probably
still happen (unless leak is specific to included files in the conf).


Yvan.

------------------------------------------------------------------------------
Download Intel&#174; Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Ipsec-tools-devel mailing list
Ipsec-tools-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipsec-tools-devel