Bug#543941: OpenVPN with LDAP+TLS authentication runs into file exhaustion
Simon Josefsson
simon at josefsson.org
Fri Oct 2 19:40:21 UTC 2009
chantra <chantra at debuntu.org> writes:
> Reassigning to libgnutls, the probable culprit package.
>
> The common factor between libgnutls and libssl 2 would be the use of the
> same crypt function AFAICS, so I actually wonder if this is down to
> libc6 :s.
>
> Would maintainer of ssl/gnutls confirm that it is the source of the
> issue?
GnuTLS doesn't open /dev/urandom, so I believe this should be debugged
as a libgcrypt problem.
It may be a problem in openvpn, nss_ldap or PAM, but given that
libgcrypt opens /dev/urandom, the file descriptor leak should be
debugged first in libgcrypt.
/Simon
More information about the Pkg-gnutls-maint
mailing list