[SR-Users] memory allocation failure while reading ca_list

Daniel-Constantin Mierla miconda at gmail.com
Fri Mar 23 11:08:55 CET 2012


btw, the devel branch as well as last stable releases are compiled with 
memory debugger on, you can compile with F_MALLOC and try to see if you 
get some improvements, but I guess they will not be really relevant over 
all.

Cheers,
Daniel

On 3/19/12 4:04 PM, Jan Janak wrote:
> I know this is not a solution, but you can also try to run
>
> dpkg-reconfigure ca-certificates
>
> and select only a couple of CA certificates you trust. That should
> make the list much smaller. Debian includes a lot of CA certificates
> in its default list and I am not sure whether it is a good idea to
> trust them all blindly, given some of the recent issues with bad CAs..
>
> -Jan
>
> On Mon, Mar 19, 2012 at 07:59, Juha Heinanen<jh at tutpro.com>  wrote:
>> Daniel-Constantin Mierla writes:
>>
>>> I guess it is loaded two time, for the server and client profiles. Try
>>> to set it via dedicated module parameter and see if you get better
>>> memory usage:
>>>
>>> http://kamailio.org/docs/modules/stable/modules/tls.html#ca_list
>> i tried and it turned out that it is not possible to mix and match tls
>> config file and module params.  if config file param file is given, then
>> mod param ca_list is ignored.
>>
>> also, it looks like it is not possible to share the same ca_list between
>> different tls.cfg sections, but each section needs to have its own
>> ca_list entry, which then increases memory requirement.
>>
>> -- juha

-- 
Daniel-Constantin Mierla
Kamailio Advanced Training, April 23-26, 2012, Berlin, Germany
http://www.asipto.com/index.php/kamailio-advanced-training/




More information about the sr-users mailing list