diff options
| author | Reyk Floeter <reyk@cvs.openbsd.org> | 2014-04-29 19:13:15 +0000 |
|---|---|---|
| committer | Reyk Floeter <reyk@cvs.openbsd.org> | 2014-04-29 19:13:15 +0000 |
| commit | e7701d1ab687bebc394f5ebf60b4273c79debc6b (patch) | |
| tree | 4cc3988715b5f784485b152815e9dac67c3799b6 /usr.sbin/smtpd/lka.c | |
| parent | 37790797bff794cb8568109494b4219ce0efe114 (diff) | |
Implement RSA privilege separation for OpenSMTPD, based on my previous
implementation for relayd(8). The smtpd(8) pony processes (mta
client, smtp server) don't keep the private keys in memory but send
their private key operations as imsgs to the "lookup"/mta process.
It's worth mentioning that this prevents acidental private key leakage
as it could have been caused by "Heartbleed".
ok gilles@
Diffstat (limited to 'usr.sbin/smtpd/lka.c')
| -rw-r--r-- | usr.sbin/smtpd/lka.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/usr.sbin/smtpd/lka.c b/usr.sbin/smtpd/lka.c index abfc4ba52fa..dc7f7852924 100644 --- a/usr.sbin/smtpd/lka.c +++ b/usr.sbin/smtpd/lka.c @@ -1,4 +1,4 @@ -/* $OpenBSD: lka.c,v 1.167 2014/04/15 08:32:45 eric Exp $ */ +/* $OpenBSD: lka.c,v 1.168 2014/04/29 19:13:13 reyk Exp $ */ /* * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -91,6 +91,12 @@ lka_imsg(struct mproc *p, struct imsg *imsg) return; } + if (imsg->hdr.type == IMSG_CA_PRIVENC || + imsg->hdr.type == IMSG_CA_PRIVDEC) { + ca_imsg(p, imsg); + return; + } + if (p->proc == PROC_PONY) { switch (imsg->hdr.type) { case IMSG_SMTP_EXPAND_RCPT: @@ -134,13 +140,10 @@ lka_imsg(struct mproc *p, struct imsg *imsg) } resp_ca_cert.status = CA_OK; resp_ca_cert.cert_len = pki->pki_cert_len; - resp_ca_cert.key_len = pki->pki_key_len; iov[0].iov_base = &resp_ca_cert; iov[0].iov_len = sizeof(resp_ca_cert); iov[1].iov_base = pki->pki_cert; iov[1].iov_len = pki->pki_cert_len; - iov[2].iov_base = pki->pki_key; - iov[2].iov_len = pki->pki_key_len; m_composev(p, IMSG_SMTP_SSL_INIT, 0, 0, -1, iov, nitems(iov)); return; @@ -256,13 +259,10 @@ lka_imsg(struct mproc *p, struct imsg *imsg) } resp_ca_cert.status = CA_OK; resp_ca_cert.cert_len = pki->pki_cert_len; - resp_ca_cert.key_len = pki->pki_key_len; iov[0].iov_base = &resp_ca_cert; iov[0].iov_len = sizeof(resp_ca_cert); iov[1].iov_base = pki->pki_cert; iov[1].iov_len = pki->pki_cert_len; - iov[2].iov_base = pki->pki_key; - iov[2].iov_len = pki->pki_key_len; m_composev(p, IMSG_MTA_SSL_INIT, 0, 0, -1, iov, nitems(iov)); return; @@ -389,6 +389,7 @@ lka_imsg(struct mproc *p, struct imsg *imsg) if (verbose & TRACE_TABLES) table_dump_all(); table_open_all(); + ca_init(); /* Start fulfilling requests */ mproc_enable(p_pony); |