summaryrefslogtreecommitdiff
path: root/usr.sbin/smtpd
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2015-10-21 16:44:29 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2015-10-21 16:44:29 +0000
commit4bb9547a002e989124ed06dd9020d62d9c2c649b (patch)
treec2abd226495470124443db79b40fcb7ac66d6350 /usr.sbin/smtpd
parente406b8d2b07fd632185dfda31ba70efbfe6766ee (diff)
Only enable SSL_VERIFY_PEER when the verify option is set on a listener.
Always enabling SSL_VERIFY_PEER unnecessarily increases the number of messages/bytes in the TLS handshake and increases our attack surface, since we request and then process client certificates. ok gilles@
Diffstat (limited to 'usr.sbin/smtpd')
-rw-r--r--usr.sbin/smtpd/smtp_session.c5
-rw-r--r--usr.sbin/smtpd/smtpd.h4
-rw-r--r--usr.sbin/smtpd/ssl_smtpd.c7
3 files changed, 9 insertions, 7 deletions
diff --git a/usr.sbin/smtpd/smtp_session.c b/usr.sbin/smtpd/smtp_session.c
index 9ba6fa683de..6f745459c14 100644
--- a/usr.sbin/smtpd/smtp_session.c
+++ b/usr.sbin/smtpd/smtp_session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: smtp_session.c,v 1.237 2015/10/16 21:13:33 sthen Exp $ */
+/* $OpenBSD: smtp_session.c,v 1.238 2015/10/21 16:44:28 jsing Exp $ */
/*
* Copyright (c) 2008 Gilles Chehade <gilles@poolp.org>
@@ -828,7 +828,8 @@ smtp_session_imsg(struct mproc *p, struct imsg *imsg)
pkiname = s->smtpname;
ssl_ctx = dict_get(env->sc_ssl_dict, pkiname);
- ssl = ssl_smtp_init(ssl_ctx, smtp_sni_callback);
+ ssl = ssl_smtp_init(ssl_ctx, smtp_sni_callback,
+ s->listener->flags & F_TLS_VERIFY);
io_set_read(&s->io);
io_start_tls(&s->io, ssl);
diff --git a/usr.sbin/smtpd/smtpd.h b/usr.sbin/smtpd/smtpd.h
index 0c6228f0f41..56c9bcc9218 100644
--- a/usr.sbin/smtpd/smtpd.h
+++ b/usr.sbin/smtpd/smtpd.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: smtpd.h,v 1.478 2015/10/17 22:24:36 gilles Exp $ */
+/* $OpenBSD: smtpd.h,v 1.479 2015/10/21 16:44:28 jsing Exp $ */
/*
* Copyright (c) 2008 Gilles Chehade <gilles@poolp.org>
@@ -1324,7 +1324,7 @@ int fork_proc_backend(const char *, const char *, const char *);
/* ssl_smtpd.c */
void *ssl_mta_init(void *, char *, off_t);
-void *ssl_smtp_init(void *, void *);
+void *ssl_smtp_init(void *, void *, int);
/* stat_backend.c */
diff --git a/usr.sbin/smtpd/ssl_smtpd.c b/usr.sbin/smtpd/ssl_smtpd.c
index 74fa20726ee..87450eb1f5a 100644
--- a/usr.sbin/smtpd/ssl_smtpd.c
+++ b/usr.sbin/smtpd/ssl_smtpd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_smtpd.c,v 1.9 2015/04/19 20:29:12 gilles Exp $ */
+/* $OpenBSD: ssl_smtpd.c,v 1.10 2015/10/21 16:44:28 jsing Exp $ */
/*
* Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org>
@@ -82,14 +82,15 @@ dummy_verify(int ok, X509_STORE_CTX *store)
}
void *
-ssl_smtp_init(void *ssl_ctx, void *sni)
+ssl_smtp_init(void *ssl_ctx, void *sni, int verify)
{
SSL *ssl = NULL;
int (*cb)(SSL *,int *,void *) = sni;
log_debug("debug: session_start_ssl: switching to SSL");
- SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, dummy_verify);
+ if (verify)
+ SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, dummy_verify);
if (cb)
SSL_CTX_set_tlsext_servername_callback(ssl_ctx, cb);