summaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
authorGilles Chehade <gilles@cvs.openbsd.org>2015-12-12 14:06:09 +0000
committerGilles Chehade <gilles@cvs.openbsd.org>2015-12-12 14:06:09 +0000
commit0e79968a1ae406e8eedefd53a25bf2944362525c (patch)
treeae4d58064ab73882082048cf1c0b98ba48d8f3fd /usr.sbin
parente9c7de92f11cfa920cd8fce429c19ff7f05626aa (diff)
if no certificate matches name AND fallback hint was given, search for a
global certificate
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/smtpd/lka.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/usr.sbin/smtpd/lka.c b/usr.sbin/smtpd/lka.c
index df6da6bad6f..1d2093823b5 100644
--- a/usr.sbin/smtpd/lka.c
+++ b/usr.sbin/smtpd/lka.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: lka.c,v 1.186 2015/12/12 13:56:41 gilles Exp $ */
+/* $OpenBSD: lka.c,v 1.187 2015/12/12 14:06:08 gilles Exp $ */
/*
* Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org>
@@ -144,6 +144,9 @@ lka_imsg(struct mproc *p, struct imsg *imsg)
xlowercase(buf, req_ca_cert->name, sizeof(buf));
log_debug("debug: lka: looking up pki \"%s\"", buf);
pki = dict_get(env->sc_pki_dict, buf);
+ if (pki == NULL)
+ if (req_ca_cert->fallback)
+ pki = dict_get(env->sc_pki_dict, "*");
if (pki == NULL) {
resp_ca_cert.status = CA_FAIL;
m_compose(p, imsg->hdr.type, 0, 0, -1, &resp_ca_cert,