For RSA private key privsep, only ever load the keys after forking the

separated process.  This improves the previous because we don't trust
the PEM and BIO routines to cleanup the keys correctly.

ok gilles@

1 files changed, 24 insertions, 3 deletions

diff --git a/usr.sbin/smtpd/smtpd.c b/usr.sbin/smtpd/smtpd.c
index 8abf47dda7e..482f9440740 100644
--- a/usr.sbin/smtpd/smtpd.c
+++ b/usr.sbin/smtpd/smtpd.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: smtpd.c,v 1.223 2014/04/29 19:13:13 reyk Exp $	*/
+/*	$OpenBSD: smtpd.c,v 1.224 2014/04/29 21:04:17 reyk Exp $	*/
 
 /*
  * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org>
@@ -76,6 +76,7 @@ static void	purge_task(void);
 static void	log_imsg(int, int, struct imsg *);
 static int	parent_auth_user(const char *, const char *);
 static void	load_pki_tree(void);
+static void	load_pki_keys(void);
 
 enum child_type {
 	CHILD_DAEMON,
@@ -579,6 +580,7 @@ main(int argc, char *argv[])
 
 	if (env->sc_opts & SMTPD_OPT_NOACTION) {
 		load_pki_tree();
+		load_pki_keys();
 		fprintf(stderr, "configuration OK\n");
 		exit(0);
 	}
@@ -691,8 +693,6 @@ load_pki_tree(void)
 
 		if (! ssl_load_certificate(pki, pki->pki_cert_file))
 			fatalx("load_pki_tree: failed to load certificate file");
-		if (! ssl_load_keyfile(pki, pki->pki_key_file, k))
-			fatalx("load_pki_tree: failed to load key file");
 
 		if (pki->pki_ca_file)
 			if (! ssl_load_cafile(pki, pki->pki_ca_file))
@@ -703,6 +703,23 @@ load_pki_tree(void)
 	}
 }
 
+void
+load_pki_keys(void)
+{
+	struct pki	*pki;
+	const char	*k;
+	void		*iter_dict;
+
+	log_debug("debug: init ssl-tree");
+	iter_dict = NULL;
+	while (dict_iter(env->sc_pki_dict, &iter_dict, &k, (void **)&pki)) {
+		log_debug("info: loading pki keys for %s", k);
+
+		if (! ssl_load_keyfile(pki, pki->pki_key_file, k))
+			fatalx("load_pki_keys: failed to load key file");
+	}
+}
+
 static void
 fork_peers(void)
 {
@@ -728,6 +745,10 @@ post_fork(int proc)
 		close(control_socket);
 		control_socket = -1;
 	}
+
+	if (proc == PROC_LKA) {
+		load_pki_keys();
+	}
 }
 
 struct child *