src - OpenBSD base system

Age	Commit message (Collapse)	Author
2014-05-01	Move RSA keys from "lka" to a new dedicated "ca" process because lka	Reyk Floeter
	is handling some async requests and shouldn't be busy with sync RSA. ok gilles@
2014-04-30	The RSA engine (used by pony) has to wait for a response from the	Reyk Floeter
	privileged process (lka) and receive the imsgs in a while loop synchronously. But the lka also sends other imsgs (DNS etc.) that can still be queued up in the buffer when waiting for the RSA response. This only happens under load with many concurrent connections. For now, we just call the pony imsg handler for non-RSA imsgs that are already in the buffer. ok gilles@ eric@ blambert@
2014-04-29	Implement RSA privilege separation for OpenSMTPD, based on my previous	Reyk Floeter
	implementation for relayd(8). The smtpd(8) pony processes (mta client, smtp server) don't keep the private keys in memory but send their private key operations as imsgs to the "lookup"/mta process. It's worth mentioning that this prevents acidental private key leakage as it could have been caused by "Heartbleed". ok gilles@
2014-04-09	Zap the mfa process. It is not currently doing anything, and content filtering	Eric Faurot
	will be done at session level anyway. ok gilles@
2014-04-04	Merge the mda, mta and smtp processes into a single unprivileged	Eric Faurot
	process managing message reception, delivery and transfer. Mostly mechanical, but very intrusive as it required to rewamp all IMSG to fix ambiguities. with and ok gilles@