diff --git a/config.c b/config.c index 251095c..3b19dea 100644 --- a/config.c +++ b/config.c @@ -46,6 +46,10 @@ config_new(void) conf->prefork = 3; +#ifdef __OpenBSD__ + conf->use_privsep_crypto = 1; +#endif + conf->sock4 = -1; conf->sock6 = -1; @@ -63,8 +67,10 @@ config_purge(struct conf *conf) struct envlist *e, *te; struct alist *a, *ta; struct pki *pki, *tpki; + int use_privsep_crypto; ps = conf->ps; + use_privsep_crypto = conf->use_privsep_crypto; if (conf->sock4 != -1) { event_del(&conf->evsock4); @@ -136,6 +142,7 @@ config_purge(struct conf *conf) memset(conf, 0, sizeof(*conf)); conf->ps = ps; + conf->use_privsep_crypto = use_privsep_crypto; conf->sock4 = conf->sock6 = -1; conf->protos = TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3; init_mime(&conf->mime); @@ -184,7 +191,8 @@ static int config_send_kp(struct privsep *ps, int cert_type, int key_type, const char *cert, const char *key) { - int fd, d; + struct conf *conf = ps->ps_env; + int fd, d, key_target; log_debug("sending %s", cert); if ((fd = open(cert, O_RDONLY)) == -1) @@ -196,13 +204,19 @@ config_send_kp(struct privsep *ps, int cert_type, int key_type, close(d); return -1; } - if (config_send_file(ps, PROC_CRYPTO, cert_type, d, NULL, 0) == -1) + if (conf->use_privsep_crypto && + config_send_file(ps, PROC_CRYPTO, cert_type, d, NULL, 0) == -1) return -1; log_debug("sending %s", key); if ((fd = open(key, O_RDONLY)) == -1) return -1; - if (config_send_file(ps, PROC_CRYPTO, key_type, fd, NULL, 0) == -1) + + key_target = PROC_CRYPTO; + if (!conf->use_privsep_crypto) + key_target = PROC_SERVER; + + if (config_send_file(ps, key_target, key_type, fd, NULL, 0) == -1) return -1; if (proc_flush_imsg(ps, PROC_SERVER, -1) == -1) diff --git a/ge.c b/ge.c index 36b9dd9..546238c 100644 --- a/ge.c +++ b/ge.c @@ -249,6 +249,9 @@ main(int argc, char **argv) log_setverbose(0); conf = config_new(); + /* ge doesn't do privsep so no privsep crypto engine. */ + conf->use_privsep_crypto = 0; + while ((ch = getopt_long(argc, argv, "d:H:hp:Vv", opts, NULL)) != -1) { switch (ch) { case 'd': diff --git a/gmid.h b/gmid.h index 515f29c..c68ab92 100644 --- a/gmid.h +++ b/gmid.h @@ -228,6 +228,7 @@ struct conf { char user[LOGIN_NAME_MAX]; int prefork; int reload; + int use_privsep_crypto; int sock4; struct event evsock4; diff --git a/server.c b/server.c index 79fcc15..acf7703 100644 --- a/server.c +++ b/server.c @@ -1395,11 +1395,7 @@ setup_tls(struct conf *conf) if ((tlsconf = tls_config_new()) == NULL) fatal("tls_config_new"); - /* - * ge doesn't use the privsep crypto engine; it doesn't use - * privsep at all so `ps' is NULL. - */ - if (conf->ps != NULL) + if (conf->use_privsep_crypto) tls_config_use_fake_private_key(tlsconf); /* optionally accept client certs, but don't try to verify them */ @@ -1462,6 +1458,8 @@ server(struct privsep *ps, struct privsep_proc *p) void server_init(struct privsep *ps, struct privsep_proc *p, void *arg) { + struct conf *c; + SPLAY_INIT(&clients); #ifdef SIGINFO @@ -1477,8 +1475,11 @@ server_init(struct privsep *ps, struct privsep_proc *p, void *arg) * ge doesn't use the privsep crypto engine; it doesn't use * privsep at all so `ps' is NULL. */ - if (ps != NULL) - crypto_engine_init(ps->ps_env); + if (ps != NULL) { + c = ps->ps_env; + if (c->use_privsep_crypto) + crypto_engine_init(ps->ps_env); + } } int