Omar Polo
b894573ad9
fix typo; the size computation is done using len, not ret
2023-08-29 09:18:55 +00:00
Omar Polo
a6c8b8051e
don't let crypto_dispatch_server handle IMSG_CRYPTO_ECDSA_SIGN
...
in this codepath. otherwise we end up with a mismatch where we
expect a request but were sent a response.
2023-08-28 21:38:09 +00:00
Omar Polo
3cba037a11
pre-increment reqid
...
otherwise we send the request id N and expect to receive N+1
2023-08-28 21:37:27 +00:00
Omar Polo
6c86d810fc
typo; was filling the wrong iov_len...
2023-08-28 21:36:58 +00:00
Omar Polo
6a996ec20f
fmt
2023-07-22 08:19:26 +00:00
Omar Polo
bd23307690
drop engine support
2023-07-22 08:17:02 +00:00
Omar Polo
21617eda73
remove the useless logging methods
...
it makes more clear where the magic is. adapted from the smtpd'
ca.c diff.
2023-07-22 08:13:15 +00:00
Omar Polo
5134078414
macos' clang is retarded
...
thinks rsa and ecdsa may be used un-initialized... if we enter the
branch with fatalx().
sigh
2023-06-23 22:39:37 +00:00
Omar Polo
abc599e031
drop debug log
2023-06-23 21:03:24 +00:00
Omar Polo
b90faa1605
simplify check
...
brought to my attention by gcc who isn't smart enough to figure out
that `ret' is always set.
2023-06-13 17:10:13 +00:00
Omar Polo
10cc819309
avoid arithmetic on void pointers (GNU extension)
...
not really sold on this one, I don't see what other interpretation could
be given, but it's not standard so...
2023-06-13 16:36:06 +00:00
Omar Polo
b8d68fc8e4
fixes for -Wpointer-sign
2023-06-11 11:31:22 +00:00
Omar Polo
d1739e3f03
cast uint64_t to unsigned long long
2023-06-11 11:31:06 +00:00
Omar Polo
ec96a0ad3b
work around different signature for ecdsae_compute_key
2023-06-11 11:30:20 +00:00
Omar Polo
86693a33ab
add a privsep crypto engine
...
Incorporate the OpenSMTPD' privsep crypto engine. The idea behind
it is to never load the certificate' private keys in a networked
process, instead they are loaded in a separate process (the `crypto'
one) which signs payloads on the behalf of the server processes.
This way, we greatly reduce the risk of leaking the certificate'
private key should the server process be compromised.
This currently compiles only on LibreSSL (portable fix is in the
way).
2023-06-11 11:03:59 +00:00