aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGilles Chehade <gilles@poolp.org>2019-05-24 20:46:43 +0200
committerGilles Chehade <gilles@poolp.org>2019-05-24 20:46:43 +0200
commit7a0bf51f8ebf2740d93b1b1886d10ce09d3de59e (patch)
tree3120686b86b0b7bfa38eeac05b637b5fb41ecf38
parentsync with OpenBSD 6.5 (diff)
downloadOpenSMTPD-7a0bf51f8ebf2740d93b1b1886d10ce09d3de59e.tar.xz
OpenSMTPD-7a0bf51f8ebf2740d93b1b1886d10ce09d3de59e.zip
sync with OpenBSD
-rw-r--r--smtpd/ca.c56
-rw-r--r--smtpd/crypto.c69
-rw-r--r--smtpd/mproc.c4
-rw-r--r--smtpd/parse.y6
-rw-r--r--smtpd/ssl.c15
5 files changed, 82 insertions, 68 deletions
diff --git a/smtpd/ca.c b/smtpd/ca.c
index 4c3bdded..8be87965 100644
--- a/smtpd/ca.c
+++ b/smtpd/ca.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ca.c,v 1.29 2018/05/24 11:38:24 gilles Exp $ */
+/* $OpenBSD: ca.c,v 1.32 2019/05/24 15:34:05 gilles Exp $ */
/*
* Copyright (c) 2014 Reyk Floeter <reyk@openbsd.org>
@@ -174,6 +174,7 @@ ca_X509_verify(void *certificate, void *chain, const char *CAfile,
X509_STORE *store = NULL;
X509_STORE_CTX *xsc = NULL;
int ret = 0;
+ long error = 0;
if ((store = X509_STORE_new()) == NULL)
goto end;
@@ -197,8 +198,10 @@ ca_X509_verify(void *certificate, void *chain, const char *CAfile,
end:
*errstr = NULL;
if (ret != 1) {
- if (xsc)
- *errstr = X509_verify_cert_error_string(xsc->error);
+ if (xsc) {
+ error = X509_STORE_CTX_get_error(xsc);
+ *errstr = X509_verify_cert_error_string(error);
+ }
else if (ERR_peek_last_error())
*errstr = ERR_error_string(ERR_peek_last_error(), NULL);
}
@@ -301,22 +304,7 @@ ca_imsg(struct mproc *p, struct imsg *imsg)
const RSA_METHOD *rsa_default = NULL;
-static RSA_METHOD rsae_method = {
- "RSA privsep engine",
- rsae_pub_enc,
- rsae_pub_dec,
- rsae_priv_enc,
- rsae_priv_dec,
- rsae_mod_exp,
- rsae_bn_mod_exp,
- rsae_init,
- rsae_finish,
- 0,
- NULL,
- NULL,
- NULL,
- rsae_keygen
-};
+static RSA_METHOD *rsae_method = NULL;
static int
rsae_send_imsg(int flen, const unsigned char *from, unsigned char *to,
@@ -482,12 +470,25 @@ ca_engine_init(void)
ENGINE *e;
const char *errstr, *name;
+ if ((rsae_method = RSA_meth_new("RSA privsep engine", 0)) == NULL)
+ goto fail;
+
+ rsae_method->rsa_pub_enc = rsae_pub_enc;
+ rsae_method->rsa_pub_dec = rsae_pub_dec;
+ rsae_method->rsa_priv_enc = rsae_priv_enc;
+ rsae_method->rsa_priv_dec = rsae_priv_dec;
+ rsae_method->rsa_mod_exp = rsae_mod_exp;
+ rsae_method->bn_mod_exp = rsae_bn_mod_exp;
+ rsae_method->init = rsae_init;
+ rsae_method->finish = rsae_finish;
+ rsae_method->rsa_keygen = rsae_keygen;
+
if ((e = ENGINE_get_default_RSA()) == NULL) {
if ((e = ENGINE_new()) == NULL) {
errstr = "ENGINE_new";
goto fail;
}
- if (!ENGINE_set_name(e, rsae_method.name)) {
+ if (!ENGINE_set_name(e, rsae_method->name)) {
errstr = "ENGINE_set_name";
goto fail;
}
@@ -505,20 +506,17 @@ ca_engine_init(void)
log_debug("debug: %s: using %s", __func__, name);
- if (rsa_default->flags & RSA_FLAG_SIGN_VER)
- fatalx("unsupported RSA engine");
-
if (rsa_default->rsa_mod_exp == NULL)
- rsae_method.rsa_mod_exp = NULL;
+ rsae_method->rsa_mod_exp = NULL;
if (rsa_default->bn_mod_exp == NULL)
- rsae_method.bn_mod_exp = NULL;
+ rsae_method->bn_mod_exp = NULL;
if (rsa_default->rsa_keygen == NULL)
- rsae_method.rsa_keygen = NULL;
- rsae_method.flags = rsa_default->flags |
+ rsae_method->rsa_keygen = NULL;
+ rsae_method->flags = rsa_default->flags |
RSA_METHOD_FLAG_NO_CHECK;
- rsae_method.app_data = rsa_default->app_data;
+ rsae_method->app_data = rsa_default->app_data;
- if (!ENGINE_set_RSA(e, &rsae_method)) {
+ if (!ENGINE_set_RSA(e, rsae_method)) {
errstr = "ENGINE_set_RSA";
goto fail;
}
diff --git a/smtpd/crypto.c b/smtpd/crypto.c
index 1cc1af7c..39576f71 100644
--- a/smtpd/crypto.c
+++ b/smtpd/crypto.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: crypto.c,v 1.6 2016/09/03 14:42:08 gilles Exp $ */
+/* $OpenBSD: crypto.c,v 1.7 2019/05/24 18:01:52 gilles Exp $ */
/*
* Copyright (c) 2013 Gilles Chehade <gilles@openbsd.org>
@@ -62,7 +62,7 @@ crypto_setup(const char *key, size_t len)
int
crypto_encrypt_file(FILE * in, FILE * out)
{
- EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX *ctx;
uint8_t ibuf[CRYPTO_BUFFER_SIZE];
uint8_t obuf[CRYPTO_BUFFER_SIZE];
uint8_t iv[IV_SIZE];
@@ -89,12 +89,15 @@ crypto_encrypt_file(FILE * in, FILE * out)
if ((w = fwrite(iv, 1, sizeof iv, out)) != sizeof iv)
return 0;
- EVP_CIPHER_CTX_init(&ctx);
- EVP_EncryptInit_ex(&ctx, EVP_aes_256_gcm(), NULL, cp.key, iv);
+ ctx = EVP_CIPHER_CTX_new();
+ if (ctx == NULL)
+ return 0;
+
+ EVP_EncryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, cp.key, iv);
/* encrypt until end of file */
while ((r = fread(ibuf, 1, CRYPTO_BUFFER_SIZE, in)) != 0) {
- if (!EVP_EncryptUpdate(&ctx, obuf, &len, ibuf, r))
+ if (!EVP_EncryptUpdate(ctx, obuf, &len, ibuf, r))
goto end;
if (len && (w = fwrite(obuf, len, 1, out)) != 1)
goto end;
@@ -103,13 +106,13 @@ crypto_encrypt_file(FILE * in, FILE * out)
goto end;
/* finalize and write last chunk if any */
- if (!EVP_EncryptFinal_ex(&ctx, obuf, &len))
+ if (!EVP_EncryptFinal_ex(ctx, obuf, &len))
goto end;
if (len && (w = fwrite(obuf, len, 1, out)) != 1)
goto end;
/* get and append tag */
- EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_GET_TAG, sizeof tag, tag);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, sizeof tag, tag);
if ((w = fwrite(tag, sizeof tag, 1, out)) != 1)
goto end;
@@ -117,14 +120,14 @@ crypto_encrypt_file(FILE * in, FILE * out)
ret = 1;
end:
- EVP_CIPHER_CTX_cleanup(&ctx);
+ EVP_CIPHER_CTX_free(ctx);
return ret;
}
int
crypto_decrypt_file(FILE * in, FILE * out)
{
- EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX *ctx;
uint8_t ibuf[CRYPTO_BUFFER_SIZE];
uint8_t obuf[CRYPTO_BUFFER_SIZE];
uint8_t iv[IV_SIZE];
@@ -168,12 +171,14 @@ crypto_decrypt_file(FILE * in, FILE * out)
sz -= sizeof iv;
sz -= sizeof tag;
+ ctx = EVP_CIPHER_CTX_new();
+ if (ctx == NULL)
+ return 0;
- EVP_CIPHER_CTX_init(&ctx);
- EVP_DecryptInit_ex(&ctx, EVP_aes_256_gcm(), NULL, cp.key, iv);
+ EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, cp.key, iv);
/* set expected tag */
- EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, sizeof tag, tag);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof tag, tag);
/* decrypt until end of ciphertext */
while (sz) {
@@ -183,7 +188,7 @@ crypto_decrypt_file(FILE * in, FILE * out)
r = fread(ibuf, 1, sz, in);
if (!r)
break;
- if (!EVP_DecryptUpdate(&ctx, obuf, &len, ibuf, r))
+ if (!EVP_DecryptUpdate(ctx, obuf, &len, ibuf, r))
goto end;
if (len && (w = fwrite(obuf, len, 1, out)) != 1)
goto end;
@@ -193,7 +198,7 @@ crypto_decrypt_file(FILE * in, FILE * out)
goto end;
/* finalize, write last chunk if any and perform authentication check */
- if (!EVP_DecryptFinal_ex(&ctx, obuf, &len))
+ if (!EVP_DecryptFinal_ex(ctx, obuf, &len))
goto end;
if (len && (w = fwrite(obuf, len, 1, out)) != 1)
goto end;
@@ -202,14 +207,14 @@ crypto_decrypt_file(FILE * in, FILE * out)
ret = 1;
end:
- EVP_CIPHER_CTX_cleanup(&ctx);
+ EVP_CIPHER_CTX_free(ctx);
return ret;
}
size_t
crypto_encrypt_buffer(const char *in, size_t inlen, char *out, size_t outlen)
{
- EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX *ctx;
uint8_t iv[IV_SIZE];
uint8_t tag[GCM_TAG_SIZE];
uint8_t version = API_VERSION;
@@ -237,33 +242,36 @@ crypto_encrypt_buffer(const char *in, size_t inlen, char *out, size_t outlen)
memcpy(out + len, iv, sizeof iv);
len += sizeof iv;
- EVP_CIPHER_CTX_init(&ctx);
- EVP_EncryptInit_ex(&ctx, EVP_aes_256_gcm(), NULL, cp.key, iv);
+ ctx = EVP_CIPHER_CTX_new();
+ if (ctx == NULL)
+ return 0;
+
+ EVP_EncryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, cp.key, iv);
/* encrypt buffer */
- if (!EVP_EncryptUpdate(&ctx, out + len, &olen, in, inlen))
+ if (!EVP_EncryptUpdate(ctx, out + len, &olen, in, inlen))
goto end;
len += olen;
/* finalize and write last chunk if any */
- if (!EVP_EncryptFinal_ex(&ctx, out + len, &olen))
+ if (!EVP_EncryptFinal_ex(ctx, out + len, &olen))
goto end;
len += olen;
/* get and append tag */
- EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_GET_TAG, sizeof tag, tag);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, sizeof tag, tag);
memcpy(out + len, tag, sizeof tag);
ret = len + sizeof tag;
end:
- EVP_CIPHER_CTX_cleanup(&ctx);
+ EVP_CIPHER_CTX_free(ctx);
return ret;
}
size_t
crypto_decrypt_buffer(const char *in, size_t inlen, char *out, size_t outlen)
{
- EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX *ctx;
uint8_t iv[IV_SIZE];
uint8_t tag[GCM_TAG_SIZE];
int olen;
@@ -290,24 +298,27 @@ crypto_decrypt_buffer(const char *in, size_t inlen, char *out, size_t outlen)
inlen -= sizeof iv;
in += sizeof iv;
- EVP_CIPHER_CTX_init(&ctx);
- EVP_DecryptInit_ex(&ctx, EVP_aes_256_gcm(), NULL, cp.key, iv);
+ ctx = EVP_CIPHER_CTX_new();
+ if (ctx == NULL)
+ return 0;
+
+ EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, cp.key, iv);
/* set expected tag */
- EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, sizeof tag, tag);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof tag, tag);
/* decrypt buffer */
- if (!EVP_DecryptUpdate(&ctx, out, &olen, in, inlen))
+ if (!EVP_DecryptUpdate(ctx, out, &olen, in, inlen))
goto end;
len += olen;
/* finalize, write last chunk if any and perform authentication check */
- if (!EVP_DecryptFinal_ex(&ctx, out + len, &olen))
+ if (!EVP_DecryptFinal_ex(ctx, out + len, &olen))
goto end;
ret = len + olen;
end:
- EVP_CIPHER_CTX_cleanup(&ctx);
+ EVP_CIPHER_CTX_free(ctx);
return ret;
}
diff --git a/smtpd/mproc.c b/smtpd/mproc.c
index d5a934d4..c3751901 100644
--- a/smtpd/mproc.c
+++ b/smtpd/mproc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mproc.c,v 1.32 2018/12/17 08:56:31 eric Exp $ */
+/* $OpenBSD: mproc.c,v 1.33 2019/05/24 14:31:30 gilles Exp $ */
/*
* Copyright (c) 2012 Eric Faurot <eric@faurot.net>
@@ -309,7 +309,7 @@ m_add(struct mproc *p, const void *data, size_t len)
void *tmp;
if (p->m_pos + len + IMSG_HEADER_SIZE > MAX_IMSGSIZE) {
- log_warnx("warn: message to large");
+ log_warnx("warn: message too large");
fatal(NULL);
}
diff --git a/smtpd/parse.y b/smtpd/parse.y
index 88f2c0b5..9607e29a 100644
--- a/smtpd/parse.y
+++ b/smtpd/parse.y
@@ -1,4 +1,4 @@
-/* $OpenBSD: parse.y,v 1.251 2019/02/13 22:57:08 deraadt Exp $ */
+/* $OpenBSD: parse.y,v 1.252 2019/05/20 07:04:13 gilles Exp $ */
/*
* Copyright (c) 2008 Gilles Chehade <gilles@poolp.org>
@@ -664,11 +664,11 @@ MBOX {
} dispatcher_local_options
| LMTP STRING {
asprintf(&dispatcher->u.local.command,
- "/usr/libexec/mail.lmtp -f %%{mbox.from} -d %s %%{user.username}", $2);
+ "/usr/libexec/mail.lmtp -f \"%%{sender}\" -d %s %%{user.username}", $2);
} dispatcher_local_options
| LMTP STRING RCPT_TO {
asprintf(&dispatcher->u.local.command,
- "/usr/libexec/mail.lmtp -f %%{mbox.from} -d %s %%{dest}", $2);
+ "/usr/libexec/mail.lmtp -f \"%%{sender}\" -d %s %%{dest}", $2);
} dispatcher_local_options
| MDA STRING {
asprintf(&dispatcher->u.local.command,
diff --git a/smtpd/ssl.c b/smtpd/ssl.c
index 7cbee563..b88d1349 100644
--- a/smtpd/ssl.c
+++ b/smtpd/ssl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.c,v 1.90 2018/12/20 19:40:13 gilles Exp $ */
+/* $OpenBSD: ssl.c,v 1.92 2019/05/24 16:29:41 gilles Exp $ */
/*
* Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org>
@@ -183,7 +183,7 @@ ssl_load_key(const char *name, off_t *len, char *pass, mode_t perm, const char *
EVP_PKEY *key = NULL;
BIO *bio = NULL;
long size;
- char *data, *buf = NULL;
+ char *data, *buf, *filebuf;
struct stat st;
char mode[12];
char prompt[2048];
@@ -196,6 +196,9 @@ ssl_load_key(const char *name, off_t *len, char *pass, mode_t perm, const char *
*/
if ((fp = fopen(name, "r")) == NULL)
return (NULL);
+ if ((filebuf = malloc_conceal(BUFSIZ)) == NULL)
+ goto fail;
+ setvbuf(fp, filebuf, _IOFBF, BUFSIZ);
if (fstat(fileno(fp), &st) != 0)
goto fail;
@@ -216,6 +219,8 @@ ssl_load_key(const char *name, off_t *len, char *pass, mode_t perm, const char *
key = PEM_read_PrivateKey(fp, NULL, ssl_password_cb, prompt);
fclose(fp);
fp = NULL;
+ freezero(filebuf, BUFSIZ);
+ filebuf = NULL;
if (key == NULL)
goto fail;
/*
@@ -227,7 +232,7 @@ ssl_load_key(const char *name, off_t *len, char *pass, mode_t perm, const char *
goto fail;
if ((size = BIO_get_mem_data(bio, &data)) <= 0)
goto fail;
- if ((buf = calloc(1, size + 1)) == NULL)
+ if ((buf = calloc_conceal(1, size + 1)) == NULL)
goto fail;
memcpy(buf, data, size);
@@ -239,11 +244,11 @@ ssl_load_key(const char *name, off_t *len, char *pass, mode_t perm, const char *
fail:
ssl_error("ssl_load_key");
- free(buf);
BIO_free_all(bio);
EVP_PKEY_free(key);
if (fp)
fclose(fp);
+ freezero(filebuf, BUFSIZ);
return (NULL);
}
@@ -423,7 +428,7 @@ ssl_ctx_fake_private_key(SSL_CTX *ctx, const void *data, size_t datalen,
*/
ret = SSL_CTX_use_PrivateKey(ctx, pkey);
if (!ret)
- SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_SSL_LIB);
+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_LIB_SSL);
if (pkeyptr != NULL)
*pkeyptr = pkey;