- introduce CA process

- TLS/SMTPS sessions perform a CA request to obtain certificate and key
author: Gilles Chehade <gilles@poolp.org> 2012-12-19 12:57:29 +0100
committer: Gilles Chehade <gilles@poolp.org> 2012-12-19 12:57:29 +0100
commit: c56eb6dc726e2f747a42f117bd7007712cac3c00 (patch)
tree: 5a637ac5ead8de0dfa5fbd096515514116cf7edb /smtpd/config.c
parent: load cert store in global env at startup so that we can verify (diff)
download: OpenSMTPD-c56eb6dc726e2f747a42f117bd7007712cac3c00.tar.xz
OpenSMTPD-c56eb6dc726e2f747a42f117bd7007712cac3c00.zip
1 files changed, 8 insertions, 4 deletions
diff --git a/smtpd/config.c b/smtpd/config.c
index 9a851aba..6533ba14 100644
--- a/smtpd/config.c
+++ b/smtpd/config.c
@@ -26,6 +26,7 @@
 #include <imsg.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <string.h>
 #include <unistd.h>
 
 #include "smtpd.h"
@@ -66,14 +67,15 @@ purge_config(uint8_t what)
 		env->sc_rules = NULL;
 	}
 	if (what & PURGE_SSL) {
-		while ((s = SPLAY_ROOT(env->sc_ssl)) != NULL) {
-			SPLAY_REMOVE(ssltree, env->sc_ssl, s);
+		while (dict_poproot(env->sc_ssl_dict, NULL, (void **)&s)) {
+			bzero(s->ssl_cert, sizeof s->ssl_cert);
+			bzero(s->ssl_key, sizeof s->ssl_key);
 			free(s->ssl_cert);
 			free(s->ssl_key);
 			free(s);
 		}
-		free(env->sc_ssl);
-		env->sc_ssl = NULL;
+		free(env->sc_ssl_dict);
+		env->sc_ssl_dict = NULL;
 	}
 }
 
@@ -129,6 +131,8 @@ config_peer(enum smtp_proc_type proc)
 		p_scheduler = p;
 	else if (proc == PROC_SMTP)
 		p_smtp = p;
+	else if (proc == PROC_CA)
+		p_ca = p;
 	else
 		fatalx("bad peer");
 }
author	Gilles Chehade <gilles@poolp.org>	2012-12-19 12:57:29 +0100
committer	Gilles Chehade <gilles@poolp.org>	2012-12-19 12:57:29 +0100
commit	c56eb6dc726e2f747a42f117bd7007712cac3c00 (patch)
tree	5a637ac5ead8de0dfa5fbd096515514116cf7edb /smtpd/config.c
parent	load cert store in global env at startup so that we can verify (diff)
download	OpenSMTPD-c56eb6dc726e2f747a42f117bd7007712cac3c00.tar.xz OpenSMTPD-c56eb6dc726e2f747a42f117bd7007712cac3c00.zip