Up to [local] / src / usr.sbin / smtpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.5, Sat Sep 1 16:09:14 2012 UTC (11 years, 9 months ago) by gilles
Branch: MAIN
CVS Tags: HEAD
Changes since 1.4: +1 -1 lines
FILE REMOVED
- remove crypto_backend - remove support for encrypted queue, it will be reintroduced later after pouring more thinking into it if you had it enabled, flush your queue before updating
Revision 1.4 / (download) - annotate - [select for diffs], Fri Aug 31 22:40:56 2012 UTC (11 years, 9 months ago) by fgsch
Branch: MAIN
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)
Use EVP_MAX_MD_SIZE for the key size for now as discussed on icb.
Revision 1.3 / (download) - annotate - [select for diffs], Thu Aug 30 22:38:22 2012 UTC (11 years, 9 months ago) by chl
Branch: MAIN
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)
increase fread()/fwrite() buffer from 8k to 16k ok gilles@
Revision 1.2 / (download) - annotate - [select for diffs], Thu Aug 30 21:59:46 2012 UTC (11 years, 9 months ago) by chl
Branch: MAIN
Changes since 1.1: +44 -44 lines
Diff to previous 1.1 (colored)
change crypto_setup() prototype to use const char * instead of uint8_t * while there do some KNF: - change 8 spaces to tab - add/remove some missing/extra space after if's ok gilles@
Revision 1.1 / (download) - annotate - [select for diffs], Wed Aug 29 16:26:17 2012 UTC (11 years, 9 months ago) by gilles
Branch: MAIN
Introduce the crypto_backend API and provide support for... encrypted queue using the new API. By default, OpenSMTPD does not provide queue encryption, but it can be enabled with "queue encryption [args]" and will transparently encrypt/decrypt envelopes/messages as they hit the queue. By default, it will use Blowfish in CBC mode with a different random IV for each envelope and message. User provided key is expanded using sha256 but a different cipher and digest may be specified in smtpd.conf Queue encryption is compatible with compression and if both options are set it will do them in correct order and transparently. tested by chl@, a few users and myself ok chl@ and I