artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e318abb) | patch
The SSL/TLS session Id context is limited to 32 bytes. Instead of
authorreyk <reyk@openbsd.org>
Fri, 16 Jan 2015 14:34:51 +0000 (14:34 +0000)
committerreyk <reyk@openbsd.org>
Fri, 16 Jan 2015 14:34:51 +0000 (14:34 +0000)
commit31413d7e14c4bb6e451ce431ebff2b807d8f72f8
tree8312b1551f84838b8b3a3075afc5522b4e2372d3tree | snapshot
parente318abb34b6c5d8760b5013903c0f3de6c09af6dcommit | diff
The SSL/TLS session Id context is limited to 32 bytes.  Instead of
using the name of relayd relay or smtpd pki, use a 32 byte arc4random
buffer that should be unique for the context.  This fixes an issue in
OpenSMTPD when a long pki name could break the configuration.

OK gilles@ benno@
lib/libtls/tls_server.c diff | blob | history
usr.sbin/relayd/relay.c diff | blob | history
usr.sbin/smtpd/ssl.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim