-/* $OpenBSD: smtpd.c,v 1.223 2014/04/29 19:13:13 reyk Exp $ */
+/* $OpenBSD: smtpd.c,v 1.224 2014/04/29 21:04:17 reyk Exp $ */
/*
* Copyright (c) 2008 Gilles Chehade <gilles@poolp.org>
static void log_imsg(int, int, struct imsg *);
static int parent_auth_user(const char *, const char *);
static void load_pki_tree(void);
+static void load_pki_keys(void);
enum child_type {
CHILD_DAEMON,
if (env->sc_opts & SMTPD_OPT_NOACTION) {
load_pki_tree();
+ load_pki_keys();
fprintf(stderr, "configuration OK\n");
exit(0);
}
if (! ssl_load_certificate(pki, pki->pki_cert_file))
fatalx("load_pki_tree: failed to load certificate file");
- if (! ssl_load_keyfile(pki, pki->pki_key_file, k))
- fatalx("load_pki_tree: failed to load key file");
if (pki->pki_ca_file)
if (! ssl_load_cafile(pki, pki->pki_ca_file))
}
}
+void
+load_pki_keys(void)
+{
+ struct pki *pki;
+ const char *k;
+ void *iter_dict;
+
+ log_debug("debug: init ssl-tree");
+ iter_dict = NULL;
+ while (dict_iter(env->sc_pki_dict, &iter_dict, &k, (void **)&pki)) {
+ log_debug("info: loading pki keys for %s", k);
+
+ if (! ssl_load_keyfile(pki, pki->pki_key_file, k))
+ fatalx("load_pki_keys: failed to load key file");
+ }
+}
+
static void
fork_peers(void)
{
close(control_socket);
control_socket = -1;
}
+
+ if (proc == PROC_LKA) {
+ load_pki_keys();
+ }
}
struct child *
projects / openbsd / commitdiff