op public repos

Commits

Commit:: b8d68fc8e49b3eeac2ba3106e9694ef463a646e1
From:: Omar Polo <op@omarpolo.com>
Date:: Sun Jun 11 11:31:22 2023 UTC

fixes for -Wpointer-sign

diff | patch | tree

Commit:: d1739e3f03a014fa9baded61a49eeb49293c751f
From:: Omar Polo <op@omarpolo.com>
Date:: Sun Jun 11 11:31:06 2023 UTC

cast uint64_t to unsigned long long

diff | patch | tree

Commit:: ec96a0ad3b80dd46a4d68359807c0c09560100cb
From:: Omar Polo <op@omarpolo.com>
Date:: Sun Jun 11 11:30:20 2023 UTC

work around different signature for ecdsae_compute_key

diff | patch | tree

Commit:: 86693a33abd5e8c31530adb3045c9f4664d4d6c9
From:: Omar Polo <op@omarpolo.com>
Date:: Sun Jun 11 11:03:59 2023 UTC

add a privsep crypto engine Incorporate the OpenSMTPD' privsep crypto engine. The idea behind it is to never load the certificate' private keys in a networked process, instead they are loaded in a separate process (the `crypto' one) which signs payloads on the behalf of the server processes. This way, we greatly reduce the risk of leaking the certificate' private key should the server process be compromised. This currently compiles only on LibreSSL (portable fix is in the way).

diff | patch | tree