On Tue, Jul 06, 2021 at 02:37:34PM +0100, Ricardo Mestre wrote:
> You got the order wrong on my diff :)
>
> Before, the certs were loaded by root in memory and then set by _spamd, with
> my
> diff they are still loaded by root but now also set, everything else
> still has the same order so it sho
Hey kn,
You got the order wrong on my diff :)
Before, the certs were loaded by root in memory and then set by _spamd, with my
diff they are still loaded by root but now also set, everything else
still has the same order so it should be:
tls_config_set_*_file()
fork()
setres*id()
pledge()
On 12:
On Tue, Jul 06, 2021 at 12:58:37PM +, Klemens Nanni wrote:
> On Wed, Jun 30, 2021 at 01:11:38PM +0100, Ricardo Mestre wrote:
> > Hi,
> >
> > I may have seen it elsewhere, or probably not, but after checking on kn's
> > commit
> > to tls_load_file(3) it seems it's now possible to set the ca/ce
On Wed, Jun 30, 2021 at 01:11:38PM +0100, Ricardo Mestre wrote:
> Hi,
>
> I may have seen it elsewhere, or probably not, but after checking on kn's
> commit
> to tls_load_file(3) it seems it's now possible to set the ca/cert/key directly
> without having to load them first from disk and set them
Hi,
I may have seen it elsewhere, or probably not, but after checking on kn's commit
to tls_load_file(3) it seems it's now possible to set the ca/cert/key directly
without having to load them first from disk and set them afterwards from memory.
That being said the below applies this to spamd(8),