Viktor Dukhovni:
> On Mon, Feb 18, 2019 at 02:07:29AM -0500, Viktor Dukhovni wrote:
>
> > Feb 17 22:08:45 mail postfix/tlsproxy[23261]:
> > sys1.mmini.de[5.9.100.168]:25: depth=1 verify=0
> > subject=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
> >
> > These callbacks are NOT expected.
>
> diff --git a/src/tls/tls_misc.c b/src/tls/tls_misc.c
> index 01dda8a97..a4a88a392 100644
> --- a/src/tls/tls_misc.c
> +++ b/src/tls/tls_misc.c
> @@ -772,6 +772,8 @@ void tls_pre_jail_init(TLS_ROLE role)
> };
> int flags;
>
> + tls_param_init();
tls_param_init() is already called by tls_client_init() and
tls_server_init().
Should we remove the those calls and make tls_pre_jail_init() a
mandatory call?
> diff --git a/src/tlsproxy/tlsproxy.c b/src/tlsproxy/tlsproxy.c
> index 2c8714cb4..91eb4a9bc 100644
> --- a/src/tlsproxy/tlsproxy.c
> +++ b/src/tlsproxy/tlsproxy.c
> @@ -947,7 +947,12 @@ static int tlsp_client_start_pre_handshake(TLSP_STATE
> *state)
> {
> state->client_start_props->ctx = state->appl_state;
> state->client_start_props->fd = state->ciphertext_fd;
> - state->tls_context = tls_client_start(state->client_start_props);
> + if (!TLS_DANE_BASED(state->client_start_props->tls_level)
> + || tls_dane_avail())
> + state->tls_context = tls_client_start(state->client_start_props);
How come that we need this here, when there is already code in the
Postfix SMTP client policy lookup that dedices whether a connection
will use DANE?
Should we make the SMTP client responsible for policy decisions,
and make tlsproxy responsible for encryption, or should we randomly
distribute responsibilities across process boundaries?
Wietse
