add a privsep crypto engine

Incorporate the OpenSMTPD' privsep crypto engine.  The idea behind
it is to never load the certificate' private keys in a networked
process, instead they are loaded in a separate process (the `crypto'
one) which signs payloads on the behalf of the server processes.
This way, we greatly reduce the risk of leaking the certificate'
private key should the server process be compromised.

This currently compiles only on LibreSSL (portable fix is in the
way).

1 files changed, 9 insertions, 8 deletions

diff --git a/Makefile b/Makefile
index 6872ae7..0b73090 100644
--- a/Makefile
+++ b/Makefile
@@ -18,14 +18,14 @@
 # all.
 TESTS=
 
-GMID_SRCS =	gmid.c config.c dirs.c fcgi.c iri.c log.c logger.c mime.c \
-		proc.c proxy.c puny.c sandbox.c server.c utf8.c utils.c \
-		y.tab.c
+GMID_SRCS =	gmid.c config.c crypto.c dirs.c fcgi.c iri.c log.c \
+		logger.c mime.c proc.c proxy.c puny.c sandbox.c \
+		server.c utf8.c utils.c y.tab.c
 
 GMID_OBJS =	${GMID_SRCS:.c=.o} ${COBJS}
 
-GE_SRCS =	ge.c config.c dirs.c fcgi.c iri.c log.c mime.c proc.c \
-		proxy.c puny.c sandbox.c server.c utf8.c utils.c
+GE_SRCS =	ge.c config.c crypto.c dirs.c fcgi.c iri.c log.c mime.c \
+		proc.c proxy.c puny.c sandbox.c server.c utf8.c utils.c
 
 GE_OBJS =	${GE_SRCS:.c=.o} ${COBJS}
 
@@ -110,9 +110,10 @@ uninstall:
 
 DISTFILES =	.cirrus.yml .dockerignore .gitignore ChangeLog LICENSE \
 		Makefile README.md config.c configure configure.local.example \
-		dirs.c fcgi.c ge.1 ge.c gg.1 gg.c gmid.8 gmid.c gmid.conf.5 \
-		gmid.h iri.c log.c log.h logger.c mime.c parse.y proxy.c \
-		puny.c sandbox.c server.c utf8.c utils.c y.tab.c
+		crypto.c dirs.c fcgi.c ge.1 ge.c gg.1 gg.c gmid.8 gmid.c \
+		gmid.conf.5 gmid.h iri.c log.c log.h logger.c mime.c \
+		parse.y proxy.c puny.c sandbox.c server.c utf8.c utils.c \
+		y.tab.c
 
 dist: ${DISTNAME}.sha256