]>
Commit | Line | Data |
---|---|---|
c2c7a750 AA |
1 | diff -Nur old/configure.in new/configure.in |
2 | --- old/configure.in 2004-05-16 02:40:19.000000000 +0000 | |
69e1f9b1 | 3 | +++ new/configure.in 2004-05-25 07:37:13.000000000 +0000 |
c2c7a750 AA |
4 | @@ -58,6 +58,11 @@ |
5 | eval "localstatedir=$localstatedir" | |
6 | eval "datadir=$datadir" | |
7 | ||
8 | +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], | |
69e1f9b1 | 9 | +certsdir="$withval", certsdir=$datadir) |
c2c7a750 AA |
10 | + |
11 | +AC_SUBST(certsdir) | |
12 | + | |
13 | AC_ARG_WITH(userdb, [ | |
14 | -- see INSTALL, or courier/doc/install.html for configuration options -- ], , | |
15 | ac_configure_args="$ac_configure_args --with-userdb=${sysconfdir}/userdb") | |
16 | diff -Nur old/courier/configure.in new/courier/configure.in | |
17 | --- old/courier/configure.in 2004-05-02 14:59:42.000000000 +0000 | |
69e1f9b1 AA |
18 | +++ new/courier/configure.in 2004-05-25 07:38:14.000000000 +0000 |
19 | @@ -575,6 +575,12 @@ | |
20 | ||
c2c7a750 AA |
21 | eval "exec_prefix=$exec_prefix" |
22 | eval "bindir=$bindir" | |
69e1f9b1 AA |
23 | +eval "datadir=$datadir" |
24 | + | |
c2c7a750 | 25 | +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], |
69e1f9b1 | 26 | +certsdir="$withval", certsdir=$datadir) |
c2c7a750 AA |
27 | + |
28 | +AC_SUBST(certsdir) | |
69e1f9b1 | 29 | |
c2c7a750 AA |
30 | MAILDROP="$bindir/maildrop" |
31 | AC_SUBST(MAILDROP) | |
c2c7a750 AA |
32 | diff -Nur old/courier/imapd-ssl.rc.in new/courier/imapd-ssl.rc.in |
33 | --- old/courier/imapd-ssl.rc.in 2004-05-24 21:25:19.000000000 +0000 | |
34 | +++ new/courier/imapd-ssl.rc.in 2004-05-24 21:32:29.000000000 +0000 | |
35 | @@ -28,6 +28,11 @@ | |
36 | ||
37 | case $1 in | |
38 | start) | |
39 | + # If we do not have a certificate, make one up. | |
40 | + if [ ! -f @certsdir@/imapd.pem ]; then | |
41 | + @sbindir@/mkimapdcert | |
42 | + fi | |
43 | + | |
44 | LIBAUTHMODULES="" | |
45 | for f in `echo $AUTHMODULES` | |
46 | do | |
47 | diff -Nur old/courier/module.esmtp/configure.in new/courier/module.esmtp/configure.in | |
48 | --- old/courier/module.esmtp/configure.in 2004-05-11 00:16:05.000000000 +0000 | |
9cae2a57 | 49 | +++ new/courier/module.esmtp/configure.in 2004-05-25 07:46:38.000000000 +0000 |
c2c7a750 AA |
50 | @@ -300,6 +300,11 @@ |
51 | eval "datadir=$datadir" | |
52 | eval "localstatedir=$localstatedir" | |
53 | ||
54 | +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], | |
b3795f4c | 55 | +certsdir="$withval", certsdir=$datadir) |
c2c7a750 AA |
56 | + |
57 | +AC_SUBST(certsdir) | |
58 | + | |
59 | dnl | |
60 | dnl Check what libraries are available | |
61 | dnl | |
9cae2a57 AA |
62 | diff -Nur old/courier/module.esmtp/esmtpd.cnf.in new/courier/module.esmtp/esmtpd.cnf.in |
63 | --- old/courier/module.esmtp/esmtpd.cnf.in 2001-08-18 22:18:12.000000000 +0000 | |
64 | +++ new/courier/module.esmtp/esmtpd.cnf.in 2004-05-30 22:38:12.000000000 +0000 | |
65 | @@ -1,5 +1,5 @@ | |
66 | ||
67 | -RANDFILE = @datadir@/esmtpd.rnd | |
68 | +RANDFILE = @certsdir@/esmtpd.rand | |
69 | ||
70 | [ req ] | |
71 | default_bits = 1024 | |
c2c7a750 AA |
72 | diff -Nur old/courier/module.esmtp/esmtpd-ssl.dist.in new/courier/module.esmtp/esmtpd-ssl.dist.in |
73 | --- old/courier/module.esmtp/esmtpd-ssl.dist.in 2004-04-24 19:56:19.000000000 +0000 | |
74 | +++ new/courier/module.esmtp/esmtpd-ssl.dist.in 2004-05-24 20:57:52.000000000 +0000 | |
75 | @@ -168,7 +168,7 @@ | |
76 | # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually | |
77 | # treated as confidential, and must not be world-readable. | |
78 | # | |
79 | -TLS_CERTFILE=@datadir@/esmtpd.pem | |
80 | +TLS_CERTFILE=@certsdir@/esmtpd.pem | |
81 | ||
82 | ##NAME: TLS_TRUSTCERTS:0 | |
83 | # | |
84 | diff -Nur old/courier/module.esmtp/esmtpd-ssl.in new/courier/module.esmtp/esmtpd-ssl.in | |
85 | --- old/courier/module.esmtp/esmtpd-ssl.in 2004-05-24 21:24:41.000000000 +0000 | |
86 | +++ new/courier/module.esmtp/esmtpd-ssl.in 2004-05-24 21:31:31.000000000 +0000 | |
87 | @@ -25,6 +25,10 @@ | |
88 | ||
89 | case $1 in | |
90 | start) | |
91 | + # If we do not have a certificate, make one up. | |
92 | + if [ ! -f @certsdir@/esmtpd.pem ]; then | |
93 | + @sbindir@/mkesmtpdcert | |
94 | + fi | |
95 | ;; | |
96 | stop) | |
97 | ${sbindir}/couriertcpd -pid=$SSLPIDFILE -stop | |
69e1f9b1 AA |
98 | diff -Nur old/courier/module.esmtp/mkesmtpdcert.in new/courier/module.esmtp/mkesmtpdcert.in |
99 | --- old/courier/module.esmtp/mkesmtpdcert.in 2000-09-18 17:24:01.000000000 +0000 | |
100 | +++ new/courier/module.esmtp/mkesmtpdcert.in 2004-05-25 07:31:21.000000000 +0000 | |
101 | @@ -11,25 +11,25 @@ | |
102 | ||
103 | test -x @OPENSSL@ || exit 0 | |
104 | ||
105 | -if test -f @datadir@/esmtpd.pem | |
106 | +if test -f @certsdir@/esmtpd.pem | |
107 | then | |
108 | - echo "@datadir@/esmtpd.pem already exists." | |
109 | + echo "@certsdir@/esmtpd.pem already exists." | |
110 | exit 1 | |
111 | fi | |
112 | ||
113 | -cp /dev/null @datadir@/esmtpd.pem | |
114 | -chmod 600 @datadir@/esmtpd.pem | |
115 | -chown @mailuser@ @datadir@/esmtpd.pem | |
116 | +cp /dev/null @certsdir@/esmtpd.pem | |
117 | +chmod 600 @certsdir@/esmtpd.pem | |
118 | +chown @mailuser@ @certsdir@/esmtpd.pem | |
119 | ||
120 | cleanup() { | |
121 | - rm -f @datadir@/esmtpd.rand | |
122 | - rm -f @datadir@/esmtpd.pem | |
123 | + rm -f @certsdir@/esmtpd.rand | |
124 | + rm -f @certsdir@/esmtpd.pem | |
125 | exit 1 | |
126 | } | |
127 | ||
128 | -dd if=@RANDOMV@ of=@datadir@/esmtpd.rand count=1 2>/dev/null | |
129 | +dd if=@RANDOMV@ of=@certsdir@/esmtpd.rand count=1 2>/dev/null | |
130 | @OPENSSL@ req -new -x509 -days 365 -nodes \ | |
131 | - -config @sysconfdir@/esmtpd.cnf -out @datadir@/esmtpd.pem -keyout @datadir@/esmtpd.pem || cleanup | |
132 | -@OPENSSL@ gendh -rand @datadir@/esmtpd.rand 512 >>@datadir@/esmtpd.pem || cleanup | |
133 | -@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/esmtpd.pem || cleanup | |
134 | -rm -f @datadir@/esmtpd.rand | |
135 | + -config @sysconfdir@/esmtpd.cnf -out @certsdir@/esmtpd.pem -keyout @certsdir@/esmtpd.pem || cleanup | |
136 | +@OPENSSL@ gendh -rand @certsdir@/esmtpd.rand 512 >>@certsdir@/esmtpd.pem || cleanup | |
137 | +@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/esmtpd.pem || cleanup | |
138 | +rm -f @certsdir@/esmtpd.rand | |
c2c7a750 AA |
139 | diff -Nur old/courier/pop3d-ssl.in new/courier/pop3d-ssl.in |
140 | --- old/courier/pop3d-ssl.in 2004-05-24 21:25:31.000000000 +0000 | |
141 | +++ new/courier/pop3d-ssl.in 2004-05-24 21:33:05.000000000 +0000 | |
142 | @@ -29,6 +29,11 @@ | |
143 | ||
144 | case $1 in | |
145 | start) | |
146 | + # If we do not have a certificate, make one up. | |
147 | + if [ ! -f @certsdir@/pop3d.pem ]; then | |
148 | + @sbindir@/mkpop3dcert | |
149 | + fi | |
150 | + | |
151 | LIBAUTHMODULES="" | |
152 | for f in `echo $AUTHMODULES` | |
153 | do | |
154 | diff -Nur old/courier.sysvinit.in new/courier.sysvinit.in | |
155 | --- old/courier.sysvinit.in 2004-05-02 14:24:06.000000000 +0000 | |
156 | +++ new/courier.sysvinit.in 2004-05-24 20:56:37.000000000 +0000 | |
157 | @@ -14,7 +14,7 @@ | |
158 | sbindir="@sbindir@" | |
159 | bindir="@bindir@" | |
160 | libexecdir="@libexecdir@" | |
161 | -datadir="@datadir@" | |
162 | +certsdir="@certsdir@" | |
163 | ||
164 | if test ! -f ${sysconfdir}/esmtpd | |
165 | then | |
166 | @@ -82,7 +82,7 @@ | |
167 | then | |
168 | # If we do not have a certificate, make one up. | |
169 | ||
170 | - if test ! -f ${datadir}/esmtpd.pem | |
171 | + if test ! -f ${certsdir}/esmtpd.pem | |
172 | then | |
173 | if test -x $COURIERTLS | |
174 | then | |
175 | @@ -149,7 +149,7 @@ | |
176 | then | |
177 | # If we do not have a certificate, make one up. | |
178 | ||
179 | - if test ! -f ${datadir}/pop3d.pem | |
180 | + if test ! -f ${certsdir}/pop3d.pem | |
181 | then | |
182 | echo -n " generating-POP3-SSL-certificate..." | |
183 | ||
184 | @@ -179,7 +179,7 @@ | |
185 | then | |
186 | # If we do not have a certificate, make one up. | |
187 | ||
188 | - if test ! -f ${datadir}/imapd.pem | |
189 | + if test ! -f ${certsdir}/imapd.pem | |
190 | then | |
191 | echo -n " generating-IMAP-SSL-certificate..." | |
192 | ||
193 | diff -Nur old/imap/configure.in new/imap/configure.in | |
194 | --- old/imap/configure.in 2004-05-16 02:38:13.000000000 +0000 | |
69e1f9b1 | 195 | +++ new/imap/configure.in 2004-05-25 07:37:24.000000000 +0000 |
c2c7a750 AA |
196 | @@ -283,6 +283,11 @@ |
197 | eval "sysconfdir=$sysconfdir" | |
198 | eval "localstatedir=$localstatedir" | |
199 | ||
200 | +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], | |
69e1f9b1 | 201 | +certsdir="$withval", certsdir=$datadir) |
c2c7a750 AA |
202 | + |
203 | +AC_SUBST(certsdir) | |
204 | + | |
205 | # | |
206 | # Check for PAM configuration flavor | |
207 | ||
9cae2a57 AA |
208 | diff -Nur old/imap/imapd.cnf.in new/imap/imapd.cnf.in |
209 | --- old/imap/imapd.cnf.in 2001-03-24 04:59:55.000000000 +0000 | |
210 | +++ new/imap/imapd.cnf.in 2004-05-30 22:37:03.000000000 +0000 | |
211 | @@ -1,5 +1,5 @@ | |
212 | ||
213 | -RANDFILE = @datadir@/imapd.rand | |
214 | +RANDFILE = @certsdir@/imapd.rand | |
215 | ||
216 | [ req ] | |
217 | default_bits = 1024 | |
c2c7a750 AA |
218 | diff -Nur old/imap/imapd-ssl.dist.in new/imap/imapd-ssl.dist.in |
219 | --- old/imap/imapd-ssl.dist.in 2004-01-25 05:40:03.000000000 +0000 | |
220 | +++ new/imap/imapd-ssl.dist.in 2004-05-24 20:57:29.000000000 +0000 | |
221 | @@ -146,7 +146,7 @@ | |
222 | # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually | |
223 | # treated as confidential, and must not be world-readable. | |
224 | # | |
225 | -TLS_CERTFILE=@datadir@/imapd.pem | |
226 | +TLS_CERTFILE=@certsdir@/imapd.pem | |
227 | ||
228 | ##NAME: TLS_TRUSTCERTS:0 | |
229 | # | |
69e1f9b1 AA |
230 | diff -Nur old/imap/mkimapdcert.8.in new/imap/mkimapdcert.8.in |
231 | --- old/imap/mkimapdcert.8.in 2004-01-14 00:51:10.000000000 +0000 | |
232 | +++ new/imap/mkimapdcert.8.in 2004-05-25 07:32:16.000000000 +0000 | |
233 | @@ -18,7 +18,7 @@ | |
234 | .PP | |
235 | IMAP over SSL requires a valid, signed, X.509 certificate. The default | |
236 | location for the certificate file is | |
237 | -\fI@datadir@/imapd.pem\fR\&. | |
238 | +\fI@certsdir@/imapd.pem\fR\&. | |
239 | \fBmkimapdcert\fR generates a self-signed X.509 certificate, | |
240 | mainly for | |
241 | testing. | |
242 | @@ -26,19 +26,19 @@ | |
243 | recognized certificate authority, in order for mail clients to accept the | |
244 | certificate. | |
245 | .PP | |
246 | -\fI@datadir@/imapd.pem\fR must be owned by the | |
247 | +\fI@certsdir@/imapd.pem\fR must be owned by the | |
248 | @mailuser@ user and | |
249 | have no group or world permissions. | |
250 | The \fBmkimapdcert\fR command will | |
251 | enforce this. To prevent an unfortunate accident, | |
252 | \fBmkimapdcert\fR | |
253 | -will not work if \fB@datadir@/imapd.pem\fR already exists. | |
254 | +will not work if \fB@certsdir@/imapd.pem\fR already exists. | |
255 | .PP | |
256 | \fBmkimapdcert\fR requires | |
257 | \fBOpenSSL\fR to be installed. | |
258 | .SH "FILES" | |
259 | .TP | |
260 | -\fB@datadir@/imapd.pem\fR | |
261 | +\fB@certsdir@/imapd.pem\fR | |
262 | X.509 certificate. | |
263 | .TP | |
264 | \fB@sysconfdir@/imapd.cnf\fR | |
265 | diff -Nur old/imap/mkimapdcert.html.in new/imap/mkimapdcert.html.in | |
266 | --- old/imap/mkimapdcert.html.in 2004-01-14 00:51:16.000000000 +0000 | |
267 | +++ new/imap/mkimapdcert.html.in 2004-05-25 07:32:37.000000000 +0000 | |
268 | @@ -57,7 +57,7 @@ | |
269 | location for the certificate file is | |
270 | <TT | |
271 | CLASS="FILENAME" | |
272 | ->@datadir@/imapd.pem</TT | |
273 | +>@certsdir@/imapd.pem</TT | |
274 | >. | |
275 | <B | |
276 | CLASS="COMMAND" | |
277 | @@ -71,7 +71,7 @@ | |
278 | ><P | |
279 | ><TT | |
280 | CLASS="FILENAME" | |
281 | ->@datadir@/imapd.pem</TT | |
282 | +>@certsdir@/imapd.pem</TT | |
283 | > must be owned by the | |
284 | @mailuser@ user and | |
285 | have no group or world permissions. | |
286 | @@ -86,7 +86,7 @@ | |
287 | > | |
288 | will not work if <B | |
289 | CLASS="COMMAND" | |
290 | ->@datadir@/imapd.pem</B | |
291 | +>@certsdir@/imapd.pem</B | |
292 | > already exists.</P | |
293 | ><P | |
294 | ><B | |
295 | @@ -111,7 +111,7 @@ | |
296 | CLASS="VARIABLELIST" | |
297 | ><DL | |
298 | ><DT | |
299 | ->@datadir@/imapd.pem</DT | |
300 | +>@certsdir@/imapd.pem</DT | |
301 | ><DD | |
302 | ><P | |
303 | >X.509 certificate.</P | |
304 | diff -Nur old/imap/mkimapdcert.in new/imap/mkimapdcert.in | |
305 | --- old/imap/mkimapdcert.in 2001-08-26 16:16:42.000000000 +0000 | |
306 | +++ new/imap/mkimapdcert.in 2004-05-25 07:33:42.000000000 +0000 | |
307 | @@ -13,26 +13,26 @@ | |
308 | ||
309 | prefix="@prefix@" | |
310 | ||
311 | -if test -f @datadir@/imapd.pem | |
312 | +if test -f @certsdir@/imapd.pem | |
313 | then | |
314 | - echo "@datadir@/imapd.pem already exists." | |
315 | + echo "@certsdir@/imapd.pem already exists." | |
316 | exit 1 | |
317 | fi | |
318 | ||
319 | -cp /dev/null @datadir@/imapd.pem | |
320 | -chmod 600 @datadir@/imapd.pem | |
321 | -chown @mailuser@ @datadir@/imapd.pem | |
322 | +cp /dev/null @certsdir@/imapd.pem | |
323 | +chmod 600 @certsdir@/imapd.pem | |
324 | +chown @mailuser@ @certsdir@/imapd.pem | |
325 | ||
326 | cleanup() { | |
327 | - rm -f @datadir@/imapd.pem | |
328 | - rm -f @datadir@/imapd.rand | |
329 | + rm -f @certsdir@/imapd.pem | |
330 | + rm -f @certsdir@/imapd.rand | |
331 | exit 1 | |
332 | } | |
333 | ||
334 | -cd @datadir@ | |
335 | -dd if=@RANDOMV@ of=@datadir@/imapd.rand count=1 2>/dev/null | |
336 | +cd @certsdir@ | |
337 | +dd if=@RANDOMV@ of=@certsdir@/imapd.rand count=1 2>/dev/null | |
338 | @OPENSSL@ req -new -x509 -days 365 -nodes \ | |
339 | - -config @sysconfdir@/imapd.cnf -out @datadir@/imapd.pem -keyout @datadir@/imapd.pem || cleanup | |
340 | -@OPENSSL@ gendh -rand @datadir@/imapd.rand 512 >>@datadir@/imapd.pem || cleanup | |
341 | -@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/imapd.pem || cleanup | |
342 | -rm -f @datadir@/imapd.rand | |
343 | + -config @sysconfdir@/imapd.cnf -out @certsdir@/imapd.pem -keyout @certsdir@/imapd.pem || cleanup | |
344 | +@OPENSSL@ gendh -rand @certsdir@/imapd.rand 512 >>@certsdir@/imapd.pem || cleanup | |
345 | +@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/imapd.pem || cleanup | |
346 | +rm -f @certsdir@/imapd.rand | |
347 | diff -Nur old/imap/mkpop3dcert.8.in new/imap/mkpop3dcert.8.in | |
348 | --- old/imap/mkpop3dcert.8.in 2004-01-14 00:51:13.000000000 +0000 | |
349 | +++ new/imap/mkpop3dcert.8.in 2004-05-25 07:34:07.000000000 +0000 | |
350 | @@ -18,7 +18,7 @@ | |
351 | .PP | |
352 | POP3 over SSL requires a valid, signed, X.509 certificate. The default | |
353 | location for the certificate file is | |
354 | -\fI@datadir@/pop3d.pem\fR\&. | |
355 | +\fI@certsdir@/pop3d.pem\fR\&. | |
356 | \fBmkpop3dcert\fR generates a self-signed X.509 certificate, | |
357 | mainly for | |
358 | testing. | |
359 | @@ -26,19 +26,19 @@ | |
360 | recognized certificate authority, in order for mail clients to accept the | |
361 | certificate. | |
362 | .PP | |
363 | -\fI@datadir@/pop3d.pem\fR must be owned by the | |
364 | +\fI@certsdir@/pop3d.pem\fR must be owned by the | |
365 | @mailuser@ user and | |
366 | have no group or world permissions. | |
367 | The \fBmkpop3dcert\fR command will | |
368 | enforce this. To prevent an unfortunate accident, | |
369 | \fBmkpop3dcert\fR | |
370 | -will not work if \fB@datadir@/pop3d.pem\fR already exists. | |
371 | +will not work if \fB@certsdir@/pop3d.pem\fR already exists. | |
372 | .PP | |
373 | \fBmkpop3dcert\fR requires | |
374 | \fBOpenSSL\fR to be installed. | |
375 | .SH "FILES" | |
376 | .TP | |
377 | -\fB@datadir@/pop3d.pem\fR | |
378 | +\fB@certsdir@/pop3d.pem\fR | |
379 | X.509 certificate. | |
380 | .TP | |
381 | \fB@sysconfdir@/pop3d.cnf\fR | |
382 | diff -Nur old/imap/mkpop3dcert.html.in new/imap/mkpop3dcert.html.in | |
383 | --- old/imap/mkpop3dcert.html.in 2004-01-14 00:51:17.000000000 +0000 | |
384 | +++ new/imap/mkpop3dcert.html.in 2004-05-25 07:34:26.000000000 +0000 | |
385 | @@ -57,7 +57,7 @@ | |
386 | location for the certificate file is | |
387 | <TT | |
388 | CLASS="FILENAME" | |
389 | ->@datadir@/pop3d.pem</TT | |
390 | +>@certsdir@/pop3d.pem</TT | |
391 | >. | |
392 | <B | |
393 | CLASS="COMMAND" | |
394 | @@ -71,7 +71,7 @@ | |
395 | ><P | |
396 | ><TT | |
397 | CLASS="FILENAME" | |
398 | ->@datadir@/pop3d.pem</TT | |
399 | +>@certsdir@/pop3d.pem</TT | |
400 | > must be owned by the | |
401 | @mailuser@ user and | |
402 | have no group or world permissions. | |
403 | @@ -86,7 +86,7 @@ | |
404 | > | |
405 | will not work if <B | |
406 | CLASS="COMMAND" | |
407 | ->@datadir@/pop3d.pem</B | |
408 | +>@certsdir@/pop3d.pem</B | |
409 | > already exists.</P | |
410 | ><P | |
411 | ><B | |
412 | @@ -111,7 +111,7 @@ | |
413 | CLASS="VARIABLELIST" | |
414 | ><DL | |
415 | ><DT | |
416 | ->@datadir@/pop3d.pem</DT | |
417 | +>@certsdir@/pop3d.pem</DT | |
418 | ><DD | |
419 | ><P | |
420 | >X.509 certificate.</P | |
421 | diff -Nur old/imap/mkpop3dcert.in new/imap/mkpop3dcert.in | |
422 | --- old/imap/mkpop3dcert.in 2000-10-06 17:50:37.000000000 +0000 | |
423 | +++ new/imap/mkpop3dcert.in 2004-05-25 07:35:23.000000000 +0000 | |
424 | @@ -13,25 +13,25 @@ | |
425 | ||
426 | prefix="@prefix@" | |
427 | ||
428 | -if test -f @datadir@/pop3d.pem | |
429 | +if test -f @certsdir@/pop3d.pem | |
430 | then | |
431 | - echo "@datadir@/pop3d.pem already exists." | |
432 | + echo "@certsdir@/pop3d.pem already exists." | |
433 | exit 1 | |
434 | fi | |
435 | ||
436 | -cp /dev/null @datadir@/pop3d.pem | |
437 | -chmod 600 @datadir@/pop3d.pem | |
438 | -chown @mailuser@ @datadir@/pop3d.pem | |
439 | +cp /dev/null @certsdir@/pop3d.pem | |
440 | +chmod 600 @certsdir@/pop3d.pem | |
441 | +chown @mailuser@ @certsdir@/pop3d.pem | |
442 | ||
443 | cleanup() { | |
444 | - rm -f @datadir@/pop3d.pem | |
445 | - rm -f @datadir@/pop3d.rand | |
446 | + rm -f @certsdir@/pop3d.pem | |
447 | + rm -f @certsdir@/pop3d.rand | |
448 | exit 1 | |
449 | } | |
450 | ||
451 | -dd if=@RANDOMV@ of=@datadir@/pop3d.rand count=1 2>/dev/null | |
452 | +dd if=@RANDOMV@ of=@certsdir@/pop3d.rand count=1 2>/dev/null | |
453 | @OPENSSL@ req -new -x509 -days 365 -nodes \ | |
454 | - -config @sysconfdir@/pop3d.cnf -out @datadir@/pop3d.pem -keyout @datadir@/pop3d.pem || cleanup | |
455 | -@OPENSSL@ gendh -rand @datadir@/pop3d.rand 512 >>@datadir@/pop3d.pem || cleanup | |
456 | -@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/pop3d.pem || cleanup | |
457 | -rm -f @datadir@/pop3d.rand | |
458 | + -config @sysconfdir@/pop3d.cnf -out @certsdir@/pop3d.pem -keyout @certsdir@/pop3d.pem || cleanup | |
459 | +@OPENSSL@ gendh -rand @certsdir@/pop3d.rand 512 >>@certsdir@/pop3d.pem || cleanup | |
460 | +@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/pop3d.pem || cleanup | |
461 | +rm -f @certsdir@/pop3d.rand | |
9cae2a57 AA |
462 | diff -Nur old/imap/pop3d.cnf.in new/imap/pop3d.cnf.in |
463 | --- old/imap/pop3d.cnf.in 2001-03-24 04:59:55.000000000 +0000 | |
464 | +++ new/imap/pop3d.cnf.in 2004-05-30 22:37:10.000000000 +0000 | |
465 | @@ -1,5 +1,5 @@ | |
466 | ||
467 | -RANDFILE = @datadir@/pop3d.rand | |
468 | +RANDFILE = @certsdir@/pop3d.rand | |
469 | ||
470 | [ req ] | |
471 | default_bits = 1024 | |
c2c7a750 AA |
472 | diff -Nur old/imap/pop3d-ssl.dist.in new/imap/pop3d-ssl.dist.in |
473 | --- old/imap/pop3d-ssl.dist.in 2004-01-25 05:40:04.000000000 +0000 | |
474 | +++ new/imap/pop3d-ssl.dist.in 2004-05-24 20:57:32.000000000 +0000 | |
475 | @@ -135,7 +135,7 @@ | |
476 | # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually | |
477 | # treated as confidential, and must not be world-readable. | |
478 | # | |
479 | -TLS_CERTFILE=@datadir@/pop3d.pem | |
480 | +TLS_CERTFILE=@certsdir@/pop3d.pem | |
481 | ||
482 | ##NAME: TLS_TRUSTCERTS:0 | |
483 | # |