]>
Commit | Line | Data |
---|---|---|
c2c7a750 AA |
1 | diff -Nur old/configure.in new/configure.in |
2 | --- old/configure.in 2004-05-16 02:40:19.000000000 +0000 | |
69e1f9b1 | 3 | +++ new/configure.in 2004-05-25 07:37:13.000000000 +0000 |
c2c7a750 AA |
4 | @@ -58,6 +58,11 @@ |
5 | eval "localstatedir=$localstatedir" | |
6 | eval "datadir=$datadir" | |
7 | ||
8 | +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], | |
69e1f9b1 | 9 | +certsdir="$withval", certsdir=$datadir) |
c2c7a750 AA |
10 | + |
11 | +AC_SUBST(certsdir) | |
12 | + | |
13 | AC_ARG_WITH(userdb, [ | |
14 | -- see INSTALL, or courier/doc/install.html for configuration options -- ], , | |
15 | ac_configure_args="$ac_configure_args --with-userdb=${sysconfdir}/userdb") | |
16 | diff -Nur old/courier/configure.in new/courier/configure.in | |
17 | --- old/courier/configure.in 2004-05-02 14:59:42.000000000 +0000 | |
69e1f9b1 AA |
18 | +++ new/courier/configure.in 2004-05-25 07:38:14.000000000 +0000 |
19 | @@ -575,6 +575,12 @@ | |
20 | ||
c2c7a750 AA |
21 | eval "exec_prefix=$exec_prefix" |
22 | eval "bindir=$bindir" | |
69e1f9b1 AA |
23 | +eval "datadir=$datadir" |
24 | + | |
c2c7a750 | 25 | +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], |
69e1f9b1 | 26 | +certsdir="$withval", certsdir=$datadir) |
c2c7a750 AA |
27 | + |
28 | +AC_SUBST(certsdir) | |
69e1f9b1 | 29 | |
c2c7a750 AA |
30 | MAILDROP="$bindir/maildrop" |
31 | AC_SUBST(MAILDROP) | |
c2c7a750 AA |
32 | diff -Nur old/courier/imapd-ssl.rc.in new/courier/imapd-ssl.rc.in |
33 | --- old/courier/imapd-ssl.rc.in 2004-05-24 21:25:19.000000000 +0000 | |
34 | +++ new/courier/imapd-ssl.rc.in 2004-05-24 21:32:29.000000000 +0000 | |
35 | @@ -28,6 +28,11 @@ | |
36 | ||
37 | case $1 in | |
38 | start) | |
39 | + # If we do not have a certificate, make one up. | |
40 | + if [ ! -f @certsdir@/imapd.pem ]; then | |
41 | + @sbindir@/mkimapdcert | |
42 | + fi | |
43 | + | |
44 | LIBAUTHMODULES="" | |
45 | for f in `echo $AUTHMODULES` | |
46 | do | |
47 | diff -Nur old/courier/module.esmtp/configure.in new/courier/module.esmtp/configure.in | |
48 | --- old/courier/module.esmtp/configure.in 2004-05-11 00:16:05.000000000 +0000 | |
9cae2a57 | 49 | +++ new/courier/module.esmtp/configure.in 2004-05-25 07:46:38.000000000 +0000 |
c2c7a750 AA |
50 | @@ -300,6 +300,11 @@ |
51 | eval "datadir=$datadir" | |
52 | eval "localstatedir=$localstatedir" | |
53 | ||
54 | +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], | |
b3795f4c | 55 | +certsdir="$withval", certsdir=$datadir) |
c2c7a750 AA |
56 | + |
57 | +AC_SUBST(certsdir) | |
58 | + | |
59 | dnl | |
60 | dnl Check what libraries are available | |
61 | dnl | |
9cae2a57 AA |
62 | diff -Nur old/courier/module.esmtp/esmtpd.cnf.in new/courier/module.esmtp/esmtpd.cnf.in |
63 | --- old/courier/module.esmtp/esmtpd.cnf.in 2001-08-18 22:18:12.000000000 +0000 | |
3d35ebab | 64 | +++ new/courier/module.esmtp/esmtpd.cnf.in 2004-05-30 22:45:59.000000000 +0000 |
9cae2a57 AA |
65 | @@ -1,5 +1,5 @@ |
66 | ||
67 | -RANDFILE = @datadir@/esmtpd.rnd | |
68 | +RANDFILE = @certsdir@/esmtpd.rand | |
69 | ||
70 | [ req ] | |
71 | default_bits = 1024 | |
3d35ebab AA |
72 | diff -Nur old/courier/module.esmtp/esmtpd.dist.in new/courier/module.esmtp/esmtpd.dist.in |
73 | --- old/courier/module.esmtp/esmtpd.dist.in 2004-05-11 00:48:14.000000000 +0000 | |
74 | +++ new/courier/module.esmtp/esmtpd.dist.in 2004-07-11 18:09:20.000000000 +0000 | |
75 | @@ -143,7 +143,7 @@ | |
76 | # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually | |
77 | # treated as confidential, and must not be world-readable. | |
78 | # | |
79 | -TLS_CERTFILE=@datadir@/esmtpd.pem | |
80 | +TLS_CERTFILE=@certsdir@/esmtpd.pem | |
81 | ||
82 | ##NAME: TLS_CERTINFO:0 | |
83 | # | |
c2c7a750 AA |
84 | diff -Nur old/courier/module.esmtp/esmtpd-ssl.dist.in new/courier/module.esmtp/esmtpd-ssl.dist.in |
85 | --- old/courier/module.esmtp/esmtpd-ssl.dist.in 2004-04-24 19:56:19.000000000 +0000 | |
86 | +++ new/courier/module.esmtp/esmtpd-ssl.dist.in 2004-05-24 20:57:52.000000000 +0000 | |
87 | @@ -168,7 +168,7 @@ | |
88 | # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually | |
89 | # treated as confidential, and must not be world-readable. | |
90 | # | |
91 | -TLS_CERTFILE=@datadir@/esmtpd.pem | |
92 | +TLS_CERTFILE=@certsdir@/esmtpd.pem | |
93 | ||
94 | ##NAME: TLS_TRUSTCERTS:0 | |
95 | # | |
96 | diff -Nur old/courier/module.esmtp/esmtpd-ssl.in new/courier/module.esmtp/esmtpd-ssl.in | |
97 | --- old/courier/module.esmtp/esmtpd-ssl.in 2004-05-24 21:24:41.000000000 +0000 | |
98 | +++ new/courier/module.esmtp/esmtpd-ssl.in 2004-05-24 21:31:31.000000000 +0000 | |
99 | @@ -25,6 +25,10 @@ | |
100 | ||
101 | case $1 in | |
102 | start) | |
103 | + # If we do not have a certificate, make one up. | |
104 | + if [ ! -f @certsdir@/esmtpd.pem ]; then | |
105 | + @sbindir@/mkesmtpdcert | |
106 | + fi | |
107 | ;; | |
108 | stop) | |
109 | ${sbindir}/couriertcpd -pid=$SSLPIDFILE -stop | |
69e1f9b1 AA |
110 | diff -Nur old/courier/module.esmtp/mkesmtpdcert.in new/courier/module.esmtp/mkesmtpdcert.in |
111 | --- old/courier/module.esmtp/mkesmtpdcert.in 2000-09-18 17:24:01.000000000 +0000 | |
112 | +++ new/courier/module.esmtp/mkesmtpdcert.in 2004-05-25 07:31:21.000000000 +0000 | |
113 | @@ -11,25 +11,25 @@ | |
114 | ||
115 | test -x @OPENSSL@ || exit 0 | |
116 | ||
117 | -if test -f @datadir@/esmtpd.pem | |
118 | +if test -f @certsdir@/esmtpd.pem | |
119 | then | |
120 | - echo "@datadir@/esmtpd.pem already exists." | |
121 | + echo "@certsdir@/esmtpd.pem already exists." | |
122 | exit 1 | |
123 | fi | |
124 | ||
125 | -cp /dev/null @datadir@/esmtpd.pem | |
126 | -chmod 600 @datadir@/esmtpd.pem | |
127 | -chown @mailuser@ @datadir@/esmtpd.pem | |
128 | +cp /dev/null @certsdir@/esmtpd.pem | |
129 | +chmod 600 @certsdir@/esmtpd.pem | |
130 | +chown @mailuser@ @certsdir@/esmtpd.pem | |
131 | ||
132 | cleanup() { | |
133 | - rm -f @datadir@/esmtpd.rand | |
134 | - rm -f @datadir@/esmtpd.pem | |
135 | + rm -f @certsdir@/esmtpd.rand | |
136 | + rm -f @certsdir@/esmtpd.pem | |
137 | exit 1 | |
138 | } | |
139 | ||
140 | -dd if=@RANDOMV@ of=@datadir@/esmtpd.rand count=1 2>/dev/null | |
141 | +dd if=@RANDOMV@ of=@certsdir@/esmtpd.rand count=1 2>/dev/null | |
142 | @OPENSSL@ req -new -x509 -days 365 -nodes \ | |
143 | - -config @sysconfdir@/esmtpd.cnf -out @datadir@/esmtpd.pem -keyout @datadir@/esmtpd.pem || cleanup | |
144 | -@OPENSSL@ gendh -rand @datadir@/esmtpd.rand 512 >>@datadir@/esmtpd.pem || cleanup | |
145 | -@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/esmtpd.pem || cleanup | |
146 | -rm -f @datadir@/esmtpd.rand | |
147 | + -config @sysconfdir@/esmtpd.cnf -out @certsdir@/esmtpd.pem -keyout @certsdir@/esmtpd.pem || cleanup | |
148 | +@OPENSSL@ gendh -rand @certsdir@/esmtpd.rand 512 >>@certsdir@/esmtpd.pem || cleanup | |
149 | +@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/esmtpd.pem || cleanup | |
150 | +rm -f @certsdir@/esmtpd.rand | |
c2c7a750 AA |
151 | diff -Nur old/courier/pop3d-ssl.in new/courier/pop3d-ssl.in |
152 | --- old/courier/pop3d-ssl.in 2004-05-24 21:25:31.000000000 +0000 | |
153 | +++ new/courier/pop3d-ssl.in 2004-05-24 21:33:05.000000000 +0000 | |
154 | @@ -29,6 +29,11 @@ | |
155 | ||
156 | case $1 in | |
157 | start) | |
158 | + # If we do not have a certificate, make one up. | |
159 | + if [ ! -f @certsdir@/pop3d.pem ]; then | |
160 | + @sbindir@/mkpop3dcert | |
161 | + fi | |
162 | + | |
163 | LIBAUTHMODULES="" | |
164 | for f in `echo $AUTHMODULES` | |
165 | do | |
166 | diff -Nur old/courier.sysvinit.in new/courier.sysvinit.in | |
167 | --- old/courier.sysvinit.in 2004-05-02 14:24:06.000000000 +0000 | |
168 | +++ new/courier.sysvinit.in 2004-05-24 20:56:37.000000000 +0000 | |
169 | @@ -14,7 +14,7 @@ | |
170 | sbindir="@sbindir@" | |
171 | bindir="@bindir@" | |
172 | libexecdir="@libexecdir@" | |
173 | -datadir="@datadir@" | |
174 | +certsdir="@certsdir@" | |
175 | ||
176 | if test ! -f ${sysconfdir}/esmtpd | |
177 | then | |
178 | @@ -82,7 +82,7 @@ | |
179 | then | |
180 | # If we do not have a certificate, make one up. | |
181 | ||
182 | - if test ! -f ${datadir}/esmtpd.pem | |
183 | + if test ! -f ${certsdir}/esmtpd.pem | |
184 | then | |
185 | if test -x $COURIERTLS | |
186 | then | |
187 | @@ -149,7 +149,7 @@ | |
188 | then | |
189 | # If we do not have a certificate, make one up. | |
190 | ||
191 | - if test ! -f ${datadir}/pop3d.pem | |
192 | + if test ! -f ${certsdir}/pop3d.pem | |
193 | then | |
194 | echo -n " generating-POP3-SSL-certificate..." | |
195 | ||
196 | @@ -179,7 +179,7 @@ | |
197 | then | |
198 | # If we do not have a certificate, make one up. | |
199 | ||
200 | - if test ! -f ${datadir}/imapd.pem | |
201 | + if test ! -f ${certsdir}/imapd.pem | |
202 | then | |
203 | echo -n " generating-IMAP-SSL-certificate..." | |
204 | ||
205 | diff -Nur old/imap/configure.in new/imap/configure.in | |
206 | --- old/imap/configure.in 2004-05-16 02:38:13.000000000 +0000 | |
69e1f9b1 | 207 | +++ new/imap/configure.in 2004-05-25 07:37:24.000000000 +0000 |
c2c7a750 AA |
208 | @@ -283,6 +283,11 @@ |
209 | eval "sysconfdir=$sysconfdir" | |
210 | eval "localstatedir=$localstatedir" | |
211 | ||
212 | +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], | |
69e1f9b1 | 213 | +certsdir="$withval", certsdir=$datadir) |
c2c7a750 AA |
214 | + |
215 | +AC_SUBST(certsdir) | |
216 | + | |
217 | # | |
218 | # Check for PAM configuration flavor | |
219 | ||
9cae2a57 AA |
220 | diff -Nur old/imap/imapd.cnf.in new/imap/imapd.cnf.in |
221 | --- old/imap/imapd.cnf.in 2001-03-24 04:59:55.000000000 +0000 | |
222 | +++ new/imap/imapd.cnf.in 2004-05-30 22:37:03.000000000 +0000 | |
223 | @@ -1,5 +1,5 @@ | |
224 | ||
225 | -RANDFILE = @datadir@/imapd.rand | |
226 | +RANDFILE = @certsdir@/imapd.rand | |
227 | ||
228 | [ req ] | |
229 | default_bits = 1024 | |
c2c7a750 AA |
230 | diff -Nur old/imap/imapd-ssl.dist.in new/imap/imapd-ssl.dist.in |
231 | --- old/imap/imapd-ssl.dist.in 2004-01-25 05:40:03.000000000 +0000 | |
232 | +++ new/imap/imapd-ssl.dist.in 2004-05-24 20:57:29.000000000 +0000 | |
233 | @@ -146,7 +146,7 @@ | |
234 | # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually | |
235 | # treated as confidential, and must not be world-readable. | |
236 | # | |
237 | -TLS_CERTFILE=@datadir@/imapd.pem | |
238 | +TLS_CERTFILE=@certsdir@/imapd.pem | |
239 | ||
240 | ##NAME: TLS_TRUSTCERTS:0 | |
241 | # | |
69e1f9b1 AA |
242 | diff -Nur old/imap/mkimapdcert.8.in new/imap/mkimapdcert.8.in |
243 | --- old/imap/mkimapdcert.8.in 2004-01-14 00:51:10.000000000 +0000 | |
244 | +++ new/imap/mkimapdcert.8.in 2004-05-25 07:32:16.000000000 +0000 | |
245 | @@ -18,7 +18,7 @@ | |
246 | .PP | |
247 | IMAP over SSL requires a valid, signed, X.509 certificate. The default | |
248 | location for the certificate file is | |
249 | -\fI@datadir@/imapd.pem\fR\&. | |
250 | +\fI@certsdir@/imapd.pem\fR\&. | |
251 | \fBmkimapdcert\fR generates a self-signed X.509 certificate, | |
252 | mainly for | |
253 | testing. | |
254 | @@ -26,19 +26,19 @@ | |
255 | recognized certificate authority, in order for mail clients to accept the | |
256 | certificate. | |
257 | .PP | |
258 | -\fI@datadir@/imapd.pem\fR must be owned by the | |
259 | +\fI@certsdir@/imapd.pem\fR must be owned by the | |
260 | @mailuser@ user and | |
261 | have no group or world permissions. | |
262 | The \fBmkimapdcert\fR command will | |
263 | enforce this. To prevent an unfortunate accident, | |
264 | \fBmkimapdcert\fR | |
265 | -will not work if \fB@datadir@/imapd.pem\fR already exists. | |
266 | +will not work if \fB@certsdir@/imapd.pem\fR already exists. | |
267 | .PP | |
268 | \fBmkimapdcert\fR requires | |
269 | \fBOpenSSL\fR to be installed. | |
270 | .SH "FILES" | |
271 | .TP | |
272 | -\fB@datadir@/imapd.pem\fR | |
273 | +\fB@certsdir@/imapd.pem\fR | |
274 | X.509 certificate. | |
275 | .TP | |
276 | \fB@sysconfdir@/imapd.cnf\fR | |
277 | diff -Nur old/imap/mkimapdcert.html.in new/imap/mkimapdcert.html.in | |
278 | --- old/imap/mkimapdcert.html.in 2004-01-14 00:51:16.000000000 +0000 | |
279 | +++ new/imap/mkimapdcert.html.in 2004-05-25 07:32:37.000000000 +0000 | |
280 | @@ -57,7 +57,7 @@ | |
281 | location for the certificate file is | |
282 | <TT | |
283 | CLASS="FILENAME" | |
284 | ->@datadir@/imapd.pem</TT | |
285 | +>@certsdir@/imapd.pem</TT | |
286 | >. | |
287 | <B | |
288 | CLASS="COMMAND" | |
289 | @@ -71,7 +71,7 @@ | |
290 | ><P | |
291 | ><TT | |
292 | CLASS="FILENAME" | |
293 | ->@datadir@/imapd.pem</TT | |
294 | +>@certsdir@/imapd.pem</TT | |
295 | > must be owned by the | |
296 | @mailuser@ user and | |
297 | have no group or world permissions. | |
298 | @@ -86,7 +86,7 @@ | |
299 | > | |
300 | will not work if <B | |
301 | CLASS="COMMAND" | |
302 | ->@datadir@/imapd.pem</B | |
303 | +>@certsdir@/imapd.pem</B | |
304 | > already exists.</P | |
305 | ><P | |
306 | ><B | |
307 | @@ -111,7 +111,7 @@ | |
308 | CLASS="VARIABLELIST" | |
309 | ><DL | |
310 | ><DT | |
311 | ->@datadir@/imapd.pem</DT | |
312 | +>@certsdir@/imapd.pem</DT | |
313 | ><DD | |
314 | ><P | |
315 | >X.509 certificate.</P | |
316 | diff -Nur old/imap/mkimapdcert.in new/imap/mkimapdcert.in | |
317 | --- old/imap/mkimapdcert.in 2001-08-26 16:16:42.000000000 +0000 | |
318 | +++ new/imap/mkimapdcert.in 2004-05-25 07:33:42.000000000 +0000 | |
319 | @@ -13,26 +13,26 @@ | |
320 | ||
321 | prefix="@prefix@" | |
322 | ||
323 | -if test -f @datadir@/imapd.pem | |
324 | +if test -f @certsdir@/imapd.pem | |
325 | then | |
326 | - echo "@datadir@/imapd.pem already exists." | |
327 | + echo "@certsdir@/imapd.pem already exists." | |
328 | exit 1 | |
329 | fi | |
330 | ||
331 | -cp /dev/null @datadir@/imapd.pem | |
332 | -chmod 600 @datadir@/imapd.pem | |
333 | -chown @mailuser@ @datadir@/imapd.pem | |
334 | +cp /dev/null @certsdir@/imapd.pem | |
335 | +chmod 600 @certsdir@/imapd.pem | |
336 | +chown @mailuser@ @certsdir@/imapd.pem | |
337 | ||
338 | cleanup() { | |
339 | - rm -f @datadir@/imapd.pem | |
340 | - rm -f @datadir@/imapd.rand | |
341 | + rm -f @certsdir@/imapd.pem | |
342 | + rm -f @certsdir@/imapd.rand | |
343 | exit 1 | |
344 | } | |
345 | ||
346 | -cd @datadir@ | |
347 | -dd if=@RANDOMV@ of=@datadir@/imapd.rand count=1 2>/dev/null | |
348 | +cd @certsdir@ | |
349 | +dd if=@RANDOMV@ of=@certsdir@/imapd.rand count=1 2>/dev/null | |
350 | @OPENSSL@ req -new -x509 -days 365 -nodes \ | |
351 | - -config @sysconfdir@/imapd.cnf -out @datadir@/imapd.pem -keyout @datadir@/imapd.pem || cleanup | |
352 | -@OPENSSL@ gendh -rand @datadir@/imapd.rand 512 >>@datadir@/imapd.pem || cleanup | |
353 | -@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/imapd.pem || cleanup | |
354 | -rm -f @datadir@/imapd.rand | |
355 | + -config @sysconfdir@/imapd.cnf -out @certsdir@/imapd.pem -keyout @certsdir@/imapd.pem || cleanup | |
356 | +@OPENSSL@ gendh -rand @certsdir@/imapd.rand 512 >>@certsdir@/imapd.pem || cleanup | |
357 | +@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/imapd.pem || cleanup | |
358 | +rm -f @certsdir@/imapd.rand | |
359 | diff -Nur old/imap/mkpop3dcert.8.in new/imap/mkpop3dcert.8.in | |
360 | --- old/imap/mkpop3dcert.8.in 2004-01-14 00:51:13.000000000 +0000 | |
361 | +++ new/imap/mkpop3dcert.8.in 2004-05-25 07:34:07.000000000 +0000 | |
362 | @@ -18,7 +18,7 @@ | |
363 | .PP | |
364 | POP3 over SSL requires a valid, signed, X.509 certificate. The default | |
365 | location for the certificate file is | |
366 | -\fI@datadir@/pop3d.pem\fR\&. | |
367 | +\fI@certsdir@/pop3d.pem\fR\&. | |
368 | \fBmkpop3dcert\fR generates a self-signed X.509 certificate, | |
369 | mainly for | |
370 | testing. | |
371 | @@ -26,19 +26,19 @@ | |
372 | recognized certificate authority, in order for mail clients to accept the | |
373 | certificate. | |
374 | .PP | |
375 | -\fI@datadir@/pop3d.pem\fR must be owned by the | |
376 | +\fI@certsdir@/pop3d.pem\fR must be owned by the | |
377 | @mailuser@ user and | |
378 | have no group or world permissions. | |
379 | The \fBmkpop3dcert\fR command will | |
380 | enforce this. To prevent an unfortunate accident, | |
381 | \fBmkpop3dcert\fR | |
382 | -will not work if \fB@datadir@/pop3d.pem\fR already exists. | |
383 | +will not work if \fB@certsdir@/pop3d.pem\fR already exists. | |
384 | .PP | |
385 | \fBmkpop3dcert\fR requires | |
386 | \fBOpenSSL\fR to be installed. | |
387 | .SH "FILES" | |
388 | .TP | |
389 | -\fB@datadir@/pop3d.pem\fR | |
390 | +\fB@certsdir@/pop3d.pem\fR | |
391 | X.509 certificate. | |
392 | .TP | |
393 | \fB@sysconfdir@/pop3d.cnf\fR | |
394 | diff -Nur old/imap/mkpop3dcert.html.in new/imap/mkpop3dcert.html.in | |
395 | --- old/imap/mkpop3dcert.html.in 2004-01-14 00:51:17.000000000 +0000 | |
396 | +++ new/imap/mkpop3dcert.html.in 2004-05-25 07:34:26.000000000 +0000 | |
397 | @@ -57,7 +57,7 @@ | |
398 | location for the certificate file is | |
399 | <TT | |
400 | CLASS="FILENAME" | |
401 | ->@datadir@/pop3d.pem</TT | |
402 | +>@certsdir@/pop3d.pem</TT | |
403 | >. | |
404 | <B | |
405 | CLASS="COMMAND" | |
406 | @@ -71,7 +71,7 @@ | |
407 | ><P | |
408 | ><TT | |
409 | CLASS="FILENAME" | |
410 | ->@datadir@/pop3d.pem</TT | |
411 | +>@certsdir@/pop3d.pem</TT | |
412 | > must be owned by the | |
413 | @mailuser@ user and | |
414 | have no group or world permissions. | |
415 | @@ -86,7 +86,7 @@ | |
416 | > | |
417 | will not work if <B | |
418 | CLASS="COMMAND" | |
419 | ->@datadir@/pop3d.pem</B | |
420 | +>@certsdir@/pop3d.pem</B | |
421 | > already exists.</P | |
422 | ><P | |
423 | ><B | |
424 | @@ -111,7 +111,7 @@ | |
425 | CLASS="VARIABLELIST" | |
426 | ><DL | |
427 | ><DT | |
428 | ->@datadir@/pop3d.pem</DT | |
429 | +>@certsdir@/pop3d.pem</DT | |
430 | ><DD | |
431 | ><P | |
432 | >X.509 certificate.</P | |
433 | diff -Nur old/imap/mkpop3dcert.in new/imap/mkpop3dcert.in | |
434 | --- old/imap/mkpop3dcert.in 2000-10-06 17:50:37.000000000 +0000 | |
435 | +++ new/imap/mkpop3dcert.in 2004-05-25 07:35:23.000000000 +0000 | |
436 | @@ -13,25 +13,25 @@ | |
437 | ||
438 | prefix="@prefix@" | |
439 | ||
440 | -if test -f @datadir@/pop3d.pem | |
441 | +if test -f @certsdir@/pop3d.pem | |
442 | then | |
443 | - echo "@datadir@/pop3d.pem already exists." | |
444 | + echo "@certsdir@/pop3d.pem already exists." | |
445 | exit 1 | |
446 | fi | |
447 | ||
448 | -cp /dev/null @datadir@/pop3d.pem | |
449 | -chmod 600 @datadir@/pop3d.pem | |
450 | -chown @mailuser@ @datadir@/pop3d.pem | |
451 | +cp /dev/null @certsdir@/pop3d.pem | |
452 | +chmod 600 @certsdir@/pop3d.pem | |
453 | +chown @mailuser@ @certsdir@/pop3d.pem | |
454 | ||
455 | cleanup() { | |
456 | - rm -f @datadir@/pop3d.pem | |
457 | - rm -f @datadir@/pop3d.rand | |
458 | + rm -f @certsdir@/pop3d.pem | |
459 | + rm -f @certsdir@/pop3d.rand | |
460 | exit 1 | |
461 | } | |
462 | ||
463 | -dd if=@RANDOMV@ of=@datadir@/pop3d.rand count=1 2>/dev/null | |
464 | +dd if=@RANDOMV@ of=@certsdir@/pop3d.rand count=1 2>/dev/null | |
465 | @OPENSSL@ req -new -x509 -days 365 -nodes \ | |
466 | - -config @sysconfdir@/pop3d.cnf -out @datadir@/pop3d.pem -keyout @datadir@/pop3d.pem || cleanup | |
467 | -@OPENSSL@ gendh -rand @datadir@/pop3d.rand 512 >>@datadir@/pop3d.pem || cleanup | |
468 | -@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/pop3d.pem || cleanup | |
469 | -rm -f @datadir@/pop3d.rand | |
470 | + -config @sysconfdir@/pop3d.cnf -out @certsdir@/pop3d.pem -keyout @certsdir@/pop3d.pem || cleanup | |
471 | +@OPENSSL@ gendh -rand @certsdir@/pop3d.rand 512 >>@certsdir@/pop3d.pem || cleanup | |
472 | +@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/pop3d.pem || cleanup | |
473 | +rm -f @certsdir@/pop3d.rand | |
9cae2a57 AA |
474 | diff -Nur old/imap/pop3d.cnf.in new/imap/pop3d.cnf.in |
475 | --- old/imap/pop3d.cnf.in 2001-03-24 04:59:55.000000000 +0000 | |
476 | +++ new/imap/pop3d.cnf.in 2004-05-30 22:37:10.000000000 +0000 | |
477 | @@ -1,5 +1,5 @@ | |
478 | ||
479 | -RANDFILE = @datadir@/pop3d.rand | |
480 | +RANDFILE = @certsdir@/pop3d.rand | |
481 | ||
482 | [ req ] | |
483 | default_bits = 1024 | |
c2c7a750 AA |
484 | diff -Nur old/imap/pop3d-ssl.dist.in new/imap/pop3d-ssl.dist.in |
485 | --- old/imap/pop3d-ssl.dist.in 2004-01-25 05:40:04.000000000 +0000 | |
486 | +++ new/imap/pop3d-ssl.dist.in 2004-05-24 20:57:32.000000000 +0000 | |
487 | @@ -135,7 +135,7 @@ | |
488 | # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually | |
489 | # treated as confidential, and must not be world-readable. | |
490 | # | |
491 | -TLS_CERTFILE=@datadir@/pop3d.pem | |
492 | +TLS_CERTFILE=@certsdir@/pop3d.pem | |
493 | ||
494 | ##NAME: TLS_TRUSTCERTS:0 | |
495 | # |