]>
Commit | Line | Data |
---|---|---|
383f8032 AA |
1 | diff -Nur old/configure.in new/configure.in |
2 | --- old/configure.in 2004-06-12 01:38:04.000000000 +0000 | |
3 | +++ new/configure.in 2004-07-08 16:53:13.000000000 +0000 | |
4 | @@ -97,6 +97,11 @@ | |
5 | eval "exec_prefix=$exec_prefix" | |
6 | eval "libexecdir=$libexecdir" | |
7 | ||
8 | +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], | |
9 | +certsdir="$withval", certsdir=$datadir) | |
10 | + | |
11 | +AC_SUBST(certsdir) | |
12 | + | |
13 | AC_ARG_WITH(authchangepwdir, [], , | |
14 | ac_configure_args="$ac_configure_args --with-authchangepwdir=$libexecdir/authlib") | |
15 | ||
16 | diff -Nur old/imap/configure.in new/imap/configure.in | |
17 | --- old/imap/configure.in 2004-06-12 01:38:04.000000000 +0000 | |
18 | +++ new/imap/configure.in 2004-07-08 16:53:44.000000000 +0000 | |
19 | @@ -35,6 +35,11 @@ | |
20 | eval "exec_prefix=$exec_prefix" | |
21 | eval "bindir=$bindir" | |
22 | ||
23 | +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], | |
24 | +certsdir="$withval", certsdir=$datadir) | |
25 | + | |
26 | +AC_SUBST(certsdir) | |
27 | + | |
28 | AC_ARG_WITH(mailer, | |
29 | [ --with-mailer=prog Your mail submission program], | |
30 | SENDMAIL="$withval", | |
31 | diff -Nur old/imap/imapd.cnf.in new/imap/imapd.cnf.in | |
32 | --- old/imap/imapd.cnf.in 2001-03-24 04:59:55.000000000 +0000 | |
33 | +++ new/imap/imapd.cnf.in 2004-07-08 16:54:18.000000000 +0000 | |
34 | @@ -1,5 +1,5 @@ | |
35 | ||
36 | -RANDFILE = @datadir@/imapd.rand | |
37 | +RANDFILE = @certsdir@/imapd.rand | |
38 | ||
39 | [ req ] | |
40 | default_bits = 1024 | |
41 | diff -Nur old/imap/imapd-ssl.dist.in new/imap/imapd-ssl.dist.in | |
42 | --- old/imap/imapd-ssl.dist.in 2004-01-24 20:09:26.000000000 +0000 | |
43 | +++ new/imap/imapd-ssl.dist.in 2004-07-08 16:54:04.000000000 +0000 | |
44 | @@ -146,7 +146,7 @@ | |
45 | # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually | |
46 | # treated as confidential, and must not be world-readable. | |
47 | # | |
48 | -TLS_CERTFILE=@datadir@/imapd.pem | |
49 | +TLS_CERTFILE=@certsdir@/imapd.pem | |
50 | ||
51 | ##NAME: TLS_TRUSTCERTS:0 | |
52 | # | |
53 | diff -Nur old/imap/mkimapdcert.8.in new/imap/mkimapdcert.8.in | |
54 | --- old/imap/mkimapdcert.8.in 2004-02-08 04:12:08.000000000 +0000 | |
55 | +++ new/imap/mkimapdcert.8.in 2004-07-08 17:01:04.000000000 +0000 | |
56 | @@ -18,7 +18,7 @@ | |
57 | .PP | |
58 | IMAP over SSL requires a valid, signed, X.509 certificate. The default | |
59 | location for the certificate file is | |
60 | -\fI@datadir@/imapd.pem\fR\&. | |
61 | +\fI@certsdir@/imapd.pem\fR\&. | |
62 | \fBmkimapdcert\fR generates a self-signed X.509 certificate, | |
63 | mainly for | |
64 | testing. | |
65 | @@ -26,19 +26,19 @@ | |
66 | recognized certificate authority, in order for mail clients to accept the | |
67 | certificate. | |
68 | .PP | |
69 | -\fI@datadir@/imapd.pem\fR must be owned by the | |
70 | +\fI@certsdir@/imapd.pem\fR must be owned by the | |
71 | @mailuser@ user and | |
72 | have no group or world permissions. | |
73 | The \fBmkimapdcert\fR command will | |
74 | enforce this. To prevent an unfortunate accident, | |
75 | \fBmkimapdcert\fR | |
76 | -will not work if \fB@datadir@/imapd.pem\fR already exists. | |
77 | +will not work if \fB@certsdir@/imapd.pem\fR already exists. | |
78 | .PP | |
79 | \fBmkimapdcert\fR requires | |
80 | \fBOpenSSL\fR to be installed. | |
81 | .SH "FILES" | |
82 | .TP | |
83 | -\fB@datadir@/imapd.pem\fR | |
84 | +\fB@certsdir@/imapd.pem\fR | |
85 | X.509 certificate. | |
86 | .TP | |
87 | \fB@sysconfdir@/imapd.cnf\fR | |
88 | diff -Nur old/imap/mkimapdcert.html.in new/imap/mkimapdcert.html.in | |
89 | --- old/imap/mkimapdcert.html.in 2004-02-08 04:12:12.000000000 +0000 | |
90 | +++ new/imap/mkimapdcert.html.in 2004-07-08 17:00:45.000000000 +0000 | |
91 | @@ -57,7 +57,7 @@ | |
92 | location for the certificate file is | |
93 | <TT | |
94 | CLASS="FILENAME" | |
95 | ->@datadir@/imapd.pem</TT | |
96 | +>@certsdir@/imapd.pem</TT | |
97 | >. | |
98 | <B | |
99 | CLASS="COMMAND" | |
100 | @@ -71,7 +71,7 @@ | |
101 | ><P | |
102 | ><TT | |
103 | CLASS="FILENAME" | |
104 | ->@datadir@/imapd.pem</TT | |
105 | +>@certsdir@/imapd.pem</TT | |
106 | > must be owned by the | |
107 | @mailuser@ user and | |
108 | have no group or world permissions. | |
109 | @@ -86,7 +86,7 @@ | |
110 | > | |
111 | will not work if <B | |
112 | CLASS="COMMAND" | |
113 | ->@datadir@/imapd.pem</B | |
114 | +>@certsdir@/imapd.pem</B | |
115 | > already exists.</P | |
116 | ><P | |
117 | ><B | |
118 | @@ -111,7 +111,7 @@ | |
119 | CLASS="VARIABLELIST" | |
120 | ><DL | |
121 | ><DT | |
122 | ->@datadir@/imapd.pem</DT | |
123 | +>@certsdir@/imapd.pem</DT | |
124 | ><DD | |
125 | ><P | |
126 | >X.509 certificate.</P | |
383f8032 AA |
127 | diff -Nur old/imap/mkpop3dcert.8.in new/imap/mkpop3dcert.8.in |
128 | --- old/imap/mkpop3dcert.8.in 2004-02-08 04:12:10.000000000 +0000 | |
129 | +++ new/imap/mkpop3dcert.8.in 2004-07-08 17:00:01.000000000 +0000 | |
130 | @@ -18,7 +18,7 @@ | |
131 | .PP | |
132 | POP3 over SSL requires a valid, signed, X.509 certificate. The default | |
133 | location for the certificate file is | |
134 | -\fI@datadir@/pop3d.pem\fR\&. | |
135 | +\fI@certsdir@/pop3d.pem\fR\&. | |
136 | \fBmkpop3dcert\fR generates a self-signed X.509 certificate, | |
137 | mainly for | |
138 | testing. | |
139 | @@ -26,19 +26,19 @@ | |
140 | recognized certificate authority, in order for mail clients to accept the | |
141 | certificate. | |
142 | .PP | |
143 | -\fI@datadir@/pop3d.pem\fR must be owned by the | |
144 | +\fI@certsdir@/pop3d.pem\fR must be owned by the | |
145 | @mailuser@ user and | |
146 | have no group or world permissions. | |
147 | The \fBmkpop3dcert\fR command will | |
148 | enforce this. To prevent an unfortunate accident, | |
149 | \fBmkpop3dcert\fR | |
150 | -will not work if \fB@datadir@/pop3d.pem\fR already exists. | |
151 | +will not work if \fB@certsdir@/pop3d.pem\fR already exists. | |
152 | .PP | |
153 | \fBmkpop3dcert\fR requires | |
154 | \fBOpenSSL\fR to be installed. | |
155 | .SH "FILES" | |
156 | .TP | |
157 | -\fB@datadir@/pop3d.pem\fR | |
158 | +\fB@certsdir@/pop3d.pem\fR | |
159 | X.509 certificate. | |
160 | .TP | |
161 | \fB@sysconfdir@/pop3d.cnf\fR | |
162 | diff -Nur old/imap/mkpop3dcert.html.in new/imap/mkpop3dcert.html.in | |
163 | --- old/imap/mkpop3dcert.html.in 2004-02-08 04:12:11.000000000 +0000 | |
164 | +++ new/imap/mkpop3dcert.html.in 2004-07-08 16:59:29.000000000 +0000 | |
165 | @@ -57,7 +57,7 @@ | |
166 | location for the certificate file is | |
167 | <TT | |
168 | CLASS="FILENAME" | |
169 | ->@datadir@/pop3d.pem</TT | |
170 | +>@certsdir@/pop3d.pem</TT | |
171 | >. | |
172 | <B | |
173 | CLASS="COMMAND" | |
174 | @@ -71,7 +71,7 @@ | |
175 | ><P | |
176 | ><TT | |
177 | CLASS="FILENAME" | |
178 | ->@datadir@/pop3d.pem</TT | |
179 | +>@certsdir@/pop3d.pem</TT | |
180 | > must be owned by the | |
181 | @mailuser@ user and | |
182 | have no group or world permissions. | |
183 | @@ -86,7 +86,7 @@ | |
184 | > | |
185 | will not work if <B | |
186 | CLASS="COMMAND" | |
187 | ->@datadir@/pop3d.pem</B | |
188 | +>@certsdir@/pop3d.pem</B | |
189 | > already exists.</P | |
190 | ><P | |
191 | ><B | |
192 | @@ -111,7 +111,7 @@ | |
193 | CLASS="VARIABLELIST" | |
194 | ><DL | |
195 | ><DT | |
196 | ->@datadir@/pop3d.pem</DT | |
197 | +>@certsdir@/pop3d.pem</DT | |
198 | ><DD | |
199 | ><P | |
200 | >X.509 certificate.</P | |
148eab3b AA |
201 | diff -Nur old/imap/pop3d.cnf.in new/imap/pop3d.cnf.in |
202 | --- old/imap/pop3d.cnf.in 2001-03-24 04:59:55.000000000 +0000 | |
203 | +++ new/imap/pop3d.cnf.in 2004-07-08 16:54:38.000000000 +0000 | |
204 | @@ -1,5 +1,5 @@ | |
205 | ||
206 | -RANDFILE = @datadir@/pop3d.rand | |
207 | +RANDFILE = @certsdir@/pop3d.rand | |
208 | ||
209 | [ req ] | |
210 | default_bits = 1024 | |
211 | diff -Nur old/imap/pop3d-ssl.dist.in new/imap/pop3d-ssl.dist.in | |
212 | --- old/imap/pop3d-ssl.dist.in 2004-01-24 20:09:31.000000000 +0000 | |
213 | +++ new/imap/pop3d-ssl.dist.in 2004-07-08 16:54:31.000000000 +0000 | |
214 | @@ -135,7 +135,7 @@ | |
215 | # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually | |
216 | # treated as confidential, and must not be world-readable. | |
217 | # | |
218 | -TLS_CERTFILE=@datadir@/pop3d.pem | |
219 | +TLS_CERTFILE=@certsdir@/pop3d.pem | |
220 | ||
221 | ##NAME: TLS_TRUSTCERTS:0 | |
222 | # | |
223 | diff -Nur old/imap/mkimapdcert.in new/imap/mkimapdcert.in | |
224 | --- old/imap/mkimapdcert.in 2005-06-29 18:01:17.000000000 +0000 | |
225 | +++ new/imap/mkimapdcert.in 2005-08-31 21:49:26.142362544 +0000 | |
226 | @@ -13,27 +13,27 @@ | |
227 | ||
228 | prefix="@prefix@" | |
229 | ||
230 | -if test -f @datadir@/imapd.pem | |
231 | +if test -f @certsdir@/imapd.pem | |
232 | then | |
233 | - echo "@datadir@/imapd.pem already exists." | |
234 | + echo "@certsdir@/imapd.pem already exists." | |
235 | exit 1 | |
236 | fi | |
237 | ||
238 | umask 077 | |
239 | -cp /dev/null @datadir@/imapd.pem | |
240 | -chmod 600 @datadir@/imapd.pem | |
241 | -chown @mailuser@ @datadir@/imapd.pem | |
242 | +cp /dev/null @certsdir@/imapd.pem | |
243 | +chmod 600 @certsdir@/imapd.pem | |
244 | +chown @mailuser@ @certsdir@/imapd.pem | |
245 | ||
246 | cleanup() { | |
247 | - rm -f @datadir@/imapd.pem | |
248 | - rm -f @datadir@/imapd.rand | |
249 | + rm -f @certsdir@/imapd.pem | |
250 | + rm -f @certsdir@/imapd.rand | |
251 | exit 1 | |
252 | } | |
253 | ||
254 | -cd @datadir@ | |
255 | -dd if=@RANDOMV@ of=@datadir@/imapd.rand count=1 2>/dev/null | |
256 | +cd @certsdir@ | |
257 | +dd if=@RANDOMV@ of=@certsdir@/imapd.rand count=1 2>/dev/null | |
258 | @OPENSSL@ req -new -x509 -days 365 -nodes \ | |
259 | - -config @sysconfdir@/imapd.cnf -out @datadir@/imapd.pem -keyout @datadir@/imapd.pem || cleanup | |
260 | -@OPENSSL@ gendh -rand @datadir@/imapd.rand 512 >>@datadir@/imapd.pem || cleanup | |
261 | -@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/imapd.pem || cleanup | |
262 | -rm -f @datadir@/imapd.rand | |
263 | + -config @sysconfdir@/imapd.cnf -out @certsdir@/imapd.pem -keyout @certsdir@/imapd.pem || cleanup | |
264 | +@OPENSSL@ gendh -rand @certsdir@/imapd.rand 512 >>@certsdir@/imapd.pem || cleanup | |
265 | +@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/imapd.pem || cleanup | |
266 | +rm -f @certsdir@/imapd.rand | |
383f8032 | 267 | diff -Nur old/imap/mkpop3dcert.in new/imap/mkpop3dcert.in |
148eab3b AA |
268 | --- old/imap/mkpop3dcert.in 2005-06-29 18:01:17.000000000 +0000 |
269 | +++ new/imap/mkpop3dcert.in 2005-08-31 21:49:26.143362392 +0000 | |
270 | @@ -13,26 +13,26 @@ | |
383f8032 AA |
271 | |
272 | prefix="@prefix@" | |
273 | ||
274 | -if test -f @datadir@/pop3d.pem | |
275 | +if test -f @certsdir@/pop3d.pem | |
276 | then | |
277 | - echo "@datadir@/pop3d.pem already exists." | |
278 | + echo "@certsdir@/pop3d.pem already exists." | |
279 | exit 1 | |
280 | fi | |
281 | ||
148eab3b | 282 | umask 077 |
383f8032 AA |
283 | -cp /dev/null @datadir@/pop3d.pem |
284 | -chmod 600 @datadir@/pop3d.pem | |
285 | -chown @mailuser@ @datadir@/pop3d.pem | |
286 | +cp /dev/null @certsdir@/pop3d.pem | |
287 | +chmod 600 @certsdir@/pop3d.pem | |
288 | +chown @mailuser@ @certsdir@/pop3d.pem | |
289 | ||
290 | cleanup() { | |
291 | - rm -f @datadir@/pop3d.pem | |
292 | - rm -f @datadir@/pop3d.rand | |
293 | + rm -f @certsdir@/pop3d.pem | |
294 | + rm -f @certsdir@/pop3d.rand | |
295 | exit 1 | |
296 | } | |
297 | ||
298 | -dd if=@RANDOMV@ of=@datadir@/pop3d.rand count=1 2>/dev/null | |
299 | +dd if=@RANDOMV@ of=@certsdir@/pop3d.rand count=1 2>/dev/null | |
300 | @OPENSSL@ req -new -x509 -days 365 -nodes \ | |
301 | - -config @sysconfdir@/pop3d.cnf -out @datadir@/pop3d.pem -keyout @datadir@/pop3d.pem || cleanup | |
302 | -@OPENSSL@ gendh -rand @datadir@/pop3d.rand 512 >>@datadir@/pop3d.pem || cleanup | |
303 | -@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/pop3d.pem || cleanup | |
304 | -rm -f @datadir@/pop3d.rand | |
305 | + -config @sysconfdir@/pop3d.cnf -out @certsdir@/pop3d.pem -keyout @certsdir@/pop3d.pem || cleanup | |
306 | +@OPENSSL@ gendh -rand @certsdir@/pop3d.rand 512 >>@certsdir@/pop3d.pem || cleanup | |
307 | +@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/pop3d.pem || cleanup | |
308 | +rm -f @certsdir@/pop3d.rand |