1 diff -Nur old/configure.in new/configure.in
2 --- old/configure.in 2004-06-12 01:38:04.000000000 +0000
3 +++ new/configure.in 2004-07-08 16:53:13.000000000 +0000
5 eval "exec_prefix=$exec_prefix"
6 eval "libexecdir=$libexecdir"
8 +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ],
9 +certsdir="$withval", certsdir=$datadir)
13 AC_ARG_WITH(authchangepwdir, [], ,
14 ac_configure_args="$ac_configure_args --with-authchangepwdir=$libexecdir/authlib")
16 diff -Nur old/imap/configure.in new/imap/configure.in
17 --- old/imap/configure.in 2004-06-12 01:38:04.000000000 +0000
18 +++ new/imap/configure.in 2004-07-08 16:53:44.000000000 +0000
20 eval "exec_prefix=$exec_prefix"
23 +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ],
24 +certsdir="$withval", certsdir=$datadir)
29 [ --with-mailer=prog Your mail submission program],
31 diff -Nur old/imap/imapd.cnf.in new/imap/imapd.cnf.in
32 --- old/imap/imapd.cnf.in 2001-03-24 04:59:55.000000000 +0000
33 +++ new/imap/imapd.cnf.in 2004-07-08 16:54:18.000000000 +0000
36 -RANDFILE = @datadir@/imapd.rand
37 +RANDFILE = @certsdir@/imapd.rand
41 diff -Nur old/imap/imapd-ssl.dist.in new/imap/imapd-ssl.dist.in
42 --- old/imap/imapd-ssl.dist.in 2004-01-24 20:09:26.000000000 +0000
43 +++ new/imap/imapd-ssl.dist.in 2004-07-08 16:54:04.000000000 +0000
45 # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually
46 # treated as confidential, and must not be world-readable.
48 -TLS_CERTFILE=@datadir@/imapd.pem
49 +TLS_CERTFILE=@certsdir@/imapd.pem
51 ##NAME: TLS_TRUSTCERTS:0
53 diff -Nur old/imap/mkimapdcert.8.in new/imap/mkimapdcert.8.in
54 --- old/imap/mkimapdcert.8.in 2004-02-08 04:12:08.000000000 +0000
55 +++ new/imap/mkimapdcert.8.in 2004-07-08 17:01:04.000000000 +0000
58 IMAP over SSL requires a valid, signed, X.509 certificate. The default
59 location for the certificate file is
60 -\fI@datadir@/imapd.pem\fR\&.
61 +\fI@certsdir@/imapd.pem\fR\&.
62 \fBmkimapdcert\fR generates a self-signed X.509 certificate,
66 recognized certificate authority, in order for mail clients to accept the
69 -\fI@datadir@/imapd.pem\fR must be owned by the
70 +\fI@certsdir@/imapd.pem\fR must be owned by the
72 have no group or world permissions.
73 The \fBmkimapdcert\fR command will
74 enforce this. To prevent an unfortunate accident,
76 -will not work if \fB@datadir@/imapd.pem\fR already exists.
77 +will not work if \fB@certsdir@/imapd.pem\fR already exists.
79 \fBmkimapdcert\fR requires
80 \fBOpenSSL\fR to be installed.
83 -\fB@datadir@/imapd.pem\fR
84 +\fB@certsdir@/imapd.pem\fR
87 \fB@sysconfdir@/imapd.cnf\fR
88 diff -Nur old/imap/mkimapdcert.html.in new/imap/mkimapdcert.html.in
89 --- old/imap/mkimapdcert.html.in 2004-02-08 04:12:12.000000000 +0000
90 +++ new/imap/mkimapdcert.html.in 2004-07-08 17:00:45.000000000 +0000
92 location for the certificate file is
95 ->@datadir@/imapd.pem</TT
96 +>@certsdir@/imapd.pem</TT
104 ->@datadir@/imapd.pem</TT
105 +>@certsdir@/imapd.pem</TT
106 > must be owned by the
108 have no group or world permissions.
113 ->@datadir@/imapd.pem</B
114 +>@certsdir@/imapd.pem</B
122 ->@datadir@/imapd.pem</DT
123 +>@certsdir@/imapd.pem</DT
126 >X.509 certificate.</P
127 diff -Nur old/imap/mkimapdcert.in new/imap/mkimapdcert.in
128 --- old/imap/mkimapdcert.in 2001-08-26 15:49:50.000000000 +0000
129 +++ new/imap/mkimapdcert.in 2004-07-08 17:01:33.000000000 +0000
134 -if test -f @datadir@/imapd.pem
135 +if test -f @certsdir@/imapd.pem
137 - echo "@datadir@/imapd.pem already exists."
138 + echo "@certsdir@/imapd.pem already exists."
142 -cp /dev/null @datadir@/imapd.pem
143 -chmod 600 @datadir@/imapd.pem
144 -chown @mailuser@ @datadir@/imapd.pem
145 +cp /dev/null @certsdir@/imapd.pem
146 +chmod 600 @certsdir@/imapd.pem
147 +chown @mailuser@ @certsdir@/imapd.pem
150 - rm -f @datadir@/imapd.pem
151 + rm -f @certsdir@/imapd.pem
152 rm -f @datadir@/imapd.rand
157 dd if=@RANDOMV@ of=@datadir@/imapd.rand count=1 2>/dev/null
158 @OPENSSL@ req -new -x509 -days 365 -nodes \
159 - -config @sysconfdir@/imapd.cnf -out @datadir@/imapd.pem -keyout @datadir@/imapd.pem || cleanup
160 -@OPENSSL@ gendh -rand @datadir@/imapd.rand 512 >>@datadir@/imapd.pem || cleanup
161 -@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/imapd.pem || cleanup
162 + -config @sysconfdir@/imapd.cnf -out @certsdir@/imapd.pem -keyout @datadir@/imapd.pem || cleanup
163 +@OPENSSL@ gendh -rand @datadir@/imapd.rand 512 >>@certsdir@/imapd.pem || cleanup
164 +@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/imapd.pem || cleanup
165 rm -f @datadir@/imapd.rand
166 diff -Nur old/imap/mkpop3dcert.8.in new/imap/mkpop3dcert.8.in
167 --- old/imap/mkpop3dcert.8.in 2004-02-08 04:12:10.000000000 +0000
168 +++ new/imap/mkpop3dcert.8.in 2004-07-08 17:00:01.000000000 +0000
171 POP3 over SSL requires a valid, signed, X.509 certificate. The default
172 location for the certificate file is
173 -\fI@datadir@/pop3d.pem\fR\&.
174 +\fI@certsdir@/pop3d.pem\fR\&.
175 \fBmkpop3dcert\fR generates a self-signed X.509 certificate,
179 recognized certificate authority, in order for mail clients to accept the
182 -\fI@datadir@/pop3d.pem\fR must be owned by the
183 +\fI@certsdir@/pop3d.pem\fR must be owned by the
185 have no group or world permissions.
186 The \fBmkpop3dcert\fR command will
187 enforce this. To prevent an unfortunate accident,
189 -will not work if \fB@datadir@/pop3d.pem\fR already exists.
190 +will not work if \fB@certsdir@/pop3d.pem\fR already exists.
192 \fBmkpop3dcert\fR requires
193 \fBOpenSSL\fR to be installed.
196 -\fB@datadir@/pop3d.pem\fR
197 +\fB@certsdir@/pop3d.pem\fR
200 \fB@sysconfdir@/pop3d.cnf\fR
201 diff -Nur old/imap/mkpop3dcert.html.in new/imap/mkpop3dcert.html.in
202 --- old/imap/mkpop3dcert.html.in 2004-02-08 04:12:11.000000000 +0000
203 +++ new/imap/mkpop3dcert.html.in 2004-07-08 16:59:29.000000000 +0000
205 location for the certificate file is
208 ->@datadir@/pop3d.pem</TT
209 +>@certsdir@/pop3d.pem</TT
217 ->@datadir@/pop3d.pem</TT
218 +>@certsdir@/pop3d.pem</TT
219 > must be owned by the
221 have no group or world permissions.
226 ->@datadir@/pop3d.pem</B
227 +>@certsdir@/pop3d.pem</B
235 ->@datadir@/pop3d.pem</DT
236 +>@certsdir@/pop3d.pem</DT
239 >X.509 certificate.</P
240 diff -Nur old/imap/mkpop3dcert.in new/imap/mkpop3dcert.in
241 --- old/imap/mkpop3dcert.in 2000-10-06 17:50:37.000000000 +0000
242 +++ new/imap/mkpop3dcert.in 2004-07-08 16:56:21.000000000 +0000
247 -if test -f @datadir@/pop3d.pem
248 +if test -f @certsdir@/pop3d.pem
250 - echo "@datadir@/pop3d.pem already exists."
251 + echo "@certsdir@/pop3d.pem already exists."
255 -cp /dev/null @datadir@/pop3d.pem
256 -chmod 600 @datadir@/pop3d.pem
257 -chown @mailuser@ @datadir@/pop3d.pem
258 +cp /dev/null @certsdir@/pop3d.pem
259 +chmod 600 @certsdir@/pop3d.pem
260 +chown @mailuser@ @certsdir@/pop3d.pem
263 - rm -f @datadir@/pop3d.pem
264 - rm -f @datadir@/pop3d.rand
265 + rm -f @certsdir@/pop3d.pem
266 + rm -f @certsdir@/pop3d.rand
270 -dd if=@RANDOMV@ of=@datadir@/pop3d.rand count=1 2>/dev/null
271 +dd if=@RANDOMV@ of=@certsdir@/pop3d.rand count=1 2>/dev/null
272 @OPENSSL@ req -new -x509 -days 365 -nodes \
273 - -config @sysconfdir@/pop3d.cnf -out @datadir@/pop3d.pem -keyout @datadir@/pop3d.pem || cleanup
274 -@OPENSSL@ gendh -rand @datadir@/pop3d.rand 512 >>@datadir@/pop3d.pem || cleanup
275 -@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/pop3d.pem || cleanup
276 -rm -f @datadir@/pop3d.rand
277 + -config @sysconfdir@/pop3d.cnf -out @certsdir@/pop3d.pem -keyout @certsdir@/pop3d.pem || cleanup
278 +@OPENSSL@ gendh -rand @certsdir@/pop3d.rand 512 >>@certsdir@/pop3d.pem || cleanup
279 +@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/pop3d.pem || cleanup
280 +rm -f @certsdir@/pop3d.rand
281 diff -Nur old/imap/pop3d.cnf.in new/imap/pop3d.cnf.in
282 --- old/imap/pop3d.cnf.in 2001-03-24 04:59:55.000000000 +0000
283 +++ new/imap/pop3d.cnf.in 2004-07-08 16:54:38.000000000 +0000
286 -RANDFILE = @datadir@/pop3d.rand
287 +RANDFILE = @certsdir@/pop3d.rand
291 diff -Nur old/imap/pop3d-ssl.dist.in new/imap/pop3d-ssl.dist.in
292 --- old/imap/pop3d-ssl.dist.in 2004-01-24 20:09:31.000000000 +0000
293 +++ new/imap/pop3d-ssl.dist.in 2004-07-08 16:54:31.000000000 +0000
295 # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually
296 # treated as confidential, and must not be world-readable.
298 -TLS_CERTFILE=@datadir@/pop3d.pem
299 +TLS_CERTFILE=@certsdir@/pop3d.pem
301 ##NAME: TLS_TRUSTCERTS:0