]>
Commit | Line | Data |
---|---|---|
383f8032 AA |
1 | diff -Nur old/configure.in new/configure.in |
2 | --- old/configure.in 2004-06-12 01:38:04.000000000 +0000 | |
3 | +++ new/configure.in 2004-07-08 16:53:13.000000000 +0000 | |
4 | @@ -97,6 +97,11 @@ | |
5 | eval "exec_prefix=$exec_prefix" | |
6 | eval "libexecdir=$libexecdir" | |
7 | ||
8 | +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], | |
9 | +certsdir="$withval", certsdir=$datadir) | |
10 | + | |
11 | +AC_SUBST(certsdir) | |
12 | + | |
13 | AC_ARG_WITH(authchangepwdir, [], , | |
14 | ac_configure_args="$ac_configure_args --with-authchangepwdir=$libexecdir/authlib") | |
15 | ||
16 | diff -Nur old/imap/configure.in new/imap/configure.in | |
17 | --- old/imap/configure.in 2004-06-12 01:38:04.000000000 +0000 | |
18 | +++ new/imap/configure.in 2004-07-08 16:53:44.000000000 +0000 | |
19 | @@ -35,6 +35,11 @@ | |
20 | eval "exec_prefix=$exec_prefix" | |
21 | eval "bindir=$bindir" | |
22 | ||
23 | +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], | |
24 | +certsdir="$withval", certsdir=$datadir) | |
25 | + | |
26 | +AC_SUBST(certsdir) | |
27 | + | |
28 | AC_ARG_WITH(mailer, | |
29 | [ --with-mailer=prog Your mail submission program], | |
30 | SENDMAIL="$withval", | |
31 | diff -Nur old/imap/imapd.cnf.in new/imap/imapd.cnf.in | |
32 | --- old/imap/imapd.cnf.in 2001-03-24 04:59:55.000000000 +0000 | |
33 | +++ new/imap/imapd.cnf.in 2004-07-08 16:54:18.000000000 +0000 | |
34 | @@ -1,5 +1,5 @@ | |
35 | ||
36 | -RANDFILE = @datadir@/imapd.rand | |
37 | +RANDFILE = @certsdir@/imapd.rand | |
38 | ||
39 | [ req ] | |
40 | default_bits = 1024 | |
41 | diff -Nur old/imap/imapd-ssl.dist.in new/imap/imapd-ssl.dist.in | |
42 | --- old/imap/imapd-ssl.dist.in 2004-01-24 20:09:26.000000000 +0000 | |
43 | +++ new/imap/imapd-ssl.dist.in 2004-07-08 16:54:04.000000000 +0000 | |
44 | @@ -146,7 +146,7 @@ | |
45 | # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually | |
46 | # treated as confidential, and must not be world-readable. | |
47 | # | |
48 | -TLS_CERTFILE=@datadir@/imapd.pem | |
49 | +TLS_CERTFILE=@certsdir@/imapd.pem | |
50 | ||
51 | ##NAME: TLS_TRUSTCERTS:0 | |
52 | # | |
53 | diff -Nur old/imap/mkimapdcert.8.in new/imap/mkimapdcert.8.in | |
54 | --- old/imap/mkimapdcert.8.in 2004-02-08 04:12:08.000000000 +0000 | |
55 | +++ new/imap/mkimapdcert.8.in 2004-07-08 17:01:04.000000000 +0000 | |
56 | @@ -18,7 +18,7 @@ | |
57 | .PP | |
58 | IMAP over SSL requires a valid, signed, X.509 certificate. The default | |
59 | location for the certificate file is | |
60 | -\fI@datadir@/imapd.pem\fR\&. | |
61 | +\fI@certsdir@/imapd.pem\fR\&. | |
62 | \fBmkimapdcert\fR generates a self-signed X.509 certificate, | |
63 | mainly for | |
64 | testing. | |
65 | @@ -26,19 +26,19 @@ | |
66 | recognized certificate authority, in order for mail clients to accept the | |
67 | certificate. | |
68 | .PP | |
69 | -\fI@datadir@/imapd.pem\fR must be owned by the | |
70 | +\fI@certsdir@/imapd.pem\fR must be owned by the | |
71 | @mailuser@ user and | |
72 | have no group or world permissions. | |
73 | The \fBmkimapdcert\fR command will | |
74 | enforce this. To prevent an unfortunate accident, | |
75 | \fBmkimapdcert\fR | |
76 | -will not work if \fB@datadir@/imapd.pem\fR already exists. | |
77 | +will not work if \fB@certsdir@/imapd.pem\fR already exists. | |
78 | .PP | |
79 | \fBmkimapdcert\fR requires | |
80 | \fBOpenSSL\fR to be installed. | |
81 | .SH "FILES" | |
82 | .TP | |
83 | -\fB@datadir@/imapd.pem\fR | |
84 | +\fB@certsdir@/imapd.pem\fR | |
85 | X.509 certificate. | |
86 | .TP | |
87 | \fB@sysconfdir@/imapd.cnf\fR | |
88 | diff -Nur old/imap/mkimapdcert.html.in new/imap/mkimapdcert.html.in | |
89 | --- old/imap/mkimapdcert.html.in 2004-02-08 04:12:12.000000000 +0000 | |
90 | +++ new/imap/mkimapdcert.html.in 2004-07-08 17:00:45.000000000 +0000 | |
91 | @@ -57,7 +57,7 @@ | |
92 | location for the certificate file is | |
93 | <TT | |
94 | CLASS="FILENAME" | |
95 | ->@datadir@/imapd.pem</TT | |
96 | +>@certsdir@/imapd.pem</TT | |
97 | >. | |
98 | <B | |
99 | CLASS="COMMAND" | |
100 | @@ -71,7 +71,7 @@ | |
101 | ><P | |
102 | ><TT | |
103 | CLASS="FILENAME" | |
104 | ->@datadir@/imapd.pem</TT | |
105 | +>@certsdir@/imapd.pem</TT | |
106 | > must be owned by the | |
107 | @mailuser@ user and | |
108 | have no group or world permissions. | |
109 | @@ -86,7 +86,7 @@ | |
110 | > | |
111 | will not work if <B | |
112 | CLASS="COMMAND" | |
113 | ->@datadir@/imapd.pem</B | |
114 | +>@certsdir@/imapd.pem</B | |
115 | > already exists.</P | |
116 | ><P | |
117 | ><B | |
118 | @@ -111,7 +111,7 @@ | |
119 | CLASS="VARIABLELIST" | |
120 | ><DL | |
121 | ><DT | |
122 | ->@datadir@/imapd.pem</DT | |
123 | +>@certsdir@/imapd.pem</DT | |
124 | ><DD | |
125 | ><P | |
126 | >X.509 certificate.</P | |
127 | diff -Nur old/imap/mkimapdcert.in new/imap/mkimapdcert.in | |
128 | --- old/imap/mkimapdcert.in 2001-08-26 15:49:50.000000000 +0000 | |
348acce3 AA |
129 | +++ new/imap/mkimapdcert.in 2004-07-10 12:23:46.000000000 +0000 |
130 | @@ -13,26 +13,26 @@ | |
383f8032 AA |
131 | |
132 | prefix="@prefix@" | |
133 | ||
134 | -if test -f @datadir@/imapd.pem | |
135 | +if test -f @certsdir@/imapd.pem | |
136 | then | |
137 | - echo "@datadir@/imapd.pem already exists." | |
138 | + echo "@certsdir@/imapd.pem already exists." | |
139 | exit 1 | |
140 | fi | |
141 | ||
142 | -cp /dev/null @datadir@/imapd.pem | |
143 | -chmod 600 @datadir@/imapd.pem | |
144 | -chown @mailuser@ @datadir@/imapd.pem | |
145 | +cp /dev/null @certsdir@/imapd.pem | |
146 | +chmod 600 @certsdir@/imapd.pem | |
147 | +chown @mailuser@ @certsdir@/imapd.pem | |
148 | ||
149 | cleanup() { | |
150 | - rm -f @datadir@/imapd.pem | |
348acce3 | 151 | - rm -f @datadir@/imapd.rand |
383f8032 | 152 | + rm -f @certsdir@/imapd.pem |
348acce3 | 153 | + rm -f @certsdir@/imapd.rand |
383f8032 AA |
154 | exit 1 |
155 | } | |
348acce3 AA |
156 | |
157 | -cd @datadir@ | |
158 | -dd if=@RANDOMV@ of=@datadir@/imapd.rand count=1 2>/dev/null | |
159 | +cd @certsdir@ | |
160 | +dd if=@RANDOMV@ of=@certsdir@/imapd.rand count=1 2>/dev/null | |
383f8032 AA |
161 | @OPENSSL@ req -new -x509 -days 365 -nodes \ |
162 | - -config @sysconfdir@/imapd.cnf -out @datadir@/imapd.pem -keyout @datadir@/imapd.pem || cleanup | |
163 | -@OPENSSL@ gendh -rand @datadir@/imapd.rand 512 >>@datadir@/imapd.pem || cleanup | |
164 | -@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/imapd.pem || cleanup | |
348acce3 AA |
165 | -rm -f @datadir@/imapd.rand |
166 | + -config @sysconfdir@/imapd.cnf -out @certsdir@/imapd.pem -keyout @certsdir@/imapd.pem || cleanup | |
167 | +@OPENSSL@ gendh -rand @certsdir@/imapd.rand 512 >>@certsdir@/imapd.pem || cleanup | |
383f8032 | 168 | +@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/imapd.pem || cleanup |
348acce3 | 169 | +rm -f @certsdir@/imapd.rand |
383f8032 AA |
170 | diff -Nur old/imap/mkpop3dcert.8.in new/imap/mkpop3dcert.8.in |
171 | --- old/imap/mkpop3dcert.8.in 2004-02-08 04:12:10.000000000 +0000 | |
172 | +++ new/imap/mkpop3dcert.8.in 2004-07-08 17:00:01.000000000 +0000 | |
173 | @@ -18,7 +18,7 @@ | |
174 | .PP | |
175 | POP3 over SSL requires a valid, signed, X.509 certificate. The default | |
176 | location for the certificate file is | |
177 | -\fI@datadir@/pop3d.pem\fR\&. | |
178 | +\fI@certsdir@/pop3d.pem\fR\&. | |
179 | \fBmkpop3dcert\fR generates a self-signed X.509 certificate, | |
180 | mainly for | |
181 | testing. | |
182 | @@ -26,19 +26,19 @@ | |
183 | recognized certificate authority, in order for mail clients to accept the | |
184 | certificate. | |
185 | .PP | |
186 | -\fI@datadir@/pop3d.pem\fR must be owned by the | |
187 | +\fI@certsdir@/pop3d.pem\fR must be owned by the | |
188 | @mailuser@ user and | |
189 | have no group or world permissions. | |
190 | The \fBmkpop3dcert\fR command will | |
191 | enforce this. To prevent an unfortunate accident, | |
192 | \fBmkpop3dcert\fR | |
193 | -will not work if \fB@datadir@/pop3d.pem\fR already exists. | |
194 | +will not work if \fB@certsdir@/pop3d.pem\fR already exists. | |
195 | .PP | |
196 | \fBmkpop3dcert\fR requires | |
197 | \fBOpenSSL\fR to be installed. | |
198 | .SH "FILES" | |
199 | .TP | |
200 | -\fB@datadir@/pop3d.pem\fR | |
201 | +\fB@certsdir@/pop3d.pem\fR | |
202 | X.509 certificate. | |
203 | .TP | |
204 | \fB@sysconfdir@/pop3d.cnf\fR | |
205 | diff -Nur old/imap/mkpop3dcert.html.in new/imap/mkpop3dcert.html.in | |
206 | --- old/imap/mkpop3dcert.html.in 2004-02-08 04:12:11.000000000 +0000 | |
207 | +++ new/imap/mkpop3dcert.html.in 2004-07-08 16:59:29.000000000 +0000 | |
208 | @@ -57,7 +57,7 @@ | |
209 | location for the certificate file is | |
210 | <TT | |
211 | CLASS="FILENAME" | |
212 | ->@datadir@/pop3d.pem</TT | |
213 | +>@certsdir@/pop3d.pem</TT | |
214 | >. | |
215 | <B | |
216 | CLASS="COMMAND" | |
217 | @@ -71,7 +71,7 @@ | |
218 | ><P | |
219 | ><TT | |
220 | CLASS="FILENAME" | |
221 | ->@datadir@/pop3d.pem</TT | |
222 | +>@certsdir@/pop3d.pem</TT | |
223 | > must be owned by the | |
224 | @mailuser@ user and | |
225 | have no group or world permissions. | |
226 | @@ -86,7 +86,7 @@ | |
227 | > | |
228 | will not work if <B | |
229 | CLASS="COMMAND" | |
230 | ->@datadir@/pop3d.pem</B | |
231 | +>@certsdir@/pop3d.pem</B | |
232 | > already exists.</P | |
233 | ><P | |
234 | ><B | |
235 | @@ -111,7 +111,7 @@ | |
236 | CLASS="VARIABLELIST" | |
237 | ><DL | |
238 | ><DT | |
239 | ->@datadir@/pop3d.pem</DT | |
240 | +>@certsdir@/pop3d.pem</DT | |
241 | ><DD | |
242 | ><P | |
243 | >X.509 certificate.</P | |
244 | diff -Nur old/imap/mkpop3dcert.in new/imap/mkpop3dcert.in | |
245 | --- old/imap/mkpop3dcert.in 2000-10-06 17:50:37.000000000 +0000 | |
246 | +++ new/imap/mkpop3dcert.in 2004-07-08 16:56:21.000000000 +0000 | |
247 | @@ -13,25 +13,25 @@ | |
248 | ||
249 | prefix="@prefix@" | |
250 | ||
251 | -if test -f @datadir@/pop3d.pem | |
252 | +if test -f @certsdir@/pop3d.pem | |
253 | then | |
254 | - echo "@datadir@/pop3d.pem already exists." | |
255 | + echo "@certsdir@/pop3d.pem already exists." | |
256 | exit 1 | |
257 | fi | |
258 | ||
259 | -cp /dev/null @datadir@/pop3d.pem | |
260 | -chmod 600 @datadir@/pop3d.pem | |
261 | -chown @mailuser@ @datadir@/pop3d.pem | |
262 | +cp /dev/null @certsdir@/pop3d.pem | |
263 | +chmod 600 @certsdir@/pop3d.pem | |
264 | +chown @mailuser@ @certsdir@/pop3d.pem | |
265 | ||
266 | cleanup() { | |
267 | - rm -f @datadir@/pop3d.pem | |
268 | - rm -f @datadir@/pop3d.rand | |
269 | + rm -f @certsdir@/pop3d.pem | |
270 | + rm -f @certsdir@/pop3d.rand | |
271 | exit 1 | |
272 | } | |
273 | ||
274 | -dd if=@RANDOMV@ of=@datadir@/pop3d.rand count=1 2>/dev/null | |
275 | +dd if=@RANDOMV@ of=@certsdir@/pop3d.rand count=1 2>/dev/null | |
276 | @OPENSSL@ req -new -x509 -days 365 -nodes \ | |
277 | - -config @sysconfdir@/pop3d.cnf -out @datadir@/pop3d.pem -keyout @datadir@/pop3d.pem || cleanup | |
278 | -@OPENSSL@ gendh -rand @datadir@/pop3d.rand 512 >>@datadir@/pop3d.pem || cleanup | |
279 | -@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/pop3d.pem || cleanup | |
280 | -rm -f @datadir@/pop3d.rand | |
281 | + -config @sysconfdir@/pop3d.cnf -out @certsdir@/pop3d.pem -keyout @certsdir@/pop3d.pem || cleanup | |
282 | +@OPENSSL@ gendh -rand @certsdir@/pop3d.rand 512 >>@certsdir@/pop3d.pem || cleanup | |
283 | +@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/pop3d.pem || cleanup | |
284 | +rm -f @certsdir@/pop3d.rand | |
285 | diff -Nur old/imap/pop3d.cnf.in new/imap/pop3d.cnf.in | |
286 | --- old/imap/pop3d.cnf.in 2001-03-24 04:59:55.000000000 +0000 | |
287 | +++ new/imap/pop3d.cnf.in 2004-07-08 16:54:38.000000000 +0000 | |
288 | @@ -1,5 +1,5 @@ | |
289 | ||
290 | -RANDFILE = @datadir@/pop3d.rand | |
291 | +RANDFILE = @certsdir@/pop3d.rand | |
292 | ||
293 | [ req ] | |
294 | default_bits = 1024 | |
295 | diff -Nur old/imap/pop3d-ssl.dist.in new/imap/pop3d-ssl.dist.in | |
296 | --- old/imap/pop3d-ssl.dist.in 2004-01-24 20:09:31.000000000 +0000 | |
297 | +++ new/imap/pop3d-ssl.dist.in 2004-07-08 16:54:31.000000000 +0000 | |
298 | @@ -135,7 +135,7 @@ | |
299 | # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually | |
300 | # treated as confidential, and must not be world-readable. | |
301 | # | |
302 | -TLS_CERTFILE=@datadir@/pop3d.pem | |
303 | +TLS_CERTFILE=@certsdir@/pop3d.pem | |
304 | ||
305 | ##NAME: TLS_TRUSTCERTS:0 | |
306 | # |