]>
Commit | Line | Data |
---|---|---|
383f8032 AA |
1 | diff -Nur old/configure.in new/configure.in |
2 | --- old/configure.in 2004-06-12 01:38:04.000000000 +0000 | |
3 | +++ new/configure.in 2004-07-08 16:53:13.000000000 +0000 | |
4 | @@ -97,6 +97,11 @@ | |
5 | eval "exec_prefix=$exec_prefix" | |
6 | eval "libexecdir=$libexecdir" | |
7 | ||
8 | +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], | |
9 | +certsdir="$withval", certsdir=$datadir) | |
10 | + | |
11 | +AC_SUBST(certsdir) | |
12 | + | |
13 | AC_ARG_WITH(authchangepwdir, [], , | |
14 | ac_configure_args="$ac_configure_args --with-authchangepwdir=$libexecdir/authlib") | |
15 | ||
16 | diff -Nur old/imap/configure.in new/imap/configure.in | |
17 | --- old/imap/configure.in 2004-06-12 01:38:04.000000000 +0000 | |
18 | +++ new/imap/configure.in 2004-07-08 16:53:44.000000000 +0000 | |
19 | @@ -35,6 +35,11 @@ | |
20 | eval "exec_prefix=$exec_prefix" | |
21 | eval "bindir=$bindir" | |
22 | ||
23 | +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], | |
24 | +certsdir="$withval", certsdir=$datadir) | |
25 | + | |
26 | +AC_SUBST(certsdir) | |
27 | + | |
28 | AC_ARG_WITH(mailer, | |
29 | [ --with-mailer=prog Your mail submission program], | |
30 | SENDMAIL="$withval", | |
31 | diff -Nur old/imap/imapd.cnf.in new/imap/imapd.cnf.in | |
32 | --- old/imap/imapd.cnf.in 2001-03-24 04:59:55.000000000 +0000 | |
33 | +++ new/imap/imapd.cnf.in 2004-07-08 16:54:18.000000000 +0000 | |
34 | @@ -1,5 +1,5 @@ | |
35 | ||
36 | -RANDFILE = @datadir@/imapd.rand | |
37 | +RANDFILE = @certsdir@/imapd.rand | |
38 | ||
39 | [ req ] | |
40 | default_bits = 1024 | |
41 | diff -Nur old/imap/imapd-ssl.dist.in new/imap/imapd-ssl.dist.in | |
42 | --- old/imap/imapd-ssl.dist.in 2004-01-24 20:09:26.000000000 +0000 | |
43 | +++ new/imap/imapd-ssl.dist.in 2004-07-08 16:54:04.000000000 +0000 | |
44 | @@ -146,7 +146,7 @@ | |
45 | # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually | |
46 | # treated as confidential, and must not be world-readable. | |
47 | # | |
48 | -TLS_CERTFILE=@datadir@/imapd.pem | |
49 | +TLS_CERTFILE=@certsdir@/imapd.pem | |
50 | ||
51 | ##NAME: TLS_TRUSTCERTS:0 | |
52 | # | |
53 | diff -Nur old/imap/mkimapdcert.8.in new/imap/mkimapdcert.8.in | |
54 | --- old/imap/mkimapdcert.8.in 2004-02-08 04:12:08.000000000 +0000 | |
55 | +++ new/imap/mkimapdcert.8.in 2004-07-08 17:01:04.000000000 +0000 | |
56 | @@ -18,7 +18,7 @@ | |
57 | .PP | |
58 | IMAP over SSL requires a valid, signed, X.509 certificate. The default | |
59 | location for the certificate file is | |
60 | -\fI@datadir@/imapd.pem\fR\&. | |
61 | +\fI@certsdir@/imapd.pem\fR\&. | |
62 | \fBmkimapdcert\fR generates a self-signed X.509 certificate, | |
63 | mainly for | |
64 | testing. | |
65 | @@ -26,19 +26,19 @@ | |
66 | recognized certificate authority, in order for mail clients to accept the | |
67 | certificate. | |
68 | .PP | |
69 | -\fI@datadir@/imapd.pem\fR must be owned by the | |
70 | +\fI@certsdir@/imapd.pem\fR must be owned by the | |
71 | @mailuser@ user and | |
72 | have no group or world permissions. | |
73 | The \fBmkimapdcert\fR command will | |
74 | enforce this. To prevent an unfortunate accident, | |
75 | \fBmkimapdcert\fR | |
76 | -will not work if \fB@datadir@/imapd.pem\fR already exists. | |
77 | +will not work if \fB@certsdir@/imapd.pem\fR already exists. | |
78 | .PP | |
79 | \fBmkimapdcert\fR requires | |
80 | \fBOpenSSL\fR to be installed. | |
81 | .SH "FILES" | |
82 | .TP | |
83 | -\fB@datadir@/imapd.pem\fR | |
84 | +\fB@certsdir@/imapd.pem\fR | |
85 | X.509 certificate. | |
86 | .TP | |
87 | \fB@sysconfdir@/imapd.cnf\fR | |
88 | diff -Nur old/imap/mkimapdcert.html.in new/imap/mkimapdcert.html.in | |
89 | --- old/imap/mkimapdcert.html.in 2004-02-08 04:12:12.000000000 +0000 | |
90 | +++ new/imap/mkimapdcert.html.in 2004-07-08 17:00:45.000000000 +0000 | |
91 | @@ -57,7 +57,7 @@ | |
92 | location for the certificate file is | |
93 | <TT | |
94 | CLASS="FILENAME" | |
95 | ->@datadir@/imapd.pem</TT | |
96 | +>@certsdir@/imapd.pem</TT | |
97 | >. | |
98 | <B | |
99 | CLASS="COMMAND" | |
100 | @@ -71,7 +71,7 @@ | |
101 | ><P | |
102 | ><TT | |
103 | CLASS="FILENAME" | |
104 | ->@datadir@/imapd.pem</TT | |
105 | +>@certsdir@/imapd.pem</TT | |
106 | > must be owned by the | |
107 | @mailuser@ user and | |
108 | have no group or world permissions. | |
109 | @@ -86,7 +86,7 @@ | |
110 | > | |
111 | will not work if <B | |
112 | CLASS="COMMAND" | |
113 | ->@datadir@/imapd.pem</B | |
114 | +>@certsdir@/imapd.pem</B | |
115 | > already exists.</P | |
116 | ><P | |
117 | ><B | |
118 | @@ -111,7 +111,7 @@ | |
119 | CLASS="VARIABLELIST" | |
120 | ><DL | |
121 | ><DT | |
122 | ->@datadir@/imapd.pem</DT | |
123 | +>@certsdir@/imapd.pem</DT | |
124 | ><DD | |
125 | ><P | |
126 | >X.509 certificate.</P | |
127 | diff -Nur old/imap/mkimapdcert.in new/imap/mkimapdcert.in | |
128 | --- old/imap/mkimapdcert.in 2001-08-26 15:49:50.000000000 +0000 | |
129 | +++ new/imap/mkimapdcert.in 2004-07-08 17:01:33.000000000 +0000 | |
130 | @@ -13,18 +13,18 @@ | |
131 | ||
132 | prefix="@prefix@" | |
133 | ||
134 | -if test -f @datadir@/imapd.pem | |
135 | +if test -f @certsdir@/imapd.pem | |
136 | then | |
137 | - echo "@datadir@/imapd.pem already exists." | |
138 | + echo "@certsdir@/imapd.pem already exists." | |
139 | exit 1 | |
140 | fi | |
141 | ||
142 | -cp /dev/null @datadir@/imapd.pem | |
143 | -chmod 600 @datadir@/imapd.pem | |
144 | -chown @mailuser@ @datadir@/imapd.pem | |
145 | +cp /dev/null @certsdir@/imapd.pem | |
146 | +chmod 600 @certsdir@/imapd.pem | |
147 | +chown @mailuser@ @certsdir@/imapd.pem | |
148 | ||
149 | cleanup() { | |
150 | - rm -f @datadir@/imapd.pem | |
151 | + rm -f @certsdir@/imapd.pem | |
152 | rm -f @datadir@/imapd.rand | |
153 | exit 1 | |
154 | } | |
155 | @@ -32,7 +32,7 @@ | |
156 | cd @datadir@ | |
157 | dd if=@RANDOMV@ of=@datadir@/imapd.rand count=1 2>/dev/null | |
158 | @OPENSSL@ req -new -x509 -days 365 -nodes \ | |
159 | - -config @sysconfdir@/imapd.cnf -out @datadir@/imapd.pem -keyout @datadir@/imapd.pem || cleanup | |
160 | -@OPENSSL@ gendh -rand @datadir@/imapd.rand 512 >>@datadir@/imapd.pem || cleanup | |
161 | -@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/imapd.pem || cleanup | |
162 | + -config @sysconfdir@/imapd.cnf -out @certsdir@/imapd.pem -keyout @datadir@/imapd.pem || cleanup | |
163 | +@OPENSSL@ gendh -rand @datadir@/imapd.rand 512 >>@certsdir@/imapd.pem || cleanup | |
164 | +@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/imapd.pem || cleanup | |
165 | rm -f @datadir@/imapd.rand | |
166 | diff -Nur old/imap/mkpop3dcert.8.in new/imap/mkpop3dcert.8.in | |
167 | --- old/imap/mkpop3dcert.8.in 2004-02-08 04:12:10.000000000 +0000 | |
168 | +++ new/imap/mkpop3dcert.8.in 2004-07-08 17:00:01.000000000 +0000 | |
169 | @@ -18,7 +18,7 @@ | |
170 | .PP | |
171 | POP3 over SSL requires a valid, signed, X.509 certificate. The default | |
172 | location for the certificate file is | |
173 | -\fI@datadir@/pop3d.pem\fR\&. | |
174 | +\fI@certsdir@/pop3d.pem\fR\&. | |
175 | \fBmkpop3dcert\fR generates a self-signed X.509 certificate, | |
176 | mainly for | |
177 | testing. | |
178 | @@ -26,19 +26,19 @@ | |
179 | recognized certificate authority, in order for mail clients to accept the | |
180 | certificate. | |
181 | .PP | |
182 | -\fI@datadir@/pop3d.pem\fR must be owned by the | |
183 | +\fI@certsdir@/pop3d.pem\fR must be owned by the | |
184 | @mailuser@ user and | |
185 | have no group or world permissions. | |
186 | The \fBmkpop3dcert\fR command will | |
187 | enforce this. To prevent an unfortunate accident, | |
188 | \fBmkpop3dcert\fR | |
189 | -will not work if \fB@datadir@/pop3d.pem\fR already exists. | |
190 | +will not work if \fB@certsdir@/pop3d.pem\fR already exists. | |
191 | .PP | |
192 | \fBmkpop3dcert\fR requires | |
193 | \fBOpenSSL\fR to be installed. | |
194 | .SH "FILES" | |
195 | .TP | |
196 | -\fB@datadir@/pop3d.pem\fR | |
197 | +\fB@certsdir@/pop3d.pem\fR | |
198 | X.509 certificate. | |
199 | .TP | |
200 | \fB@sysconfdir@/pop3d.cnf\fR | |
201 | diff -Nur old/imap/mkpop3dcert.html.in new/imap/mkpop3dcert.html.in | |
202 | --- old/imap/mkpop3dcert.html.in 2004-02-08 04:12:11.000000000 +0000 | |
203 | +++ new/imap/mkpop3dcert.html.in 2004-07-08 16:59:29.000000000 +0000 | |
204 | @@ -57,7 +57,7 @@ | |
205 | location for the certificate file is | |
206 | <TT | |
207 | CLASS="FILENAME" | |
208 | ->@datadir@/pop3d.pem</TT | |
209 | +>@certsdir@/pop3d.pem</TT | |
210 | >. | |
211 | <B | |
212 | CLASS="COMMAND" | |
213 | @@ -71,7 +71,7 @@ | |
214 | ><P | |
215 | ><TT | |
216 | CLASS="FILENAME" | |
217 | ->@datadir@/pop3d.pem</TT | |
218 | +>@certsdir@/pop3d.pem</TT | |
219 | > must be owned by the | |
220 | @mailuser@ user and | |
221 | have no group or world permissions. | |
222 | @@ -86,7 +86,7 @@ | |
223 | > | |
224 | will not work if <B | |
225 | CLASS="COMMAND" | |
226 | ->@datadir@/pop3d.pem</B | |
227 | +>@certsdir@/pop3d.pem</B | |
228 | > already exists.</P | |
229 | ><P | |
230 | ><B | |
231 | @@ -111,7 +111,7 @@ | |
232 | CLASS="VARIABLELIST" | |
233 | ><DL | |
234 | ><DT | |
235 | ->@datadir@/pop3d.pem</DT | |
236 | +>@certsdir@/pop3d.pem</DT | |
237 | ><DD | |
238 | ><P | |
239 | >X.509 certificate.</P | |
240 | diff -Nur old/imap/mkpop3dcert.in new/imap/mkpop3dcert.in | |
241 | --- old/imap/mkpop3dcert.in 2000-10-06 17:50:37.000000000 +0000 | |
242 | +++ new/imap/mkpop3dcert.in 2004-07-08 16:56:21.000000000 +0000 | |
243 | @@ -13,25 +13,25 @@ | |
244 | ||
245 | prefix="@prefix@" | |
246 | ||
247 | -if test -f @datadir@/pop3d.pem | |
248 | +if test -f @certsdir@/pop3d.pem | |
249 | then | |
250 | - echo "@datadir@/pop3d.pem already exists." | |
251 | + echo "@certsdir@/pop3d.pem already exists." | |
252 | exit 1 | |
253 | fi | |
254 | ||
255 | -cp /dev/null @datadir@/pop3d.pem | |
256 | -chmod 600 @datadir@/pop3d.pem | |
257 | -chown @mailuser@ @datadir@/pop3d.pem | |
258 | +cp /dev/null @certsdir@/pop3d.pem | |
259 | +chmod 600 @certsdir@/pop3d.pem | |
260 | +chown @mailuser@ @certsdir@/pop3d.pem | |
261 | ||
262 | cleanup() { | |
263 | - rm -f @datadir@/pop3d.pem | |
264 | - rm -f @datadir@/pop3d.rand | |
265 | + rm -f @certsdir@/pop3d.pem | |
266 | + rm -f @certsdir@/pop3d.rand | |
267 | exit 1 | |
268 | } | |
269 | ||
270 | -dd if=@RANDOMV@ of=@datadir@/pop3d.rand count=1 2>/dev/null | |
271 | +dd if=@RANDOMV@ of=@certsdir@/pop3d.rand count=1 2>/dev/null | |
272 | @OPENSSL@ req -new -x509 -days 365 -nodes \ | |
273 | - -config @sysconfdir@/pop3d.cnf -out @datadir@/pop3d.pem -keyout @datadir@/pop3d.pem || cleanup | |
274 | -@OPENSSL@ gendh -rand @datadir@/pop3d.rand 512 >>@datadir@/pop3d.pem || cleanup | |
275 | -@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/pop3d.pem || cleanup | |
276 | -rm -f @datadir@/pop3d.rand | |
277 | + -config @sysconfdir@/pop3d.cnf -out @certsdir@/pop3d.pem -keyout @certsdir@/pop3d.pem || cleanup | |
278 | +@OPENSSL@ gendh -rand @certsdir@/pop3d.rand 512 >>@certsdir@/pop3d.pem || cleanup | |
279 | +@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/pop3d.pem || cleanup | |
280 | +rm -f @certsdir@/pop3d.rand | |
281 | diff -Nur old/imap/pop3d.cnf.in new/imap/pop3d.cnf.in | |
282 | --- old/imap/pop3d.cnf.in 2001-03-24 04:59:55.000000000 +0000 | |
283 | +++ new/imap/pop3d.cnf.in 2004-07-08 16:54:38.000000000 +0000 | |
284 | @@ -1,5 +1,5 @@ | |
285 | ||
286 | -RANDFILE = @datadir@/pop3d.rand | |
287 | +RANDFILE = @certsdir@/pop3d.rand | |
288 | ||
289 | [ req ] | |
290 | default_bits = 1024 | |
291 | diff -Nur old/imap/pop3d-ssl.dist.in new/imap/pop3d-ssl.dist.in | |
292 | --- old/imap/pop3d-ssl.dist.in 2004-01-24 20:09:31.000000000 +0000 | |
293 | +++ new/imap/pop3d-ssl.dist.in 2004-07-08 16:54:31.000000000 +0000 | |
294 | @@ -135,7 +135,7 @@ | |
295 | # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually | |
296 | # treated as confidential, and must not be world-readable. | |
297 | # | |
298 | -TLS_CERTFILE=@datadir@/pop3d.pem | |
299 | +TLS_CERTFILE=@certsdir@/pop3d.pem | |
300 | ||
301 | ##NAME: TLS_TRUSTCERTS:0 | |
302 | # |