[packages/courier.git] / courier-certs.patch

diff -Nur old/configure.in new/configure.in
--- old/configure.in	2004-05-16 02:40:19.000000000 +0000
+++ new/configure.in	2004-05-25 07:37:13.000000000 +0000
@@ -58,6 +58,11 @@
 eval "localstatedir=$localstatedir"
 eval "datadir=$datadir"
 
+AC_ARG_WITH(certsdir, [  --with-certsdir Directory where certs are created ],
+certsdir="$withval", certsdir=$datadir)
+
+AC_SUBST(certsdir)
+
 AC_ARG_WITH(userdb, [
 -- see INSTALL, or courier/doc/install.html for configuration options -- ], ,
 	ac_configure_args="$ac_configure_args --with-userdb=${sysconfdir}/userdb")
diff -Nur old/courier/configure.in new/courier/configure.in
--- old/courier/configure.in	2004-05-02 14:59:42.000000000 +0000
+++ new/courier/configure.in	2004-05-25 07:38:14.000000000 +0000
@@ -575,6 +575,12 @@
 
 eval "exec_prefix=$exec_prefix"
 eval "bindir=$bindir"
+eval "datadir=$datadir"
+
+AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ],
+certsdir="$withval", certsdir=$datadir)
+
+AC_SUBST(certsdir)
 
 MAILDROP="$bindir/maildrop"
 AC_SUBST(MAILDROP)
diff -Nur old/courier/imapd-ssl.rc.in new/courier/imapd-ssl.rc.in
--- old/courier/imapd-ssl.rc.in	2004-05-24 21:25:19.000000000 +0000
+++ new/courier/imapd-ssl.rc.in	2004-05-24 21:32:29.000000000 +0000
@@ -28,6 +28,11 @@
 
 case $1 in
 start)
+	# If we do not have a certificate, make one up.
+	if [ ! -f @certsdir@/imapd.pem ]; then
+	@sbindir@/mkimapdcert
+	fi
+
 	LIBAUTHMODULES=""
 	for f in `echo $AUTHMODULES`
 	do
diff -Nur old/courier/module.esmtp/configure.in new/courier/module.esmtp/configure.in
--- old/courier/module.esmtp/configure.in	2004-05-11 00:16:05.000000000 +0000
+++ new/courier/module.esmtp/configure.in	2004-05-25 07:46:38.000000000 +0000
@@ -300,6 +300,11 @@
 eval "datadir=$datadir"
 eval "localstatedir=$localstatedir"
 
+AC_ARG_WITH(certsdir, [  --with-certsdir Directory where certs are created ],
+certsdir="$withval", certsdir=$datadir)
+
+AC_SUBST(certsdir)
+
 dnl
 dnl  Check what libraries are available
 dnl
diff -Nur old/courier/module.esmtp/esmtpd.cnf.in new/courier/module.esmtp/esmtpd.cnf.in
--- old/courier/module.esmtp/esmtpd.cnf.in	2001-08-18 22:18:12.000000000 +0000
+++ new/courier/module.esmtp/esmtpd.cnf.in	2004-05-30 22:45:59.000000000 +0000
@@ -1,5 +1,5 @@
 
-RANDFILE = @datadir@/esmtpd.rnd
+RANDFILE = @certsdir@/esmtpd.rand
 
 [ req ]
 default_bits = 1024
diff -Nur old/courier/module.esmtp/esmtpd.dist.in new/courier/module.esmtp/esmtpd.dist.in
--- old/courier/module.esmtp/esmtpd.dist.in	2004-05-11 00:48:14.000000000 +0000
+++ new/courier/module.esmtp/esmtpd.dist.in	2004-07-11 18:09:20.000000000 +0000
@@ -143,7 +143,7 @@
 # servers, and is optional for SSL/TLS clients.  TLS_CERTFILE is usually
 # treated as confidential, and must not be world-readable.
 #
-TLS_CERTFILE=@datadir@/esmtpd.pem
+TLS_CERTFILE=@certsdir@/esmtpd.pem
 
 ##NAME: TLS_CERTINFO:0
 #
diff -Nur old/courier/module.esmtp/esmtpd-ssl.dist.in new/courier/module.esmtp/esmtpd-ssl.dist.in
--- old/courier/module.esmtp/esmtpd-ssl.dist.in	2004-04-24 19:56:19.000000000 +0000
+++ new/courier/module.esmtp/esmtpd-ssl.dist.in	2004-05-24 20:57:52.000000000 +0000
@@ -168,7 +168,7 @@
 # servers, and is optional for SSL/TLS clients.  TLS_CERTFILE is usually
 # treated as confidential, and must not be world-readable.
 #
-TLS_CERTFILE=@datadir@/esmtpd.pem
+TLS_CERTFILE=@certsdir@/esmtpd.pem
 
 ##NAME: TLS_TRUSTCERTS:0
 #
diff -Nur old/courier/module.esmtp/esmtpd-ssl.in new/courier/module.esmtp/esmtpd-ssl.in
--- old/courier/module.esmtp/esmtpd-ssl.in	2004-05-24 21:24:41.000000000 +0000
+++ new/courier/module.esmtp/esmtpd-ssl.in	2004-05-24 21:31:31.000000000 +0000
@@ -25,6 +25,10 @@
 
 case $1 in
 start)
+	# If we do not have a certificate, make one up.
+	if [ ! -f @certsdir@/esmtpd.pem ]; then
+	@sbindir@/mkesmtpdcert
+	fi
 	;;
 stop)
 	${sbindir}/couriertcpd -pid=$SSLPIDFILE -stop
diff -Nur old/courier/module.esmtp/mkesmtpdcert.in new/courier/module.esmtp/mkesmtpdcert.in
--- old/courier/module.esmtp/mkesmtpdcert.in	2000-09-18 17:24:01.000000000 +0000
+++ new/courier/module.esmtp/mkesmtpdcert.in	2004-05-25 07:31:21.000000000 +0000
@@ -11,25 +11,25 @@
 
 test -x @OPENSSL@ || exit 0
 
-if test -f @datadir@/esmtpd.pem
+if test -f @certsdir@/esmtpd.pem
 then
-	echo "@datadir@/esmtpd.pem already exists."
+	echo "@certsdir@/esmtpd.pem already exists."
 	exit 1
 fi
 
-cp /dev/null @datadir@/esmtpd.pem
-chmod 600 @datadir@/esmtpd.pem
-chown @mailuser@ @datadir@/esmtpd.pem
+cp /dev/null @certsdir@/esmtpd.pem
+chmod 600 @certsdir@/esmtpd.pem
+chown @mailuser@ @certsdir@/esmtpd.pem
 
 cleanup() {
-	rm -f @datadir@/esmtpd.rand
-	rm -f @datadir@/esmtpd.pem
+	rm -f @certsdir@/esmtpd.rand
+	rm -f @certsdir@/esmtpd.pem
 	exit 1
 }
 
-dd if=@RANDOMV@ of=@datadir@/esmtpd.rand count=1 2>/dev/null
+dd if=@RANDOMV@ of=@certsdir@/esmtpd.rand count=1 2>/dev/null
 @OPENSSL@ req -new -x509 -days 365 -nodes \
-	-config @sysconfdir@/esmtpd.cnf -out @datadir@/esmtpd.pem -keyout @datadir@/esmtpd.pem || cleanup
-@OPENSSL@ gendh -rand @datadir@/esmtpd.rand 512 >>@datadir@/esmtpd.pem || cleanup
-@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/esmtpd.pem || cleanup
-rm -f @datadir@/esmtpd.rand
+	-config @sysconfdir@/esmtpd.cnf -out @certsdir@/esmtpd.pem -keyout @certsdir@/esmtpd.pem || cleanup
+@OPENSSL@ gendh -rand @certsdir@/esmtpd.rand 512 >>@certsdir@/esmtpd.pem || cleanup
+@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/esmtpd.pem || cleanup
+rm -f @certsdir@/esmtpd.rand
diff -Nur old/courier/pop3d-ssl.in new/courier/pop3d-ssl.in
--- old/courier/pop3d-ssl.in	2004-05-24 21:25:31.000000000 +0000
+++ new/courier/pop3d-ssl.in	2004-05-24 21:33:05.000000000 +0000
@@ -29,6 +29,11 @@
 
 case $1 in
 start)
+	# If we do not have a certificate, make one up.
+	if [ ! -f @certsdir@/pop3d.pem ]; then
+	@sbindir@/mkpop3dcert
+	fi
+
 	LIBAUTHMODULES=""
 	for f in `echo $AUTHMODULES`
 	do
diff -Nur old/courier.sysvinit.in new/courier.sysvinit.in
--- old/courier.sysvinit.in	2004-05-02 14:24:06.000000000 +0000
+++ new/courier.sysvinit.in	2004-05-24 20:56:37.000000000 +0000
@@ -14,7 +14,7 @@
 sbindir="@sbindir@"
 bindir="@bindir@"
 libexecdir="@libexecdir@"
-datadir="@datadir@"
+certsdir="@certsdir@"
 
 if test ! -f ${sysconfdir}/esmtpd
 then
@@ -82,7 +82,7 @@
 	then
 # If we do not have a certificate, make one up.
 
-		if test ! -f ${datadir}/esmtpd.pem
+		if test ! -f ${certsdir}/esmtpd.pem
 		then
 			if test -x $COURIERTLS
 			then
@@ -149,7 +149,7 @@
 			then
 # If we do not have a certificate, make one up.
 
-				if test ! -f ${datadir}/pop3d.pem
+				if test ! -f ${certsdir}/pop3d.pem
 				then
 					echo -n " generating-POP3-SSL-certificate..."
 
@@ -179,7 +179,7 @@
 			then
 # If we do not have a certificate, make one up.
 
-				if test ! -f ${datadir}/imapd.pem
+				if test ! -f ${certsdir}/imapd.pem
 				then
 					echo -n " generating-IMAP-SSL-certificate..."
 
diff -Nur old/imap/configure.in new/imap/configure.in
--- old/imap/configure.in	2004-05-16 02:38:13.000000000 +0000
+++ new/imap/configure.in	2004-05-25 07:37:24.000000000 +0000
@@ -283,6 +283,11 @@
 eval "sysconfdir=$sysconfdir"
 eval "localstatedir=$localstatedir"
 
+AC_ARG_WITH(certsdir, [  --with-certsdir Directory where certs are created ],
+certsdir="$withval", certsdir=$datadir)
+
+AC_SUBST(certsdir)
+
 #
 # Check for PAM configuration flavor
 
diff -Nur old/imap/imapd.cnf.in new/imap/imapd.cnf.in
--- old/imap/imapd.cnf.in	2001-03-24 04:59:55.000000000 +0000
+++ new/imap/imapd.cnf.in	2004-05-30 22:37:03.000000000 +0000
@@ -1,5 +1,5 @@
 
-RANDFILE = @datadir@/imapd.rand
+RANDFILE = @certsdir@/imapd.rand
 
 [ req ]
 default_bits = 1024
diff -Nur old/imap/imapd-ssl.dist.in new/imap/imapd-ssl.dist.in
--- old/imap/imapd-ssl.dist.in	2004-01-25 05:40:03.000000000 +0000
+++ new/imap/imapd-ssl.dist.in	2004-05-24 20:57:29.000000000 +0000
@@ -146,7 +146,7 @@
 # servers, and is optional for SSL/TLS clients.  TLS_CERTFILE is usually
 # treated as confidential, and must not be world-readable.
 #
-TLS_CERTFILE=@datadir@/imapd.pem
+TLS_CERTFILE=@certsdir@/imapd.pem
 
 ##NAME: TLS_TRUSTCERTS:0
 #
diff -Nur old/imap/mkimapdcert.8.in new/imap/mkimapdcert.8.in
--- old/imap/mkimapdcert.8.in	2004-01-14 00:51:10.000000000 +0000
+++ new/imap/mkimapdcert.8.in	2004-05-25 07:32:16.000000000 +0000
@@ -18,7 +18,7 @@
 .PP
 IMAP over SSL requires a valid, signed, X.509 certificate.  The default
 location for the certificate file is
-\fI@datadir@/imapd.pem\fR\&.
+\fI@certsdir@/imapd.pem\fR\&.
 \fBmkimapdcert\fR generates a self-signed X.509 certificate,
 mainly for
 testing.
@@ -26,19 +26,19 @@
 recognized certificate authority, in order for mail clients to accept the
 certificate.
 .PP
-\fI@datadir@/imapd.pem\fR must be owned by the
+\fI@certsdir@/imapd.pem\fR must be owned by the
 @mailuser@ user and
 have no group or world permissions.
 The \fBmkimapdcert\fR command will
 enforce this.  To prevent an unfortunate accident,
 \fBmkimapdcert\fR
-will not work if \fB@datadir@/imapd.pem\fR already exists.
+will not work if \fB@certsdir@/imapd.pem\fR already exists.
 .PP
 \fBmkimapdcert\fR requires
 \fBOpenSSL\fR to be installed.
 .SH "FILES"
 .TP
-\fB@datadir@/imapd.pem\fR
+\fB@certsdir@/imapd.pem\fR
 X.509 certificate.
 .TP
 \fB@sysconfdir@/imapd.cnf\fR
diff -Nur old/imap/mkimapdcert.html.in new/imap/mkimapdcert.html.in
--- old/imap/mkimapdcert.html.in	2004-01-14 00:51:16.000000000 +0000
+++ new/imap/mkimapdcert.html.in	2004-05-25 07:32:37.000000000 +0000
@@ -57,7 +57,7 @@
 location for the certificate file is
 <TT
 CLASS="FILENAME"
->@datadir@/imapd.pem</TT
+>@certsdir@/imapd.pem</TT
 >.
 <B
 CLASS="COMMAND"
@@ -71,7 +71,7 @@
 ><P
 ><TT
 CLASS="FILENAME"
->@datadir@/imapd.pem</TT
+>@certsdir@/imapd.pem</TT
 > must be owned by the
 @mailuser@ user and
 have no group or world permissions.
@@ -86,7 +86,7 @@
 >
 will not work if <B
 CLASS="COMMAND"
->@datadir@/imapd.pem</B
+>@certsdir@/imapd.pem</B
 > already exists.</P
 ><P
 ><B
@@ -111,7 +111,7 @@
 CLASS="VARIABLELIST"
 ><DL
 ><DT
->@datadir@/imapd.pem</DT
+>@certsdir@/imapd.pem</DT
 ><DD
 ><P
 >X.509 certificate.</P
diff -Nur old/imap/mkimapdcert.in new/imap/mkimapdcert.in
--- old/imap/mkimapdcert.in	2001-08-26 16:16:42.000000000 +0000
+++ new/imap/mkimapdcert.in	2004-05-25 07:33:42.000000000 +0000
@@ -13,26 +13,26 @@
 
 prefix="@prefix@"
 
-if test -f @datadir@/imapd.pem
+if test -f @certsdir@/imapd.pem
 then
-	echo "@datadir@/imapd.pem already exists."
+	echo "@certsdir@/imapd.pem already exists."
 	exit 1
 fi
 
-cp /dev/null @datadir@/imapd.pem
-chmod 600 @datadir@/imapd.pem
-chown @mailuser@ @datadir@/imapd.pem
+cp /dev/null @certsdir@/imapd.pem
+chmod 600 @certsdir@/imapd.pem
+chown @mailuser@ @certsdir@/imapd.pem
 
 cleanup() {
-	rm -f @datadir@/imapd.pem
-	rm -f @datadir@/imapd.rand
+	rm -f @certsdir@/imapd.pem
+	rm -f @certsdir@/imapd.rand
 	exit 1
 }
 
-cd @datadir@
-dd if=@RANDOMV@ of=@datadir@/imapd.rand count=1 2>/dev/null
+cd @certsdir@
+dd if=@RANDOMV@ of=@certsdir@/imapd.rand count=1 2>/dev/null
 @OPENSSL@ req -new -x509 -days 365 -nodes \
-	-config @sysconfdir@/imapd.cnf -out @datadir@/imapd.pem -keyout @datadir@/imapd.pem || cleanup
-@OPENSSL@ gendh -rand @datadir@/imapd.rand 512 >>@datadir@/imapd.pem || cleanup
-@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/imapd.pem || cleanup
-rm -f @datadir@/imapd.rand
+	-config @sysconfdir@/imapd.cnf -out @certsdir@/imapd.pem -keyout @certsdir@/imapd.pem || cleanup
+@OPENSSL@ gendh -rand @certsdir@/imapd.rand 512 >>@certsdir@/imapd.pem || cleanup
+@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/imapd.pem || cleanup
+rm -f @certsdir@/imapd.rand
diff -Nur old/imap/mkpop3dcert.8.in new/imap/mkpop3dcert.8.in
--- old/imap/mkpop3dcert.8.in	2004-01-14 00:51:13.000000000 +0000
+++ new/imap/mkpop3dcert.8.in	2004-05-25 07:34:07.000000000 +0000
@@ -18,7 +18,7 @@
 .PP
 POP3 over SSL requires a valid, signed, X.509 certificate.  The default
 location for the certificate file is
-\fI@datadir@/pop3d.pem\fR\&.
+\fI@certsdir@/pop3d.pem\fR\&.
 \fBmkpop3dcert\fR generates a self-signed X.509 certificate,
 mainly for
 testing.
@@ -26,19 +26,19 @@
 recognized certificate authority, in order for mail clients to accept the
 certificate.
 .PP
-\fI@datadir@/pop3d.pem\fR must be owned by the
+\fI@certsdir@/pop3d.pem\fR must be owned by the
 @mailuser@ user and
 have no group or world permissions.
 The \fBmkpop3dcert\fR command will
 enforce this.  To prevent an unfortunate accident,
 \fBmkpop3dcert\fR
-will not work if \fB@datadir@/pop3d.pem\fR already exists.
+will not work if \fB@certsdir@/pop3d.pem\fR already exists.
 .PP
 \fBmkpop3dcert\fR requires
 \fBOpenSSL\fR to be installed.
 .SH "FILES"
 .TP
-\fB@datadir@/pop3d.pem\fR
+\fB@certsdir@/pop3d.pem\fR
 X.509 certificate.
 .TP
 \fB@sysconfdir@/pop3d.cnf\fR
diff -Nur old/imap/mkpop3dcert.html.in new/imap/mkpop3dcert.html.in
--- old/imap/mkpop3dcert.html.in	2004-01-14 00:51:17.000000000 +0000
+++ new/imap/mkpop3dcert.html.in	2004-05-25 07:34:26.000000000 +0000
@@ -57,7 +57,7 @@
 location for the certificate file is
 <TT
 CLASS="FILENAME"
->@datadir@/pop3d.pem</TT
+>@certsdir@/pop3d.pem</TT
 >.
 <B
 CLASS="COMMAND"
@@ -71,7 +71,7 @@
 ><P
 ><TT
 CLASS="FILENAME"
->@datadir@/pop3d.pem</TT
+>@certsdir@/pop3d.pem</TT
 > must be owned by the
 @mailuser@ user and
 have no group or world permissions.
@@ -86,7 +86,7 @@
 >
 will not work if <B
 CLASS="COMMAND"
->@datadir@/pop3d.pem</B
+>@certsdir@/pop3d.pem</B
 > already exists.</P
 ><P
 ><B
@@ -111,7 +111,7 @@
 CLASS="VARIABLELIST"
 ><DL
 ><DT
->@datadir@/pop3d.pem</DT
+>@certsdir@/pop3d.pem</DT
 ><DD
 ><P
 >X.509 certificate.</P
diff -Nur old/imap/mkpop3dcert.in new/imap/mkpop3dcert.in
--- old/imap/mkpop3dcert.in	2000-10-06 17:50:37.000000000 +0000
+++ new/imap/mkpop3dcert.in	2004-05-25 07:35:23.000000000 +0000
@@ -13,25 +13,25 @@
 
 prefix="@prefix@"
 
-if test -f @datadir@/pop3d.pem
+if test -f @certsdir@/pop3d.pem
 then
-	echo "@datadir@/pop3d.pem already exists."
+	echo "@certsdir@/pop3d.pem already exists."
 	exit 1
 fi
 
-cp /dev/null @datadir@/pop3d.pem
-chmod 600 @datadir@/pop3d.pem
-chown @mailuser@ @datadir@/pop3d.pem
+cp /dev/null @certsdir@/pop3d.pem
+chmod 600 @certsdir@/pop3d.pem
+chown @mailuser@ @certsdir@/pop3d.pem
 
 cleanup() {
-	rm -f @datadir@/pop3d.pem
-	rm -f @datadir@/pop3d.rand
+	rm -f @certsdir@/pop3d.pem
+	rm -f @certsdir@/pop3d.rand
 	exit 1
 }
 
-dd if=@RANDOMV@ of=@datadir@/pop3d.rand count=1 2>/dev/null
+dd if=@RANDOMV@ of=@certsdir@/pop3d.rand count=1 2>/dev/null
 @OPENSSL@ req -new -x509 -days 365 -nodes \
-	-config @sysconfdir@/pop3d.cnf -out @datadir@/pop3d.pem -keyout @datadir@/pop3d.pem || cleanup
-@OPENSSL@ gendh -rand @datadir@/pop3d.rand 512 >>@datadir@/pop3d.pem || cleanup
-@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/pop3d.pem || cleanup
-rm -f @datadir@/pop3d.rand
+	-config @sysconfdir@/pop3d.cnf -out @certsdir@/pop3d.pem -keyout @certsdir@/pop3d.pem || cleanup
+@OPENSSL@ gendh -rand @certsdir@/pop3d.rand 512 >>@certsdir@/pop3d.pem || cleanup
+@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/pop3d.pem || cleanup
+rm -f @certsdir@/pop3d.rand
diff -Nur old/imap/pop3d.cnf.in new/imap/pop3d.cnf.in
--- old/imap/pop3d.cnf.in	2001-03-24 04:59:55.000000000 +0000
+++ new/imap/pop3d.cnf.in	2004-05-30 22:37:10.000000000 +0000
@@ -1,5 +1,5 @@
 
-RANDFILE = @datadir@/pop3d.rand
+RANDFILE = @certsdir@/pop3d.rand
 
 [ req ]
 default_bits = 1024
diff -Nur old/imap/pop3d-ssl.dist.in new/imap/pop3d-ssl.dist.in
--- old/imap/pop3d-ssl.dist.in	2004-01-25 05:40:04.000000000 +0000
+++ new/imap/pop3d-ssl.dist.in	2004-05-24 20:57:32.000000000 +0000
@@ -135,7 +135,7 @@
 # servers, and is optional for SSL/TLS clients.  TLS_CERTFILE is usually
 # treated as confidential, and must not be world-readable.
 #
-TLS_CERTFILE=@datadir@/pop3d.pem
+TLS_CERTFILE=@certsdir@/pop3d.pem
 
 ##NAME: TLS_TRUSTCERTS:0
 #
Commit	Line	Data
c2c7a750 AA	1	diff -Nur old/configure.in new/configure.in
c2c7a750 AA	2	--- old/configure.in 2004-05-16 02:40:19.000000000 +0000
69e1f9b1	3	+++ new/configure.in 2004-05-25 07:37:13.000000000 +0000
c2c7a750 AA	4	@@ -58,6 +58,11 @@
	5	eval "localstatedir=$localstatedir"
	6	eval "datadir=$datadir"
	7
	8	+AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ],
69e1f9b1	9	+certsdir="$withval", certsdir=$datadir)
c2c7a750 AA	10	+
	11	+AC_SUBST(certsdir)
	12	+
	13	AC_ARG_WITH(userdb, [
	14	-- see INSTALL, or courier/doc/install.html for configuration options -- ], ,
	15	ac_configure_args="$ac_configure_args --with-userdb=${sysconfdir}/userdb")
	16	diff -Nur old/courier/configure.in new/courier/configure.in
	17	--- old/courier/configure.in 2004-05-02 14:59:42.000000000 +0000
69e1f9b1 AA	18	+++ new/courier/configure.in 2004-05-25 07:38:14.000000000 +0000
	19	@@ -575,6 +575,12 @@
	20
c2c7a750 AA	21	eval "exec_prefix=$exec_prefix"
c2c7a750 AA	22	eval "bindir=$bindir"
69e1f9b1 AA	23	+eval "datadir=$datadir"
69e1f9b1 AA	24	+
c2c7a750	25	+AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ],
69e1f9b1	26	+certsdir="$withval", certsdir=$datadir)
c2c7a750 AA	27	+
c2c7a750 AA	28	+AC_SUBST(certsdir)
69e1f9b1	29
c2c7a750 AA	30	MAILDROP="$bindir/maildrop"
c2c7a750 AA	31	AC_SUBST(MAILDROP)
c2c7a750 AA	32	diff -Nur old/courier/imapd-ssl.rc.in new/courier/imapd-ssl.rc.in
	33	--- old/courier/imapd-ssl.rc.in 2004-05-24 21:25:19.000000000 +0000
	34	+++ new/courier/imapd-ssl.rc.in 2004-05-24 21:32:29.000000000 +0000
	35	@@ -28,6 +28,11 @@
	36
	37	case $1 in
	38	start)
	39	+ # If we do not have a certificate, make one up.
	40	+ if [ ! -f @certsdir@/imapd.pem ]; then
	41	+ @sbindir@/mkimapdcert
	42	+ fi
	43	+
	44	LIBAUTHMODULES=""
	45	for f in `echo $AUTHMODULES`
	46	do
	47	diff -Nur old/courier/module.esmtp/configure.in new/courier/module.esmtp/configure.in
	48	--- old/courier/module.esmtp/configure.in 2004-05-11 00:16:05.000000000 +0000
9cae2a57	49	+++ new/courier/module.esmtp/configure.in 2004-05-25 07:46:38.000000000 +0000
c2c7a750 AA	50	@@ -300,6 +300,11 @@
	51	eval "datadir=$datadir"
	52	eval "localstatedir=$localstatedir"
	53
	54	+AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ],
b3795f4c	55	+certsdir="$withval", certsdir=$datadir)
c2c7a750 AA	56	+
	57	+AC_SUBST(certsdir)
	58	+
	59	dnl
	60	dnl Check what libraries are available
	61	dnl
9cae2a57 AA	62	diff -Nur old/courier/module.esmtp/esmtpd.cnf.in new/courier/module.esmtp/esmtpd.cnf.in
9cae2a57 AA	63	--- old/courier/module.esmtp/esmtpd.cnf.in 2001-08-18 22:18:12.000000000 +0000
3d35ebab	64	+++ new/courier/module.esmtp/esmtpd.cnf.in 2004-05-30 22:45:59.000000000 +0000
9cae2a57 AA	65	@@ -1,5 +1,5 @@
	66
	67	-RANDFILE = @datadir@/esmtpd.rnd
	68	+RANDFILE = @certsdir@/esmtpd.rand
	69
	70	[ req ]
	71	default_bits = 1024
3d35ebab AA	72	diff -Nur old/courier/module.esmtp/esmtpd.dist.in new/courier/module.esmtp/esmtpd.dist.in
	73	--- old/courier/module.esmtp/esmtpd.dist.in 2004-05-11 00:48:14.000000000 +0000
	74	+++ new/courier/module.esmtp/esmtpd.dist.in 2004-07-11 18:09:20.000000000 +0000
	75	@@ -143,7 +143,7 @@
	76	# servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually
	77	# treated as confidential, and must not be world-readable.
	78	#
	79	-TLS_CERTFILE=@datadir@/esmtpd.pem
	80	+TLS_CERTFILE=@certsdir@/esmtpd.pem
	81
	82	##NAME: TLS_CERTINFO:0
	83	#
c2c7a750 AA	84	diff -Nur old/courier/module.esmtp/esmtpd-ssl.dist.in new/courier/module.esmtp/esmtpd-ssl.dist.in
	85	--- old/courier/module.esmtp/esmtpd-ssl.dist.in 2004-04-24 19:56:19.000000000 +0000
	86	+++ new/courier/module.esmtp/esmtpd-ssl.dist.in 2004-05-24 20:57:52.000000000 +0000
	87	@@ -168,7 +168,7 @@
	88	# servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually
	89	# treated as confidential, and must not be world-readable.
	90	#
	91	-TLS_CERTFILE=@datadir@/esmtpd.pem
	92	+TLS_CERTFILE=@certsdir@/esmtpd.pem
	93
	94	##NAME: TLS_TRUSTCERTS:0
	95	#
	96	diff -Nur old/courier/module.esmtp/esmtpd-ssl.in new/courier/module.esmtp/esmtpd-ssl.in
	97	--- old/courier/module.esmtp/esmtpd-ssl.in 2004-05-24 21:24:41.000000000 +0000
	98	+++ new/courier/module.esmtp/esmtpd-ssl.in 2004-05-24 21:31:31.000000000 +0000
	99	@@ -25,6 +25,10 @@
	100
	101	case $1 in
	102	start)
	103	+ # If we do not have a certificate, make one up.
	104	+ if [ ! -f @certsdir@/esmtpd.pem ]; then
	105	+ @sbindir@/mkesmtpdcert
	106	+ fi
	107	;;
	108	stop)
	109	${sbindir}/couriertcpd -pid=$SSLPIDFILE -stop
69e1f9b1 AA	110	diff -Nur old/courier/module.esmtp/mkesmtpdcert.in new/courier/module.esmtp/mkesmtpdcert.in
	111	--- old/courier/module.esmtp/mkesmtpdcert.in 2000-09-18 17:24:01.000000000 +0000
	112	+++ new/courier/module.esmtp/mkesmtpdcert.in 2004-05-25 07:31:21.000000000 +0000
	113	@@ -11,25 +11,25 @@
	114
	115	test -x @OPENSSL@ \|\| exit 0
	116
	117	-if test -f @datadir@/esmtpd.pem
	118	+if test -f @certsdir@/esmtpd.pem
	119	then
	120	- echo "@datadir@/esmtpd.pem already exists."
	121	+ echo "@certsdir@/esmtpd.pem already exists."
	122	exit 1
	123	fi
	124
	125	-cp /dev/null @datadir@/esmtpd.pem
	126	-chmod 600 @datadir@/esmtpd.pem
	127	-chown @mailuser@ @datadir@/esmtpd.pem
	128	+cp /dev/null @certsdir@/esmtpd.pem
	129	+chmod 600 @certsdir@/esmtpd.pem
	130	+chown @mailuser@ @certsdir@/esmtpd.pem
	131
	132	cleanup() {
	133	- rm -f @datadir@/esmtpd.rand
	134	- rm -f @datadir@/esmtpd.pem
	135	+ rm -f @certsdir@/esmtpd.rand
	136	+ rm -f @certsdir@/esmtpd.pem
	137	exit 1
	138	}
	139
	140	-dd if=@RANDOMV@ of=@datadir@/esmtpd.rand count=1 2>/dev/null
	141	+dd if=@RANDOMV@ of=@certsdir@/esmtpd.rand count=1 2>/dev/null
	142	@OPENSSL@ req -new -x509 -days 365 -nodes \
	143	- -config @sysconfdir@/esmtpd.cnf -out @datadir@/esmtpd.pem -keyout @datadir@/esmtpd.pem \|\| cleanup
	144	-@OPENSSL@ gendh -rand @datadir@/esmtpd.rand 512 >>@datadir@/esmtpd.pem \|\| cleanup
	145	-@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/esmtpd.pem \|\| cleanup
	146	-rm -f @datadir@/esmtpd.rand
	147	+ -config @sysconfdir@/esmtpd.cnf -out @certsdir@/esmtpd.pem -keyout @certsdir@/esmtpd.pem \|\| cleanup
	148	+@OPENSSL@ gendh -rand @certsdir@/esmtpd.rand 512 >>@certsdir@/esmtpd.pem \|\| cleanup
	149	+@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/esmtpd.pem \|\| cleanup
	150	+rm -f @certsdir@/esmtpd.rand
c2c7a750 AA	151	diff -Nur old/courier/pop3d-ssl.in new/courier/pop3d-ssl.in
	152	--- old/courier/pop3d-ssl.in 2004-05-24 21:25:31.000000000 +0000
	153	+++ new/courier/pop3d-ssl.in 2004-05-24 21:33:05.000000000 +0000
	154	@@ -29,6 +29,11 @@
	155
	156	case $1 in
	157	start)
	158	+ # If we do not have a certificate, make one up.
	159	+ if [ ! -f @certsdir@/pop3d.pem ]; then
	160	+ @sbindir@/mkpop3dcert
	161	+ fi
	162	+
	163	LIBAUTHMODULES=""
	164	for f in `echo $AUTHMODULES`
	165	do
	166	diff -Nur old/courier.sysvinit.in new/courier.sysvinit.in
	167	--- old/courier.sysvinit.in 2004-05-02 14:24:06.000000000 +0000
	168	+++ new/courier.sysvinit.in 2004-05-24 20:56:37.000000000 +0000
	169	@@ -14,7 +14,7 @@
	170	sbindir="@sbindir@"
	171	bindir="@bindir@"
	172	libexecdir="@libexecdir@"
	173	-datadir="@datadir@"
	174	+certsdir="@certsdir@"
	175
	176	if test ! -f ${sysconfdir}/esmtpd
	177	then
	178	@@ -82,7 +82,7 @@
	179	then
	180	# If we do not have a certificate, make one up.
	181
	182	- if test ! -f ${datadir}/esmtpd.pem
	183	+ if test ! -f ${certsdir}/esmtpd.pem
	184	then
	185	if test -x $COURIERTLS
	186	then
	187	@@ -149,7 +149,7 @@
	188	then
	189	# If we do not have a certificate, make one up.
	190
	191	- if test ! -f ${datadir}/pop3d.pem
	192	+ if test ! -f ${certsdir}/pop3d.pem
	193	then
	194	echo -n " generating-POP3-SSL-certificate..."
	195
	196	@@ -179,7 +179,7 @@
	197	then
	198	# If we do not have a certificate, make one up.
	199
	200	- if test ! -f ${datadir}/imapd.pem
	201	+ if test ! -f ${certsdir}/imapd.pem
	202	then
	203	echo -n " generating-IMAP-SSL-certificate..."
	204
	205	diff -Nur old/imap/configure.in new/imap/configure.in
	206	--- old/imap/configure.in 2004-05-16 02:38:13.000000000 +0000
69e1f9b1	207	+++ new/imap/configure.in 2004-05-25 07:37:24.000000000 +0000
c2c7a750 AA	208	@@ -283,6 +283,11 @@
	209	eval "sysconfdir=$sysconfdir"
	210	eval "localstatedir=$localstatedir"
	211
	212	+AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ],
69e1f9b1	213	+certsdir="$withval", certsdir=$datadir)
c2c7a750 AA	214	+
	215	+AC_SUBST(certsdir)
	216	+
	217	#
	218	# Check for PAM configuration flavor
	219
9cae2a57 AA	220	diff -Nur old/imap/imapd.cnf.in new/imap/imapd.cnf.in
	221	--- old/imap/imapd.cnf.in 2001-03-24 04:59:55.000000000 +0000
	222	+++ new/imap/imapd.cnf.in 2004-05-30 22:37:03.000000000 +0000
	223	@@ -1,5 +1,5 @@
	224
	225	-RANDFILE = @datadir@/imapd.rand
	226	+RANDFILE = @certsdir@/imapd.rand
	227
	228	[ req ]
	229	default_bits = 1024
c2c7a750 AA	230	diff -Nur old/imap/imapd-ssl.dist.in new/imap/imapd-ssl.dist.in
	231	--- old/imap/imapd-ssl.dist.in 2004-01-25 05:40:03.000000000 +0000
	232	+++ new/imap/imapd-ssl.dist.in 2004-05-24 20:57:29.000000000 +0000
	233	@@ -146,7 +146,7 @@
	234	# servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually
	235	# treated as confidential, and must not be world-readable.
	236	#
	237	-TLS_CERTFILE=@datadir@/imapd.pem
	238	+TLS_CERTFILE=@certsdir@/imapd.pem
	239
	240	##NAME: TLS_TRUSTCERTS:0
	241	#
69e1f9b1 AA	242	diff -Nur old/imap/mkimapdcert.8.in new/imap/mkimapdcert.8.in
	243	--- old/imap/mkimapdcert.8.in 2004-01-14 00:51:10.000000000 +0000
	244	+++ new/imap/mkimapdcert.8.in 2004-05-25 07:32:16.000000000 +0000
	245	@@ -18,7 +18,7 @@
	246	.PP
	247	IMAP over SSL requires a valid, signed, X.509 certificate. The default
	248	location for the certificate file is
	249	-\fI@datadir@/imapd.pem\fR\&.
	250	+\fI@certsdir@/imapd.pem\fR\&.
	251	\fBmkimapdcert\fR generates a self-signed X.509 certificate,
	252	mainly for
	253	testing.
	254	@@ -26,19 +26,19 @@
	255	recognized certificate authority, in order for mail clients to accept the
	256	certificate.
	257	.PP
	258	-\fI@datadir@/imapd.pem\fR must be owned by the
	259	+\fI@certsdir@/imapd.pem\fR must be owned by the
	260	@mailuser@ user and
	261	have no group or world permissions.
	262	The \fBmkimapdcert\fR command will
	263	enforce this. To prevent an unfortunate accident,
	264	\fBmkimapdcert\fR
	265	-will not work if \fB@datadir@/imapd.pem\fR already exists.
	266	+will not work if \fB@certsdir@/imapd.pem\fR already exists.
	267	.PP
	268	\fBmkimapdcert\fR requires
	269	\fBOpenSSL\fR to be installed.
	270	.SH "FILES"
	271	.TP
	272	-\fB@datadir@/imapd.pem\fR
	273	+\fB@certsdir@/imapd.pem\fR
	274	X.509 certificate.
	275	.TP
	276	\fB@sysconfdir@/imapd.cnf\fR
	277	diff -Nur old/imap/mkimapdcert.html.in new/imap/mkimapdcert.html.in
	278	--- old/imap/mkimapdcert.html.in 2004-01-14 00:51:16.000000000 +0000
	279	+++ new/imap/mkimapdcert.html.in 2004-05-25 07:32:37.000000000 +0000
	280	@@ -57,7 +57,7 @@
	281	location for the certificate file is
	282	<TT
	283	CLASS="FILENAME"
	284	->@datadir@/imapd.pem</TT
	285	+>@certsdir@/imapd.pem</TT
	286	>.
	287	<B
	288	CLASS="COMMAND"
	289	@@ -71,7 +71,7 @@
	290	><P
	291	><TT
	292	CLASS="FILENAME"
	293	->@datadir@/imapd.pem</TT
	294	+>@certsdir@/imapd.pem</TT
	295	> must be owned by the
	296	@mailuser@ user and
	297	have no group or world permissions.
	298	@@ -86,7 +86,7 @@
	299	>
	300	will not work if <B
	301	CLASS="COMMAND"
	302	->@datadir@/imapd.pem</B
	303	+>@certsdir@/imapd.pem</B
	304	> already exists.</P
	305	><P
306	><B
307	@@ -111,7 +111,7 @@
308	CLASS="VARIABLELIST"
309	><DL
310	><DT
311	->@datadir@/imapd.pem</DT
312	+>@certsdir@/imapd.pem</DT
313	><DD
314	><P
315	>X.509 certificate.</P
316	diff -Nur old/imap/mkimapdcert.in new/imap/mkimapdcert.in
317	--- old/imap/mkimapdcert.in 2001-08-26 16:16:42.000000000 +0000
318	+++ new/imap/mkimapdcert.in 2004-05-25 07:33:42.000000000 +0000
319	@@ -13,26 +13,26 @@
320
321	prefix="@prefix@"
322
323	-if test -f @datadir@/imapd.pem
324	+if test -f @certsdir@/imapd.pem
325	then
326	- echo "@datadir@/imapd.pem already exists."
327	+ echo "@certsdir@/imapd.pem already exists."
328	exit 1
329	fi
330
331	-cp /dev/null @datadir@/imapd.pem
332	-chmod 600 @datadir@/imapd.pem
333	-chown @mailuser@ @datadir@/imapd.pem
334	+cp /dev/null @certsdir@/imapd.pem
335	+chmod 600 @certsdir@/imapd.pem
336	+chown @mailuser@ @certsdir@/imapd.pem
337
338	cleanup() {
339	- rm -f @datadir@/imapd.pem
340	- rm -f @datadir@/imapd.rand
341	+ rm -f @certsdir@/imapd.pem
342	+ rm -f @certsdir@/imapd.rand
343	exit 1
344	}
345
346	-cd @datadir@
347	-dd if=@RANDOMV@ of=@datadir@/imapd.rand count=1 2>/dev/null
348	+cd @certsdir@
349	+dd if=@RANDOMV@ of=@certsdir@/imapd.rand count=1 2>/dev/null
350	@OPENSSL@ req -new -x509 -days 365 -nodes \
351	- -config @sysconfdir@/imapd.cnf -out @datadir@/imapd.pem -keyout @datadir@/imapd.pem \|\| cleanup
352	-@OPENSSL@ gendh -rand @datadir@/imapd.rand 512 >>@datadir@/imapd.pem \|\| cleanup
353	-@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/imapd.pem \|\| cleanup
354	-rm -f @datadir@/imapd.rand
355	+ -config @sysconfdir@/imapd.cnf -out @certsdir@/imapd.pem -keyout @certsdir@/imapd.pem \|\| cleanup
356	+@OPENSSL@ gendh -rand @certsdir@/imapd.rand 512 >>@certsdir@/imapd.pem \|\| cleanup
357	+@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/imapd.pem \|\| cleanup
358	+rm -f @certsdir@/imapd.rand
359	diff -Nur old/imap/mkpop3dcert.8.in new/imap/mkpop3dcert.8.in
360	--- old/imap/mkpop3dcert.8.in 2004-01-14 00:51:13.000000000 +0000
361	+++ new/imap/mkpop3dcert.8.in 2004-05-25 07:34:07.000000000 +0000
362	@@ -18,7 +18,7 @@
363	.PP
364	POP3 over SSL requires a valid, signed, X.509 certificate. The default
365	location for the certificate file is
366	-\fI@datadir@/pop3d.pem\fR\&.
367	+\fI@certsdir@/pop3d.pem\fR\&.
368	\fBmkpop3dcert\fR generates a self-signed X.509 certificate,
369	mainly for
370	testing.
371	@@ -26,19 +26,19 @@
372	recognized certificate authority, in order for mail clients to accept the
373	certificate.
374	.PP
375	-\fI@datadir@/pop3d.pem\fR must be owned by the
376	+\fI@certsdir@/pop3d.pem\fR must be owned by the
377	@mailuser@ user and
378	have no group or world permissions.
379	The \fBmkpop3dcert\fR command will
380	enforce this. To prevent an unfortunate accident,
381	\fBmkpop3dcert\fR
382	-will not work if \fB@datadir@/pop3d.pem\fR already exists.
383	+will not work if \fB@certsdir@/pop3d.pem\fR already exists.
384	.PP
385	\fBmkpop3dcert\fR requires
386	\fBOpenSSL\fR to be installed.
387	.SH "FILES"
388	.TP
389	-\fB@datadir@/pop3d.pem\fR
390	+\fB@certsdir@/pop3d.pem\fR
391	X.509 certificate.
392	.TP
393	\fB@sysconfdir@/pop3d.cnf\fR
394	diff -Nur old/imap/mkpop3dcert.html.in new/imap/mkpop3dcert.html.in
395	--- old/imap/mkpop3dcert.html.in 2004-01-14 00:51:17.000000000 +0000
396	+++ new/imap/mkpop3dcert.html.in 2004-05-25 07:34:26.000000000 +0000
397	@@ -57,7 +57,7 @@
398	location for the certificate file is
399	<TT
400	CLASS="FILENAME"
401	->@datadir@/pop3d.pem</TT
402	+>@certsdir@/pop3d.pem</TT
403	>.
404	<B
405	CLASS="COMMAND"
406	@@ -71,7 +71,7 @@
407	><P
408	><TT
409	CLASS="FILENAME"
410	->@datadir@/pop3d.pem</TT
411	+>@certsdir@/pop3d.pem</TT
412	> must be owned by the
413	@mailuser@ user and
414	have no group or world permissions.
415	@@ -86,7 +86,7 @@
416	>
417	will not work if <B
418	CLASS="COMMAND"
419	->@datadir@/pop3d.pem</B
420	+>@certsdir@/pop3d.pem</B
421	> already exists.</P
422	><P
423	><B
424	@@ -111,7 +111,7 @@
425	CLASS="VARIABLELIST"
426	><DL
427	><DT
428	->@datadir@/pop3d.pem</DT
429	+>@certsdir@/pop3d.pem</DT
430	><DD
431	><P
432	>X.509 certificate.</P
433	diff -Nur old/imap/mkpop3dcert.in new/imap/mkpop3dcert.in
434	--- old/imap/mkpop3dcert.in 2000-10-06 17:50:37.000000000 +0000
435	+++ new/imap/mkpop3dcert.in 2004-05-25 07:35:23.000000000 +0000
436	@@ -13,25 +13,25 @@
437
438	prefix="@prefix@"
439
440	-if test -f @datadir@/pop3d.pem
441	+if test -f @certsdir@/pop3d.pem
442	then
443	- echo "@datadir@/pop3d.pem already exists."
444	+ echo "@certsdir@/pop3d.pem already exists."
445	exit 1
446	fi
447
448	-cp /dev/null @datadir@/pop3d.pem
449	-chmod 600 @datadir@/pop3d.pem
450	-chown @mailuser@ @datadir@/pop3d.pem
451	+cp /dev/null @certsdir@/pop3d.pem
452	+chmod 600 @certsdir@/pop3d.pem
453	+chown @mailuser@ @certsdir@/pop3d.pem
454
455	cleanup() {
456	- rm -f @datadir@/pop3d.pem
457	- rm -f @datadir@/pop3d.rand
458	+ rm -f @certsdir@/pop3d.pem
459	+ rm -f @certsdir@/pop3d.rand
460	exit 1
461	}
462
463	-dd if=@RANDOMV@ of=@datadir@/pop3d.rand count=1 2>/dev/null
464	+dd if=@RANDOMV@ of=@certsdir@/pop3d.rand count=1 2>/dev/null
465	@OPENSSL@ req -new -x509 -days 365 -nodes \
466	- -config @sysconfdir@/pop3d.cnf -out @datadir@/pop3d.pem -keyout @datadir@/pop3d.pem \|\| cleanup
467	-@OPENSSL@ gendh -rand @datadir@/pop3d.rand 512 >>@datadir@/pop3d.pem \|\| cleanup
468	-@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/pop3d.pem \|\| cleanup
469	-rm -f @datadir@/pop3d.rand
470	+ -config @sysconfdir@/pop3d.cnf -out @certsdir@/pop3d.pem -keyout @certsdir@/pop3d.pem \|\| cleanup
471	+@OPENSSL@ gendh -rand @certsdir@/pop3d.rand 512 >>@certsdir@/pop3d.pem \|\| cleanup
472	+@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/pop3d.pem \|\| cleanup
473	+rm -f @certsdir@/pop3d.rand
9cae2a57 AA	474	diff -Nur old/imap/pop3d.cnf.in new/imap/pop3d.cnf.in
	475	--- old/imap/pop3d.cnf.in 2001-03-24 04:59:55.000000000 +0000
	476	+++ new/imap/pop3d.cnf.in 2004-05-30 22:37:10.000000000 +0000
	477	@@ -1,5 +1,5 @@
	478
	479	-RANDFILE = @datadir@/pop3d.rand
	480	+RANDFILE = @certsdir@/pop3d.rand
	481
	482	[ req ]
	483	default_bits = 1024
c2c7a750 AA	484	diff -Nur old/imap/pop3d-ssl.dist.in new/imap/pop3d-ssl.dist.in
	485	--- old/imap/pop3d-ssl.dist.in 2004-01-25 05:40:04.000000000 +0000
	486	+++ new/imap/pop3d-ssl.dist.in 2004-05-24 20:57:32.000000000 +0000
	487	@@ -135,7 +135,7 @@
	488	# servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually
	489	# treated as confidential, and must not be world-readable.
	490	#
	491	-TLS_CERTFILE=@datadir@/pop3d.pem
	492	+TLS_CERTFILE=@certsdir@/pop3d.pem
	493
	494	##NAME: TLS_TRUSTCERTS:0
	495	#