]>
Commit | Line | Data |
---|---|---|
4694d3f7 | 1 | --- courier-imap-4.3.0.orig/configure.in 2007-11-24 04:20:18.000000000 +0100 |
2 | +++ courier-imap-4.3.0/configure.in 2008-01-19 19:53:07.090124292 +0100 | |
3 | @@ -222,6 +222,11 @@ | |
4 | ||
5 | # Neither does it use the change password feature | |
383f8032 AA |
6 | |
7 | +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], | |
8 | +certsdir="$withval", certsdir=$datadir) | |
9 | + | |
10 | +AC_SUBST(certsdir) | |
11 | + | |
12 | AC_ARG_WITH(authchangepwdir, [], , | |
4694d3f7 | 13 | ac_configure_args="$ac_configure_args --with-authchangepwdir=/var/tmp/dev/null") |
383f8032 | 14 | |
4694d3f7 | 15 | --- courier-imap-4.3.0.orig/imap/configure.in 2007-11-24 04:20:18.000000000 +0100 |
16 | +++ courier-imap-4.3.0/imap/configure.in 2008-01-19 19:53:07.090124292 +0100 | |
17 | @@ -52,6 +52,11 @@ | |
383f8032 AA |
18 | eval "exec_prefix=$exec_prefix" |
19 | eval "bindir=$bindir" | |
20 | ||
21 | +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], | |
22 | +certsdir="$withval", certsdir=$datadir) | |
23 | + | |
24 | +AC_SUBST(certsdir) | |
25 | + | |
26 | AC_ARG_WITH(mailer, | |
27 | [ --with-mailer=prog Your mail submission program], | |
28 | SENDMAIL="$withval", | |
4694d3f7 | 29 | --- courier-imap-4.3.0.orig/imap/imapd.cnf.openssl.in 2007-11-04 21:49:58.000000000 +0100 |
30 | +++ courier-imap-4.3.0/imap/imapd.cnf.openssl.in 2008-01-19 19:53:07.090124292 +0100 | |
383f8032 AA |
31 | @@ -1,5 +1,5 @@ |
32 | ||
4694d3f7 | 33 | -RANDFILE = @mydatadir@/imapd.rand |
383f8032 AA |
34 | +RANDFILE = @certsdir@/imapd.rand |
35 | ||
36 | [ req ] | |
37 | default_bits = 1024 | |
4694d3f7 | 38 | --- courier-imap-4.3.0.orig/imap/imapd-ssl.dist.in 2007-11-22 15:23:05.000000000 +0100 |
39 | +++ courier-imap-4.3.0/imap/imapd-ssl.dist.in 2008-01-19 19:53:22.977590279 +0100 | |
40 | @@ -254,7 +254,7 @@ | |
383f8032 | 41 | # |
4694d3f7 | 42 | # This is an experimental feature. |
43 | ||
44 | -TLS_CERTFILE=@mydatadir@/imapd.pem | |
383f8032 AA |
45 | +TLS_CERTFILE=@certsdir@/imapd.pem |
46 | ||
47 | ##NAME: TLS_TRUSTCERTS:0 | |
48 | # | |
4694d3f7 | 49 | --- courier-imap-4.3.0.orig/imap/mkimapdcert.in 2007-11-04 21:50:15.000000000 +0100 |
50 | +++ courier-imap-4.3.0/imap/mkimapdcert.in 2008-01-19 19:58:50.290723918 +0100 | |
51 | @@ -18,41 +18,41 @@ | |
148eab3b AA |
52 | |
53 | prefix="@prefix@" | |
54 | ||
4694d3f7 | 55 | -if test -f @mydatadir@/imapd.pem |
148eab3b AA |
56 | +if test -f @certsdir@/imapd.pem |
57 | then | |
4694d3f7 | 58 | - echo "@mydatadir@/imapd.pem already exists." |
148eab3b AA |
59 | + echo "@certsdir@/imapd.pem already exists." |
60 | exit 1 | |
61 | fi | |
62 | ||
63 | umask 077 | |
148eab3b AA |
64 | |
65 | cleanup() { | |
4694d3f7 | 66 | - rm -f @mydatadir@/imapd.pem |
67 | - rm -f @mydatadir@/imapd.rand | |
68 | - rm -f @mydatadir@/imapd.key | |
69 | - rm -f @mydatadir@/imapd.cert | |
148eab3b AA |
70 | + rm -f @certsdir@/imapd.pem |
71 | + rm -f @certsdir@/imapd.rand | |
4694d3f7 | 72 | + rm -f @certsdir@/imapd.key |
73 | + rm -f @certsdir@/imapd.cert | |
148eab3b AA |
74 | exit 1 |
75 | } | |
76 | ||
4694d3f7 | 77 | -cd @mydatadir@ |
148eab3b | 78 | +cd @certsdir@ |
4694d3f7 | 79 | |
80 | if test "@ssllib@" = "openssl" | |
81 | then | |
82 | - cp /dev/null @mydatadir@/imapd.pem | |
83 | - chmod 600 @mydatadir@/imapd.pem | |
84 | - chown @mailuser@ @mydatadir@/imapd.pem | |
85 | + cp /dev/null @certsdir@/imapd.pem | |
86 | + chmod 600 @certsdir@/imapd.pem | |
87 | + chown @mailuser@ @certsdir@/imapd.pem | |
88 | ||
89 | - dd if=@RANDOMV@ of=@mydatadir@/imapd.rand count=1 2>/dev/null | |
90 | + dd if=@RANDOMV@ of=@certsdir@/imapd.rand count=1 2>/dev/null | |
91 | @OPENSSL@ req -new -x509 -days 365 -nodes \ | |
92 | - -config @sysconfdir@/imapd.cnf -out @mydatadir@/imapd.pem -keyout @mydatadir@/imapd.pem || cleanup | |
93 | - @OPENSSL@ gendh -rand @mydatadir@/imapd.rand 512 >>@mydatadir@/imapd.pem || cleanup | |
94 | - @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @mydatadir@/imapd.pem || cleanup | |
95 | - rm -f @mydatadir@/imapd.rand | |
96 | + -config @sysconfdir@/imapd.cnf -out @certsdir@/imapd.pem -keyout @certsdir@/imapd.pem || cleanup | |
97 | + @OPENSSL@ gendh -rand @certsdir@/imapd.rand 512 >>@certsdir@/imapd.pem || cleanup | |
98 | + @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/imapd.pem || cleanup | |
99 | + rm -f @certsdir@/imapd.rand | |
100 | else | |
101 | - cp /dev/null @mydatadir@/imapd.key | |
102 | - chmod 600 @mydatadir@/imapd.key | |
103 | - cp /dev/null @mydatadir@/imapd.cert | |
104 | - chmod 600 @mydatadir@/imapd.cert | |
105 | + cp /dev/null @certsdir@/imapd.key | |
106 | + chmod 600 @certsdir@/imapd.key | |
107 | + cp /dev/null @certsdir@/imapd.cert | |
108 | + chmod 600 @certsdir@/imapd.cert | |
109 | ||
110 | @CERTTOOL@ --generate-privkey --outfile imapd.key | |
111 | @CERTTOOL@ --generate-self-signed --load-privkey imapd.key --outfile imapd.cert --template @sysconfdir@/imapd.cnf | |
4694d3f7 | 112 | --- courier-imap-4.3.0.orig/imap/mkpop3dcert.in 2007-11-04 21:50:15.000000000 +0100 |
113 | +++ courier-imap-4.3.0/imap/mkpop3dcert.in 2008-01-19 19:59:17.935447993 +0100 | |
114 | @@ -18,41 +18,41 @@ | |
383f8032 AA |
115 | |
116 | prefix="@prefix@" | |
117 | ||
4694d3f7 | 118 | -if test -f @mydatadir@/pop3d.pem |
383f8032 AA |
119 | +if test -f @certsdir@/pop3d.pem |
120 | then | |
4694d3f7 | 121 | - echo "@mydatadir@/pop3d.pem already exists." |
383f8032 AA |
122 | + echo "@certsdir@/pop3d.pem already exists." |
123 | exit 1 | |
124 | fi | |
125 | ||
148eab3b | 126 | umask 077 |
383f8032 AA |
127 | |
128 | cleanup() { | |
4694d3f7 | 129 | - rm -f @mydatadir@/pop3d.pem |
130 | - rm -f @mydatadir@/pop3d.rand | |
131 | - rm -f @mydatadir@/pop3d.key | |
132 | - rm -f @mydatadir@/pop3d.cert | |
383f8032 AA |
133 | + rm -f @certsdir@/pop3d.pem |
134 | + rm -f @certsdir@/pop3d.rand | |
4694d3f7 | 135 | + rm -f @certsdir@/pop3d.key |
136 | + rm -f @certsdir@/pop3d.cert | |
383f8032 AA |
137 | exit 1 |
138 | } | |
139 | ||
4694d3f7 | 140 | -cd @mydatadir@ |
141 | +cd @certsdir@ | |
142 | ||
143 | if test "@ssllib@" = "openssl" | |
144 | then | |
145 | - cp /dev/null @mydatadir@/pop3d.pem | |
146 | - chmod 600 @mydatadir@/pop3d.pem | |
147 | - chown @mailuser@ @mydatadir@/pop3d.pem | |
148 | + cp /dev/null @certsdir@/pop3d.pem | |
149 | + chmod 600 @certsdir@/pop3d.pem | |
150 | + chown @mailuser@ @certsdir@/pop3d.pem | |
151 | ||
152 | - dd if=@RANDOMV@ of=@mydatadir@/pop3d.rand count=1 2>/dev/null | |
153 | + dd if=@RANDOMV@ of=@certsdir@/pop3d.rand count=1 2>/dev/null | |
154 | @OPENSSL@ req -new -x509 -days 365 -nodes \ | |
155 | - -config @sysconfdir@/pop3d.cnf -out @mydatadir@/pop3d.pem -keyout @mydatadir@/pop3d.pem || cleanup | |
156 | - @OPENSSL@ gendh -rand @mydatadir@/pop3d.rand 512 >>@mydatadir@/pop3d.pem || cleanup | |
157 | - @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @mydatadir@/pop3d.pem || cleanup | |
158 | - rm -f @mydatadir@/pop3d.rand | |
159 | + -config @sysconfdir@/pop3d.cnf -out @certsdir@/pop3d.pem -keyout @certsdir@/pop3d.pem || cleanup | |
160 | + @OPENSSL@ gendh -rand @certsdir@/pop3d.rand 512 >>@certsdir@/pop3d.pem || cleanup | |
161 | + @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/pop3d.pem || cleanup | |
162 | + rm -f @certsdir@/pop3d.rand | |
163 | else | |
164 | - cp /dev/null @mydatadir@/pop3d.key | |
165 | - chmod 600 @mydatadir@/pop3d.key | |
166 | - cp /dev/null @mydatadir@/pop3d.cert | |
167 | - chmod 600 @mydatadir@/pop3d.cert | |
168 | + cp /dev/null @certsdir@/pop3d.key | |
169 | + chmod 600 @certsdir@/pop3d.key | |
170 | + cp /dev/null @certsdir@/pop3d.cert | |
171 | + chmod 600 @certsdir@/pop3d.cert | |
172 | ||
173 | @CERTTOOL@ --generate-privkey --outfile pop3d.key | |
174 | @CERTTOOL@ --generate-self-signed --load-privkey pop3d.key --outfile pop3d.cert --template @sysconfdir@/pop3d.cnf | |
4694d3f7 | 175 | --- courier-imap-4.3.0.orig/imap/pop3d.cnf.openssl.in 2007-11-04 21:49:58.000000000 +0100 |
176 | +++ courier-imap-4.3.0/imap/pop3d.cnf.openssl.in 2008-01-19 19:53:07.103458296 +0100 | |
177 | @@ -1,5 +1,5 @@ | |
178 | ||
179 | -RANDFILE = @mydatadir@/pop3d.rand | |
180 | +RANDFILE = @certsdir@/pop3d.rand | |
181 | ||
182 | [ req ] | |
183 | default_bits = 1024 | |
4694d3f7 | 184 | --- courier-imap-4.3.0.orig/imap/pop3d-ssl.dist.in 2007-11-22 15:23:06.000000000 +0100 |
185 | +++ courier-imap-4.3.0/imap/pop3d-ssl.dist.in 2008-01-19 19:55:43.177977173 +0100 | |
186 | @@ -241,7 +241,7 @@ | |
187 | # | |
188 | # This is an experimental feature. | |
189 | ||
190 | -TLS_CERTFILE=@mydatadir@/pop3d.pem | |
191 | +TLS_CERTFILE=@certsdir@/pop3d.pem | |
192 | ||
193 | ##NAME: TLS_TRUSTCERTS:0 | |
194 | # | |
79462f56 ER |
195 | --- courier-imap-4.8.0/imap/mkimapdcert.8.in~ 2010-02-20 06:12:44.000000000 +0200 |
196 | +++ courier-imap-4.8.0/imap/mkimapdcert.8.in 2010-06-04 15:18:37.508585518 +0300 | |
197 | @@ -29,18 +29,18 @@ | |
198 | .SH "DESCRIPTION" | |
199 | .PP | |
200 | IMAP over SSL requires a valid, signed, X\&.509 certificate\&. The default location for the certificate file is | |
201 | -@datadir@/imapd\&.pem\&. | |
202 | +@certsdir@/imapd\&.pem\&. | |
203 | \fBmkimapdcert\fR | |
204 | generates a self\-signed X\&.509 certificate, mainly for testing\&. For production use the X\&.509 certificate must be signed by a recognized certificate authority, in order for mail clients to accept the certificate\&. | |
205 | .PP | |
206 | ||
207 | -@datadir@/imapd\&.pem | |
208 | +@certsdir@/imapd\&.pem | |
209 | must be owned by the @mailuser@ user and have no group or world permissions\&. The | |
210 | \fBmkimapdcert\fR | |
211 | command will enforce this\&. To prevent an unfortunate accident, | |
212 | \fBmkimapdcert\fR | |
213 | will not work if | |
214 | -\fB@datadir@/imapd\&.pem\fR | |
215 | +\fB@certsdir@/imapd\&.pem\fR | |
216 | already exists\&. | |
217 | .PP | |
218 | ||
219 | @@ -50,7 +50,7 @@ | |
220 | to be installed\&. | |
221 | .SH "FILES" | |
222 | .PP | |
223 | -@datadir@/imapd\&.pem | |
224 | +@certsdir@/imapd\&.pem | |
225 | .RS 4 | |
226 | X\&.509 certificate\&. | |
227 | .RE | |
228 | --- courier-imap-4.8.0/imap/mkimapdcert.html.in~ 2010-02-20 06:12:44.000000000 +0200 | |
229 | +++ courier-imap-4.8.0/imap/mkimapdcert.html.in 2010-06-04 15:19:24.774623744 +0300 | |
230 | @@ -7,22 +7,22 @@ | |
231 | --></head><body><div class="refentry" title="mkimapdcert"><a id="mkimapdcert" shape="rect"> </a><div class="titlepage"/><div class="refnamediv"><h2>Name</h2><p>mkimapdcert — create a test SSL certificate for IMAP over SSL</p></div><div class="refsynopsisdiv" title="Synopsis"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">@sbindir@/mkimapdcert</code> </p></div></div><div class="refsect1" title="DESCRIPTION"><a id="id381669" shape="rect"> </a><h2>DESCRIPTION</h2><p> | |
232 | IMAP over SSL requires a valid, signed, X.509 certificate. The default | |
233 | location for the certificate file is | |
234 | -<code class="filename">@datadir@/imapd.pem</code>. | |
235 | +<code class="filename">@certsdir@/imapd.pem</code>. | |
236 | <span class="command"><strong>mkimapdcert</strong></span> generates a self-signed X.509 certificate, | |
237 | mainly for | |
238 | testing. | |
239 | For production use the X.509 certificate must be signed by a | |
240 | recognized certificate authority, in order for mail clients to accept the | |
241 | certificate.</p><p> | |
242 | -<code class="filename">@datadir@/imapd.pem</code> must be owned by the | |
243 | +<code class="filename">@certsdir@/imapd.pem</code> must be owned by the | |
244 | @mailuser@ user and | |
245 | have no group or world permissions. | |
246 | The <span class="command"><strong>mkimapdcert</strong></span> command will | |
247 | enforce this. To prevent an unfortunate accident, | |
248 | <span class="command"><strong>mkimapdcert</strong></span> | |
249 | -will not work if <span class="command"><strong>@datadir@/imapd.pem</strong></span> already exists.</p><p> | |
250 | +will not work if <span class="command"><strong>@certsdir@/imapd.pem</strong></span> already exists.</p><p> | |
251 | <span class="command"><strong>mkimapdcert</strong></span> requires | |
252 | -<span class="application">OpenSSL</span> to be installed.</p></div><div class="refsect1" title="FILES"><a id="id397983" shape="rect"> </a><h2>FILES</h2><div class="variablelist"><dl><dt><span class="term">@datadir@/imapd.pem</span></dt><dd> | |
253 | +<span class="application">OpenSSL</span> to be installed.</p></div><div class="refsect1" title="FILES"><a id="id397983" shape="rect"> </a><h2>FILES</h2><div class="variablelist"><dl><dt><span class="term">@certsdir@/imapd.pem</span></dt><dd> | |
254 | X.509 certificate. | |
255 | </dd><dt><span class="term">@sysconfdir@/imapd.cnf</span></dt><dd> | |
256 | Parameters used by OpenSSL to | |
257 | --- courier-imap-4.8.0/imap/mkpop3dcert.8.in~ 2010-02-20 06:12:44.000000000 +0200 | |
258 | +++ courier-imap-4.8.0/imap/mkpop3dcert.8.in 2010-06-04 15:19:49.481836220 +0300 | |
259 | @@ -29,18 +29,18 @@ | |
260 | .SH "DESCRIPTION" | |
261 | .PP | |
262 | POP3 over SSL requires a valid, signed, X\&.509 certificate\&. The default location for the certificate file is | |
263 | -@datadir@/pop3d\&.pem\&. | |
264 | +@certsdir@/pop3d\&.pem\&. | |
265 | \fBmkpop3dcert\fR | |
266 | generates a self\-signed X\&.509 certificate, mainly for testing\&. For production use the X\&.509 certificate must be signed by a recognized certificate authority, in order for mail clients to accept the certificate\&. | |
267 | .PP | |
268 | ||
269 | -@datadir@/pop3d\&.pem | |
270 | +@certsdir@/pop3d\&.pem | |
271 | must be owned by the @mailuser@ user and have no group or world permissions\&. The | |
272 | \fBmkpop3dcert\fR | |
273 | command will enforce this\&. To prevent an unfortunate accident, | |
274 | \fBmkpop3dcert\fR | |
275 | will not work if | |
276 | -\fB@datadir@/pop3d\&.pem\fR | |
277 | +\fB@certsdir@/pop3d\&.pem\fR | |
278 | already exists\&. | |
279 | .PP | |
280 | ||
281 | @@ -50,7 +50,7 @@ | |
282 | to be installed\&. | |
283 | .SH "FILES" | |
284 | .PP | |
285 | -@datadir@/pop3d\&.pem | |
286 | +@certsdir@/pop3d\&.pem | |
287 | .RS 4 | |
288 | X\&.509 certificate\&. | |
289 | .RE | |
290 | --- courier-imap-4.8.0/imap/mkpop3dcert.html.in~ 2010-02-20 06:12:44.000000000 +0200 | |
291 | +++ courier-imap-4.8.0/imap/mkpop3dcert.html.in 2010-06-04 15:20:12.428930951 +0300 | |
292 | @@ -7,22 +7,22 @@ | |
293 | --></head><body><div class="refentry" title="mkpop3dcert"><a id="mkpop3dcert" shape="rect"> </a><div class="titlepage"/><div class="refnamediv"><h2>Name</h2><p>mkpop3dcert — create a test SSL certificate for POP3 over SSL</p></div><div class="refsynopsisdiv" title="Synopsis"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">@sbindir@/mkpop3dcert</code> </p></div></div><div class="refsect1" title="DESCRIPTION"><a id="id489121" shape="rect"> </a><h2>DESCRIPTION</h2><p> | |
294 | POP3 over SSL requires a valid, signed, X.509 certificate. The default | |
295 | location for the certificate file is | |
296 | -<code class="filename">@datadir@/pop3d.pem</code>. | |
297 | +<code class="filename">@certsdir@/pop3d.pem</code>. | |
298 | <span class="command"><strong>mkpop3dcert</strong></span> generates a self-signed X.509 certificate, | |
299 | mainly for | |
300 | testing. | |
301 | For production use the X.509 certificate must be signed by a | |
302 | recognized certificate authority, in order for mail clients to accept the | |
303 | certificate.</p><p> | |
304 | -<code class="filename">@datadir@/pop3d.pem</code> must be owned by the | |
305 | +<code class="filename">@certsdir@/pop3d.pem</code> must be owned by the | |
306 | @mailuser@ user and | |
307 | have no group or world permissions. | |
308 | The <span class="command"><strong>mkpop3dcert</strong></span> command will | |
309 | enforce this. To prevent an unfortunate accident, | |
310 | <span class="command"><strong>mkpop3dcert</strong></span> | |
311 | -will not work if <span class="command"><strong>@datadir@/pop3d.pem</strong></span> already exists.</p><p> | |
312 | +will not work if <span class="command"><strong>@certsdir@/pop3d.pem</strong></span> already exists.</p><p> | |
313 | <span class="command"><strong>mkpop3dcert</strong></span> requires | |
314 | -<span class="application">OpenSSL</span> to be installed.</p></div><div class="refsect1" title="FILES"><a id="id505435" shape="rect"> </a><h2>FILES</h2><div class="variablelist"><dl><dt><span class="term">@datadir@/pop3d.pem</span></dt><dd> | |
315 | +<span class="application">OpenSSL</span> to be installed.</p></div><div class="refsect1" title="FILES"><a id="id505435" shape="rect"> </a><h2>FILES</h2><div class="variablelist"><dl><dt><span class="term">@certsdir@/pop3d.pem</span></dt><dd> | |
316 | X.509 certificate. | |
317 | </dd><dt><span class="term">@sysconfdir@/pop3d.cnf</span></dt><dd> | |
318 | Parameters used by OpenSSL to |