[packages/courier-imap.git] / courier-imap-certsdir.patch

--- courier-imap-4.3.0.orig/configure.in	2007-11-24 04:20:18.000000000 +0100
+++ courier-imap-4.3.0/configure.in	2008-01-19 19:53:07.090124292 +0100
@@ -222,6 +222,11 @@
 
 # Neither does it use the change password feature
 
+AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ],
+certsdir="$withval", certsdir=$datadir)
+
+AC_SUBST(certsdir)
+
 AC_ARG_WITH(authchangepwdir, [], ,
 	ac_configure_args="$ac_configure_args --with-authchangepwdir=/var/tmp/dev/null")
 
--- courier-imap-4.3.0.orig/imap/configure.in	2007-11-24 04:20:18.000000000 +0100
+++ courier-imap-4.3.0/imap/configure.in	2008-01-19 19:53:07.090124292 +0100
@@ -52,6 +52,11 @@
 eval "exec_prefix=$exec_prefix"
 eval "bindir=$bindir"
 
+AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ],
+certsdir="$withval", certsdir=$datadir)
+
+AC_SUBST(certsdir)
+
 AC_ARG_WITH(mailer,
 [  --with-mailer=prog  Your mail submission program],
    SENDMAIL="$withval",
--- courier-imap-4.3.0.orig/imap/imapd.cnf.openssl.in	2007-11-04 21:49:58.000000000 +0100
+++ courier-imap-4.3.0/imap/imapd.cnf.openssl.in	2008-01-19 19:53:07.090124292 +0100
@@ -1,5 +1,5 @@
 
-RANDFILE = @mydatadir@/imapd.rand
+RANDFILE = @certsdir@/imapd.rand
 
 [ req ]
 default_bits = 1024
--- courier-imap-4.3.0.orig/imap/imapd-ssl.dist.in	2007-11-22 15:23:05.000000000 +0100
+++ courier-imap-4.3.0/imap/imapd-ssl.dist.in	2008-01-19 19:53:22.977590279 +0100
@@ -254,7 +254,7 @@
 #
 # This is an experimental feature.
 
-TLS_CERTFILE=@mydatadir@/imapd.pem
+TLS_CERTFILE=@certsdir@/imapd.pem
 
 ##NAME: TLS_TRUSTCERTS:0
 #
--- courier-imap-4.3.0.orig/imap/mkimapdcert.in	2007-11-04 21:50:15.000000000 +0100
+++ courier-imap-4.3.0/imap/mkimapdcert.in	2008-01-19 19:58:50.290723918 +0100
@@ -18,41 +18,41 @@
 
 prefix="@prefix@"
 
-if test -f @mydatadir@/imapd.pem
+if test -f @certsdir@/imapd.pem
 then
-	echo "@mydatadir@/imapd.pem already exists."
+	echo "@certsdir@/imapd.pem already exists."
 	exit 1
 fi
 
 umask 077
 
 cleanup() {
-	rm -f @mydatadir@/imapd.pem
-	rm -f @mydatadir@/imapd.rand
-	rm -f @mydatadir@/imapd.key
-	rm -f @mydatadir@/imapd.cert
+	rm -f @certsdir@/imapd.pem
+	rm -f @certsdir@/imapd.rand
+	rm -f @certsdir@/imapd.key
+	rm -f @certsdir@/imapd.cert
 	exit 1
 }
 
-cd @mydatadir@
+cd @certsdir@
 
 if test "@ssllib@" = "openssl"
 then
-	cp /dev/null @mydatadir@/imapd.pem
-	chmod 600 @mydatadir@/imapd.pem
-	chown @mailuser@ @mydatadir@/imapd.pem
+	cp /dev/null @certsdir@/imapd.pem
+	chmod 600 @certsdir@/imapd.pem
+	chown @mailuser@ @certsdir@/imapd.pem
 
-	dd if=@RANDOMV@ of=@mydatadir@/imapd.rand count=1 2>/dev/null
+	dd if=@RANDOMV@ of=@certsdir@/imapd.rand count=1 2>/dev/null
 	@OPENSSL@ req -new -x509 -days 365 -nodes \
-		  -config @sysconfdir@/imapd.cnf -out @mydatadir@/imapd.pem -keyout @mydatadir@/imapd.pem || cleanup
-	@OPENSSL@ gendh -rand @mydatadir@/imapd.rand 512 >>@mydatadir@/imapd.pem || cleanup
-	@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @mydatadir@/imapd.pem || cleanup
-	rm -f @mydatadir@/imapd.rand
+		  -config @sysconfdir@/imapd.cnf -out @certsdir@/imapd.pem -keyout @certsdir@/imapd.pem || cleanup
+	@OPENSSL@ gendh -rand @certsdir@/imapd.rand 512 >>@certsdir@/imapd.pem || cleanup
+	@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/imapd.pem || cleanup
+	rm -f @certsdir@/imapd.rand
 else
-	cp /dev/null @mydatadir@/imapd.key
-	chmod 600 @mydatadir@/imapd.key
-	cp /dev/null @mydatadir@/imapd.cert
-	chmod 600 @mydatadir@/imapd.cert
+	cp /dev/null @certsdir@/imapd.key
+	chmod 600 @certsdir@/imapd.key
+	cp /dev/null @certsdir@/imapd.cert
+	chmod 600 @certsdir@/imapd.cert
 
 	@CERTTOOL@ --generate-privkey --outfile imapd.key
 	@CERTTOOL@ --generate-self-signed --load-privkey imapd.key --outfile imapd.cert --template @sysconfdir@/imapd.cnf
--- courier-imap-4.3.0.orig/imap/mkpop3dcert.in	2007-11-04 21:50:15.000000000 +0100
+++ courier-imap-4.3.0/imap/mkpop3dcert.in	2008-01-19 19:59:17.935447993 +0100
@@ -18,41 +18,41 @@
 
 prefix="@prefix@"
 
-if test -f @mydatadir@/pop3d.pem
+if test -f @certsdir@/pop3d.pem
 then
-	echo "@mydatadir@/pop3d.pem already exists."
+	echo "@certsdir@/pop3d.pem already exists."
 	exit 1
 fi
 
 umask 077
 
 cleanup() {
-	rm -f @mydatadir@/pop3d.pem
-	rm -f @mydatadir@/pop3d.rand
-	rm -f @mydatadir@/pop3d.key
-	rm -f @mydatadir@/pop3d.cert
+	rm -f @certsdir@/pop3d.pem
+	rm -f @certsdir@/pop3d.rand
+	rm -f @certsdir@/pop3d.key
+	rm -f @certsdir@/pop3d.cert
 	exit 1
 }
 
-cd @mydatadir@
+cd @certsdir@
 
 if test "@ssllib@" = "openssl"
 then
-	cp /dev/null @mydatadir@/pop3d.pem
-	chmod 600 @mydatadir@/pop3d.pem
-	chown @mailuser@ @mydatadir@/pop3d.pem
+	cp /dev/null @certsdir@/pop3d.pem
+	chmod 600 @certsdir@/pop3d.pem
+	chown @mailuser@ @certsdir@/pop3d.pem
 
-	dd if=@RANDOMV@ of=@mydatadir@/pop3d.rand count=1 2>/dev/null
+	dd if=@RANDOMV@ of=@certsdir@/pop3d.rand count=1 2>/dev/null
 	@OPENSSL@ req -new -x509 -days 365 -nodes \
-		  -config @sysconfdir@/pop3d.cnf -out @mydatadir@/pop3d.pem -keyout @mydatadir@/pop3d.pem || cleanup
-	@OPENSSL@ gendh -rand @mydatadir@/pop3d.rand 512 >>@mydatadir@/pop3d.pem || cleanup
-	@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @mydatadir@/pop3d.pem || cleanup
-	rm -f @mydatadir@/pop3d.rand
+		  -config @sysconfdir@/pop3d.cnf -out @certsdir@/pop3d.pem -keyout @certsdir@/pop3d.pem || cleanup
+	@OPENSSL@ gendh -rand @certsdir@/pop3d.rand 512 >>@certsdir@/pop3d.pem || cleanup
+	@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/pop3d.pem || cleanup
+	rm -f @certsdir@/pop3d.rand
 else
-	cp /dev/null @mydatadir@/pop3d.key
-	chmod 600 @mydatadir@/pop3d.key
-	cp /dev/null @mydatadir@/pop3d.cert
-	chmod 600 @mydatadir@/pop3d.cert
+	cp /dev/null @certsdir@/pop3d.key
+	chmod 600 @certsdir@/pop3d.key
+	cp /dev/null @certsdir@/pop3d.cert
+	chmod 600 @certsdir@/pop3d.cert
 
 	@CERTTOOL@ --generate-privkey --outfile pop3d.key
 	@CERTTOOL@ --generate-self-signed --load-privkey pop3d.key --outfile pop3d.cert --template @sysconfdir@/pop3d.cnf
--- courier-imap-4.3.0.orig/imap/pop3d.cnf.openssl.in	2007-11-04 21:49:58.000000000 +0100
+++ courier-imap-4.3.0/imap/pop3d.cnf.openssl.in	2008-01-19 19:53:07.103458296 +0100
@@ -1,5 +1,5 @@
 
-RANDFILE = @mydatadir@/pop3d.rand
+RANDFILE = @certsdir@/pop3d.rand
 
 [ req ]
 default_bits = 1024
--- courier-imap-4.3.0.orig/imap/pop3d-ssl.dist.in	2007-11-22 15:23:06.000000000 +0100
+++ courier-imap-4.3.0/imap/pop3d-ssl.dist.in	2008-01-19 19:55:43.177977173 +0100
@@ -241,7 +241,7 @@
 #
 # This is an experimental feature.
 
-TLS_CERTFILE=@mydatadir@/pop3d.pem
+TLS_CERTFILE=@certsdir@/pop3d.pem
 
 ##NAME: TLS_TRUSTCERTS:0
 #
--- courier-imap-4.8.0/imap/mkimapdcert.8.in~	2010-02-20 06:12:44.000000000 +0200
+++ courier-imap-4.8.0/imap/mkimapdcert.8.in	2010-06-04 15:18:37.508585518 +0300
@@ -29,18 +29,18 @@
 .SH "DESCRIPTION"
 .PP
 IMAP over SSL requires a valid, signed, X\&.509 certificate\&. The default location for the certificate file is
-@datadir@/imapd\&.pem\&.
+@certsdir@/imapd\&.pem\&.
 \fBmkimapdcert\fR
 generates a self\-signed X\&.509 certificate, mainly for testing\&. For production use the X\&.509 certificate must be signed by a recognized certificate authority, in order for mail clients to accept the certificate\&.
 .PP
 
-@datadir@/imapd\&.pem
+@certsdir@/imapd\&.pem
 must be owned by the @mailuser@ user and have no group or world permissions\&. The
 \fBmkimapdcert\fR
 command will enforce this\&. To prevent an unfortunate accident,
 \fBmkimapdcert\fR
 will not work if
-\fB@datadir@/imapd\&.pem\fR
+\fB@certsdir@/imapd\&.pem\fR
 already exists\&.
 .PP
 
@@ -50,7 +50,7 @@
 to be installed\&.
 .SH "FILES"
 .PP
-@datadir@/imapd\&.pem
+@certsdir@/imapd\&.pem
 .RS 4
 X\&.509 certificate\&.
 .RE
--- courier-imap-4.8.0/imap/mkimapdcert.html.in~	2010-02-20 06:12:44.000000000 +0200
+++ courier-imap-4.8.0/imap/mkimapdcert.html.in	2010-06-04 15:19:24.774623744 +0300
@@ -7,22 +7,22 @@
 --></head><body><div class="refentry" title="mkimapdcert"><a id="mkimapdcert" shape="rect"> </a><div class="titlepage"/><div class="refnamediv"><h2>Name</h2><p>mkimapdcert — create a test SSL certificate for IMAP over SSL</p></div><div class="refsynopsisdiv" title="Synopsis"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">@sbindir@/mkimapdcert</code> </p></div></div><div class="refsect1" title="DESCRIPTION"><a id="id381669" shape="rect"> </a><h2>DESCRIPTION</h2><p>
 IMAP over SSL requires a valid, signed, X.509 certificate.  The default
 location for the certificate file is
-<code class="filename">@datadir@/imapd.pem</code>.
+<code class="filename">@certsdir@/imapd.pem</code>.
 <span class="command"><strong>mkimapdcert</strong></span> generates a self-signed X.509 certificate,
 mainly for
 testing.
 For production use the X.509 certificate must be signed by a
 recognized certificate authority, in order for mail clients to accept the
 certificate.</p><p>
-<code class="filename">@datadir@/imapd.pem</code> must be owned by the
+<code class="filename">@certsdir@/imapd.pem</code> must be owned by the
 @mailuser@ user and
 have no group or world permissions.
 The <span class="command"><strong>mkimapdcert</strong></span> command will
 enforce this.  To prevent an unfortunate accident,
 <span class="command"><strong>mkimapdcert</strong></span>
-will not work if <span class="command"><strong>@datadir@/imapd.pem</strong></span> already exists.</p><p>
+will not work if <span class="command"><strong>@certsdir@/imapd.pem</strong></span> already exists.</p><p>
 <span class="command"><strong>mkimapdcert</strong></span> requires
-<span class="application">OpenSSL</span> to be installed.</p></div><div class="refsect1" title="FILES"><a id="id397983" shape="rect"> </a><h2>FILES</h2><div class="variablelist"><dl><dt><span class="term">@datadir@/imapd.pem</span></dt><dd>
+<span class="application">OpenSSL</span> to be installed.</p></div><div class="refsect1" title="FILES"><a id="id397983" shape="rect"> </a><h2>FILES</h2><div class="variablelist"><dl><dt><span class="term">@certsdir@/imapd.pem</span></dt><dd>
 X.509 certificate.
 </dd><dt><span class="term">@sysconfdir@/imapd.cnf</span></dt><dd>
 Parameters used by OpenSSL to
--- courier-imap-4.8.0/imap/mkpop3dcert.8.in~	2010-02-20 06:12:44.000000000 +0200
+++ courier-imap-4.8.0/imap/mkpop3dcert.8.in	2010-06-04 15:19:49.481836220 +0300
@@ -29,18 +29,18 @@
 .SH "DESCRIPTION"
 .PP
 POP3 over SSL requires a valid, signed, X\&.509 certificate\&. The default location for the certificate file is
-@datadir@/pop3d\&.pem\&.
+@certsdir@/pop3d\&.pem\&.
 \fBmkpop3dcert\fR
 generates a self\-signed X\&.509 certificate, mainly for testing\&. For production use the X\&.509 certificate must be signed by a recognized certificate authority, in order for mail clients to accept the certificate\&.
 .PP
 
-@datadir@/pop3d\&.pem
+@certsdir@/pop3d\&.pem
 must be owned by the @mailuser@ user and have no group or world permissions\&. The
 \fBmkpop3dcert\fR
 command will enforce this\&. To prevent an unfortunate accident,
 \fBmkpop3dcert\fR
 will not work if
-\fB@datadir@/pop3d\&.pem\fR
+\fB@certsdir@/pop3d\&.pem\fR
 already exists\&.
 .PP
 
@@ -50,7 +50,7 @@
 to be installed\&.
 .SH "FILES"
 .PP
-@datadir@/pop3d\&.pem
+@certsdir@/pop3d\&.pem
 .RS 4
 X\&.509 certificate\&.
 .RE
--- courier-imap-4.8.0/imap/mkpop3dcert.html.in~	2010-02-20 06:12:44.000000000 +0200
+++ courier-imap-4.8.0/imap/mkpop3dcert.html.in	2010-06-04 15:20:12.428930951 +0300
@@ -7,22 +7,22 @@
 --></head><body><div class="refentry" title="mkpop3dcert"><a id="mkpop3dcert" shape="rect"> </a><div class="titlepage"/><div class="refnamediv"><h2>Name</h2><p>mkpop3dcert — create a test SSL certificate for POP3 over SSL</p></div><div class="refsynopsisdiv" title="Synopsis"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">@sbindir@/mkpop3dcert</code> </p></div></div><div class="refsect1" title="DESCRIPTION"><a id="id489121" shape="rect"> </a><h2>DESCRIPTION</h2><p>
 POP3 over SSL requires a valid, signed, X.509 certificate.  The default
 location for the certificate file is
-<code class="filename">@datadir@/pop3d.pem</code>.
+<code class="filename">@certsdir@/pop3d.pem</code>.
 <span class="command"><strong>mkpop3dcert</strong></span> generates a self-signed X.509 certificate,
 mainly for
 testing.
 For production use the X.509 certificate must be signed by a
 recognized certificate authority, in order for mail clients to accept the
 certificate.</p><p>
-<code class="filename">@datadir@/pop3d.pem</code> must be owned by the
+<code class="filename">@certsdir@/pop3d.pem</code> must be owned by the
 @mailuser@ user and
 have no group or world permissions.
 The <span class="command"><strong>mkpop3dcert</strong></span> command will
 enforce this.  To prevent an unfortunate accident,
 <span class="command"><strong>mkpop3dcert</strong></span>
-will not work if <span class="command"><strong>@datadir@/pop3d.pem</strong></span> already exists.</p><p>
+will not work if <span class="command"><strong>@certsdir@/pop3d.pem</strong></span> already exists.</p><p>
 <span class="command"><strong>mkpop3dcert</strong></span> requires
-<span class="application">OpenSSL</span> to be installed.</p></div><div class="refsect1" title="FILES"><a id="id505435" shape="rect"> </a><h2>FILES</h2><div class="variablelist"><dl><dt><span class="term">@datadir@/pop3d.pem</span></dt><dd>
+<span class="application">OpenSSL</span> to be installed.</p></div><div class="refsect1" title="FILES"><a id="id505435" shape="rect"> </a><h2>FILES</h2><div class="variablelist"><dl><dt><span class="term">@certsdir@/pop3d.pem</span></dt><dd>
 X.509 certificate.
 </dd><dt><span class="term">@sysconfdir@/pop3d.cnf</span></dt><dd>
 Parameters used by OpenSSL to
Commit	Line	Data
4694d3f7	1	--- courier-imap-4.3.0.orig/configure.in 2007-11-24 04:20:18.000000000 +0100
	2	+++ courier-imap-4.3.0/configure.in 2008-01-19 19:53:07.090124292 +0100
	3	@@ -222,6 +222,11 @@
	4
	5	# Neither does it use the change password feature
383f8032 AA	6
	7	+AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ],
	8	+certsdir="$withval", certsdir=$datadir)
	9	+
	10	+AC_SUBST(certsdir)
	11	+
	12	AC_ARG_WITH(authchangepwdir, [], ,
4694d3f7	13	ac_configure_args="$ac_configure_args --with-authchangepwdir=/var/tmp/dev/null")
383f8032	14
4694d3f7	15	--- courier-imap-4.3.0.orig/imap/configure.in 2007-11-24 04:20:18.000000000 +0100
	16	+++ courier-imap-4.3.0/imap/configure.in 2008-01-19 19:53:07.090124292 +0100
	17	@@ -52,6 +52,11 @@
383f8032 AA	18	eval "exec_prefix=$exec_prefix"
	19	eval "bindir=$bindir"
	20
	21	+AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ],
	22	+certsdir="$withval", certsdir=$datadir)
	23	+
	24	+AC_SUBST(certsdir)
	25	+
	26	AC_ARG_WITH(mailer,
	27	[ --with-mailer=prog Your mail submission program],
	28	SENDMAIL="$withval",
4694d3f7	29	--- courier-imap-4.3.0.orig/imap/imapd.cnf.openssl.in 2007-11-04 21:49:58.000000000 +0100
4694d3f7	30	+++ courier-imap-4.3.0/imap/imapd.cnf.openssl.in 2008-01-19 19:53:07.090124292 +0100
383f8032 AA	31	@@ -1,5 +1,5 @@
383f8032 AA	32
4694d3f7	33	-RANDFILE = @mydatadir@/imapd.rand
383f8032 AA	34	+RANDFILE = @certsdir@/imapd.rand
	35
	36	[ req ]
	37	default_bits = 1024
4694d3f7	38	--- courier-imap-4.3.0.orig/imap/imapd-ssl.dist.in 2007-11-22 15:23:05.000000000 +0100
	39	+++ courier-imap-4.3.0/imap/imapd-ssl.dist.in 2008-01-19 19:53:22.977590279 +0100
	40	@@ -254,7 +254,7 @@
383f8032	41	#
4694d3f7	42	# This is an experimental feature.
	43
	44	-TLS_CERTFILE=@mydatadir@/imapd.pem
383f8032 AA	45	+TLS_CERTFILE=@certsdir@/imapd.pem
	46
	47	##NAME: TLS_TRUSTCERTS:0
	48	#
4694d3f7	49	--- courier-imap-4.3.0.orig/imap/mkimapdcert.in 2007-11-04 21:50:15.000000000 +0100
	50	+++ courier-imap-4.3.0/imap/mkimapdcert.in 2008-01-19 19:58:50.290723918 +0100
	51	@@ -18,41 +18,41 @@
148eab3b AA	52
	53	prefix="@prefix@"
	54
4694d3f7	55	-if test -f @mydatadir@/imapd.pem
148eab3b AA	56	+if test -f @certsdir@/imapd.pem
148eab3b AA	57	then
4694d3f7	58	- echo "@mydatadir@/imapd.pem already exists."
148eab3b AA	59	+ echo "@certsdir@/imapd.pem already exists."
	60	exit 1
	61	fi
	62
	63	umask 077
148eab3b AA	64
148eab3b AA	65	cleanup() {
4694d3f7	66	- rm -f @mydatadir@/imapd.pem
	67	- rm -f @mydatadir@/imapd.rand
	68	- rm -f @mydatadir@/imapd.key
	69	- rm -f @mydatadir@/imapd.cert
148eab3b AA	70	+ rm -f @certsdir@/imapd.pem
148eab3b AA	71	+ rm -f @certsdir@/imapd.rand
4694d3f7	72	+ rm -f @certsdir@/imapd.key
4694d3f7	73	+ rm -f @certsdir@/imapd.cert
148eab3b AA	74	exit 1
	75	}
	76
4694d3f7	77	-cd @mydatadir@
148eab3b	78	+cd @certsdir@
4694d3f7	79
	80	if test "@ssllib@" = "openssl"
	81	then
	82	- cp /dev/null @mydatadir@/imapd.pem
	83	- chmod 600 @mydatadir@/imapd.pem
	84	- chown @mailuser@ @mydatadir@/imapd.pem
	85	+ cp /dev/null @certsdir@/imapd.pem
	86	+ chmod 600 @certsdir@/imapd.pem
	87	+ chown @mailuser@ @certsdir@/imapd.pem
	88
	89	- dd if=@RANDOMV@ of=@mydatadir@/imapd.rand count=1 2>/dev/null
	90	+ dd if=@RANDOMV@ of=@certsdir@/imapd.rand count=1 2>/dev/null
	91	@OPENSSL@ req -new -x509 -days 365 -nodes \
	92	- -config @sysconfdir@/imapd.cnf -out @mydatadir@/imapd.pem -keyout @mydatadir@/imapd.pem \|\| cleanup
	93	- @OPENSSL@ gendh -rand @mydatadir@/imapd.rand 512 >>@mydatadir@/imapd.pem \|\| cleanup
	94	- @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @mydatadir@/imapd.pem \|\| cleanup
	95	- rm -f @mydatadir@/imapd.rand
	96	+ -config @sysconfdir@/imapd.cnf -out @certsdir@/imapd.pem -keyout @certsdir@/imapd.pem \|\| cleanup
	97	+ @OPENSSL@ gendh -rand @certsdir@/imapd.rand 512 >>@certsdir@/imapd.pem \|\| cleanup
	98	+ @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/imapd.pem \|\| cleanup
	99	+ rm -f @certsdir@/imapd.rand
	100	else
	101	- cp /dev/null @mydatadir@/imapd.key
	102	- chmod 600 @mydatadir@/imapd.key
	103	- cp /dev/null @mydatadir@/imapd.cert
	104	- chmod 600 @mydatadir@/imapd.cert
	105	+ cp /dev/null @certsdir@/imapd.key
	106	+ chmod 600 @certsdir@/imapd.key
	107	+ cp /dev/null @certsdir@/imapd.cert
	108	+ chmod 600 @certsdir@/imapd.cert
	109
	110	@CERTTOOL@ --generate-privkey --outfile imapd.key
	111	@CERTTOOL@ --generate-self-signed --load-privkey imapd.key --outfile imapd.cert --template @sysconfdir@/imapd.cnf
4694d3f7	112	--- courier-imap-4.3.0.orig/imap/mkpop3dcert.in 2007-11-04 21:50:15.000000000 +0100
	113	+++ courier-imap-4.3.0/imap/mkpop3dcert.in 2008-01-19 19:59:17.935447993 +0100
	114	@@ -18,41 +18,41 @@
383f8032 AA	115
	116	prefix="@prefix@"
	117
4694d3f7	118	-if test -f @mydatadir@/pop3d.pem
383f8032 AA	119	+if test -f @certsdir@/pop3d.pem
383f8032 AA	120	then
4694d3f7	121	- echo "@mydatadir@/pop3d.pem already exists."
383f8032 AA	122	+ echo "@certsdir@/pop3d.pem already exists."
	123	exit 1
	124	fi
	125
148eab3b	126	umask 077
383f8032 AA	127
383f8032 AA	128	cleanup() {
4694d3f7	129	- rm -f @mydatadir@/pop3d.pem
	130	- rm -f @mydatadir@/pop3d.rand
	131	- rm -f @mydatadir@/pop3d.key
	132	- rm -f @mydatadir@/pop3d.cert
383f8032 AA	133	+ rm -f @certsdir@/pop3d.pem
383f8032 AA	134	+ rm -f @certsdir@/pop3d.rand
4694d3f7	135	+ rm -f @certsdir@/pop3d.key
4694d3f7	136	+ rm -f @certsdir@/pop3d.cert
383f8032 AA	137	exit 1
	138	}
	139
4694d3f7	140	-cd @mydatadir@
	141	+cd @certsdir@
	142
	143	if test "@ssllib@" = "openssl"
	144	then
	145	- cp /dev/null @mydatadir@/pop3d.pem
	146	- chmod 600 @mydatadir@/pop3d.pem
	147	- chown @mailuser@ @mydatadir@/pop3d.pem
	148	+ cp /dev/null @certsdir@/pop3d.pem
	149	+ chmod 600 @certsdir@/pop3d.pem
	150	+ chown @mailuser@ @certsdir@/pop3d.pem
	151
	152	- dd if=@RANDOMV@ of=@mydatadir@/pop3d.rand count=1 2>/dev/null
	153	+ dd if=@RANDOMV@ of=@certsdir@/pop3d.rand count=1 2>/dev/null
	154	@OPENSSL@ req -new -x509 -days 365 -nodes \
	155	- -config @sysconfdir@/pop3d.cnf -out @mydatadir@/pop3d.pem -keyout @mydatadir@/pop3d.pem \|\| cleanup
	156	- @OPENSSL@ gendh -rand @mydatadir@/pop3d.rand 512 >>@mydatadir@/pop3d.pem \|\| cleanup
	157	- @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @mydatadir@/pop3d.pem \|\| cleanup
	158	- rm -f @mydatadir@/pop3d.rand
	159	+ -config @sysconfdir@/pop3d.cnf -out @certsdir@/pop3d.pem -keyout @certsdir@/pop3d.pem \|\| cleanup
	160	+ @OPENSSL@ gendh -rand @certsdir@/pop3d.rand 512 >>@certsdir@/pop3d.pem \|\| cleanup
	161	+ @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/pop3d.pem \|\| cleanup
	162	+ rm -f @certsdir@/pop3d.rand
	163	else
	164	- cp /dev/null @mydatadir@/pop3d.key
	165	- chmod 600 @mydatadir@/pop3d.key
	166	- cp /dev/null @mydatadir@/pop3d.cert
	167	- chmod 600 @mydatadir@/pop3d.cert
	168	+ cp /dev/null @certsdir@/pop3d.key
	169	+ chmod 600 @certsdir@/pop3d.key
	170	+ cp /dev/null @certsdir@/pop3d.cert
	171	+ chmod 600 @certsdir@/pop3d.cert
	172
	173	@CERTTOOL@ --generate-privkey --outfile pop3d.key
	174	@CERTTOOL@ --generate-self-signed --load-privkey pop3d.key --outfile pop3d.cert --template @sysconfdir@/pop3d.cnf
4694d3f7	175	--- courier-imap-4.3.0.orig/imap/pop3d.cnf.openssl.in 2007-11-04 21:49:58.000000000 +0100
	176	+++ courier-imap-4.3.0/imap/pop3d.cnf.openssl.in 2008-01-19 19:53:07.103458296 +0100
	177	@@ -1,5 +1,5 @@
	178
	179	-RANDFILE = @mydatadir@/pop3d.rand
	180	+RANDFILE = @certsdir@/pop3d.rand
	181
	182	[ req ]
	183	default_bits = 1024
4694d3f7	184	--- courier-imap-4.3.0.orig/imap/pop3d-ssl.dist.in 2007-11-22 15:23:06.000000000 +0100
	185	+++ courier-imap-4.3.0/imap/pop3d-ssl.dist.in 2008-01-19 19:55:43.177977173 +0100
	186	@@ -241,7 +241,7 @@
	187	#
	188	# This is an experimental feature.
	189
	190	-TLS_CERTFILE=@mydatadir@/pop3d.pem
	191	+TLS_CERTFILE=@certsdir@/pop3d.pem
	192
	193	##NAME: TLS_TRUSTCERTS:0
	194	#
79462f56 ER	195	--- courier-imap-4.8.0/imap/mkimapdcert.8.in~ 2010-02-20 06:12:44.000000000 +0200
	196	+++ courier-imap-4.8.0/imap/mkimapdcert.8.in 2010-06-04 15:18:37.508585518 +0300
	197	@@ -29,18 +29,18 @@
	198	.SH "DESCRIPTION"
	199	.PP
	200	IMAP over SSL requires a valid, signed, X\&.509 certificate\&. The default location for the certificate file is
	201	-@datadir@/imapd\&.pem\&.
	202	+@certsdir@/imapd\&.pem\&.
	203	\fBmkimapdcert\fR
	204	generates a self\-signed X\&.509 certificate, mainly for testing\&. For production use the X\&.509 certificate must be signed by a recognized certificate authority, in order for mail clients to accept the certificate\&.
	205	.PP
	206
	207	-@datadir@/imapd\&.pem
	208	+@certsdir@/imapd\&.pem
	209	must be owned by the @mailuser@ user and have no group or world permissions\&. The
	210	\fBmkimapdcert\fR
	211	command will enforce this\&. To prevent an unfortunate accident,
	212	\fBmkimapdcert\fR
	213	will not work if
	214	-\fB@datadir@/imapd\&.pem\fR
	215	+\fB@certsdir@/imapd\&.pem\fR
	216	already exists\&.
	217	.PP
	218
	219	@@ -50,7 +50,7 @@
	220	to be installed\&.
	221	.SH "FILES"
	222	.PP
	223	-@datadir@/imapd\&.pem
	224	+@certsdir@/imapd\&.pem
	225	.RS 4
	226	X\&.509 certificate\&.
	227	.RE
	228	--- courier-imap-4.8.0/imap/mkimapdcert.html.in~ 2010-02-20 06:12:44.000000000 +0200
	229	+++ courier-imap-4.8.0/imap/mkimapdcert.html.in 2010-06-04 15:19:24.774623744 +0300
	230	@@ -7,22 +7,22 @@
	231	--></head><body><div class="refentry" title="mkimapdcert"><a id="mkimapdcert" shape="rect"> </a><div class="titlepage"/><div class="refnamediv"><h2>Name</h2><p>mkimapdcert — create a test SSL certificate for IMAP over SSL</p></div><div class="refsynopsisdiv" title="Synopsis"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">@sbindir@/mkimapdcert</code> </p></div></div><div class="refsect1" title="DESCRIPTION"><a id="id381669" shape="rect"> </a><h2>DESCRIPTION</h2><p>
	232	IMAP over SSL requires a valid, signed, X.509 certificate. The default
	233	location for the certificate file is
	234	-<code class="filename">@datadir@/imapd.pem</code>.
	235	+<code class="filename">@certsdir@/imapd.pem</code>.
	236	<span class="command"><strong>mkimapdcert</strong></span> generates a self-signed X.509 certificate,
	237	mainly for
	238	testing.
	239	For production use the X.509 certificate must be signed by a
	240	recognized certificate authority, in order for mail clients to accept the
	241	certificate.</p><p>
	242	-<code class="filename">@datadir@/imapd.pem</code> must be owned by the
	243	+<code class="filename">@certsdir@/imapd.pem</code> must be owned by the
	244	@mailuser@ user and
	245	have no group or world permissions.
	246	The <span class="command"><strong>mkimapdcert</strong></span> command will
	247	enforce this. To prevent an unfortunate accident,
	248	<span class="command"><strong>mkimapdcert</strong></span>
	249	-will not work if <span class="command"><strong>@datadir@/imapd.pem</strong></span> already exists.</p><p>
	250	+will not work if <span class="command"><strong>@certsdir@/imapd.pem</strong></span> already exists.</p><p>
	251	<span class="command"><strong>mkimapdcert</strong></span> requires
	252	-<span class="application">OpenSSL</span> to be installed.</p></div><div class="refsect1" title="FILES"><a id="id397983" shape="rect"> </a><h2>FILES</h2><div class="variablelist"><dl><dt><span class="term">@datadir@/imapd.pem</span></dt><dd>
	253	+<span class="application">OpenSSL</span> to be installed.</p></div><div class="refsect1" title="FILES"><a id="id397983" shape="rect"> </a><h2>FILES</h2><div class="variablelist"><dl><dt><span class="term">@certsdir@/imapd.pem</span></dt><dd>
	254	X.509 certificate.
	255	</dd><dt><span class="term">@sysconfdir@/imapd.cnf</span></dt><dd>
	256	Parameters used by OpenSSL to
	257	--- courier-imap-4.8.0/imap/mkpop3dcert.8.in~ 2010-02-20 06:12:44.000000000 +0200
	258	+++ courier-imap-4.8.0/imap/mkpop3dcert.8.in 2010-06-04 15:19:49.481836220 +0300
259	@@ -29,18 +29,18 @@
260	.SH "DESCRIPTION"
261	.PP
262	POP3 over SSL requires a valid, signed, X\&.509 certificate\&. The default location for the certificate file is
263	-@datadir@/pop3d\&.pem\&.
264	+@certsdir@/pop3d\&.pem\&.
265	\fBmkpop3dcert\fR
266	generates a self\-signed X\&.509 certificate, mainly for testing\&. For production use the X\&.509 certificate must be signed by a recognized certificate authority, in order for mail clients to accept the certificate\&.
267	.PP
268
269	-@datadir@/pop3d\&.pem
270	+@certsdir@/pop3d\&.pem
271	must be owned by the @mailuser@ user and have no group or world permissions\&. The
272	\fBmkpop3dcert\fR
273	command will enforce this\&. To prevent an unfortunate accident,
274	\fBmkpop3dcert\fR
275	will not work if
276	-\fB@datadir@/pop3d\&.pem\fR
277	+\fB@certsdir@/pop3d\&.pem\fR
278	already exists\&.
279	.PP
280
281	@@ -50,7 +50,7 @@
282	to be installed\&.
283	.SH "FILES"
284	.PP
285	-@datadir@/pop3d\&.pem
286	+@certsdir@/pop3d\&.pem
287	.RS 4
288	X\&.509 certificate\&.
289	.RE
290	--- courier-imap-4.8.0/imap/mkpop3dcert.html.in~ 2010-02-20 06:12:44.000000000 +0200
291	+++ courier-imap-4.8.0/imap/mkpop3dcert.html.in 2010-06-04 15:20:12.428930951 +0300
292	@@ -7,22 +7,22 @@
293	--></head><body><div class="refentry" title="mkpop3dcert"><a id="mkpop3dcert" shape="rect"> </a><div class="titlepage"/><div class="refnamediv"><h2>Name</h2><p>mkpop3dcert — create a test SSL certificate for POP3 over SSL</p></div><div class="refsynopsisdiv" title="Synopsis"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">@sbindir@/mkpop3dcert</code> </p></div></div><div class="refsect1" title="DESCRIPTION"><a id="id489121" shape="rect"> </a><h2>DESCRIPTION</h2><p>
294	POP3 over SSL requires a valid, signed, X.509 certificate. The default
295	location for the certificate file is
296	-<code class="filename">@datadir@/pop3d.pem</code>.
297	+<code class="filename">@certsdir@/pop3d.pem</code>.
298	<span class="command"><strong>mkpop3dcert</strong></span> generates a self-signed X.509 certificate,
299	mainly for
300	testing.
301	For production use the X.509 certificate must be signed by a
302	recognized certificate authority, in order for mail clients to accept the
303	certificate.</p><p>
304	-<code class="filename">@datadir@/pop3d.pem</code> must be owned by the
305	+<code class="filename">@certsdir@/pop3d.pem</code> must be owned by the
306	@mailuser@ user and
307	have no group or world permissions.
308	The <span class="command"><strong>mkpop3dcert</strong></span> command will
309	enforce this. To prevent an unfortunate accident,
310	<span class="command"><strong>mkpop3dcert</strong></span>
311	-will not work if <span class="command"><strong>@datadir@/pop3d.pem</strong></span> already exists.</p><p>
312	+will not work if <span class="command"><strong>@certsdir@/pop3d.pem</strong></span> already exists.</p><p>
313	<span class="command"><strong>mkpop3dcert</strong></span> requires
314	-<span class="application">OpenSSL</span> to be installed.</p></div><div class="refsect1" title="FILES"><a id="id505435" shape="rect"> </a><h2>FILES</h2><div class="variablelist"><dl><dt><span class="term">@datadir@/pop3d.pem</span></dt><dd>
315	+<span class="application">OpenSSL</span> to be installed.</p></div><div class="refsect1" title="FILES"><a id="id505435" shape="rect"> </a><h2>FILES</h2><div class="variablelist"><dl><dt><span class="term">@certsdir@/pop3d.pem</span></dt><dd>
316	X.509 certificate.
317	</dd><dt><span class="term">@sysconfdir@/pop3d.cnf</span></dt><dd>
318	Parameters used by OpenSSL to