From 4694d3f7256c8be003d807018d5ddd5fb6180667 Mon Sep 17 00:00:00 2001 From: hawk Date: Sat, 19 Jan 2008 19:07:29 +0000 Subject: [PATCH] - updated for 4.3.0 Changed files: courier-imap-certsdir.patch -> 1.4 --- courier-imap-certsdir.patch | 480 +++++++++++++++++++----------------- 1 file changed, 251 insertions(+), 229 deletions(-) diff --git a/courier-imap-certsdir.patch b/courier-imap-certsdir.patch index 59fc9fc..a0984ba 100644 --- a/courier-imap-certsdir.patch +++ b/courier-imap-certsdir.patch @@ -1,9 +1,9 @@ -diff -Nur old/configure.in new/configure.in ---- old/configure.in 2004-06-12 01:38:04.000000000 +0000 -+++ new/configure.in 2004-07-08 16:53:13.000000000 +0000 -@@ -97,6 +97,11 @@ - eval "exec_prefix=$exec_prefix" - eval "libexecdir=$libexecdir" +diff -urN courier-imap-4.3.0.orig/configure.in courier-imap-4.3.0/configure.in +--- courier-imap-4.3.0.orig/configure.in 2007-11-24 04:20:18.000000000 +0100 ++++ courier-imap-4.3.0/configure.in 2008-01-19 19:53:07.090124292 +0100 +@@ -222,6 +222,11 @@ + + # Neither does it use the change password feature +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ], +certsdir="$withval", certsdir=$datadir) @@ -11,12 +11,12 @@ diff -Nur old/configure.in new/configure.in +AC_SUBST(certsdir) + AC_ARG_WITH(authchangepwdir, [], , - ac_configure_args="$ac_configure_args --with-authchangepwdir=$libexecdir/authlib") + ac_configure_args="$ac_configure_args --with-authchangepwdir=/var/tmp/dev/null") -diff -Nur old/imap/configure.in new/imap/configure.in ---- old/imap/configure.in 2004-06-12 01:38:04.000000000 +0000 -+++ new/imap/configure.in 2004-07-08 16:53:44.000000000 +0000 -@@ -35,6 +35,11 @@ +diff -urN courier-imap-4.3.0.orig/imap/configure.in courier-imap-4.3.0/imap/configure.in +--- courier-imap-4.3.0.orig/imap/configure.in 2007-11-24 04:20:18.000000000 +0100 ++++ courier-imap-4.3.0/imap/configure.in 2008-01-19 19:53:07.090124292 +0100 +@@ -52,6 +52,11 @@ eval "exec_prefix=$exec_prefix" eval "bindir=$bindir" @@ -28,281 +28,303 @@ diff -Nur old/imap/configure.in new/imap/configure.in AC_ARG_WITH(mailer, [ --with-mailer=prog Your mail submission program], SENDMAIL="$withval", -diff -Nur old/imap/imapd.cnf.in new/imap/imapd.cnf.in ---- old/imap/imapd.cnf.in 2001-03-24 04:59:55.000000000 +0000 -+++ new/imap/imapd.cnf.in 2004-07-08 16:54:18.000000000 +0000 +diff -urN courier-imap-4.3.0.orig/imap/imapd.cnf.openssl.in courier-imap-4.3.0/imap/imapd.cnf.openssl.in +--- courier-imap-4.3.0.orig/imap/imapd.cnf.openssl.in 2007-11-04 21:49:58.000000000 +0100 ++++ courier-imap-4.3.0/imap/imapd.cnf.openssl.in 2008-01-19 19:53:07.090124292 +0100 @@ -1,5 +1,5 @@ --RANDFILE = @datadir@/imapd.rand +-RANDFILE = @mydatadir@/imapd.rand +RANDFILE = @certsdir@/imapd.rand [ req ] default_bits = 1024 -diff -Nur old/imap/imapd-ssl.dist.in new/imap/imapd-ssl.dist.in ---- old/imap/imapd-ssl.dist.in 2004-01-24 20:09:26.000000000 +0000 -+++ new/imap/imapd-ssl.dist.in 2004-07-08 16:54:04.000000000 +0000 -@@ -146,7 +146,7 @@ - # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually - # treated as confidential, and must not be world-readable. +diff -urN courier-imap-4.3.0.orig/imap/imapd-ssl.dist.in courier-imap-4.3.0/imap/imapd-ssl.dist.in +--- courier-imap-4.3.0.orig/imap/imapd-ssl.dist.in 2007-11-22 15:23:05.000000000 +0100 ++++ courier-imap-4.3.0/imap/imapd-ssl.dist.in 2008-01-19 19:53:22.977590279 +0100 +@@ -254,7 +254,7 @@ # --TLS_CERTFILE=@datadir@/imapd.pem + # This is an experimental feature. + +-TLS_CERTFILE=@mydatadir@/imapd.pem +TLS_CERTFILE=@certsdir@/imapd.pem ##NAME: TLS_TRUSTCERTS:0 # -diff -Nur old/imap/mkimapdcert.8.in new/imap/mkimapdcert.8.in ---- old/imap/mkimapdcert.8.in 2004-02-08 04:12:08.000000000 +0000 -+++ new/imap/mkimapdcert.8.in 2004-07-08 17:01:04.000000000 +0000 -@@ -18,7 +18,7 @@ - .PP - IMAP over SSL requires a valid, signed, X.509 certificate. The default - location for the certificate file is --\fI@datadir@/imapd.pem\fR\&. -+\fI@certsdir@/imapd.pem\fR\&. - \fBmkimapdcert\fR generates a self-signed X.509 certificate, - mainly for - testing. -@@ -26,19 +26,19 @@ - recognized certificate authority, in order for mail clients to accept the - certificate. +diff -urN courier-imap-4.3.0.orig/imap/mkimapdcert.8.in courier-imap-4.3.0/imap/mkimapdcert.8.in +--- courier-imap-4.3.0.orig/imap/mkimapdcert.8.in 2007-04-22 17:33:32.000000000 +0200 ++++ courier-imap-4.3.0/imap/mkimapdcert.8.in 2008-01-19 19:53:58.669385973 +0100 +@@ -21,18 +21,18 @@ + .SH "DESCRIPTION" .PP --\fI@datadir@/imapd.pem\fR must be owned by the -+\fI@certsdir@/imapd.pem\fR must be owned by the - @mailuser@ user and - have no group or world permissions. - The \fBmkimapdcert\fR command will - enforce this. To prevent an unfortunate accident, + IMAP over SSL requires a valid, signed, X.509 certificate. The default location for the certificate file is +-\fI@datadir@/imapd.pem\fR. ++\fI@certsdir@/imapd.pem\fR. \fBmkimapdcert\fR --will not work if \fB@datadir@/imapd.pem\fR already exists. -+will not work if \fB@certsdir@/imapd.pem\fR already exists. + generates a self\-signed X.509 certificate, mainly for testing. For production use the X.509 certificate must be signed by a recognized certificate authority, in order for mail clients to accept the certificate. .PP - \fBmkimapdcert\fR requires - \fBOpenSSL\fR to be installed. - .SH "FILES" - .TP + +-\fI@datadir@/imapd.pem\fR ++\fI@certsdir@/imapd.pem\fR + must be owned by the @mailuser@ user and have no group or world permissions. The + \fBmkimapdcert\fR + command will enforce this. To prevent an unfortunate accident, + \fBmkimapdcert\fR + will not work if -\fB@datadir@/imapd.pem\fR +\fB@certsdir@/imapd.pem\fR - X.509 certificate. - .TP - \fB@sysconfdir@/imapd.cnf\fR -diff -Nur old/imap/mkimapdcert.html.in new/imap/mkimapdcert.html.in ---- old/imap/mkimapdcert.html.in 2004-02-08 04:12:12.000000000 +0000 -+++ new/imap/mkimapdcert.html.in 2004-07-08 17:00:45.000000000 +0000 -@@ -57,7 +57,7 @@ - location for the certificate file is - @datadir@/imapd.pem@certsdir@/imapd.pem. -

@datadir@/imapd.pem@certsdir@/imapd.pem must be owned by the - @mailuser@ user and - have no group or world permissions. -@@ -86,7 +86,7 @@ - > - will not work if @datadir@/imapd.pem@certsdir@/imapd.pem already exists.

@datadir@/imapd.pem
@certsdir@/imapd.pem

X.509 certificate.

Name

mkimapdcert — create a test SSL certificate for IMAP over SSL

Synopsis

@sbindir@/mkimapdcert

DESCRIPTION

+ IMAP over SSL requires a valid, signed, X.509 certificate. The default location for the certificate file is --\fI@datadir@/pop3d.pem\fR\&. -+\fI@certsdir@/pop3d.pem\fR\&. - \fBmkpop3dcert\fR generates a self-signed X.509 certificate, +-@datadir@/imapd.pem. ++@certsdir@/imapd.pem. + mkimapdcert generates a self-signed X.509 certificate, mainly for testing. -@@ -26,19 +26,19 @@ + For production use the X.509 certificate must be signed by a recognized certificate authority, in order for mail clients to accept the - certificate. - .PP --\fI@datadir@/pop3d.pem\fR must be owned by the -+\fI@certsdir@/pop3d.pem\fR must be owned by the + certificate.

+-@datadir@/imapd.pem must be owned by the ++@certsdir@/imapd.pem must be owned by the @mailuser@ user and have no group or world permissions. - The \fBmkpop3dcert\fR command will + The mkimapdcert command will enforce this. To prevent an unfortunate accident, - \fBmkpop3dcert\fR --will not work if \fB@datadir@/pop3d.pem\fR already exists. -+will not work if \fB@certsdir@/pop3d.pem\fR already exists. - .PP - \fBmkpop3dcert\fR requires - \fBOpenSSL\fR to be installed. - .SH "FILES" - .TP --\fB@datadir@/pop3d.pem\fR -+\fB@certsdir@/pop3d.pem\fR + mkimapdcert +-will not work if @datadir@/imapd.pem already exists.

++will not work if @certsdir@/imapd.pem already exists.

+ mkimapdcert requires +-OpenSSL to be installed.

FILES

@datadir@/imapd.pem
++OpenSSL to be installed.

FILES

@certsdir@/imapd.pem
X.509 certificate. - .TP - \fB@sysconfdir@/pop3d.cnf\fR -diff -Nur old/imap/mkpop3dcert.html.in new/imap/mkpop3dcert.html.in ---- old/imap/mkpop3dcert.html.in 2004-02-08 04:12:11.000000000 +0000 -+++ new/imap/mkpop3dcert.html.in 2004-07-08 16:59:29.000000000 +0000 -@@ -57,7 +57,7 @@ - location for the certificate file is - @datadir@/pop3d.pem@certsdir@/pop3d.pem. -

@datadir@/pop3d.pem@certsdir@/pop3d.pem must be owned by the - @mailuser@ user and - have no group or world permissions. -@@ -86,7 +86,7 @@ - > - will not work if @datadir@/pop3d.pem@certsdir@/pop3d.pem already exists.

@datadir@/pop3d.pem
@certsdir@/pop3d.pem

X.509 certificate.

@sysconfdir@/imapd.cnf
+ Parameters used by OpenSSL to +diff -urN courier-imap-4.3.0.orig/imap/mkimapdcert.in courier-imap-4.3.0/imap/mkimapdcert.in +--- courier-imap-4.3.0.orig/imap/mkimapdcert.in 2007-11-04 21:50:15.000000000 +0100 ++++ courier-imap-4.3.0/imap/mkimapdcert.in 2008-01-19 19:58:50.290723918 +0100 +@@ -18,41 +18,41 @@ prefix="@prefix@" --if test -f @datadir@/imapd.pem +-if test -f @mydatadir@/imapd.pem +if test -f @certsdir@/imapd.pem then -- echo "@datadir@/imapd.pem already exists." +- echo "@mydatadir@/imapd.pem already exists." + echo "@certsdir@/imapd.pem already exists." exit 1 fi umask 077 --cp /dev/null @datadir@/imapd.pem --chmod 600 @datadir@/imapd.pem --chown @mailuser@ @datadir@/imapd.pem -+cp /dev/null @certsdir@/imapd.pem -+chmod 600 @certsdir@/imapd.pem -+chown @mailuser@ @certsdir@/imapd.pem cleanup() { -- rm -f @datadir@/imapd.pem -- rm -f @datadir@/imapd.rand +- rm -f @mydatadir@/imapd.pem +- rm -f @mydatadir@/imapd.rand +- rm -f @mydatadir@/imapd.key +- rm -f @mydatadir@/imapd.cert + rm -f @certsdir@/imapd.pem + rm -f @certsdir@/imapd.rand ++ rm -f @certsdir@/imapd.key ++ rm -f @certsdir@/imapd.cert exit 1 } --cd @datadir@ --dd if=@RANDOMV@ of=@datadir@/imapd.rand count=1 2>/dev/null +-cd @mydatadir@ +cd @certsdir@ -+dd if=@RANDOMV@ of=@certsdir@/imapd.rand count=1 2>/dev/null - @OPENSSL@ req -new -x509 -days 365 -nodes \ -- -config @sysconfdir@/imapd.cnf -out @datadir@/imapd.pem -keyout @datadir@/imapd.pem || cleanup --@OPENSSL@ gendh -rand @datadir@/imapd.rand 512 >>@datadir@/imapd.pem || cleanup --@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/imapd.pem || cleanup --rm -f @datadir@/imapd.rand -+ -config @sysconfdir@/imapd.cnf -out @certsdir@/imapd.pem -keyout @certsdir@/imapd.pem || cleanup -+@OPENSSL@ gendh -rand @certsdir@/imapd.rand 512 >>@certsdir@/imapd.pem || cleanup -+@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/imapd.pem || cleanup -+rm -f @certsdir@/imapd.rand -diff -Nur old/imap/mkpop3dcert.in new/imap/mkpop3dcert.in ---- old/imap/mkpop3dcert.in 2005-06-29 18:01:17.000000000 +0000 -+++ new/imap/mkpop3dcert.in 2005-08-31 21:49:26.143362392 +0000 -@@ -13,26 +13,26 @@ + + if test "@ssllib@" = "openssl" + then +- cp /dev/null @mydatadir@/imapd.pem +- chmod 600 @mydatadir@/imapd.pem +- chown @mailuser@ @mydatadir@/imapd.pem ++ cp /dev/null @certsdir@/imapd.pem ++ chmod 600 @certsdir@/imapd.pem ++ chown @mailuser@ @certsdir@/imapd.pem + +- dd if=@RANDOMV@ of=@mydatadir@/imapd.rand count=1 2>/dev/null ++ dd if=@RANDOMV@ of=@certsdir@/imapd.rand count=1 2>/dev/null + @OPENSSL@ req -new -x509 -days 365 -nodes \ +- -config @sysconfdir@/imapd.cnf -out @mydatadir@/imapd.pem -keyout @mydatadir@/imapd.pem || cleanup +- @OPENSSL@ gendh -rand @mydatadir@/imapd.rand 512 >>@mydatadir@/imapd.pem || cleanup +- @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @mydatadir@/imapd.pem || cleanup +- rm -f @mydatadir@/imapd.rand ++ -config @sysconfdir@/imapd.cnf -out @certsdir@/imapd.pem -keyout @certsdir@/imapd.pem || cleanup ++ @OPENSSL@ gendh -rand @certsdir@/imapd.rand 512 >>@certsdir@/imapd.pem || cleanup ++ @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/imapd.pem || cleanup ++ rm -f @certsdir@/imapd.rand + else +- cp /dev/null @mydatadir@/imapd.key +- chmod 600 @mydatadir@/imapd.key +- cp /dev/null @mydatadir@/imapd.cert +- chmod 600 @mydatadir@/imapd.cert ++ cp /dev/null @certsdir@/imapd.key ++ chmod 600 @certsdir@/imapd.key ++ cp /dev/null @certsdir@/imapd.cert ++ chmod 600 @certsdir@/imapd.cert + + @CERTTOOL@ --generate-privkey --outfile imapd.key + @CERTTOOL@ --generate-self-signed --load-privkey imapd.key --outfile imapd.cert --template @sysconfdir@/imapd.cnf +diff -urN courier-imap-4.3.0.orig/imap/mkpop3dcert.8.in courier-imap-4.3.0/imap/mkpop3dcert.8.in +--- courier-imap-4.3.0.orig/imap/mkpop3dcert.8.in 2007-04-22 17:33:36.000000000 +0200 ++++ courier-imap-4.3.0/imap/mkpop3dcert.8.in 2008-01-19 19:55:01.929235273 +0100 +@@ -21,18 +21,18 @@ + .SH "DESCRIPTION" + .PP + POP3 over SSL requires a valid, signed, X.509 certificate. The default location for the certificate file is +-\fI@datadir@/pop3d.pem\fR. ++\fI@certsdir@/pop3d.pem\fR. + \fBmkpop3dcert\fR + generates a self\-signed X.509 certificate, mainly for testing. For production use the X.509 certificate must be signed by a recognized certificate authority, in order for mail clients to accept the certificate. + .PP + +-\fI@datadir@/pop3d.pem\fR ++\fI@certsdir@/pop3d.pem\fR + must be owned by the @mailuser@ user and have no group or world permissions. The + \fBmkpop3dcert\fR + command will enforce this. To prevent an unfortunate accident, + \fBmkpop3dcert\fR + will not work if +-\fB@datadir@/pop3d.pem\fR ++\fB@certsdir@/pop3d.pem\fR + already exists. + .PP + +@@ -42,7 +42,7 @@ + to be installed. + .SH "FILES" + .PP +-@datadir@/pop3d.pem ++@certsdir@/pop3d.pem + .RS 4 + X.509 certificate. + .RE +diff -urN courier-imap-4.3.0.orig/imap/mkpop3dcert.html.in courier-imap-4.3.0/imap/mkpop3dcert.html.in +--- courier-imap-4.3.0.orig/imap/mkpop3dcert.html.in 2007-04-22 17:33:35.000000000 +0200 ++++ courier-imap-4.3.0/imap/mkpop3dcert.html.in 2008-01-19 19:55:15.619924063 +0100 +@@ -7,22 +7,22 @@ + -->

Name

mkpop3dcert — create a test SSL certificate for POP3 over SSL

Synopsis

@sbindir@/mkpop3dcert

DESCRIPTION

+ POP3 over SSL requires a valid, signed, X.509 certificate. The default + location for the certificate file is +-@datadir@/pop3d.pem. ++@certsdir@/pop3d.pem. + mkpop3dcert generates a self-signed X.509 certificate, + mainly for + testing. + For production use the X.509 certificate must be signed by a + recognized certificate authority, in order for mail clients to accept the + certificate.

+-@datadir@/pop3d.pem must be owned by the ++@certsdir@/pop3d.pem must be owned by the + @mailuser@ user and + have no group or world permissions. + The mkpop3dcert command will + enforce this. To prevent an unfortunate accident, + mkpop3dcert +-will not work if @datadir@/pop3d.pem already exists.

++will not work if @certsdir@/pop3d.pem already exists.

+ mkpop3dcert requires +-OpenSSL to be installed.

FILES

@datadir@/pop3d.pem
++OpenSSL to be installed.

FILES

@certsdir@/pop3d.pem
+ X.509 certificate. +
@sysconfdir@/pop3d.cnf
+ Parameters used by OpenSSL to +diff -urN courier-imap-4.3.0.orig/imap/mkpop3dcert.in courier-imap-4.3.0/imap/mkpop3dcert.in +--- courier-imap-4.3.0.orig/imap/mkpop3dcert.in 2007-11-04 21:50:15.000000000 +0100 ++++ courier-imap-4.3.0/imap/mkpop3dcert.in 2008-01-19 19:59:17.935447993 +0100 +@@ -18,41 +18,41 @@ prefix="@prefix@" --if test -f @datadir@/pop3d.pem +-if test -f @mydatadir@/pop3d.pem +if test -f @certsdir@/pop3d.pem then -- echo "@datadir@/pop3d.pem already exists." +- echo "@mydatadir@/pop3d.pem already exists." + echo "@certsdir@/pop3d.pem already exists." exit 1 fi umask 077 --cp /dev/null @datadir@/pop3d.pem --chmod 600 @datadir@/pop3d.pem --chown @mailuser@ @datadir@/pop3d.pem -+cp /dev/null @certsdir@/pop3d.pem -+chmod 600 @certsdir@/pop3d.pem -+chown @mailuser@ @certsdir@/pop3d.pem cleanup() { -- rm -f @datadir@/pop3d.pem -- rm -f @datadir@/pop3d.rand +- rm -f @mydatadir@/pop3d.pem +- rm -f @mydatadir@/pop3d.rand +- rm -f @mydatadir@/pop3d.key +- rm -f @mydatadir@/pop3d.cert + rm -f @certsdir@/pop3d.pem + rm -f @certsdir@/pop3d.rand ++ rm -f @certsdir@/pop3d.key ++ rm -f @certsdir@/pop3d.cert exit 1 } --dd if=@RANDOMV@ of=@datadir@/pop3d.rand count=1 2>/dev/null -+dd if=@RANDOMV@ of=@certsdir@/pop3d.rand count=1 2>/dev/null - @OPENSSL@ req -new -x509 -days 365 -nodes \ -- -config @sysconfdir@/pop3d.cnf -out @datadir@/pop3d.pem -keyout @datadir@/pop3d.pem || cleanup --@OPENSSL@ gendh -rand @datadir@/pop3d.rand 512 >>@datadir@/pop3d.pem || cleanup --@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/pop3d.pem || cleanup --rm -f @datadir@/pop3d.rand -+ -config @sysconfdir@/pop3d.cnf -out @certsdir@/pop3d.pem -keyout @certsdir@/pop3d.pem || cleanup -+@OPENSSL@ gendh -rand @certsdir@/pop3d.rand 512 >>@certsdir@/pop3d.pem || cleanup -+@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/pop3d.pem || cleanup -+rm -f @certsdir@/pop3d.rand +-cd @mydatadir@ ++cd @certsdir@ + + if test "@ssllib@" = "openssl" + then +- cp /dev/null @mydatadir@/pop3d.pem +- chmod 600 @mydatadir@/pop3d.pem +- chown @mailuser@ @mydatadir@/pop3d.pem ++ cp /dev/null @certsdir@/pop3d.pem ++ chmod 600 @certsdir@/pop3d.pem ++ chown @mailuser@ @certsdir@/pop3d.pem + +- dd if=@RANDOMV@ of=@mydatadir@/pop3d.rand count=1 2>/dev/null ++ dd if=@RANDOMV@ of=@certsdir@/pop3d.rand count=1 2>/dev/null + @OPENSSL@ req -new -x509 -days 365 -nodes \ +- -config @sysconfdir@/pop3d.cnf -out @mydatadir@/pop3d.pem -keyout @mydatadir@/pop3d.pem || cleanup +- @OPENSSL@ gendh -rand @mydatadir@/pop3d.rand 512 >>@mydatadir@/pop3d.pem || cleanup +- @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @mydatadir@/pop3d.pem || cleanup +- rm -f @mydatadir@/pop3d.rand ++ -config @sysconfdir@/pop3d.cnf -out @certsdir@/pop3d.pem -keyout @certsdir@/pop3d.pem || cleanup ++ @OPENSSL@ gendh -rand @certsdir@/pop3d.rand 512 >>@certsdir@/pop3d.pem || cleanup ++ @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/pop3d.pem || cleanup ++ rm -f @certsdir@/pop3d.rand + else +- cp /dev/null @mydatadir@/pop3d.key +- chmod 600 @mydatadir@/pop3d.key +- cp /dev/null @mydatadir@/pop3d.cert +- chmod 600 @mydatadir@/pop3d.cert ++ cp /dev/null @certsdir@/pop3d.key ++ chmod 600 @certsdir@/pop3d.key ++ cp /dev/null @certsdir@/pop3d.cert ++ chmod 600 @certsdir@/pop3d.cert + + @CERTTOOL@ --generate-privkey --outfile pop3d.key + @CERTTOOL@ --generate-self-signed --load-privkey pop3d.key --outfile pop3d.cert --template @sysconfdir@/pop3d.cnf +diff -urN courier-imap-4.3.0.orig/imap/pop3d.cnf.openssl.in courier-imap-4.3.0/imap/pop3d.cnf.openssl.in +--- courier-imap-4.3.0.orig/imap/pop3d.cnf.openssl.in 2007-11-04 21:49:58.000000000 +0100 ++++ courier-imap-4.3.0/imap/pop3d.cnf.openssl.in 2008-01-19 19:53:07.103458296 +0100 +@@ -1,5 +1,5 @@ + +-RANDFILE = @mydatadir@/pop3d.rand ++RANDFILE = @certsdir@/pop3d.rand + + [ req ] + default_bits = 1024 +diff -urN courier-imap-4.3.0.orig/imap/pop3d-ssl.dist.in courier-imap-4.3.0/imap/pop3d-ssl.dist.in +--- courier-imap-4.3.0.orig/imap/pop3d-ssl.dist.in 2007-11-22 15:23:06.000000000 +0100 ++++ courier-imap-4.3.0/imap/pop3d-ssl.dist.in 2008-01-19 19:55:43.177977173 +0100 +@@ -241,7 +241,7 @@ + # + # This is an experimental feature. + +-TLS_CERTFILE=@mydatadir@/pop3d.pem ++TLS_CERTFILE=@certsdir@/pop3d.pem + + ##NAME: TLS_TRUSTCERTS:0 + # -- 2.44.0