1 diff -Nur old/configure.in new/configure.in
2 --- old/configure.in 2004-06-12 01:38:04.000000000 +0000
3 +++ new/configure.in 2004-07-08 16:53:13.000000000 +0000
5 eval "exec_prefix=$exec_prefix"
6 eval "libexecdir=$libexecdir"
8 +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ],
9 +certsdir="$withval", certsdir=$datadir)
13 AC_ARG_WITH(authchangepwdir, [], ,
14 ac_configure_args="$ac_configure_args --with-authchangepwdir=$libexecdir/authlib")
16 diff -Nur old/imap/configure.in new/imap/configure.in
17 --- old/imap/configure.in 2004-06-12 01:38:04.000000000 +0000
18 +++ new/imap/configure.in 2004-07-08 16:53:44.000000000 +0000
20 eval "exec_prefix=$exec_prefix"
23 +AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ],
24 +certsdir="$withval", certsdir=$datadir)
29 [ --with-mailer=prog Your mail submission program],
31 diff -Nur old/imap/imapd.cnf.in new/imap/imapd.cnf.in
32 --- old/imap/imapd.cnf.in 2001-03-24 04:59:55.000000000 +0000
33 +++ new/imap/imapd.cnf.in 2004-07-08 16:54:18.000000000 +0000
36 -RANDFILE = @datadir@/imapd.rand
37 +RANDFILE = @certsdir@/imapd.rand
41 diff -Nur old/imap/imapd-ssl.dist.in new/imap/imapd-ssl.dist.in
42 --- old/imap/imapd-ssl.dist.in 2004-01-24 20:09:26.000000000 +0000
43 +++ new/imap/imapd-ssl.dist.in 2004-07-08 16:54:04.000000000 +0000
45 # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually
46 # treated as confidential, and must not be world-readable.
48 -TLS_CERTFILE=@datadir@/imapd.pem
49 +TLS_CERTFILE=@certsdir@/imapd.pem
51 ##NAME: TLS_TRUSTCERTS:0
53 diff -Nur old/imap/mkimapdcert.8.in new/imap/mkimapdcert.8.in
54 --- old/imap/mkimapdcert.8.in 2004-02-08 04:12:08.000000000 +0000
55 +++ new/imap/mkimapdcert.8.in 2004-07-08 17:01:04.000000000 +0000
58 IMAP over SSL requires a valid, signed, X.509 certificate. The default
59 location for the certificate file is
60 -\fI@datadir@/imapd.pem\fR\&.
61 +\fI@certsdir@/imapd.pem\fR\&.
62 \fBmkimapdcert\fR generates a self-signed X.509 certificate,
66 recognized certificate authority, in order for mail clients to accept the
69 -\fI@datadir@/imapd.pem\fR must be owned by the
70 +\fI@certsdir@/imapd.pem\fR must be owned by the
72 have no group or world permissions.
73 The \fBmkimapdcert\fR command will
74 enforce this. To prevent an unfortunate accident,
76 -will not work if \fB@datadir@/imapd.pem\fR already exists.
77 +will not work if \fB@certsdir@/imapd.pem\fR already exists.
79 \fBmkimapdcert\fR requires
80 \fBOpenSSL\fR to be installed.
83 -\fB@datadir@/imapd.pem\fR
84 +\fB@certsdir@/imapd.pem\fR
87 \fB@sysconfdir@/imapd.cnf\fR
88 diff -Nur old/imap/mkimapdcert.html.in new/imap/mkimapdcert.html.in
89 --- old/imap/mkimapdcert.html.in 2004-02-08 04:12:12.000000000 +0000
90 +++ new/imap/mkimapdcert.html.in 2004-07-08 17:00:45.000000000 +0000
92 location for the certificate file is
95 ->@datadir@/imapd.pem</TT
96 +>@certsdir@/imapd.pem</TT
104 ->@datadir@/imapd.pem</TT
105 +>@certsdir@/imapd.pem</TT
106 > must be owned by the
108 have no group or world permissions.
113 ->@datadir@/imapd.pem</B
114 +>@certsdir@/imapd.pem</B
122 ->@datadir@/imapd.pem</DT
123 +>@certsdir@/imapd.pem</DT
126 >X.509 certificate.</P
127 diff -Nur old/imap/mkimapdcert.in new/imap/mkimapdcert.in
128 --- old/imap/mkimapdcert.in 2001-08-26 15:49:50.000000000 +0000
129 +++ new/imap/mkimapdcert.in 2004-07-10 12:23:46.000000000 +0000
134 -if test -f @datadir@/imapd.pem
135 +if test -f @certsdir@/imapd.pem
137 - echo "@datadir@/imapd.pem already exists."
138 + echo "@certsdir@/imapd.pem already exists."
142 -cp /dev/null @datadir@/imapd.pem
143 -chmod 600 @datadir@/imapd.pem
144 -chown @mailuser@ @datadir@/imapd.pem
145 +cp /dev/null @certsdir@/imapd.pem
146 +chmod 600 @certsdir@/imapd.pem
147 +chown @mailuser@ @certsdir@/imapd.pem
150 - rm -f @datadir@/imapd.pem
151 - rm -f @datadir@/imapd.rand
152 + rm -f @certsdir@/imapd.pem
153 + rm -f @certsdir@/imapd.rand
158 -dd if=@RANDOMV@ of=@datadir@/imapd.rand count=1 2>/dev/null
160 +dd if=@RANDOMV@ of=@certsdir@/imapd.rand count=1 2>/dev/null
161 @OPENSSL@ req -new -x509 -days 365 -nodes \
162 - -config @sysconfdir@/imapd.cnf -out @datadir@/imapd.pem -keyout @datadir@/imapd.pem || cleanup
163 -@OPENSSL@ gendh -rand @datadir@/imapd.rand 512 >>@datadir@/imapd.pem || cleanup
164 -@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/imapd.pem || cleanup
165 -rm -f @datadir@/imapd.rand
166 + -config @sysconfdir@/imapd.cnf -out @certsdir@/imapd.pem -keyout @certsdir@/imapd.pem || cleanup
167 +@OPENSSL@ gendh -rand @certsdir@/imapd.rand 512 >>@certsdir@/imapd.pem || cleanup
168 +@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/imapd.pem || cleanup
169 +rm -f @certsdir@/imapd.rand
170 diff -Nur old/imap/mkpop3dcert.8.in new/imap/mkpop3dcert.8.in
171 --- old/imap/mkpop3dcert.8.in 2004-02-08 04:12:10.000000000 +0000
172 +++ new/imap/mkpop3dcert.8.in 2004-07-08 17:00:01.000000000 +0000
175 POP3 over SSL requires a valid, signed, X.509 certificate. The default
176 location for the certificate file is
177 -\fI@datadir@/pop3d.pem\fR\&.
178 +\fI@certsdir@/pop3d.pem\fR\&.
179 \fBmkpop3dcert\fR generates a self-signed X.509 certificate,
183 recognized certificate authority, in order for mail clients to accept the
186 -\fI@datadir@/pop3d.pem\fR must be owned by the
187 +\fI@certsdir@/pop3d.pem\fR must be owned by the
189 have no group or world permissions.
190 The \fBmkpop3dcert\fR command will
191 enforce this. To prevent an unfortunate accident,
193 -will not work if \fB@datadir@/pop3d.pem\fR already exists.
194 +will not work if \fB@certsdir@/pop3d.pem\fR already exists.
196 \fBmkpop3dcert\fR requires
197 \fBOpenSSL\fR to be installed.
200 -\fB@datadir@/pop3d.pem\fR
201 +\fB@certsdir@/pop3d.pem\fR
204 \fB@sysconfdir@/pop3d.cnf\fR
205 diff -Nur old/imap/mkpop3dcert.html.in new/imap/mkpop3dcert.html.in
206 --- old/imap/mkpop3dcert.html.in 2004-02-08 04:12:11.000000000 +0000
207 +++ new/imap/mkpop3dcert.html.in 2004-07-08 16:59:29.000000000 +0000
209 location for the certificate file is
212 ->@datadir@/pop3d.pem</TT
213 +>@certsdir@/pop3d.pem</TT
221 ->@datadir@/pop3d.pem</TT
222 +>@certsdir@/pop3d.pem</TT
223 > must be owned by the
225 have no group or world permissions.
230 ->@datadir@/pop3d.pem</B
231 +>@certsdir@/pop3d.pem</B
239 ->@datadir@/pop3d.pem</DT
240 +>@certsdir@/pop3d.pem</DT
243 >X.509 certificate.</P
244 diff -Nur old/imap/mkpop3dcert.in new/imap/mkpop3dcert.in
245 --- old/imap/mkpop3dcert.in 2000-10-06 17:50:37.000000000 +0000
246 +++ new/imap/mkpop3dcert.in 2004-07-08 16:56:21.000000000 +0000
251 -if test -f @datadir@/pop3d.pem
252 +if test -f @certsdir@/pop3d.pem
254 - echo "@datadir@/pop3d.pem already exists."
255 + echo "@certsdir@/pop3d.pem already exists."
259 -cp /dev/null @datadir@/pop3d.pem
260 -chmod 600 @datadir@/pop3d.pem
261 -chown @mailuser@ @datadir@/pop3d.pem
262 +cp /dev/null @certsdir@/pop3d.pem
263 +chmod 600 @certsdir@/pop3d.pem
264 +chown @mailuser@ @certsdir@/pop3d.pem
267 - rm -f @datadir@/pop3d.pem
268 - rm -f @datadir@/pop3d.rand
269 + rm -f @certsdir@/pop3d.pem
270 + rm -f @certsdir@/pop3d.rand
274 -dd if=@RANDOMV@ of=@datadir@/pop3d.rand count=1 2>/dev/null
275 +dd if=@RANDOMV@ of=@certsdir@/pop3d.rand count=1 2>/dev/null
276 @OPENSSL@ req -new -x509 -days 365 -nodes \
277 - -config @sysconfdir@/pop3d.cnf -out @datadir@/pop3d.pem -keyout @datadir@/pop3d.pem || cleanup
278 -@OPENSSL@ gendh -rand @datadir@/pop3d.rand 512 >>@datadir@/pop3d.pem || cleanup
279 -@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/pop3d.pem || cleanup
280 -rm -f @datadir@/pop3d.rand
281 + -config @sysconfdir@/pop3d.cnf -out @certsdir@/pop3d.pem -keyout @certsdir@/pop3d.pem || cleanup
282 +@OPENSSL@ gendh -rand @certsdir@/pop3d.rand 512 >>@certsdir@/pop3d.pem || cleanup
283 +@OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/pop3d.pem || cleanup
284 +rm -f @certsdir@/pop3d.rand
285 diff -Nur old/imap/pop3d.cnf.in new/imap/pop3d.cnf.in
286 --- old/imap/pop3d.cnf.in 2001-03-24 04:59:55.000000000 +0000
287 +++ new/imap/pop3d.cnf.in 2004-07-08 16:54:38.000000000 +0000
290 -RANDFILE = @datadir@/pop3d.rand
291 +RANDFILE = @certsdir@/pop3d.rand
295 diff -Nur old/imap/pop3d-ssl.dist.in new/imap/pop3d-ssl.dist.in
296 --- old/imap/pop3d-ssl.dist.in 2004-01-24 20:09:31.000000000 +0000
297 +++ new/imap/pop3d-ssl.dist.in 2004-07-08 16:54:31.000000000 +0000
299 # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually
300 # treated as confidential, and must not be world-readable.
302 -TLS_CERTFILE=@datadir@/pop3d.pem
303 +TLS_CERTFILE=@certsdir@/pop3d.pem
305 ##NAME: TLS_TRUSTCERTS:0