SOURCES: courier-certs.patch - updated for 0.58.0
hawk
hawk at pld-linux.org
Sun Jan 20 00:24:28 CET 2008
Author: hawk Date: Sat Jan 19 23:24:28 2008 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- updated for 0.58.0
---- Files affected:
SOURCES:
courier-certs.patch (1.7 -> 1.8)
---- Diffs:
================================================================
Index: SOURCES/courier-certs.patch
diff -u SOURCES/courier-certs.patch:1.7 SOURCES/courier-certs.patch:1.8
--- SOURCES/courier-certs.patch:1.7 Tue Aug 16 23:03:38 2005
+++ SOURCES/courier-certs.patch Sun Jan 20 00:24:22 2008
@@ -1,7 +1,7 @@
-diff -Nur old/configure.in new/configure.in
---- old/configure.in 2005-03-01 03:16:43.000000000 +0000
-+++ new/configure.in 2005-03-04 19:53:15.000000000 +0000
-@@ -58,6 +58,11 @@
+diff -urN courier-0.58.0.orig/configure.in courier-0.58.0/configure.in
+--- courier-0.58.0.orig/configure.in 2007-11-24 04:25:52.000000000 +0100
++++ courier-0.58.0/configure.in 2008-01-19 23:37:26.428337743 +0100
+@@ -70,6 +70,11 @@
eval "localstatedir=$localstatedir"
eval "datadir=$datadir"
@@ -13,13 +13,13 @@
AC_ARG_WITH(makedatprog, [], ,
ac_configure_args="$ac_configure_args --with-makedatprog=${libexecdir}/courier/makedatprog")
-diff -Nur old/courier/configure.in new/courier/configure.in
---- old/courier/configure.in 2005-03-01 03:16:43.000000000 +0000
-+++ new/courier/configure.in 2005-03-04 19:46:17.000000000 +0000
-@@ -462,6 +462,12 @@
-
- eval "exec_prefix=$exec_prefix"
+diff -urN courier-0.58.0.orig/courier/configure.in courier-0.58.0/courier/configure.in
+--- courier-0.58.0.orig/courier/configure.in 2007-11-24 04:25:52.000000000 +0100
++++ courier-0.58.0/courier/configure.in 2008-01-19 23:38:38.745253650 +0100
+@@ -498,6 +498,12 @@
+ eval "datarootdir=$datarootdir"
eval "bindir=$bindir"
+ eval "localstatedir=$localstatedir"
+eval "datadir=$datadir"
+
+AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ],
@@ -29,9 +29,9 @@
MAILDROP="$bindir/maildrop"
AC_SUBST(MAILDROP)
-diff -Nur old/courier/imapd-ssl.rc.in new/courier/imapd-ssl.rc.in
---- old/courier/imapd-ssl.rc.in 2005-02-16 23:42:13.000000000 +0000
-+++ new/courier/imapd-ssl.rc.in 2005-03-04 19:47:54.000000000 +0000
+diff -urN courier-0.58.0.orig/courier/imapd-ssl.rc.in courier-0.58.0/courier/imapd-ssl.rc.in
+--- courier-0.58.0.orig/courier/imapd-ssl.rc.in 2008-01-19 23:30:56.000000000 +0100
++++ courier-0.58.0/courier/imapd-ssl.rc.in 2008-01-19 23:37:26.428337743 +0100
@@ -28,6 +28,11 @@
case $1 in
@@ -44,12 +44,12 @@
umask $IMAP_UMASK
@ULIMIT@ $IMAP_ULIMITD
@SETENV@ -i @SHELL@ -c " set -a ;
-diff -Nur old/courier/module.esmtp/configure.in new/courier/module.esmtp/configure.in
---- old/courier/module.esmtp/configure.in 2004-05-11 00:16:05.000000000 +0000
-+++ new/courier/module.esmtp/configure.in 2004-05-25 07:46:38.000000000 +0000
-@@ -300,6 +300,11 @@
- eval "datadir=$datadir"
- eval "localstatedir=$localstatedir"
+diff -urN courier-0.58.0.orig/courier/module.esmtp/configure.in courier-0.58.0/courier/module.esmtp/configure.in
+--- courier-0.58.0.orig/courier/module.esmtp/configure.in 2007-11-04 22:17:03.000000000 +0100
++++ courier-0.58.0/courier/module.esmtp/configure.in 2008-01-19 23:37:26.428337743 +0100
+@@ -306,6 +306,11 @@
+ AC_SUBST(mydatadir) # Quell automake warning
+
+AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ],
+certsdir="$withval", certsdir=$datadir)
@@ -59,43 +59,43 @@
dnl
dnl Check what libraries are available
dnl
-diff -Nur old/courier/module.esmtp/esmtpd.cnf.in new/courier/module.esmtp/esmtpd.cnf.in
---- old/courier/module.esmtp/esmtpd.cnf.in 2001-08-18 22:18:12.000000000 +0000
-+++ new/courier/module.esmtp/esmtpd.cnf.in 2004-05-30 22:45:59.000000000 +0000
+diff -urN courier-0.58.0.orig/courier/module.esmtp/esmtpd.cnf.openssl.in courier-0.58.0/courier/module.esmtp/esmtpd.cnf.openssl.in
+--- courier-0.58.0.orig/courier/module.esmtp/esmtpd.cnf.openssl.in 2007-07-01 17:36:34.000000000 +0200
++++ courier-0.58.0/courier/module.esmtp/esmtpd.cnf.openssl.in 2008-01-19 23:39:34.911369481 +0100
@@ -1,5 +1,5 @@
--RANDFILE = @datadir@/esmtpd.rnd
-+RANDFILE = @certsdir@/esmtpd.rand
+-RANDFILE = @mydatadir@/esmtpd.rnd
++RANDFILE = @certsdir@/esmtpd.rnd
[ req ]
default_bits = 1024
-diff -Nur old/courier/module.esmtp/esmtpd.dist.in new/courier/module.esmtp/esmtpd.dist.in
---- old/courier/module.esmtp/esmtpd.dist.in 2004-05-11 00:48:14.000000000 +0000
-+++ new/courier/module.esmtp/esmtpd.dist.in 2004-07-11 18:09:20.000000000 +0000
-@@ -143,7 +143,7 @@
- # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually
- # treated as confidential, and must not be world-readable.
+diff -urN courier-0.58.0.orig/courier/module.esmtp/esmtpd.dist.in courier-0.58.0/courier/module.esmtp/esmtpd.dist.in
+--- courier-0.58.0.orig/courier/module.esmtp/esmtpd.dist.in 2007-11-04 22:17:03.000000000 +0100
++++ courier-0.58.0/courier/module.esmtp/esmtpd.dist.in 2008-01-19 23:39:44.028487817 +0100
+@@ -233,7 +233,7 @@
#
--TLS_CERTFILE=@datadir@/esmtpd.pem
+ # This is an experimental feature.
+
+-TLS_CERTFILE=@mydatadir@/esmtpd.pem
+TLS_CERTFILE=@certsdir@/esmtpd.pem
##NAME: TLS_CERTINFO:0
#
-diff -Nur old/courier/module.esmtp/esmtpd-ssl.dist.in new/courier/module.esmtp/esmtpd-ssl.dist.in
---- old/courier/module.esmtp/esmtpd-ssl.dist.in 2004-04-24 19:56:19.000000000 +0000
-+++ new/courier/module.esmtp/esmtpd-ssl.dist.in 2004-05-24 20:57:52.000000000 +0000
-@@ -168,7 +168,7 @@
- # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually
- # treated as confidential, and must not be world-readable.
+diff -urN courier-0.58.0.orig/courier/module.esmtp/esmtpd-ssl.dist.in courier-0.58.0/courier/module.esmtp/esmtpd-ssl.dist.in
+--- courier-0.58.0.orig/courier/module.esmtp/esmtpd-ssl.dist.in 2007-11-04 22:17:03.000000000 +0100
++++ courier-0.58.0/courier/module.esmtp/esmtpd-ssl.dist.in 2008-01-19 23:39:22.684097067 +0100
+@@ -256,7 +256,7 @@
#
--TLS_CERTFILE=@datadir@/esmtpd.pem
+ # This is an experimental feature.
+
+-TLS_CERTFILE=@mydatadir@/esmtpd.pem
+TLS_CERTFILE=@certsdir@/esmtpd.pem
##NAME: TLS_TRUSTCERTS:0
#
-diff -Nur old/courier/module.esmtp/esmtpd-ssl.in new/courier/module.esmtp/esmtpd-ssl.in
---- old/courier/module.esmtp/esmtpd-ssl.in 2004-05-24 21:24:41.000000000 +0000
-+++ new/courier/module.esmtp/esmtpd-ssl.in 2004-05-24 21:31:31.000000000 +0000
+diff -urN courier-0.58.0.orig/courier/module.esmtp/esmtpd-ssl.in courier-0.58.0/courier/module.esmtp/esmtpd-ssl.in
+--- courier-0.58.0.orig/courier/module.esmtp/esmtpd-ssl.in 2008-01-19 23:30:56.000000000 +0100
++++ courier-0.58.0/courier/module.esmtp/esmtpd-ssl.in 2008-01-19 23:37:26.431671242 +0100
@@ -25,6 +25,10 @@
case $1 in
@@ -107,50 +107,70 @@
;;
stop)
${sbindir}/couriertcpd -pid=$SSLPIDFILE -stop
-diff -Nur old/courier/module.esmtp/mkesmtpdcert.in new/courier/module.esmtp/mkesmtpdcert.in
---- old/courier/module.esmtp/mkesmtpdcert.in 2000-09-18 17:24:01.000000000 +0000
-+++ new/courier/module.esmtp/mkesmtpdcert.in 2004-05-25 07:31:21.000000000 +0000
-@@ -11,25 +11,25 @@
-
- test -x @OPENSSL@ || exit 0
+diff -urN courier-0.58.0.orig/courier/module.esmtp/mkesmtpdcert.in courier-0.58.0/courier/module.esmtp/mkesmtpdcert.in
+--- courier-0.58.0.orig/courier/module.esmtp/mkesmtpdcert.in 2007-11-04 22:17:03.000000000 +0100
++++ courier-0.58.0/courier/module.esmtp/mkesmtpdcert.in 2008-01-19 23:40:14.373324466 +0100
+@@ -16,38 +16,38 @@
+ test -x @CERTTOOL@ || exit 0
+ fi
--if test -f @datadir@/esmtpd.pem
+-if test -f @mydatadir@/esmtpd.pem
+if test -f @certsdir@/esmtpd.pem
then
-- echo "@datadir@/esmtpd.pem already exists."
+- echo "@mydatadir@/esmtpd.pem already exists."
+ echo "@certsdir@/esmtpd.pem already exists."
exit 1
fi
--cp /dev/null @datadir@/esmtpd.pem
--chmod 600 @datadir@/esmtpd.pem
--chown @mailuser@ @datadir@/esmtpd.pem
-+cp /dev/null @certsdir@/esmtpd.pem
-+chmod 600 @certsdir@/esmtpd.pem
-+chown @mailuser@ @certsdir@/esmtpd.pem
-
cleanup() {
-- rm -f @datadir@/esmtpd.rand
-- rm -f @datadir@/esmtpd.pem
+- rm -f @mydatadir@/esmtpd.rand
+- rm -f @mydatadir@/esmtpd.pem
+- rm -f @mydatadir@/esmtpd.key
+- rm -f @mydatadir@/esmtpd.cert
+ rm -f @certsdir@/esmtpd.rand
+ rm -f @certsdir@/esmtpd.pem
++ rm -f @certsdir@/esmtpd.key
++ rm -f @certsdir@/esmtpd.cert
exit 1
}
--dd if=@RANDOMV@ of=@datadir@/esmtpd.rand count=1 2>/dev/null
-+dd if=@RANDOMV@ of=@certsdir@/esmtpd.rand count=1 2>/dev/null
- @OPENSSL@ req -new -x509 -days 365 -nodes \
-- -config @sysconfdir@/esmtpd.cnf -out @datadir@/esmtpd.pem -keyout @datadir@/esmtpd.pem || cleanup
-- at OPENSSL@ gendh -rand @datadir@/esmtpd.rand 512 >>@datadir@/esmtpd.pem || cleanup
-- at OPENSSL@ x509 -subject -dates -fingerprint -noout -in @datadir@/esmtpd.pem || cleanup
--rm -f @datadir@/esmtpd.rand
-+ -config @sysconfdir@/esmtpd.cnf -out @certsdir@/esmtpd.pem -keyout @certsdir@/esmtpd.pem || cleanup
-+ at OPENSSL@ gendh -rand @certsdir@/esmtpd.rand 512 >>@certsdir@/esmtpd.pem || cleanup
-+ at OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/esmtpd.pem || cleanup
-+rm -f @certsdir@/esmtpd.rand
-diff -Nur old/courier/pop3d-ssl.in new/courier/pop3d-ssl.in
---- old/courier/pop3d-ssl.in 2005-02-16 23:42:13.000000000 +0000
-+++ new/courier/pop3d-ssl.in 2005-03-04 19:48:23.000000000 +0000
+-cd @mydatadir@
++cd @certsdir@
+
+ if test "@ssllib@" = "openssl"
+ then
+- cp /dev/null @mydatadir@/esmtpd.pem
+- chmod 600 @mydatadir@/esmtpd.pem
+- chown @mailuser@ @mydatadir@/esmtpd.pem
+- dd if=@RANDOMV@ of=@mydatadir@/esmtpd.rand count=1 2>/dev/null
++ cp /dev/null @certsdir@/esmtpd.pem
++ chmod 600 @certsdir@/esmtpd.pem
++ chown @mailuser@ @certsdir@/esmtpd.pem
++ dd if=@RANDOMV@ of=@certsdir@/esmtpd.rand count=1 2>/dev/null
+ @OPENSSL@ req -new -x509 -days 365 -nodes \
+- -config @sysconfdir@/esmtpd.cnf -out @mydatadir@/esmtpd.pem -keyout @mydatadir@/esmtpd.pem || cleanup
+- @OPENSSL@ gendh -rand @mydatadir@/esmtpd.rand 512 >>@mydatadir@/esmtpd.pem || cleanup
+- @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @mydatadir@/esmtpd.pem || cleanup
+- rm -f @mydatadir@/esmtpd.rand
++ -config @sysconfdir@/esmtpd.cnf -out @certsdir@/esmtpd.pem -keyout @certsdir@/esmtpd.pem || cleanup
++ @OPENSSL@ gendh -rand @certsdir@/esmtpd.rand 512 >>@certsdir@/esmtpd.pem || cleanup
++ @OPENSSL@ x509 -subject -dates -fingerprint -noout -in @certsdir@/esmtpd.pem || cleanup
++ rm -f @certsdir@/esmtpd.rand
+ else
+- cp /dev/null @mydatadir@/esmtpd.key
+- chmod 600 @mydatadir@/esmtpd.key
+- cp /dev/null @mydatadir@/esmtpd.cert
+- chmod 600 @mydatadir@/esmtpd.cert
++ cp /dev/null @certsdir@/esmtpd.key
++ chmod 600 @certsdir@/esmtpd.key
++ cp /dev/null @certsdir@/esmtpd.cert
++ chmod 600 @certsdir@/esmtpd.cert
+
+ @CERTTOOL@ --generate-privkey --outfile esmtpd.key
+ @CERTTOOL@ --generate-self-signed --load-privkey esmtpd.key --outfile esmtpd.cert --template @sysconfdir@/esmtpd.cnf
+diff -urN courier-0.58.0.orig/courier/pop3d-ssl.in courier-0.58.0/courier/pop3d-ssl.in
+--- courier-0.58.0.orig/courier/pop3d-ssl.in 2008-01-19 23:30:56.000000000 +0100
++++ courier-0.58.0/courier/pop3d-ssl.in 2008-01-19 23:37:26.431671242 +0100
@@ -29,6 +29,11 @@
case $1 in
@@ -163,10 +183,10 @@
exec @SETENV@ -i PATH="$PATH" SHELL="$SHELL" \
@SHELL@ -c " set -a ; \
prefix=@prefix@ ; \
-diff -Nur old/courier.sysvinit.in new/courier.sysvinit.in
---- old/courier.sysvinit.in 2004-05-02 14:24:06.000000000 +0000
-+++ new/courier.sysvinit.in 2004-05-24 20:56:37.000000000 +0000
-@@ -14,7 +14,7 @@
+diff -urN courier-0.58.0.orig/courier.sysvinit.in courier-0.58.0/courier.sysvinit.in
+--- courier-0.58.0.orig/courier.sysvinit.in 2008-01-19 23:30:56.000000000 +0100
++++ courier-0.58.0/courier.sysvinit.in 2008-01-19 23:37:26.431671242 +0100
+@@ -18,7 +18,7 @@
sbindir="@sbindir@"
bindir="@bindir@"
libexecdir="@libexecdir@"
@@ -175,7 +195,7 @@
if test ! -f ${sysconfdir}/esmtpd
then
-@@ -82,7 +82,7 @@
+@@ -85,7 +85,7 @@
then
# If we do not have a certificate, make one up.
@@ -184,7 +204,7 @@
then
if test -x $COURIERTLS
then
-@@ -149,7 +149,7 @@
+@@ -152,7 +152,7 @@
then
# If we do not have a certificate, make one up.
@@ -193,7 +213,7 @@
then
echo -n " generating-POP3-SSL-certificate..."
-@@ -179,7 +179,7 @@
+@@ -182,7 +182,7 @@
then
# If we do not have a certificate, make one up.
@@ -202,12 +222,12 @@
then
echo -n " generating-IMAP-SSL-certificate..."
-diff -Nur old/imap/configure.in new/imap/configure.in
---- old/imap/configure.in 2004-05-16 02:38:13.000000000 +0000
-+++ new/imap/configure.in 2004-05-25 07:37:24.000000000 +0000
-@@ -283,6 +283,11 @@
- eval "sysconfdir=$sysconfdir"
- eval "localstatedir=$localstatedir"
+diff -urN courier-0.58.0.orig/imap/configure.in courier-0.58.0/imap/configure.in
+--- courier-0.58.0.orig/imap/configure.in 2007-11-24 04:23:13.000000000 +0100
++++ courier-0.58.0/imap/configure.in 2008-01-19 23:37:26.435004741 +0100
+@@ -300,6 +300,11 @@
+ mydatadir="$datadir"
+ AC_SUBST(mydatadir) # Avoid useless autoconf warning
+AC_ARG_WITH(certsdir, [ --with-certsdir Directory where certs are created ],
+certsdir="$withval", certsdir=$datadir)
@@ -217,281 +237,303 @@
#
# Check for PAM configuration flavor
-diff -Nur old/imap/imapd.cnf.in new/imap/imapd.cnf.in
---- old/imap/imapd.cnf.in 2001-03-24 04:59:55.000000000 +0000
-+++ new/imap/imapd.cnf.in 2004-05-30 22:37:03.000000000 +0000
+diff -urN courier-0.58.0.orig/imap/imapd.cnf.openssl.in courier-0.58.0/imap/imapd.cnf.openssl.in
+--- courier-0.58.0.orig/imap/imapd.cnf.openssl.in 2007-11-04 21:49:58.000000000 +0100
++++ courier-0.58.0/imap/imapd.cnf.openssl.in 2008-01-19 23:40:41.287991189 +0100
@@ -1,5 +1,5 @@
--RANDFILE = @datadir@/imapd.rand
+-RANDFILE = @mydatadir@/imapd.rand
+RANDFILE = @certsdir@/imapd.rand
[ req ]
default_bits = 1024
-diff -Nur old/imap/imapd-ssl.dist.in new/imap/imapd-ssl.dist.in
---- old/imap/imapd-ssl.dist.in 2004-01-25 05:40:03.000000000 +0000
-+++ new/imap/imapd-ssl.dist.in 2004-05-24 20:57:29.000000000 +0000
-@@ -146,7 +146,7 @@
- # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually
- # treated as confidential, and must not be world-readable.
+diff -urN courier-0.58.0.orig/imap/imapd-ssl.dist.in courier-0.58.0/imap/imapd-ssl.dist.in
+--- courier-0.58.0.orig/imap/imapd-ssl.dist.in 2008-01-19 23:30:56.000000000 +0100
++++ courier-0.58.0/imap/imapd-ssl.dist.in 2008-01-19 23:40:36.037731086 +0100
+@@ -254,7 +254,7 @@
#
--TLS_CERTFILE=@datadir@/imapd.pem
+ # This is an experimental feature.
+
+-TLS_CERTFILE=@mydatadir@/imapd.pem
+TLS_CERTFILE=@certsdir@/imapd.pem
##NAME: TLS_TRUSTCERTS:0
#
-diff -Nur old/imap/mkimapdcert.8.in new/imap/mkimapdcert.8.in
---- old/imap/mkimapdcert.8.in 2004-01-14 00:51:10.000000000 +0000
-+++ new/imap/mkimapdcert.8.in 2004-05-25 07:32:16.000000000 +0000
-@@ -18,7 +18,7 @@
+diff -urN courier-0.58.0.orig/imap/mkimapdcert.8.in courier-0.58.0/imap/mkimapdcert.8.in
+--- courier-0.58.0.orig/imap/mkimapdcert.8.in 2007-04-22 20:19:43.000000000 +0200
++++ courier-0.58.0/imap/mkimapdcert.8.in 2008-01-19 23:41:04.485807114 +0100
+@@ -21,18 +21,18 @@
+ .SH "DESCRIPTION"
.PP
- IMAP over SSL requires a valid, signed, X.509 certificate. The default
- location for the certificate file is
--\fI at datadir@/imapd.pem\fR\&.
-+\fI at certsdir@/imapd.pem\fR\&.
- \fBmkimapdcert\fR generates a self-signed X.509 certificate,
- mainly for
- testing.
-@@ -26,19 +26,19 @@
- recognized certificate authority, in order for mail clients to accept the
- certificate.
- .PP
--\fI at datadir@/imapd.pem\fR must be owned by the
-+\fI at certsdir@/imapd.pem\fR must be owned by the
- @mailuser@ user and
- have no group or world permissions.
- The \fBmkimapdcert\fR command will
- enforce this. To prevent an unfortunate accident,
+ IMAP over SSL requires a valid, signed, X.509 certificate. The default location for the certificate file is
+-\fI at datadir@/imapd.pem\fR.
++\fI at certsdir@/imapd.pem\fR.
\fBmkimapdcert\fR
--will not work if \fB at datadir@/imapd.pem\fR already exists.
-+will not work if \fB at certsdir@/imapd.pem\fR already exists.
+ generates a self\-signed X.509 certificate, mainly for testing. For production use the X.509 certificate must be signed by a recognized certificate authority, in order for mail clients to accept the certificate.
.PP
- \fBmkimapdcert\fR requires
- \fBOpenSSL\fR to be installed.
- .SH "FILES"
- .TP
+
+-\fI at datadir@/imapd.pem\fR
++\fI at certsdir@/imapd.pem\fR
+ must be owned by the @mailuser@ user and have no group or world permissions. The
+ \fBmkimapdcert\fR
+ command will enforce this. To prevent an unfortunate accident,
+ \fBmkimapdcert\fR
+ will not work if
-\fB at datadir@/imapd.pem\fR
+\fB at certsdir@/imapd.pem\fR
- X.509 certificate.
- .TP
- \fB at sysconfdir@/imapd.cnf\fR
-diff -Nur old/imap/mkimapdcert.html.in new/imap/mkimapdcert.html.in
---- old/imap/mkimapdcert.html.in 2004-01-14 00:51:16.000000000 +0000
-+++ new/imap/mkimapdcert.html.in 2004-05-25 07:32:37.000000000 +0000
-@@ -57,7 +57,7 @@
- location for the certificate file is
- <TT
- CLASS="FILENAME"
-->@datadir@/imapd.pem</TT
-+>@certsdir@/imapd.pem</TT
- >.
- <B
- CLASS="COMMAND"
-@@ -71,7 +71,7 @@
- ><P
- ><TT
- CLASS="FILENAME"
-->@datadir@/imapd.pem</TT
-+>@certsdir@/imapd.pem</TT
- > must be owned by the
- @mailuser@ user and
- have no group or world permissions.
-@@ -86,7 +86,7 @@
- >
- will not work if <B
- CLASS="COMMAND"
-->@datadir@/imapd.pem</B
-+>@certsdir@/imapd.pem</B
- > already exists.</P
- ><P
- ><B
-@@ -111,7 +111,7 @@
- CLASS="VARIABLELIST"
- ><DL
- ><DT
-->@datadir@/imapd.pem</DT
-+>@certsdir@/imapd.pem</DT
- ><DD
- ><P
- >X.509 certificate.</P
-diff -Nur old/imap/mkpop3dcert.8.in new/imap/mkpop3dcert.8.in
---- old/imap/mkpop3dcert.8.in 2004-01-14 00:51:13.000000000 +0000
-+++ new/imap/mkpop3dcert.8.in 2004-05-25 07:34:07.000000000 +0000
-@@ -18,7 +18,7 @@
+ already exists.
.PP
- POP3 over SSL requires a valid, signed, X.509 certificate. The default
+
+@@ -42,7 +42,7 @@
+ to be installed.
+ .SH "FILES"
+ .PP
+- at datadir@/imapd.pem
++ at certsdir@/imapd.pem
+ .RS 4
+ X.509 certificate.
+ .RE
+diff -urN courier-0.58.0.orig/imap/mkimapdcert.html.in courier-0.58.0/imap/mkimapdcert.html.in
+--- courier-0.58.0.orig/imap/mkimapdcert.html.in 2007-04-22 20:19:42.000000000 +0200
++++ courier-0.58.0/imap/mkimapdcert.html.in 2008-01-19 23:41:31.457143328 +0100
+@@ -7,22 +7,22 @@
+ --></head><body><div class="refentry" lang="en" xml:lang="en"><a id="mkimapdcert" shape="rect"> </a><div class="titlepage"/><div class="refnamediv"><h2>Name</h2><p>mkimapdcert — create a test SSL certificate for IMAP over SSL</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">@sbindir@/mkimapdcert</code> </p></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id281688" shape="rect"> </a><h2>DESCRIPTION</h2><p>
+ IMAP over SSL requires a valid, signed, X.509 certificate. The default
location for the certificate file is
--\fI at datadir@/pop3d.pem\fR\&.
-+\fI at certsdir@/pop3d.pem\fR\&.
- \fBmkpop3dcert\fR generates a self-signed X.509 certificate,
+-<code class="filename">@datadir@/imapd.pem</code>.
++<code class="filename">@certsdir@/imapd.pem</code>.
+ <span><strong class="command">mkimapdcert</strong></span> generates a self-signed X.509 certificate,
mainly for
testing.
-@@ -26,19 +26,19 @@
+ For production use the X.509 certificate must be signed by a
recognized certificate authority, in order for mail clients to accept the
- certificate.
- .PP
--\fI at datadir@/pop3d.pem\fR must be owned by the
-+\fI at certsdir@/pop3d.pem\fR must be owned by the
+ certificate.</p><p>
+-<code class="filename">@datadir@/imapd.pem</code> must be owned by the
++<code class="filename">@certsdir@/imapd.pem</code> must be owned by the
@mailuser@ user and
have no group or world permissions.
- The \fBmkpop3dcert\fR command will
+ The <span><strong class="command">mkimapdcert</strong></span> command will
enforce this. To prevent an unfortunate accident,
- \fBmkpop3dcert\fR
--will not work if \fB at datadir@/pop3d.pem\fR already exists.
-+will not work if \fB at certsdir@/pop3d.pem\fR already exists.
- .PP
- \fBmkpop3dcert\fR requires
- \fBOpenSSL\fR to be installed.
- .SH "FILES"
- .TP
--\fB at datadir@/pop3d.pem\fR
-+\fB at certsdir@/pop3d.pem\fR
+ <span><strong class="command">mkimapdcert</strong></span>
+-will not work if <span><strong class="command">@datadir@/imapd.pem</strong></span> already exists.</p><p>
++will not work if <span><strong class="command">@certsdir@/imapd.pem</strong></span> already exists.</p><p>
+ <span><strong class="command">mkimapdcert</strong></span> requires
+-<span class="application">OpenSSL</span> to be installed.</p></div><div class="refsect1" lang="en" xml:lang="en"><a id="id282351" shape="rect"> </a><h2>FILES</h2><div class="variablelist"><dl><dt><span class="term">@datadir@/imapd.pem</span></dt><dd>
++<span class="application">OpenSSL</span> to be installed.</p></div><div class="refsect1" lang="en" xml:lang="en"><a id="id282351" shape="rect"> </a><h2>FILES</h2><div class="variablelist"><dl><dt><span class="term">@certsdir@/imapd.pem</span></dt><dd>
X.509 certificate.
- .TP
- \fB at sysconfdir@/pop3d.cnf\fR
-diff -Nur old/imap/mkpop3dcert.html.in new/imap/mkpop3dcert.html.in
---- old/imap/mkpop3dcert.html.in 2004-01-14 00:51:17.000000000 +0000
-+++ new/imap/mkpop3dcert.html.in 2004-05-25 07:34:26.000000000 +0000
-@@ -57,7 +57,7 @@
- location for the certificate file is
- <TT
- CLASS="FILENAME"
-->@datadir@/pop3d.pem</TT
-+>@certsdir@/pop3d.pem</TT
- >.
- <B
- CLASS="COMMAND"
-@@ -71,7 +71,7 @@
- ><P
- ><TT
- CLASS="FILENAME"
-->@datadir@/pop3d.pem</TT
-+>@certsdir@/pop3d.pem</TT
- > must be owned by the
- @mailuser@ user and
- have no group or world permissions.
-@@ -86,7 +86,7 @@
- >
- will not work if <B
- CLASS="COMMAND"
-->@datadir@/pop3d.pem</B
-+>@certsdir@/pop3d.pem</B
- > already exists.</P
- ><P
- ><B
-@@ -111,7 +111,7 @@
- CLASS="VARIABLELIST"
- ><DL
- ><DT
-->@datadir@/pop3d.pem</DT
-+>@certsdir@/pop3d.pem</DT
- ><DD
- ><P
- >X.509 certificate.</P
-diff -Nur old/imap/pop3d.cnf.in new/imap/pop3d.cnf.in
---- old/imap/pop3d.cnf.in 2001-03-24 04:59:55.000000000 +0000
-+++ new/imap/pop3d.cnf.in 2004-05-30 22:37:10.000000000 +0000
-@@ -1,5 +1,5 @@
-
--RANDFILE = @datadir@/pop3d.rand
-+RANDFILE = @certsdir@/pop3d.rand
-
- [ req ]
- default_bits = 1024
-diff -Nur old/imap/pop3d-ssl.dist.in new/imap/pop3d-ssl.dist.in
---- old/imap/pop3d-ssl.dist.in 2004-01-25 05:40:04.000000000 +0000
-+++ new/imap/pop3d-ssl.dist.in 2004-05-24 20:57:32.000000000 +0000
-@@ -135,7 +135,7 @@
- # servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually
- # treated as confidential, and must not be world-readable.
- #
--TLS_CERTFILE=@datadir@/pop3d.pem
-+TLS_CERTFILE=@certsdir@/pop3d.pem
-
- ##NAME: TLS_TRUSTCERTS:0
- #
-diff -Nur old/imap/mkimapdcert.in new/imap/mkimapdcert.in
---- old/imap/mkimapdcert.in 2005-07-02 02:09:09.000000000 +0000
-+++ new/imap/mkimapdcert.in 2005-08-16 20:55:43.144234624 +0000
-@@ -13,27 +13,27 @@
+ </dd><dt><span class="term">@sysconfdir@/imapd.cnf</span></dt><dd>
+ Parameters used by OpenSSL to
+diff -urN courier-0.58.0.orig/imap/mkimapdcert.in courier-0.58.0/imap/mkimapdcert.in
+--- courier-0.58.0.orig/imap/mkimapdcert.in 2007-11-04 21:53:05.000000000 +0100
++++ courier-0.58.0/imap/mkimapdcert.in 2008-01-19 23:42:07.038906129 +0100
+@@ -18,41 +18,41 @@
prefix="@prefix@"
--if test -f @datadir@/imapd.pem
+-if test -f @mydatadir@/imapd.pem
+if test -f @certsdir@/imapd.pem
then
-- echo "@datadir@/imapd.pem already exists."
+- echo "@mydatadir@/imapd.pem already exists."
+ echo "@certsdir@/imapd.pem already exists."
exit 1
fi
umask 077
--cp /dev/null @datadir@/imapd.pem
--chmod 600 @datadir@/imapd.pem
--chown @mailuser@ @datadir@/imapd.pem
-+cp /dev/null @certsdir@/imapd.pem
-+chmod 600 @certsdir@/imapd.pem
-+chown @mailuser@ @certsdir@/imapd.pem
cleanup() {
-- rm -f @datadir@/imapd.pem
-- rm -f @datadir@/imapd.rand
+- rm -f @mydatadir@/imapd.pem
+- rm -f @mydatadir@/imapd.rand
+- rm -f @mydatadir@/imapd.key
+- rm -f @mydatadir@/imapd.cert
+ rm -f @certsdir@/imapd.pem
+ rm -f @certsdir@/imapd.rand
++ rm -f @certsdir@/imapd.key
++ rm -f @certsdir@/imapd.cert
exit 1
}
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/courier-certs.patch?r1=1.7&r2=1.8&f=u
More information about the pld-cvs-commit
mailing list