diff options
| author |   Max Kalika <max@gentoo.org> | 2003-11-04 05:13:23 +0000 |
|---|---|---|
| committer | Max Kalika <max@gentoo.org> | 2003-11-04 05:13:23 +0000 |
| commit | 315e846993ee0ab9dbc1c91e7a70669c8b45bbc8 (patch) | |
| tree | b72a3758d4fb972f345890e1f8084ee9fa12ac73 /net-mail/cyrus-imspd | |
| parent | added herd (diff) | |
| download | gentoo-2-315e846993ee0ab9dbc1c91e7a70669c8b45bbc8.tar.gz gentoo-2-315e846993ee0ab9dbc1c91e7a70669c8b45bbc8.tar.bz2 gentoo-2-315e846993ee0ab9dbc1c91e7a70669c8b45bbc8.zip | |
Allow user to set SSL_ORGANIZATION in make.conf.
Diffstat (limited to 'net-mail/cyrus-imspd')
| -rw-r--r-- | net-mail/cyrus-imspd/ChangeLog | 9 | ||||
| -rw-r--r-- | net-mail/cyrus-imspd/Manifest | 5 | ||||
| -rw-r--r-- | net-mail/cyrus-imspd/cyrus-imspd-1.7-r1.ebuild | 17 | ||||
| -rw-r--r-- | net-mail/cyrus-imspd/files/gentestcrt.sh | 243 |
4 files changed, 15 insertions, 259 deletions
diff --git a/net-mail/cyrus-imspd/ChangeLog b/net-mail/cyrus-imspd/ChangeLog index 66b8bf3c1761..da84f304acda 100644 --- a/net-mail/cyrus-imspd/ChangeLog +++ b/net-mail/cyrus-imspd/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-mail/cyrus-imspd # Copyright 2000-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-mail/cyrus-imspd/ChangeLog,v 1.2 2003/10/10 17:37:08 max Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-mail/cyrus-imspd/ChangeLog,v 1.3 2003/11/04 05:11:59 max Exp $ + + 03 Nov 2003; Max Kalika <max@gentoo.org> cyrus-imspd-1.7-r1.ebuild, + files/gentestcrt.sh: + Allow user to set SSL_ORGANIZATION in make.conf. + + 03 Nov 2003; Max Kalika <max@gentoo.org> cyrus-imspd-1.7-r1.ebuild: + Use ssl-cert.eclass. *cyrus-imspd-1.7-r1 (10 Oct 2003) diff --git a/net-mail/cyrus-imspd/Manifest b/net-mail/cyrus-imspd/Manifest index 31d2fe0c8e1b..ff0ea87389ee 100644 --- a/net-mail/cyrus-imspd/Manifest +++ b/net-mail/cyrus-imspd/Manifest @@ -1,10 +1,9 @@ -MD5 023956ebbb59bb0a9d5346b161746870 cyrus-imspd-1.7-r1.ebuild 2238 -MD5 14ed45c8dc0de6865ab68798a1fc0f85 ChangeLog 1997 +MD5 562a16d8c86875b72b21c72e0763f088 cyrus-imspd-1.7-r1.ebuild 1982 +MD5 26128c32234575911bef5cca466a5915 ChangeLog 2236 MD5 5721b86fd871bdfab77231abc6e02f68 metadata.xml 161 MD5 3c8013bd55f6ce72fda11e0b0a058221 files/cyrus-imspd-db4.patch 3786 MD5 aa6f51b5cf7fcffd8af00e26c81c2eed files/imspd.conf 156 MD5 4abe3ce5da075b56135d9fb7060fc1e9 files/imspd.rc6 1149 MD5 7d092edc1868ef27ebd61712f1be77ce files/cyrus-imspd-gentoo.patch 5092 MD5 091bfd9602efd88a1f6411bf09203ffc files/digest-cyrus-imspd-1.7-r1 68 -MD5 25ae448568ad4a44c37e27243ed5b3e6 files/gentestcrt.sh 8797 MD5 9cc4403d49faa5913f7cafe219e0ce41 files/stunnel.conf 220 diff --git a/net-mail/cyrus-imspd/cyrus-imspd-1.7-r1.ebuild b/net-mail/cyrus-imspd/cyrus-imspd-1.7-r1.ebuild index 5cd74a20eed9..a79fe42a4ab0 100644 --- a/net-mail/cyrus-imspd/cyrus-imspd-1.7-r1.ebuild +++ b/net-mail/cyrus-imspd/cyrus-imspd-1.7-r1.ebuild @@ -1,6 +1,8 @@ # Copyright 1999-2003 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-mail/cyrus-imspd/cyrus-imspd-1.7-r1.ebuild,v 1.1 2003/10/10 17:37:08 max Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-mail/cyrus-imspd/cyrus-imspd-1.7-r1.ebuild,v 1.2 2003/11/04 05:11:59 max Exp $ + +inherit ssl-cert DESCRIPTION="Internet Message Support Protocol (IMSP) server." HOMEPAGE="http://asg.web.cmu.edu/cyrus/" @@ -24,7 +26,6 @@ S="${WORKDIR}/${PN}-v${PV}" src_unpack() { unpack ${A} && cd "${S}" - epatch "${FILESDIR}/cyrus-imspd-gentoo.patch" epatch "${FILESDIR}/cyrus-imspd-db4.patch" @@ -70,17 +71,9 @@ src_install() { dosed "s:#IMSPD_USE_SSL:IMSPD_USE_SSL:" /etc/conf.d/imspd - ebegin "Generating self-signed test certificate" - (yes "" | "${FILESDIR}/gentestcrt.sh") &>/dev/null - eend $? - ebegin "Generating PEM file" - (cat server.key && echo && cat server.crt) > server.pem - eend $? - + SSL_ORGANIZATION="${SSL_ORGANIZATION:-Cyrus IMSP Server}" insinto /etc/ssl/imspd - doins server.{key,crt,pem} - fowners mail:root /etc/ssl/imspd/server.{key,crt,pem} - fperms 0400 /etc/ssl/imspd/server.{key,crt,pem} + docert server fi dodoc README imsp/options.sample notes/* diff --git a/net-mail/cyrus-imspd/files/gentestcrt.sh b/net-mail/cyrus-imspd/files/gentestcrt.sh deleted file mode 100644 index ef61fad3e4ec..000000000000 --- a/net-mail/cyrus-imspd/files/gentestcrt.sh +++ /dev/null @@ -1,243 +0,0 @@ -#!/bin/sh -## $Header: /var/cvsroot/gentoo-x86/net-mail/cyrus-imspd/files/gentestcrt.sh,v 1.1 2003/09/18 18:23:29 max Exp $ -## -## gentestcrt -- Create self-signed test certificate -## (C) 2001 Jean-Michel Dault <jmdault@mandrakesoft.com> and Mandrakesoft -## Based on cca.sh script by Ralf S. Engelschall -## - -# external tools -openssl="/usr/bin/openssl" - -# some optional terminal sequences -case $TERM in - xterm|xterm*|vt220|vt220*) - T_MD=`echo dummy | awk '{ printf("%c%c%c%c", 27, 91, 49, 109); }'` - T_ME=`echo dummy | awk '{ printf("%c%c%c", 27, 91, 109); }'` - ;; - vt100|vt100*) - T_MD=`echo dummy | awk '{ printf("%c%c%c%c%c%c", 27, 91, 49, 109, 0, 0); }'` - T_ME=`echo dummy | awk '{ printf("%c%c%c%c%c", 27, 91, 109, 0, 0); }'` - ;; - default) - T_MD='' - T_ME='' - ;; -esac - -# find some random files -# (do not use /dev/random here, because this device -# doesn't work as expected on all platforms) -randfiles='' -for file in /var/log/messages /var/adm/messages \ - /kernel /vmunix /vmlinuz \ - /etc/hosts /etc/resolv.conf; do - if [ -f $file ]; then - if [ ".$randfiles" = . ]; then - randfiles="$file" - else - randfiles="${randfiles}:$file" - fi - fi -done - - -echo "${T_MD}maketestcrt -- Create self-signed test certificate${T_ME}" -echo "(C) 2001 Jean-Michel Dault <jmdault@mandrakesoft.com> and Mandrakesoft" -echo "Based on cca.sh script by Ralf S. Engelschall" -echo "" - -grep -q -s DUMMY server.crt && mv server.crt server.crt.dummy -grep -q -s DUMMY server.key && mv server.key server.key.dummy - -echo "" -echo "" - -if [ ! -e ./server.crt -a ! -e ./server.key ];then - echo "Will create server.key and server.crt in `pwd`" -else - echo "server.key and server.crt already exist, dying" - exit -fi - -echo "" - - -mkdir -p /tmp/tmpssl-$$ -pushd /tmp/tmpssl-$$ > /dev/null - - - echo "${T_MD}INITIALIZATION${T_ME}" - - echo "" - echo "${T_MD}Generating custom Certificate Authority (CA)${T_ME}" - echo "______________________________________________________________________" - echo "" - echo "${T_MD}STEP 1: Generating RSA private key for CA (1024 bit)${T_ME}" - cp /dev/null ca.rnd - echo '01' >ca.ser - if [ ".$randfiles" != . ]; then - $openssl genrsa -rand $randfiles -out ca.key 1024 - else - $openssl genrsa -out ca.key 1024 - fi - if [ $? -ne 0 ]; then - echo "cca:Error: Failed to generate RSA private key" 1>&2 - exit 1 - fi - echo "______________________________________________________________________" - echo "" - echo "${T_MD}STEP 2: Generating X.509 certificate signing request for CA${T_ME}" - cat >.cfg <<EOT -[ req ] -default_bits = 1024 -distinguished_name = req_DN -RANDFILE = ca.rnd -[ req_DN ] -countryName = "1. Country Name (2 letter code)" -#countryName_default = CA -#countryName_min = 2 -countryName_max = 2 -stateOrProvinceName = "2. State or Province Name (full name) " -#stateOrProvinceName_default = "Quebec" -localityName = "3. Locality Name (eg, city) " -#localityName_default = "Montreal" -0.organizationName = "4. Organization Name (eg, company) " -0.organizationName_default = "Cyrus IMSP Server" -organizationalUnitName = "5. Organizational Unit Name (eg, section) " -organizationalUnitName_default = "For testing purposes only" -commonName = "6. Common Name (eg, CA name) " -commonName_max = 64 -commonName_default = "localhost" -emailAddress = "7. Email Address (eg, name@FQDN)" -emailAddress_max = 40 -#emailAddress_default = "root@localhost" -EOT - $openssl req -config .cfg -new -key ca.key -out ca.csr - if [ $? -ne 0 ]; then - echo "cca:Error: Failed to generate certificate signing request" 1>&2 - exit 1 - fi - echo "______________________________________________________________________" - echo "" - echo "${T_MD}STEP 3: Generating X.509 certificate for CA signed by itself${T_ME}" - cat >.cfg <<EOT -#extensions = x509v3 -#[ x509v3 ] -#subjectAltName = email:copy -#basicConstraints = CA:true,pathlen:0 -#nsComment = "CCA generated custom CA certificate" -#nsCertType = sslCA -EOT - $openssl x509 -extfile .cfg -req -days 365 -signkey ca.key -in ca.csr -out ca.crt - if [ $? -ne 0 ]; then - echo "cca:Error: Failed to generate self-signed CA certificate" 1>&2 - exit 1 - fi - echo "______________________________________________________________________" - echo "" - echo "${T_MD}RESULT:${T_ME}" - $openssl verify ca.crt - if [ $? -ne 0 ]; then - echo "cca:Error: Failed to verify resulting X.509 certificate" 1>&2 - exit 1 - fi - $openssl x509 -text -in ca.crt - $openssl rsa -text -in ca.key - - echo "${T_MD}CERTIFICATE GENERATION${T_ME}" - user="server" - - echo "" - echo "${T_MD}Generating custom USER${T_ME} [$user]" - echo "______________________________________________________________________" - echo "" - echo "${T_MD}STEP 5: Generating RSA private key for USER (1024 bit)${T_ME}" - if [ ".$randfiles" != . ]; then - $openssl genrsa -rand $randfiles -out $user.key 1024 - else - $openssl genrsa -out $user.key 1024 - fi - if [ $? -ne 0 ]; then - echo "cca:Error: Failed to generate RSA private key" 1>&2 - exit 1 - fi - echo "______________________________________________________________________" - echo "" - echo "${T_MD}STEP 6: Generating X.509 certificate signing request for USER${T_ME}" - cat >.cfg <<EOT -[ req ] -default_bits = 1024 -distinguished_name = req_DN -RANDFILE = ca.rnd -[ req_DN ] -countryName = "1. Country Name (2 letter code)" -#countryName_default = XY -#countryName_min = 2 -countryName_max = 2 -stateOrProvinceName = "2. State or Province Name (full name) " -#stateOrProvinceName_default = "Unknown" -localityName = "3. Locality Name (eg, city) " -#localityName_default = "Server Room" -0.organizationName = "4. Organization Name (eg, company) " -0.organizationName_default = "Cyrus IMSP Server" -organizationalUnitName = "5. Organizational Unit Name (eg, section) " -organizationalUnitName_default = "Test Certificate" -commonName = "6. Common Name (eg, DOMAIN NAME) " -commonName_max = 64 -commonName_default = "localhost" -emailAddress = "7. Email Address (eg, name@fqdn)" -emailAddress_max = 40 -#emailAddress_default = "root@localhost" -EOT - $openssl req -config .cfg -new -key $user.key -out $user.csr - if [ $? -ne 0 ]; then - echo "cca:Error: Failed to generate certificate signing request" 1>&2 - exit 1 - fi - rm -f .cfg - echo "______________________________________________________________________" - echo "" - echo "${T_MD}STEP 7: Generating X.509 certificate signed by own CA${T_ME}" - cat >.cfg <<EOT -#extensions = x509v3 -#[ x509v3 ] -#subjectAltName = email:copy -#basicConstraints = CA:false,pathlen:0 -#nsComment = "CCA generated client certificate" -#nsCertType = client -EOT - $openssl x509 -extfile .cfg -days 365 -CAserial ca.ser -CA ca.crt -CAkey ca.key -in $user.csr -req -out $user.crt - if [ $? -ne 0 ]; then - echo "cca:Error: Failed to generate X.509 certificate" 1>&2 - exit 1 - fi - caname="`$openssl x509 -noout -text -in ca.crt |\ - grep Subject: | sed -e 's;.*CN=;;' -e 's;/Em.*;;'`" - username="`$openssl x509 -noout -text -in $user.crt |\ - grep Subject: | sed -e 's;.*CN=;;' -e 's;/Em.*;;'`" -# echo "Assembling PKCS#12 package" -# $openssl pkcs12 -export -in $user.crt -inkey $user.key -certfile ca.crt -name "$username" -caname "$caname" -out $user.p12 - echo "______________________________________________________________________" - echo "" - echo "${T_MD}RESULT:${T_ME}" - $openssl verify -CAfile ca.crt $user.crt - if [ $? -ne 0 ]; then - echo "cca:Error: Failed to verify resulting X.509 certificate" 1>&2 - exit 1 - fi - $openssl x509 -text -in $user.crt - $openssl rsa -text -in $user.key - - -popd >/dev/null - - -rm -f /tmp/tmpssl-$$/*.csr -rm -f /tmp/tmpssl-$$/ca.* -chmod 400 /tmp/tmpssl-$$/* - -echo "Certificate creation done!" -cp /tmp/tmpssl-$$/server.* . - -rm -rf /tmp/tmpssl-$$ |