summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobin H. Johnson <robbat2@gentoo.org>2006-06-15 00:54:51 +0000
committerRobin H. Johnson <robbat2@gentoo.org>2006-06-15 00:54:51 +0000
commit2f9e29c169665a017b1f49acf10ed164b9432334 (patch)
tree97b060d42e1a762072b0cd684b686680d2345be8 /mail-mta
parentdep correction (diff)
downloadgentoo-2-2f9e29c169665a017b1f49acf10ed164b9432334.tar.gz
gentoo-2-2f9e29c169665a017b1f49acf10ed164b9432334.tar.bz2
gentoo-2-2f9e29c169665a017b1f49acf10ed164b9432334.zip
Two silent changes: add a script for generating dhparam, and a Makefile for helping with /etc/tcprules.d/ - I meant to commit these last year ;-).
(Portage version: 2.1)
Diffstat (limited to 'mail-mta')
-rw-r--r--mail-mta/qmail/ChangeLog8
-rwxr-xr-xmail-mta/qmail/files/qmail-dhparam.sh37
-rw-r--r--mail-mta/qmail/files/tcprules.d-Makefile.qmail3
-rw-r--r--mail-mta/qmail/qmail-1.03-r16.ebuild8
4 files changed, 53 insertions, 3 deletions
diff --git a/mail-mta/qmail/ChangeLog b/mail-mta/qmail/ChangeLog
index cc44313dc54f..2959228689b8 100644
--- a/mail-mta/qmail/ChangeLog
+++ b/mail-mta/qmail/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for mail-mta/qmail
# Copyright 2002-2006 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/mail-mta/qmail/ChangeLog,v 1.78 2006/05/06 20:15:32 hansmi Exp $
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/qmail/ChangeLog,v 1.79 2006/06/15 00:54:51 robbat2 Exp $
+
+ 15 Jun 2006; Robin H. Johnson <robbat2@gentoo.org>
+ +files/qmail-dhparam.sh, +files/tcprules.d-Makefile.qmail,
+ qmail-1.03-r16.ebuild:
+ Two silent changes: add a script for generating dhparam, and a Makefile for
+ helping with /etc/tcprules.d/ - I meant to commit these last year ;-).
06 May 2006; Michael Hanselmann <hansmi@gentoo.org>
files/qmail-genrsacert.sh:
diff --git a/mail-mta/qmail/files/qmail-dhparam.sh b/mail-mta/qmail/files/qmail-dhparam.sh
new file mode 100755
index 000000000000..fcad8e69efe6
--- /dev/null
+++ b/mail-mta/qmail/files/qmail-dhparam.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/qmail/files/qmail-dhparam.sh,v 1.1 2006/06/15 00:54:51 robbat2 Exp $
+# Robin H. Johnson <robbat2@gentoo.org> - Sept 5, 2005
+# This file generates the static temporary DH parameter keys needed for qmail to encrypt messages
+# It should be run from a crontab, once a day is ok on low load machines, but
+# if you do lots of mail, once per hour is more reasonable
+# if you do NOT create the dh512.pem/dh1024.pem, qmail will generate it on the fly for
+# each connection, which can be VERY slow.
+
+# this is the number of bits in the key
+# it should be a power of 2 ideally
+# and it must be more than 64!
+# set this to 512 only if you are using export grade encryption
+# and configure tls*ciphers for qmail
+bits="1024 512"
+
+for b in $bits ; do
+ if [ -z "${ROOT}" -o "${ROOT}" = "/" ]; then
+ confdir=/var/qmail/control
+ else
+ confdir=${ROOT}/var/qmail/control
+ fi
+ pemfile="${confdir}/dh${b}.pem"
+ tmpfile="${confdir}/dh${b}.pem.tmp"
+
+ # the key should be 0600
+ # which is readable by qmaild only!
+ umaskvalue="0077"
+ uid="qmaild"
+ gid="qmail"
+
+ umask ${umaskvalue} ;
+ # we need to make sure that all of the operations succeed
+ /usr/bin/openssl dhparam -out ${tmpfile} ${b} 2>/dev/null && \
+ /bin/chown ${uid}:${gid} ${tmpfile} && \
+ /bin/mv -f ${tmpfile} ${pemfile}
+done
diff --git a/mail-mta/qmail/files/tcprules.d-Makefile.qmail b/mail-mta/qmail/files/tcprules.d-Makefile.qmail
new file mode 100644
index 000000000000..e8d17abae974
--- /dev/null
+++ b/mail-mta/qmail/files/tcprules.d-Makefile.qmail
@@ -0,0 +1,3 @@
+QMAIL_CDBS = tcp.qmail-pop3.cdb tcp.qmail-qmqp.cdb tcp.qmail-qmtp.cdb tcp.qmail-smtp.cdb
+CDBS += $(QMAIL_CDBS)
+qmail: $(QMAIL_CDBS)
diff --git a/mail-mta/qmail/qmail-1.03-r16.ebuild b/mail-mta/qmail/qmail-1.03-r16.ebuild
index 80572c1b3efa..be092d3abe09 100644
--- a/mail-mta/qmail/qmail-1.03-r16.ebuild
+++ b/mail-mta/qmail/qmail-1.03-r16.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2006 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/mail-mta/qmail/qmail-1.03-r16.ebuild,v 1.53 2006/04/27 21:50:07 hansmi Exp $
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/qmail/qmail-1.03-r16.ebuild,v 1.54 2006/06/15 00:54:51 robbat2 Exp $
inherit toolchain-funcs eutils fixheadtails flag-o-matic
@@ -440,6 +440,8 @@ src_install() {
for i in smtp qmtp qmqp pop3; do
newins ${FILESDIR}/tcp.${i}.sample tcp.qmail-${i}
done
+ # this script does the hard work
+ newins ${FILESDIR}/tcprules.d-Makefile.qmail Makefile.qmail
einfo "Installing the qmail startup file ..."
insinto /var/qmail
@@ -467,7 +469,9 @@ src_install() {
einfo "RSA key generation cronjob"
insinto /etc/${CRON_FOLDER}
doins ${FILESDIR}/qmail-genrsacert.sh
- chmod +x ${D}/etc/${CRON_FOLDER}/qmail-genrsacert.sh
+ fperms +x /etc/${CRON_FOLDER}/qmail-genrsacert.sh
+ doins ${FILESDIR}/qmail-dhparam.sh
+ fperms +x /etc/${CRON_FOLDER}/qmail-dhparam.sh
# for some files
keepdir /var/qmail/control/tlshosts/