diff options
author | Robin H. Johnson <robbat2@gentoo.org> | 2006-06-15 00:54:51 +0000 |
---|---|---|
committer | Robin H. Johnson <robbat2@gentoo.org> | 2006-06-15 00:54:51 +0000 |
commit | 2f9e29c169665a017b1f49acf10ed164b9432334 (patch) | |
tree | 97b060d42e1a762072b0cd684b686680d2345be8 /mail-mta | |
parent | dep correction (diff) | |
download | gentoo-2-2f9e29c169665a017b1f49acf10ed164b9432334.tar.gz gentoo-2-2f9e29c169665a017b1f49acf10ed164b9432334.tar.bz2 gentoo-2-2f9e29c169665a017b1f49acf10ed164b9432334.zip |
Two silent changes: add a script for generating dhparam, and a Makefile for helping with /etc/tcprules.d/ - I meant to commit these last year ;-).
(Portage version: 2.1)
Diffstat (limited to 'mail-mta')
-rw-r--r-- | mail-mta/qmail/ChangeLog | 8 | ||||
-rwxr-xr-x | mail-mta/qmail/files/qmail-dhparam.sh | 37 | ||||
-rw-r--r-- | mail-mta/qmail/files/tcprules.d-Makefile.qmail | 3 | ||||
-rw-r--r-- | mail-mta/qmail/qmail-1.03-r16.ebuild | 8 |
4 files changed, 53 insertions, 3 deletions
diff --git a/mail-mta/qmail/ChangeLog b/mail-mta/qmail/ChangeLog index cc44313dc54f..2959228689b8 100644 --- a/mail-mta/qmail/ChangeLog +++ b/mail-mta/qmail/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for mail-mta/qmail # Copyright 2002-2006 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/mail-mta/qmail/ChangeLog,v 1.78 2006/05/06 20:15:32 hansmi Exp $ +# $Header: /var/cvsroot/gentoo-x86/mail-mta/qmail/ChangeLog,v 1.79 2006/06/15 00:54:51 robbat2 Exp $ + + 15 Jun 2006; Robin H. Johnson <robbat2@gentoo.org> + +files/qmail-dhparam.sh, +files/tcprules.d-Makefile.qmail, + qmail-1.03-r16.ebuild: + Two silent changes: add a script for generating dhparam, and a Makefile for + helping with /etc/tcprules.d/ - I meant to commit these last year ;-). 06 May 2006; Michael Hanselmann <hansmi@gentoo.org> files/qmail-genrsacert.sh: diff --git a/mail-mta/qmail/files/qmail-dhparam.sh b/mail-mta/qmail/files/qmail-dhparam.sh new file mode 100755 index 000000000000..fcad8e69efe6 --- /dev/null +++ b/mail-mta/qmail/files/qmail-dhparam.sh @@ -0,0 +1,37 @@ +#!/bin/bash +# $Header: /var/cvsroot/gentoo-x86/mail-mta/qmail/files/qmail-dhparam.sh,v 1.1 2006/06/15 00:54:51 robbat2 Exp $ +# Robin H. Johnson <robbat2@gentoo.org> - Sept 5, 2005 +# This file generates the static temporary DH parameter keys needed for qmail to encrypt messages +# It should be run from a crontab, once a day is ok on low load machines, but +# if you do lots of mail, once per hour is more reasonable +# if you do NOT create the dh512.pem/dh1024.pem, qmail will generate it on the fly for +# each connection, which can be VERY slow. + +# this is the number of bits in the key +# it should be a power of 2 ideally +# and it must be more than 64! +# set this to 512 only if you are using export grade encryption +# and configure tls*ciphers for qmail +bits="1024 512" + +for b in $bits ; do + if [ -z "${ROOT}" -o "${ROOT}" = "/" ]; then + confdir=/var/qmail/control + else + confdir=${ROOT}/var/qmail/control + fi + pemfile="${confdir}/dh${b}.pem" + tmpfile="${confdir}/dh${b}.pem.tmp" + + # the key should be 0600 + # which is readable by qmaild only! + umaskvalue="0077" + uid="qmaild" + gid="qmail" + + umask ${umaskvalue} ; + # we need to make sure that all of the operations succeed + /usr/bin/openssl dhparam -out ${tmpfile} ${b} 2>/dev/null && \ + /bin/chown ${uid}:${gid} ${tmpfile} && \ + /bin/mv -f ${tmpfile} ${pemfile} +done diff --git a/mail-mta/qmail/files/tcprules.d-Makefile.qmail b/mail-mta/qmail/files/tcprules.d-Makefile.qmail new file mode 100644 index 000000000000..e8d17abae974 --- /dev/null +++ b/mail-mta/qmail/files/tcprules.d-Makefile.qmail @@ -0,0 +1,3 @@ +QMAIL_CDBS = tcp.qmail-pop3.cdb tcp.qmail-qmqp.cdb tcp.qmail-qmtp.cdb tcp.qmail-smtp.cdb +CDBS += $(QMAIL_CDBS) +qmail: $(QMAIL_CDBS) diff --git a/mail-mta/qmail/qmail-1.03-r16.ebuild b/mail-mta/qmail/qmail-1.03-r16.ebuild index 80572c1b3efa..be092d3abe09 100644 --- a/mail-mta/qmail/qmail-1.03-r16.ebuild +++ b/mail-mta/qmail/qmail-1.03-r16.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2006 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/mail-mta/qmail/qmail-1.03-r16.ebuild,v 1.53 2006/04/27 21:50:07 hansmi Exp $ +# $Header: /var/cvsroot/gentoo-x86/mail-mta/qmail/qmail-1.03-r16.ebuild,v 1.54 2006/06/15 00:54:51 robbat2 Exp $ inherit toolchain-funcs eutils fixheadtails flag-o-matic @@ -440,6 +440,8 @@ src_install() { for i in smtp qmtp qmqp pop3; do newins ${FILESDIR}/tcp.${i}.sample tcp.qmail-${i} done + # this script does the hard work + newins ${FILESDIR}/tcprules.d-Makefile.qmail Makefile.qmail einfo "Installing the qmail startup file ..." insinto /var/qmail @@ -467,7 +469,9 @@ src_install() { einfo "RSA key generation cronjob" insinto /etc/${CRON_FOLDER} doins ${FILESDIR}/qmail-genrsacert.sh - chmod +x ${D}/etc/${CRON_FOLDER}/qmail-genrsacert.sh + fperms +x /etc/${CRON_FOLDER}/qmail-genrsacert.sh + doins ${FILESDIR}/qmail-dhparam.sh + fperms +x /etc/${CRON_FOLDER}/qmail-dhparam.sh # for some files keepdir /var/qmail/control/tlshosts/ |