Bug#376146: Acknowledgement (dovecot: Use the SSL snakeoil certificate)

Fri, 30 Jun 2006 07:57:24 -0700 

Hi,

Sorry, the last patch I sent you was against an older version. Please
find attached the updated patch.

Martin
-- 
Martin Pitt        http://www.piware.de
Ubuntu Developer   http://www.ubuntu.com
Debian Developer   http://www.debian.org

In a world without walls and fences, who needs Windows and Gates?

--- dovecot-1.0.rc1/debian/control
+++ dovecot-1.0.rc1/debian/control
@@ -8,7 +8,7 @@
 
 Package: dovecot-common
 Architecture: any
-Depends: ${shlibs:Depends}, libpam-runtime (>= 0.76-13.1), openssl, adduser
+Depends: ${shlibs:Depends}, libpam-runtime (>= 0.76-13.1), openssl, adduser, 
ssl-cert (>= 1.0.12)
 Replaces: dovecot
 Description: secure mail server that supports mbox and maildir mailboxes
  Dovecot is a mail server whose major goals are security and extreme
diff -u dovecot-1.0.rc1/debian/patches/00list 
dovecot-1.0.rc1/debian/patches/00list
--- dovecot-1.0.rc1/debian/patches/00list
+++ dovecot-1.0.rc1/debian/patches/00list
@@ -5,0 +6 @@
+ssl-cert-snakeoil
diff -u dovecot-1.0.rc1/debian/dovecot-common.init 
dovecot-1.0.rc1/debian/dovecot-common.init
--- dovecot-1.0.rc1/debian/dovecot-common.postinst
+++ dovecot-1.0.rc1/debian/dovecot-common.postinst
@@ -19,8 +19,8 @@
   
   ## SSL Certs
   # Certs and key file
-  SSL_CERT=$( (egrep -s "^[^#]*ssl_cert_file" /etc/dovecot/dovecot.conf  || 
echo '/etc/ssl/certs/dovecot.pem') | cut -d'=' -f2)
-  SSL_KEY=$( (grep -s "^[^#]*ssl_key_file" /etc/dovecot/dovecot.conf || echo 
'/etc/ssl/private/dovecot.pem') | cut -d'=' -f2)
+  SSL_CERT=$( (grep "ssl_cert_file" /etc/dovecot/dovecot.conf  || echo 
'/etc/ssl/certs/dovecot.pem') | cut -d'=' -f2)
+  SSL_KEY=$( (grep "ssl_key_file" /etc/dovecot/dovecot.conf || echo 
'/etc/ssl/private/dovecot.pem') | cut -d'=' -f2)
   
   # Generate new certs if needed
   if [ -f $SSL_CERT ] && [ -f $SSL_KEY ]; then
only in patch2:
unchanged:
--- dovecot-1.0.rc1.orig/debian/patches/ssl-cert-snakeoil.dpatch
+++ dovecot-1.0.rc1/debian/patches/ssl-cert-snakeoil.dpatch
@@ -0,0 +1,35 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## ssl-cert-snakeoil.dpatch by  <[EMAIL PROTECTED]>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
[EMAIL PROTECTED]@
+diff -urNad dovecot-1.0.rc1~/dovecot-example.conf 
dovecot-1.0.rc1/dovecot-example.conf
+--- dovecot-1.0.rc1~/dovecot-example.conf      2006-06-30 15:33:41.000000000 
+0200
++++ dovecot-1.0.rc1/dovecot-example.conf       2006-06-30 15:33:41.000000000 
+0200
+@@ -86,8 +86,8 @@
+ # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
+ # dropping root privileges, so keep the key file unreadable by anyone but
+ # root.
+-#ssl_cert_file = /etc/ssl/certs/dovecot.pem
+-#ssl_key_file = /etc/ssl/private/dovecot.pem
++#ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
++#ssl_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
+ 
+ # If key file is password protected, give the password here. Alternatively
+ # give it when starting dovecot with -p parameter.
+diff -urNad dovecot-1.0.rc1~/src/master/master-settings.c 
dovecot-1.0.rc1/src/master/master-settings.c
+--- dovecot-1.0.rc1~/src/master/master-settings.c      2006-06-17 
18:49:04.000000000 +0200
++++ dovecot-1.0.rc1/src/master/master-settings.c       2006-06-30 
15:34:50.000000000 +0200
+@@ -273,8 +273,8 @@
+ 
+       MEMBER(ssl_disable) FALSE,
+       MEMBER(ssl_ca_file) "",
+-      MEMBER(ssl_cert_file) SSLDIR"/certs/dovecot.pem",
+-      MEMBER(ssl_key_file) SSLDIR"/private/dovecot.pem",
++      MEMBER(ssl_cert_file) SSLDIR"/certs/ssl-cert-snakeoil.pem",
++      MEMBER(ssl_key_file) SSLDIR"/private/ssl-cert-snakeoil.key",
+       MEMBER(ssl_key_password) "",
+       MEMBER(ssl_parameters_regenerate) 168,
+       MEMBER(ssl_cipher_list) "",

Attachment: signature.asc
Description: Digital signature

Reply via email to