File: 10tls.dpatch

package info (click to toggle)
postfix 2.3.8-2%2Betch1
  • links: PTS
  • area: main
  • in suites: etch
  • size: 15,744 kB
  • ctags: 11,426
  • sloc: ansic: 81,810; makefile: 10,743; sh: 7,874; perl: 2,468; awk: 41
file content (118 lines) | stat: -rw-r--r-- 4,126 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
 
#! /bin/sh /usr/share/dpatch/dpatch-run
## 10tls.dpatch by LaMont Jones <lamont@debian.org>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Debian tweaks to the default tls config

@DPATCH@
diff -urNad postfix~/conf/main.cf.tls postfix/conf/main.cf.tls
--- postfix~/conf/main.cf.tls	1969-12-31 17:00:00.000000000 -0700
+++ postfix/conf/main.cf.tls	2006-12-06 13:16:29.000000000 -0700
@@ -0,0 +1,11 @@
+
+# TLS parameters
+smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
+smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
+smtpd_use_tls=yes
+smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
+smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
+
+# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
+# information on enabling SSL in the smtp client.
+
diff -urNad postfix~/src/global/mail_params.h postfix/src/global/mail_params.h
--- postfix~/src/global/mail_params.h	2006-12-06 13:16:28.000000000 -0700
+++ postfix/src/global/mail_params.h	2006-12-06 13:16:29.000000000 -0700
@@ -591,7 +591,7 @@
 extern int var_dup_filter_limit;
 
 #define VAR_TLS_RAND_EXCH_NAME	"tls_random_exchange_name"
-#define DEF_TLS_RAND_EXCH_NAME	"${config_directory}/prng_exch"
+#define DEF_TLS_RAND_EXCH_NAME	"${queue_directory}/prng_exch"
 extern char *var_tls_rand_exch_name;
 
 #define VAR_TLS_RAND_SOURCE	"tls_random_source"
diff -urNad postfix~/src/xsasl/xsasl_cyrus_client.c postfix/src/xsasl/xsasl_cyrus_client.c
--- postfix~/src/xsasl/xsasl_cyrus_client.c	2006-07-24 10:24:45.000000000 -0600
+++ postfix/src/xsasl/xsasl_cyrus_client.c	2006-12-06 13:25:12.000000000 -0700
@@ -222,6 +222,10 @@
      */
     static sasl_callback_t callbacks[] = {
 	{SASL_CB_LOG, &xsasl_cyrus_log, 0},
+	{SASL_CB_GETPATH,&xsasl_getpath, 0},
+#ifdef SASL_CB_GETCONFPATH
+	{SASL_CB_GETCONFPATH,&xsasl_getconfpath, 0},
+#endif
 	{SASL_CB_LIST_END, 0, 0}
     };
 
diff -urNad postfix~/src/xsasl/xsasl_cyrus_common.h postfix/src/xsasl/xsasl_cyrus_common.h
--- postfix~/src/xsasl/xsasl_cyrus_common.h	2006-07-24 10:24:45.000000000 -0600
+++ postfix/src/xsasl/xsasl_cyrus_common.h	2006-12-06 13:25:29.000000000 -0700
@@ -16,12 +16,18 @@
   */
 #if defined(USE_SASL_AUTH) && defined(USE_CYRUS_SASL)
 
+#include <sasl.h>
+
 #define NO_SASL_LANGLIST	((const char *) 0)
 #define NO_SASL_OUTLANG		((const char **) 0)
 #define xsasl_cyrus_strerror(status) \
 	sasl_errstring((status), NO_SASL_LANGLIST, NO_SASL_OUTLANG)
 extern int xsasl_cyrus_log(void *, int, const char *);
 extern int xsasl_cyrus_security_parse_opts(const char *);
+extern int xsasl_getpath(void * context, char ** path);
+#ifdef SASL_CB_GETCONFPATH
+extern int xsasl_getconfpath(void * context, char ** path);
+#endif
 
 #endif
 
diff -urNad postfix~/src/xsasl/xsasl_cyrus_log.c postfix/src/xsasl/xsasl_cyrus_log.c
--- postfix~/src/xsasl/xsasl_cyrus_log.c	2006-07-24 10:24:45.000000000 -0600
+++ postfix/src/xsasl/xsasl_cyrus_log.c	2006-12-06 13:25:50.000000000 -0700
@@ -28,6 +28,7 @@
 /* System library. */
 
 #include <sys_defs.h>
+#include <string.h>
 
 /* Utility library. */
 
@@ -101,4 +102,22 @@
     return (SASL_OK);
 }
 
+int xsasl_getpath(void * context, char ** path)
+{
+#if SASL_VERSION_MAJOR >= 2
+    *path = strdup("/etc/postfix/sasl:/usr/lib/sasl2");
+#else
+    *path = strdup("/etc/postfix/sasl:/usr/lib/sasl");
+#endif
+    return SASL_OK;
+}
+
+#ifdef SASL_CB_GETCONFPATH
+int xsasl_getconfpath(void * context, char ** path)
+{
+    *path = strdup("/etc/postfix/sasl:/usr/lib/sasl2");
+    return SASL_OK;
+}
+#endif
+
 #endif
diff -urNad postfix~/src/xsasl/xsasl_cyrus_server.c postfix/src/xsasl/xsasl_cyrus_server.c
--- postfix~/src/xsasl/xsasl_cyrus_server.c	2006-07-24 10:24:45.000000000 -0600
+++ postfix/src/xsasl/xsasl_cyrus_server.c	2006-12-06 13:25:58.000000000 -0700
@@ -174,6 +174,10 @@
 
 static sasl_callback_t callbacks[] = {
     {SASL_CB_LOG, &xsasl_cyrus_log, NO_CALLBACK_CONTEXT},
+    {SASL_CB_GETPATH,&xsasl_getpath, 0},
+#ifdef SASL_CB_GETCONFPATH
+    {SASL_CB_GETCONFPATH,&xsasl_getconfpath, 0},
+#endif
     {SASL_CB_LIST_END, 0, 0}
 };