| sendmail (256281) | sendmail (256982) |
|---|---|
| 1#!/bin/sh 2# | 1#!/bin/sh 2# |
| 3# $FreeBSD: stable/10/etc/rc.d/sendmail 255654 2013-09-17 20:24:03Z hrs $ | 3# $FreeBSD: stable/10/etc/rc.d/sendmail 256982 2013-10-23 16:55:20Z jmg $ |
| 4# 5 6# PROVIDE: mail 7# REQUIRE: LOGIN FILESYSTEMS 8# we make mail start late, so that things like .forward's are not 9# processed until the system is fully operational 10# KEYWORD: shutdown 11 --- 7 unchanged lines hidden (view full) --- 19required_files="/etc/mail/${name}.cf" 20start_precmd="sendmail_precmd" 21 22load_rc_config $name 23command=${sendmail_program:-/usr/sbin/${name}} 24pidfile=${sendmail_pidfile:-/var/run/${name}.pid} 25procname=${sendmail_procname:-/usr/sbin/${name}} 26 | 4# 5 6# PROVIDE: mail 7# REQUIRE: LOGIN FILESYSTEMS 8# we make mail start late, so that things like .forward's are not 9# processed until the system is fully operational 10# KEYWORD: shutdown 11 --- 7 unchanged lines hidden (view full) --- 19required_files="/etc/mail/${name}.cf" 20start_precmd="sendmail_precmd" 21 22load_rc_config $name 23command=${sendmail_program:-/usr/sbin/${name}} 24pidfile=${sendmail_pidfile:-/var/run/${name}.pid} 25procname=${sendmail_procname:-/usr/sbin/${name}} 26 |
| 27CERTDIR=/etc/mail/certs 28 |
|
| 27case ${sendmail_enable} in 28[Nn][Oo][Nn][Ee]) 29 sendmail_enable="NO" 30 sendmail_submit_enable="NO" 31 sendmail_outbound_enable="NO" 32 sendmail_msp_queue_enable="NO" 33 ;; 34esac --- 4 unchanged lines hidden (view full) --- 39 sendmail_outbound_enable="NO" 40fi 41 42# If sendmail_submit_enable=yes, don't need outbound daemon 43if checkyesno sendmail_submit_enable; then 44 sendmail_outbound_enable="NO" 45fi 46 | 29case ${sendmail_enable} in 30[Nn][Oo][Nn][Ee]) 31 sendmail_enable="NO" 32 sendmail_submit_enable="NO" 33 sendmail_outbound_enable="NO" 34 sendmail_msp_queue_enable="NO" 35 ;; 36esac --- 4 unchanged lines hidden (view full) --- 41 sendmail_outbound_enable="NO" 42fi 43 44# If sendmail_submit_enable=yes, don't need outbound daemon 45if checkyesno sendmail_submit_enable; then 46 sendmail_outbound_enable="NO" 47fi 48 |
| 49sendmail_cert_create() 50{ 51 cnname="${sendmail_cert_cn:-`hostname`}" 52 cnname="${cnname:-amnesiac}" 53 54 # based upon: 55 # http://www.sendmail.org/~ca/email/other/cagreg.html 56 CAdir=`mktemp -d` && 57 certpass=`(date; ps ax ; hostname) | md5 -q` 58 59 # make certificate authority 60 ( cd "$CAdir" && 61 chmod 700 "$CAdir" && 62 mkdir certs crl newcerts && 63 echo "01" > serial && 64 :> index.txt && 65 66 cat <<-OPENSSL_CNF > openssl.cnf && 67 RANDFILE = $CAdir/.rnd 68 [ ca ] 69 default_ca = CA_default 70 [ CA_default ] 71 dir = . 72 certs = \$dir/certs # Where the issued certs are kept 73 crl_dir = \$dir/crl # Where the issued crl are kept 74 database = \$dir/index.txt # database index file. 75 new_certs_dir = \$dir/newcerts # default place for new certs. 76 certificate = \$dir/cacert.pem # The CA certificate 77 serial = \$dir/serial # The current serial number 78 crlnumber = \$dir/crlnumber # the current crl number 79 crl = \$dir/crl.pem # The current CRL 80 private_key = \$dir/cakey.pem 81 x509_extensions = usr_cert # The extentions to add to the cert 82 name_opt = ca_default # Subject Name options 83 cert_opt = ca_default # Certificate field options 84 default_days = 365 # how long to certify for 85 default_crl_days= 30 # how long before next CRL 86 default_md = default # use public key default MD 87 preserve = no # keep passed DN ordering 88 policy = policy_anything 89 [ policy_anything ] 90 countryName = optional 91 stateOrProvinceName = optional 92 localityName = optional 93 organizationName = optional 94 organizationalUnitName = optional 95 commonName = supplied 96 emailAddress = optional 97 [ req ] 98 default_bits = 2048 99 default_keyfile = privkey.pem 100 distinguished_name = req_distinguished_name 101 attributes = req_attributes 102 x509_extensions = v3_ca # The extentions to add to the self signed cert 103 string_mask = utf8only 104 prompt = no 105 [ req_distinguished_name ] 106 countryName = XX 107 stateOrProvinceName = Some-state 108 localityName = Some-city 109 0.organizationName = Some-org 110 CN = $cnname 111 [ req_attributes ] 112 challengePassword = foobar 113 unstructuredName = An optional company name 114 [ usr_cert ] 115 basicConstraints=CA:FALSE 116 nsComment = "OpenSSL Generated Certificate" 117 subjectKeyIdentifier=hash 118 authorityKeyIdentifier=keyid,issuer 119 [ v3_req ] 120 basicConstraints = CA:FALSE 121 keyUsage = nonRepudiation, digitalSignature, keyEncipherment 122 [ v3_ca ] 123 subjectKeyIdentifier=hash 124 authorityKeyIdentifier=keyid:always,issuer 125 basicConstraints = CA:true 126 OPENSSL_CNF 127 128 # though we use a password, the key is discarded and never used 129 openssl req -batch -passout pass:"$certpass" -new -x509 \ 130 -keyout cakey.pem -out cacert.pem -days 3650 \ 131 -config openssl.cnf -newkey rsa:2048 >/dev/null 2>&1 && 132 133 # make new certificate 134 openssl req -batch -nodes -new -x509 -keyout newkey.pem \ 135 -out newreq.pem -days 365 -config openssl.cnf \ 136 -newkey rsa:2048 >/dev/null 2>&1 && 137 138 # sign certificate 139 openssl x509 -x509toreq -in newreq.pem -signkey newkey.pem \ 140 -out tmp.pem >/dev/null 2>&1 && 141 openssl ca -notext -config openssl.cnf \ 142 -out newcert.pem -keyfile cakey.pem -cert cacert.pem \ 143 -key "$certpass" -batch -infiles tmp.pem >/dev/null 2>&1 && 144 145 mkdir -p "$CERTDIR" && 146 chmod 0755 "$CERTDIR" && 147 chmod 644 newcert.pem cacert.pem && 148 chmod 600 newkey.pem && 149 cp -p newcert.pem "$CERTDIR"/host.cert && 150 cp -p cacert.pem "$CERTDIR"/cacert.pem && 151 cp -p newkey.pem "$CERTDIR"/host.key && 152 ln -s cacert.pem "$CERTDIR"/`openssl x509 -hash -noout \ 153 -in cacert.pem`.0) 154 155 retVal="$?" 156 rm -rf "$CAdir" 157 158 return "$retVal" 159} 160 |
|
| 47sendmail_precmd() 48{ 49 # Die if there's pre-8.10 custom configuration file. This check is 50 # mandatory for smooth upgrade. See NetBSD PR 10100 for details. 51 # 52 if checkyesno ${rcvar} && [ -f "/etc/${name}.cf" ]; then 53 if ! cmp -s "/etc/mail/${name}.cf" "/etc/${name}.cf"; then 54 warn \ --- 11 unchanged lines hidden (view full) --- 66 /usr/bin/newaliases 67 fi 68 else 69 echo \ 70 "${name}: /etc/mail/aliases.db not present, generating" 71 /usr/bin/newaliases 72 fi 73 fi | 161sendmail_precmd() 162{ 163 # Die if there's pre-8.10 custom configuration file. This check is 164 # mandatory for smooth upgrade. See NetBSD PR 10100 for details. 165 # 166 if checkyesno ${rcvar} && [ -f "/etc/${name}.cf" ]; then 167 if ! cmp -s "/etc/mail/${name}.cf" "/etc/${name}.cf"; then 168 warn \ --- 11 unchanged lines hidden (view full) --- 180 /usr/bin/newaliases 181 fi 182 else 183 echo \ 184 "${name}: /etc/mail/aliases.db not present, generating" 185 /usr/bin/newaliases 186 fi 187 fi |
| 188 189 if checkyesno sendmail_cert_create && [ ! \( \ 190 -f "$CERTDIR/host.cert" -o -f "$CERTDIR/host.key" -o \ 191 -f "$CERTDIR/cacert.pem" \) ]; then 192 if ! openssl version >/dev/null 2>&1; then 193 warn "OpenSSL not available, but sendmail_cert_create is YES." 194 else 195 info Creating certificate for sendmail. 196 sendmail_cert_create 197 fi 198 fi |
|
| 74} 75 76run_rc_command "$1" 77 78required_files= 79 80if checkyesno sendmail_submit_enable; then 81 name="sendmail_submit" --- 15 unchanged lines hidden --- | 199} 200 201run_rc_command "$1" 202 203required_files= 204 205if checkyesno sendmail_submit_enable; then 206 name="sendmail_submit" --- 15 unchanged lines hidden --- |