diff --git a/exim-4.69-strictaliasing.patch b/exim-4.69-strictaliasing.patch new file mode 100644 index 0000000..7eb9d13 --- /dev/null +++ b/exim-4.69-strictaliasing.patch @@ -0,0 +1,11 @@ +diff -up exim-4.69/src/exim.h.strictaliasing exim-4.69/src/exim.h +--- exim-4.69/src/exim.h.strictaliasing 2009-08-18 15:10:42.000000000 +0200 ++++ exim-4.69/src/exim.h 2009-08-18 15:16:01.000000000 +0200 +@@ -484,6 +484,7 @@ union sockaddr_46 { + #if HAVE_IPV6 + struct sockaddr_in6 v6; + #endif ++ struct sockaddr g; + }; + + /* If SUPPORT_TLS is not defined, ensure that USE_GNUTLS is also not defined diff --git a/exim.init b/exim.init index 09d7908..1a86e30 100644 --- a/exim.init +++ b/exim.init @@ -28,6 +28,36 @@ fi [ -f /usr/sbin/exim ] || exit 0 +gen_cert() { + if [ ! -f /etc/pki/tls/certs/exim.pem ] ; then + umask 077 + FQDN=`hostname` + if [ "x${FQDN}" = "x" ]; then + FQDN=localhost.localdomain + fi + echo -n $"Generating exim certificate: " + cat << EOF | openssl req -new -x509 -days 365 -nodes \ + -out /etc/pki/tls/certs/exim.pem \ + -keyout /etc/pki/tls/private/exim.pem &>/dev/null +-- +SomeState +SomeCity +SomeOrganization +SomeOrganizationalUnit +${FQDN} +root@${FQDN} +EOF + if [ $? -eq 0 ]; then + success + chown exim.exim /etc/pki/tls/{private,certs}/exim.pem + chmod 600 /etc/pki/tls/{private,certs}/exim.pem + else + failure + fi + echo + fi +} + start() { # check ownerships # do this by seeing if /var/log/exim/main.log exists and is @@ -39,6 +69,10 @@ start() { chown -R exim:exim /var/log/exim /var/spool/exim fi fi + + # generate certificate if doesn't exist + gen_cert + # Start daemons. echo -n $"Starting exim: " daemon /usr/sbin/exim $([ "$DAEMON" = yes ] && echo -bd) \ diff --git a/exim.spec b/exim.spec index aa8561f..992ab77 100644 --- a/exim.spec +++ b/exim.spec @@ -19,7 +19,7 @@ Group: System Environment/Daemons Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Provides: MTA smtpd smtpdaemon server(smtp) /usr/bin/newaliases Provides: /usr/sbin/sendmail /usr/bin/mailq /usr/bin/rmail -Requires(post): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives openssl +Requires(post): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives Requires(preun): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives Requires(pre): %{_sbindir}/groupadd, %{_sbindir}/useradd %if 0%{?buildclam} @@ -53,6 +53,7 @@ Patch22: exim-4.66-greylist-conf.patch Patch23: exim-4.67-smarthost-config.patch Patch24: exim-4.69-dynlookup.patch Patch25: exim-4.69-dynlookup-config.patch +Patch26: exim-4.69-strictaliasing.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -183,6 +184,7 @@ greylisting unconditional. %patch23 -p1 -b .smarthost %patch24 -p1 -b .dynlookup %patch25 -p1 -b .dynconfig +%patch26 -p1 -b .strictaliasing cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -351,27 +353,6 @@ exit 0 --slave %{_mandir}/man1/mailq.1.gz mta-mailqman %{_mandir}/man8/exim.8.gz \ --initscript exim -if [ ! -f /etc/pki/tls/certs/exim.pem ] ; then - umask 077 - FQDN=`hostname` - if [ "x${FQDN}" = "x" ]; then - FQDN=localhost.localdomain - fi - cat << EOF | openssl req -new -x509 -days 365 -nodes \ - -out /etc/pki/tls/certs/exim.pem \ - -keyout /etc/pki/tls/private/exim.pem &>/dev/null --- -SomeState -SomeCity -SomeOrganization -SomeOrganizationalUnit -${FQDN} -root@${FQDN} -EOF - chown exim.exim /etc/pki/tls/{private,certs}/exim.pem - chmod 600 /etc/pki/tls/{private,certs}/exim.pem -fi - %preun if [ $1 = 0 ]; then /sbin/service exim stop > /dev/null 2>&1 @@ -503,8 +484,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog -* Wed Aug 12 2009 David Woodhouse -- Require openssl for %post +* Tue Aug 18 2009 Miroslav Lichvar - 4.69-14 +- Move certificate generation to init script (#517013) +- Fix strict aliasing warning * Wed Aug 12 2009 David Woodhouse - 4.69-13 - Cope with lack of /etc/sysconfig/network (#506330)