This is a cc patch for ucspi-ssl:
http://www.netdevice.com/qmail/patch/ucspi-ssl-cc-patch
See http://www.superscript.com/ucspi-ssl/intro.html.
The version of patch in Solaris is broken, use gpatch or GNU patch instead.
Instructions for implementing secure pop3d:
# gzip -cd openssl-0.9.7d.tar.gz | tar -xf -
# cd openssl-0.9.7d
# ./config
# make
# make test
# make install
# cd /package
# gzip -cd ucspi-ssl-0.67.tar.gz | tar -xf -
# cd host/superscript.com/net/ucspi-ssl-0.67
# patch -p1 < /path/to/ucspi-ssl-cc.patch
# package/compile
# package/rts
# package/install
# package/report
# mkdir /usr/local/ssl/pem
# mkdir /usr/local/ssl/private
# openssl dhparam -check -text -5 1024 -out /usr/local/ssl/pem/dh1024.pem
# openssl req -new -x509 -nodes -days 730 -newkey rsa:1024 -keyout /usr/local/ssl/private/pop3s.key -out /usr/local/ssl/certs/pop3s.cert
# mkdir /var/qmail/supervise/qmail-pop3s
# mkdir /var/qmail/supervise/qmail-pop3s/log
# mkdir /var/log/pop3s
# chown qmaill /var/log/pop3s
# vi /var/qmail/supervise/qmail-pop3s/run
#!/bin/sh
CERTFILE="/usr/local/ssl/certs/pop3s.cert"
KEYFILE="/usr/local/ssl/private/pop3s.key"
DHFILE="/usr/local/ssl/pem/dh1024.pem"
export CERTFILE KEYFILE DHFILE
LOCAL="pop3s.example.com"
exec /usr/local/bin/softlimit -m 5000000 /usr/local/bin/sslserver -v -R -l \
"$LOCAL" 0 pop3s /var/qmail/bin/qmail-popup "$LOCAL" /bin/checkpassword \
/var/qmail/bin/qmail-pop3d Maildir 2>&1
# vi /var/qmail/supervise/qmail-pop3s/log/run
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t \
s16777214 n1000 /var/log/pop3s
# chmod 755 /var/qmail/supervise/qmail-pop3s/run
# chmod 755 /var/qmail/supervise/qmail-pop3s/log/run
# ln -s /var/qmail/supervise/qmail-pop3s /service
# sslconnect pop3s.example.com 995 -a /usr/local/ssl/certs/pop3s.cert
+OK <24015.1077736920@pop3s.example.com>
user mary
+OK
pass jane
+OK
list
+OK
.
quit
+OK
# tail /var/log/pop3s/current | tai64nlocal
Patch:
diff -ur ucspi-ssl.orig/src/conf-cc ucspi-ssl/src/conf-cc
--- ucspi-ssl.orig/src/conf-cc Tue Mar 16 23:30:05 2004
+++ ucspi-ssl/src/conf-cc Wed Mar 17 13:14:38 2004
@@ -1,3 +1,3 @@
-auto
+cc -I/usr/local/ssl/include
This will be used to compile .c files.
diff -ur ucspi-ssl.orig/src/conf-ld ucspi-ssl/src/conf-ld
--- ucspi-ssl.orig/src/conf-ld Tue Mar 16 23:30:05 2004
+++ ucspi-ssl/src/conf-ld Wed Mar 17 13:14:17 2004
@@ -1,3 +1,3 @@
-gcc -s
+cc -L/usr/local/ssl/lib -R/usr/local/ssl/lib
This will be used to link .o files into an executable.