1 files changed, 252 insertions, 0 deletions
diff --git a/debian/local/update_tlsm4 b/debian/local/update_tlsm4
new file mode 100644
index 0000000..a720e88
--- /dev/null
+++ b/debian/local/update_tlsm4
@@ -0,0 +1,252 @@
+#!/usr/bin/perl -w
+#------------------------------------------------------------------------
+#
+# $Sendmail: update_tls,v 8.14.3 2008-05-04 22:26:20 cowboy Exp $
+#
+# Create /etc/mail/tls/starttls.m4 for Debian Sendmail
+#
+# Copyright 1998-2008 Richard Nelson.  All Rights Reserved.
+#
+# Notes (to all):
+#	*
+#
+# Notes (to self):
+#	*
+#
+#------------------------------------------------------------------------
+#
+# Initialization of the perl environment
+use strict;			# be kosher
+use Cwd;			# provide cwd()
+use Env;			# A few environmental references
+use integer;		# Peformance
+use Sys::Hostname;	# make sure we have a valid hostname
+use Getopt::Long;	# parameter handling
+
+# Local libraries - for Debian Sendmail Perl helper functions
+# BEGIN { $main::my_path = substr($0,$[,rindex($0,'/')) };
+use lib ('.', substr($0,$[,rindex($0,'/')), "/usr/share/sendmail");
+require Parse_mc;
+
+# Version of this program
+#($main::MYNAME			= $main::0) =~ s|.*/||;
+#$main::Author			= "Richard Nelson";
+#$main::AuthorMail		= "cowboy\@debian.org";
+#$main::Version			= '$Revision: 2.00 $ ';
+$main::program_name    = $0;
+$main::program_version = '8.14.3';
+$main::program_date    = '2008-05-04 22:26:20 cowboy';
+$main::debug			= 0;
+
+my $interp_pgm = "$^X";
+my $interp_vrm = $];
+$interp_vrm = ("$^V" | '000') if (defined $^V);
+my $current_time = scalar localtime;
+my $user = getlogin || (getpwuid($<))[0] || "Unknown!!";
+my $hostname = hostname();
+my $directory = getcwd();
+
+my $Starttls_def = "/etc/mail/tls/starttls.m4";
+
+# Hash of define names to filename
+my %Def_Map;
+
+#
+#------------------------------------------------------------------------------
+# Finally, some code (almost)
+#------------------------------------------------------------------------------
+#
+# Argument handling...
+$main::opt_help='';
+$main::opt_output_file='';
+$main::opt_input_file='';
+$main::opt_debug='';
+my @options = qw(
+	help|h
+	output-file|output_file|o:s
+	input-file|input_file|i:s
+	debug!
+	);
+my $result = GetOptions(@options);
+if ( ! $result ) {
+	die "Terminating due to parameter error";
+	};
+if ( $main::opt_help ) {
+	warn "$main::program_name $main::program_version $main::program_date\n";
+	warn "$0 \n";
+	warn "	 -help\n" if $main::opt_help;
+	warn "	 -debug\n" if $main::opt_debug;
+	warn "	 -o $main::opt_output_file\n" if $main::opt_output_file;
+	warn "	 -i $main::opt_input_file\n"  if $main::opt_input_file;
+	exit 0;
+	};
+
+my $Starttls = $main::opt_output_file || $Starttls_def;
+${Parse_mc::database_file} = $main::opt_input_file
+	if $main::opt_input_file;
+# $main::debug is used in Parse_mc !
+$main::debug = $main::opt_debug || $main::debug;
+
+# Let them know wtf is going on...
+print STDOUT "Creating ${Starttls}...\n";
+
+# Read the mc/m4 files
+&Parse_mc::read_dbs($Parse_mc::database_file, '');
+
+# Obtain Starttls information from database
+&get_data;
+
+# Write out the textual representation
+&write_starttls;
+
+
+#
+#------------------------------------------------------------------------------
+# Obtain information from database
+#------------------------------------------------------------------------------
+sub get_data {
+	my @names = (
+			 'confTO_STARTTLS'
+			,'confCACERT'
+			,'confCACERT_PATH'
+			,'confCRL'
+			,'confCLIENT_CERT'
+			,'confCLIENT_KEY'
+			,'confSERVER_CERT'
+			,'confSERVER_KEY'
+			,'confDH_PARAMETERS'
+			,'confTLS_SRV_OPTIONS'
+			);
+
+	foreach my $entry (@names) {
+		my ($class, $flags, $files, $options) =
+			&Parse_mc::entry_dbs($entry);
+		my $file = @{$files}[0];
+		$Def_Map{$entry} = '';
+		$Def_Map{$entry} = $file if ($file ne '-');
+		#$Def_Map{$entry} = &Parse_mc::format_dbs($entry);
+		};
+	};
+
+
+#
+#------------------------------------------------------------------------------
+# Create /etc/mail/tls/starttls.m4
+#------------------------------------------------------------------------------
+sub write_starttls {
+	my $ofh = new FileHandle;
+
+	$Starttls = '&STDOUT' if ($Starttls eq '-');
+	unless ( open($ofh, ">$Starttls") ) {
+		warn("Could not open $Starttls($!), using STDOUT.\n");
+		open($ofh, ">&STDOUT");
+		};
+	$Starttls = '-' if ($Starttls eq '&STDOUT');
+
+	&write_m4($ofh);
+
+	close $ofh;
+	if ($Starttls eq $Starttls_def) {
+		chown '0', '0', $Starttls;
+		chmod 0744, $Starttls;
+		};
+	};
+
+
+#
+#------------------------------------------------------------------------------
+# Write Starttls m4 file
+#------------------------------------------------------------------------------
+sub write_m4 {
+	my ($ofh) = @_;
+
+	print $ofh <<"EOT";
+divert(-1)dnl
+####################################################################
+##### This file is automagically generated -- edit at your own risk
+#####
+##### Copyright (c) 2002-2008 Richard Nelson.  All Rights Reserved.
+#####
+##### file: ${Starttls}
+#####		STARTTLS Configuration for Debian Sendmail
+##### generated via: (${interp_pgm} ${interp_vrm})
+#####		${main::program_name}
+#####		version: ${main::program_version} ${main::program_date}
+##### by: ${user}\@${hostname}
+##### on: ${current_time}
+##### in: ${directory}
+##### input files: ${Parse_mc::database_file}
+#####
+##### Usage:
+#####	1) To get *ANY* STARTTLS support for sendmail you
+#####		A) *MUST* Add this line to /etc/mail/sendmail.mc 
+#####		   \`include(\`/etc/mail/tls/starttls.m4\')dnl\'
+#####		B) *MAY* Add the same line to /etc/mail/submit.mc
+#####		   to get MSP<->MTA authentication/encryption 
+#####	2) You may modify the marked portions of this file, those
+#####	   deal with the cert/key filenames and TLS options.
+#####	   If you need finer control of TLS options, use the access
+#####	   database.
+#####
+####################################################################
+divert(0)dnl
+VERSIONID(\`\$Id: starttls.m4,v 8.14.3-1 2008-05-04 22:26:20 cowboy Exp \$\')
+dnl #
+dnl #---------------------------------------------------------------------
+dnl # Bring in Autoconf results
+dnl #---------------------------------------------------------------------
+ifdef(\`sm_version\', \`dnl\',
+\`include(\`/usr/share/sendmail/cf/debian/autoconf.m4\')dnl\')
+dnl #
+dnl # Check to see if inclusion is valid (version >= 8.11.0, tls enabled)
+ifelse(eval(sm_version_math >= 527104), \`1\', \`dnl
+ifelse(sm_enable_tls, \`yes\', \`dnl
+dnl #
+dnl # To support shared keyfiles, we need them to be group readable
+dnl #
+define(\`confDONT_BLAME_SENDMAIL\',dnl
+	defn(\`confDONT_BLAME_SENDMAIL\')\`,GroupReadableKeyFile\')dnl
+dnl #
+dnl #             ...Do not touch anything above this line...
+dnl #
+dnl # Set a more reasonable timeout on negotiation
+dnl #
+define(\`confTO_STARTTLS\',     \`$Def_Map{'confTO_STARTTLS'}\')dnl   # <= EDIT
+dnl #
+dnl # CA directory - CA certs should be herein
+define(\`confCACERT_PATH\',     \`$Def_Map{'confCACERT_PATH'}\')dnl   # <= EDIT
+dnl #
+dnl # CA file (may be the same as client/server certificate)
+define(\`confCACERT\',           \`$Def_Map{'confCACERT'}\')dnl   # <= EDIT
+dnl #
+dnl # Certificate Revocation List
+define(\`confCRL\',              \`$Def_Map{'confCRL'}\')dnl   # <= EDIT
+EOT
+if (! -f $Def_Map{'confCRL'}) {
+print $ofh <<"EOT";
+dnl # CRL not found...  do not issue warnings on it!
+undefine(\`confCRL\')dnl
+EOT
+	};
+	print $ofh <<"EOT";
+dnl #
+dnl # Server certificate/key (can be in the same file, and shared w/client)
+dnl # NOTE: The key must *NOT* be encrypted !!!
+define(\`confSERVER_CERT\',     \`$Def_Map{'confSERVER_CERT'}\')dnl   # <= EDIT
+define(\`confSERVER_KEY\',      \`$Def_Map{'confSERVER_KEY'}\')dnl   # <= EDIT
+dnl #
+dnl # Client certificate/key (can be in the same file, and shared w/server)
+dnl # NOTE: The key must *NOT* be encrypted !!!
+define(\`confCLIENT_CERT\',     \`$Def_Map{'confCLIENT_CERT'}\')dnl   # <= EDIT
+define(\`confCLIENT_KEY\',      \`$Def_Map{'confCLIENT_KEY'}\')dnl   # <= EDIT
+dnl #
+dnl # DH parameters
+define(\`confDH_PARAMETERS\',   \`$Def_Map{'confDH_PARAMETERS'}\')dnl # <= EDIT
+dnl #
+dnl # Optional settings
+define(\`confTLS_SRV_OPTIONS\', \`$Def_Map{'confTLS_SRV_OPTIONS'}\')dnl   # <= EDIT
+dnl #
+\')\')dnl
+EOT
+	};
+