sendmail: Added support for installing sendmail without SSL support.

2013-06-17 10:26:23 +03:00 · 2013-06-17 10:26:23 +03:00 · a90016c5f2
commit a90016c5f2
parent fae8257a89
2 changed files with 44 additions and 27 deletions
--- a/sendmail/manifests/init.pp
+++ b/sendmail/manifests/init.pp
@ -165,8 +165,15 @@ class sendmail::client::msa inherits sendmail::client {
 #       List of authentication mechanisms to use. Defaults to PLAIN and LOGIN.
 #
 #   $sendmail_ssl_key:
 #       Path to SSL key file. If not set sendmail will be configured
 #       without SSL support.
 #
 #   $sendmail_ssl_cert:
 #       Path to SSL certificate file. If not set sendmail will be
 #       configured without SSL support.
 #
 #   $sendmail_ssl_chain:
 #       Path to SSL certificate chain file.
 #
 class sendmail::server inherits sendmail::common {
@ -180,12 +187,6 @@ class sendmail::server inherits sendmail::common {
        $masquerade_exception = []
    }
    $ssl_key = basename($sendmail_ssl_key)
    $ssl_cert = basename($sendmail_ssl_cert)
    if $sendmail_ssl_chain {
        $ssl_chain = basename($sendmail_ssl_chain)
    }
    selinux::manage_fcontext { "/etc/smrsh(/.*)?":
        type => "sendmail_exec_t",
    }
@ -201,6 +202,13 @@ class sendmail::server inherits sendmail::common {
        }
    }
    if $sendmail_ssl_key and $sendmail_ssl_cert {
        $ssl_key = basename($sendmail_ssl_key)
        $ssl_cert = basename($sendmail_ssl_cert)
        if $sendmail_ssl_chain {
            $ssl_chain = basename($sendmail_ssl_chain)
        }
        file { "/etc/pki/tls/private/${ssl_key}":
            ensure => present,
            source => $sendmail_ssl_key,
@ -227,6 +235,7 @@ class sendmail::server inherits sendmail::common {
                notify => Service["sendmail"],
            }
        }
    }
    file { "sendmail.mc":
        name    => $::operatingsystem ? {
--- a/sendmail/templates/sendmail.mc.erb
+++ b/sendmail/templates/sendmail.mc.erb
@ -22,11 +22,16 @@ define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
 define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
 define(`confTO_IDENT', `0')dnl
 dnl #
 <% if @ssl_key and @ssl_cert -%>
 define(`confAUTH_OPTIONS', `A p y')dnl
 TRUST_AUTH_MECH(`<%= @sendmail_auth_mech.join(' ') %>')dnl
 define(`confAUTH_MECHANISMS', `<%= @sendmail_auth_mech.join(' ') %>')dnl
 <% else -%>
 define(`confAUTH_OPTIONS', `A')dnl
 <% end -%>
 dnl #
 define(`confCACERT_PATH', `/etc/mail/certs')
 <% if @ssl_key and @ssl_cert -%>
 <%   if @ssl_chain -%>
 define(`confCACERT', `/etc/pki/tls/certs/<%= @ssl_chain %>')
 <%   end -%>
@ -34,6 +39,7 @@ define(`confSERVER_CERT', `/etc/pki/tls/certs/<%= @ssl_cert %>')
 define(`confSERVER_KEY', `/etc/pki/tls/private/<%= @ssl_key %>')
 define(`confCLIENT_CERT', `/etc/pki/tls/certs/<%= @ssl_cert %>')
 define(`confCLIENT_KEY', `/etc/pki/tls/private/<%= @ssl_key %>')
 <% end -%>
 dnl #
 FEATURE(`no_default_msa', `dnl')dnl
 FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
@ -52,7 +58,9 @@ FEATURE(`blacklist_recipients')dnl
 EXPOSED_USER(`root')dnl
 dnl #
 DAEMON_OPTIONS(`Port=smtp, Name=MTA, M=A')dnl
 <% if @ssl_key and @ssl_cert -%>
 DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
 <% end -%>
 dnl #
 LOCAL_DOMAIN(`localhost.localdomain')dnl
 MASQUERADE_AS(`<%= @mail_domain %>')dnl