Solaris付属のsendmailは残念ながらSMTP AUTH対応ではないようです。 SMTP AUTHを使うために、sendmailをコンパイルしてインストールします。
Ultra SPARC T1/2 内蔵の暗号高速化エンジンを利用できるようにSolaris
Crypto Frameworkを使います。なお、他のプロセッサでもSolaris Crypto
Frameworkを使えば若干の高速化が望めるそうなので有効にします(無保証
です)。
ソースコードに以下のパッチを適用します。
--- sendmail/tls.c.orig 2006-10-13 06:35:11.000000000 +0900 +++ sendmail/tls.c 2009-03-13 16:59:32.095427000 +0900 @@ -23,6 +23,13 @@ static RSA *rsa_tmp = NULL; /* temporary RSA key */ static RSA *tmp_rsa_key __P((SSL *, int, int)); # endif /* !TLS_NO_RSA */ + +# ifdef PKCS11ENGINE +# include+ENGINE *e; +const char *engine_id = "pkcs11"; +# endif /* PKCS11ENGINE */ + # if !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x00907000L static int tls_verify_cb __P((X509_STORE_CTX *)); # else /* !defined() || OPENSSL_VERSION_NUMBER < 0x00907000L */ @@ -276,6 +283,30 @@ bool init_tls_library() { + +#ifdef PKCS11ENGINE + /* Additional code to use of HW accelerators */ + + ENGINE_load_builtin_engines(); + + e = ENGINE_by_id(engine_id); + if(!e){ + printf("error ENGINE_byid\n"); + return; + } + if(!ENGINE_init(e)){ + printf("error ENGINE_init\n"); + ENGINE_free(e); + return; + } + if(!ENGINE_set_default_RSA(e)){ + printf("error ENGINE_set_default_RSA\n"); + abort(); + } + ENGINE_set_default_DSA(e); + ENGINE_set_default_ciphers(e); +#endif /* PKCS11ENGINE */ + /* basic TLS initialization, ignore result for now */ SSL_library_init(); SSL_load_error_strings(); @@ -1388,6 +1419,12 @@ # endif /* !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER > 0x0090602fL */ SSL_free(ssl); ssl = NULL; + +# ifdef PKCS11ENGINE + ENGINE_finish(e); + ENGINE_free(e); +# endif /* PKCS11ENGINE */ + } return ret; }
devtools/Site/site.config.m4はアーキテクチャごとにコメントを外す なりして用意します。
devtools/Site/site.config.m4.sparcv8plusの例
define(`confCC', `cc') define(`confOPTIMIZE', `-xO3') dnl dnl sparcv9 dnl dnl define(`confCCOPTS', `-m64 -xcode=pic32 -DPKCS11ENGINE') dnl define(`confCCOPTS', `-m64 -xcode=pic32') dnl define(`confLDOPTS', `-m64 -xcode=pic32') dnl dnl amd64 dnl dnl define(`confCCOPTS', `-m64 -KPIC -DPKCS11ENGINE') dnl define(`confCCOPTS', `-m64 -KPIC') dnl define(`confLDOPTS', `-m64 -KPIC') dnl dnl sparcv8plus|i386 dnl dnl define(`confCCOPTS', `-DPKCS11ENGINE') dnl define(`confDEPEND_TYPE', `Solaris') define(`confMANROOT', `/usr/local/share/man/cat') define(`confMANROOTMAN', `/usr/local/share/man/man') define(`confINCLUDEDIR', `/usr/local/include') define(`confEBINDIR', `/usr/local/libexec/sparcv8plus') define(`confMBINDIR', `/usr/local/sbin/sparcv8plus') define(`confSBINDIR', `/usr/local/sbin/sparcv8plus') define(`confUBINDIR', `/usr/local/bin/sparcv8plus') dnl define(`confEBINDIR', `/usr/local/libexec/sparcv9') dnl define(`confMBINDIR', `/usr/local/sbin/sparcv9') dnl define(`confSBINDIR', `/usr/local/sbin/sparcv9') dnl define(`confUBINDIR', `/usr/local/bin/sparcv9') dnl define(`confEBINDIR', `/usr/local/libexec/i386') dnl define(`confMBINDIR', `/usr/local/sbin/i386') dnl define(`confSBINDIR', `/usr/local/sbin/i386') dnl define(`confUBINDIR', `/usr/local/bin/i386') dnl define(`confEBINDIR', `/usr/local/libexec/amd64') dnl define(`confMBINDIR', `/usr/local/sbin/amd64') dnl define(`confSBINDIR', `/usr/local/sbin/amd64') dnl define(`confUBINDIR', `/usr/local/bin/amd64') dnl define(`confSHAREDLIBDIR', `/usr/local/lib/64') dnl define(`confLIBDIR', `/usr/local/lib/64') define(`confSHAREDLIBDIR', `/usr/local/lib') define(`confLIBDIR', `/usr/local/lib') define(`confHFDIR', `/usr/local/share/sendmail') APPENDDEF(`confLIBS', `-lssl -lcrypto') dnl Solaris 8 dnl APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS') dnl Solaris 9/10 APPENDDEF(`conf_sendmail_ENVDEF', `-DSM_CONF_LDAP_MEMFREE -DSTARTTLS') dnl 32bit only APPENDDEF(`conf_sendmail_ENVDEF', `-DTCPWRAPPERS') APPENDDEF(`conf_sendmail_LIBS', `-lwrap') APPENDDEF(`confMAPDEF', `-DLDAPMAP') dnl dnl OpenLDAP SDK dnl APPENDDEF(`confLIBS', `-lldap -llber') dnl dnl Solaris Native LDAP SDK APPENDDEF(`confLIBDIRS', `-L/usr/lib') APPENDDEF(`confINCDIRS', `-I/usr/include') APPENDDEF(`confLIBS', `-lldap') dnl APPENDDEF(`confLIBDIRS', `-L/usr/sfw/lib/64 -R/usr/sfw/lib/64') APPENDDEF(`confLIBDIRS', `-L/usr/sfw/lib -R/usr/sfw/lib') APPENDDEF(`confINCDIRS', `-I/usr/sfw/include') dnl APPENDDEF(`confLIBDIRS', `-L/usr/local/lib/64 -R/usr/local/lib/64') APPENDDEF(`confLIBDIRS', `-L/usr/local/lib -R/usr/local/lib') APPENDDEF(`confINCDIRS', `-I/usr/local/include') APPENDDEF(`conf_sendmail_ENVDEF', `-DSASL=2') dnl dnl Solaris 8/9 -lsasl2 dnl dnl APPENDDEF(`conf_sendmail_LIBS', `-lsasl2') dnl dnl Solaris 10 -lsasl dnl APPENDDEF(`conf_sendmail_LIBS', `-lsasl2')
Solaris 8ではインストールする前にsmmspを登録しておきます。
# groupadd -g 25 smmsp # useradd -u 25 -g 25 -c "SendMail Message Submission Program" -s /bin/false -d / smmsp
以下のスクリプトでmakeしてします。
#!/bin/sh
if [ $# -eq 1 ]; then
. ../setup-pre.sh $1
else
. ../setup-pre.sh
fi
cp devtools/Site/site.config.m4.$ISA devtools/Site/site.config.m4
arch=`uname -m | sed -e 's/ //g' -e 's/\//-/g'`
case $arch in
sun4*)
arch="sun4"
;;
esac
CPPFLAGS=""; export CPPFLAGS
LDFLAGS=""; export LDFLAGS
sh Build
cd libmilter
sh Build
cd ..
cd obj.SunOS.`uname -r`.$arch/libmilter
ld -G -o libmilter.so *.o
cd ../..
以下のスクリプトでインストールします。
#!/bin/sh
if [ $# -eq 1 ]; then
. ../setup-pre.sh $1
else
. ../setup-pre.sh
fi
arch=`uname -m | sed -e 's/ //g' -e 's/\//-/g'`
case $arch in
"sun4*")
arch="sun4"
;;
esac
sh Build install
cd libmilter
sh Build install
cd ..
cp obj.SunOS.`uname -r`.$arch/libmilter/libmilter.so /usr/local/lib$LIBISA
ISA自動起動リンクを作るために、以下のスクリプトを実行します。
#!/bin/sh
#
SBINPROG="praliases makemap mailstats editmap sendmail"
BINPROG="vacation purgestat hoststat mailq newaliases"
LIBEXECPROG="smrsh"
if [ "${SBINDIR}" = "" ]; then
SBINDIR=/usr/local/sbin
fi
if [ "${BINDIR}" = "" ]; then
BINDIR=/usr/local/bin
fi
if [ "${LIBEXECDIR}" = "" ]; then
LIBEXECDIR=/usr/local/libexec
fi
if [ "${SBINPROG}" != "" ]; then
cd ${SBINDIR}
for prog in ${SBINPROG}
do
rm -f $prog
ln /usr/lib/isaexec $prog
echo $prog
done
fi
if [ "${BINPROG}" != "" ]; then
cd ${BINDIR}
for prog in ${BINPROG}
do
rm -f $prog
ln /usr/lib/isaexec $prog
echo $prog
done
fi
if [ "${LIBEXECPROG}" != "" ]; then
cd ${LIBEXECDIR}
for prog in ${LIBEXECPROG}
do
rm -f $prog
ln /usr/lib/isaexec $prog
echo $prog
done
fi
基本的にはOSのsmtp-sendmailを流用します。
manifest: sendmail.xmlの差分
--- /var/svc/manifest/network/smtp-sendmail.xml 2006-12-22 14:07:18.000000000 +0900
+++ sendmail.xml 2009-03-18 16:31:49.000000000 +0900
@@ -12,10 +12,10 @@
file.
-->
-<service_bundle type='manifest' name='SUNWsndmr:sendmail'>
+<service_bundle type='manifest' name='sendmail'>
<service
- name='network/smtp'
+ name='network/sendmail'
type='service'
version='1'>
@@ -61,7 +61,7 @@
<service_fmri value='svc:/system/system-log' />
</dependency>
- <instance name='sendmail' enabled='false'>
+ <instance name='default' enabled='false'>
<dependency
name='config-file'
@@ -94,7 +94,7 @@
</dependency>
<dependent
- name='smtp-sendmail_multi-user'
+ name='sendmail_multi-user'
grouping='optional_all'
restart_on='none'>
<service_fmri
@@ -111,19 +111,19 @@
<exec_method
type='method'
name='start'
- exec='/lib/svc/method/smtp-sendmail start'
+ exec='/lib/svc/method/sendmail start'
timeout_seconds='120' />
<exec_method
type='method'
name='stop'
- exec='/lib/svc/method/smtp-sendmail stop
%{restarter/contract}'
+ exec='/lib/svc/method/sendmail stop
%{restarter/contract}'
timeout_seconds='60' />
<exec_method
type='method'
name='refresh'
- exec='/lib/svc/method/smtp-sendmail refresh'
+ exec='/lib/svc/method/sendmail refresh'
timeout_seconds='60' />
<property_group name='startd' type='framework'>
@@ -153,7 +153,7 @@
</common_name>
<documentation>
<manpage title='sendmail' section='1M'
- manpath='/usr/share/man' />
+ manpath='/usr/local/share/man' />
</documentation>
</template>
method: sendmailの差分
--- /lib/svc/method/smtp-sendmail 2006-12-22 14:07:19.000000000 +0900
+++ sendmail 2009-03-18 16:20:15.000000000 +0900
@@ -42,7 +42,7 @@
;;
'start')
- if [ ! -f /usr/lib/sendmail -o ! -f /etc/mail/sendmail.cf ]; then
+ if [ ! -f /usr/local/sbin/sendmail -o ! -f /etc/mail/sendmail.cf ]; then
exit $SMF_EXIT_ERR_CONFIG
fi
if [ ! -d /var/spool/mqueue ]; then
@@ -51,7 +51,7 @@
fi
if [ ! -f $ALIASES_FILE.db ] && [ ! -f $ALIASES_FILE.dir ] \
&& [ ! -f $ALIASES_FILE.pag ]; then
- /usr/sbin/newaliases
+ /usr/local/sbin/newaliases
fi
MODE="-bd"
[ -f $DEFAULT_FILE ] && . $DEFAULT_FILE
@@ -78,8 +78,8 @@
OPTIONS="$OPTIONS -C /etc/mail/local.cf"
fi
- /usr/lib/sendmail $MODE -q$QUEUEOPTION$QUEUEINTERVAL $OPTIONS &
- /usr/lib/sendmail -Ac -q$CLIENTQUEUEINTERVAL $CLIENTOPTIONS &
+ /usr/local/sbin/sendmail $MODE -q$QUEUEOPTION$QUEUEINTERVAL $OPTIONS &
+ /usr/local/sbin/sendmail -Ac -q$CLIENTQUEUEINTERVAL $CLIENTOPTIONS &
#
# ETRN_HOSTS should be of the form
@@ -89,7 +89,7 @@
# the :client part is optional; see etrn(1M) for details.
# server is the name of the server to prod; a mail queue run
# is requested for each client name. This is comparable to
- # running "/usr/lib/sendmail -qRclient" on the host server.
+ # running "/usr/local/sbin/sendmail -qRclient" on the host
server.
#
# See RFC 1985 for more information.
#
manifestとmethodを登録します。
# cp sendmail /lib/svc/method/ # chown root:bin /lib/svc/method/sendmail # chmod 555 /lib/svc/method/sendmail # cp sendmail.xml /var/svc/manifest/network/ # chown root:sys /var/svc/manifest/network/sendmail.xml # chmod 444 /var/svc/manifest/network/sendmail.xml # /usr/sbin/svccfg validate /var/svc/manifest/network/sendmail.xml # /usr/sbin/svccfg -v import /var/svc/manifest/network/sendmail.xml
設定ファイルを用意します。
/etc/mail/sendmail.cf /etc/mail/submit.cf
サービスを有効化します。
# svcadm enable network/sendmail
| Copyright ©2001-2009 T.Hiraga <hiraga@next-hop.net> All Rights Reserved. Last modified: $Date: 2009/04/12 14:07:18 $ |
|