function SetSSL()
{
$sock = new sockets();
$unix = new unix();
$main = new main_cf();
if ($main->main_array["smtpd_tls_session_cache_timeout"] == null) {
$main->main_array["smtpd_tls_session_cache_timeout"] = '3600s';
}
$PostfixEnableMasterCfSSL = intval($sock->GET_INFO("PostfixEnableMasterCfSSL"));
$smtpd_tls_security_level = $sock->GET_INFO("smtpd_tls_security_level");
$cert = new postfix_certificate($PostFixMasterCertificate);
echo "Starting......: " . date("H:i:s") . " Certificate {$PostFixMasterCertificate}\n";
if ($smtpd_tls_security_level == null) {
$smtpd_tls_security_level = "may";
}
$cert->build();
$unix->chown_func("postfix", "postfix", "/etc/ssl/certs/postfix/*");
if ($PostfixEnableMasterCfSSL == 1) {
postconf("smtpd_tls_security_level", $smtpd_tls_security_level);
postconf("smtpd_tls_session_cache_timeout", $main->main_array["smtpd_tls_session_cache_timeout"]);
postconf("smtpd_tls_session_cache_database", "btree:/var/lib/postfix/smtpd_tls_cache");
postconf("smtpd_use_tls", "yes");
} else {
postconf("smtpd_use_tls", "no");
postconf("smtpd_tls_security_level", "none");
postconf("smtpd_tls_key_file", null);
postconf("smtpd_tls_cert_file", null);
postconf("smtpd_tls_CAfile", null);
}
}
function SetSALS()
{
$unix = new unix();
if (!isset($GLOBALS["CLASS_SOCKET"])) {
$GLOBALS["CLASS_SOCKET"] = new sockets();
$sock = $GLOBALS["CLASS_SOCKET"];
} else {
$sock = $GLOBALS["CLASS_SOCKET"];
}
$PostFixSmtpSaslEnable = $sock->GET_INFO("PostFixSmtpSaslEnable");
$PostFixMasterCertificate = $sock->GET_INFO("PostFixMasterCertificate");
$main = new main_cf();
if ($main->main_array["smtpd_tls_session_cache_timeout"] == null) {
$main->main_array["smtpd_tls_session_cache_timeout"] = '3600s';
}
if ($PostFixSmtpSaslEnable == 1) {
@mkdir("/var/lib/postfix", 0755, true);
chown("/var/lib/postfix", "postfix");
chgrp("/var/lib/postfix", "postfix");
echo "Starting......: " . date("H:i:s") . " SASL authentication is enabled\n";
echo "Starting......: " . date("H:i:s") . " Certificate {$PostFixMasterCertificate}\n";
$sock = new sockets();
$cert = new postfix_certificate($PostFixMasterCertificate);
$smtpd_sasl_path = $sock->GET_INFO("smtpd_sasl_path");
if ($smtpd_sasl_path == null) {
$smtpd_sasl_path = "smtpd";
}
$cmd["smtpd_sasl_auth_enable"] = "yes";
$cmd["smtpd_use_tls"] = "yes";
$cmd["smtpd_sasl_path"] = "smtpd";
$cmd["smtpd_sasl_authenticated_header"] = "yes";
$cmd["smtpd_tls_session_cache_database"] = "btree:/var/lib/postfix/smtpd_tls_cache";
$cert->build();
$cmd["smtpd_delay_reject"] = "yes";
$cmd["cyrus_sasl_config_path"] = "/etc/postfix/sasl";
$cmd["smtpd_tls_session_cache_timeout"] = $main->main_array["smtpd_tls_session_cache_timeout"];
echo "Starting......: " . date("H:i:s") . " SASL authentication running " . count($cmd) . " commands\n";
$unix->chown_func("postfix", "postfix", "/etc/ssl/certs/postfix/*");
while (list($num, $ligne) = each($cmd)) {
postconf($num, $ligne);
}
} else {
echo "Starting......: " . date("H:i:s") . " SASL authentication is disabled\n";
postconf("smtpd_sasl_auth_enable", "no");
postconf("smtpd_sasl_authenticated_header", "no");
postconf("smtpd_use_tls", "no");
postconf("smtpd_tls_auth_only", "no");
postconf("smtpd_tls_security_level", "none");
}
}
