function SetSSL() { $sock = new sockets(); $unix = new unix(); $main = new main_cf(); if ($main->main_array["smtpd_tls_session_cache_timeout"] == null) { $main->main_array["smtpd_tls_session_cache_timeout"] = '3600s'; } $PostfixEnableMasterCfSSL = intval($sock->GET_INFO("PostfixEnableMasterCfSSL")); $smtpd_tls_security_level = $sock->GET_INFO("smtpd_tls_security_level"); $cert = new postfix_certificate($PostFixMasterCertificate); echo "Starting......: " . date("H:i:s") . " Certificate {$PostFixMasterCertificate}\n"; if ($smtpd_tls_security_level == null) { $smtpd_tls_security_level = "may"; } $cert->build(); $unix->chown_func("postfix", "postfix", "/etc/ssl/certs/postfix/*"); if ($PostfixEnableMasterCfSSL == 1) { postconf("smtpd_tls_security_level", $smtpd_tls_security_level); postconf("smtpd_tls_session_cache_timeout", $main->main_array["smtpd_tls_session_cache_timeout"]); postconf("smtpd_tls_session_cache_database", "btree:/var/lib/postfix/smtpd_tls_cache"); postconf("smtpd_use_tls", "yes"); } else { postconf("smtpd_use_tls", "no"); postconf("smtpd_tls_security_level", "none"); postconf("smtpd_tls_key_file", null); postconf("smtpd_tls_cert_file", null); postconf("smtpd_tls_CAfile", null); } }
function SetSALS() { $unix = new unix(); if (!isset($GLOBALS["CLASS_SOCKET"])) { $GLOBALS["CLASS_SOCKET"] = new sockets(); $sock = $GLOBALS["CLASS_SOCKET"]; } else { $sock = $GLOBALS["CLASS_SOCKET"]; } $PostFixSmtpSaslEnable = $sock->GET_INFO("PostFixSmtpSaslEnable"); $PostFixMasterCertificate = $sock->GET_INFO("PostFixMasterCertificate"); $main = new main_cf(); if ($main->main_array["smtpd_tls_session_cache_timeout"] == null) { $main->main_array["smtpd_tls_session_cache_timeout"] = '3600s'; } if ($PostFixSmtpSaslEnable == 1) { @mkdir("/var/lib/postfix", 0755, true); chown("/var/lib/postfix", "postfix"); chgrp("/var/lib/postfix", "postfix"); echo "Starting......: " . date("H:i:s") . " SASL authentication is enabled\n"; echo "Starting......: " . date("H:i:s") . " Certificate {$PostFixMasterCertificate}\n"; $sock = new sockets(); $cert = new postfix_certificate($PostFixMasterCertificate); $smtpd_sasl_path = $sock->GET_INFO("smtpd_sasl_path"); if ($smtpd_sasl_path == null) { $smtpd_sasl_path = "smtpd"; } $cmd["smtpd_sasl_auth_enable"] = "yes"; $cmd["smtpd_use_tls"] = "yes"; $cmd["smtpd_sasl_path"] = "smtpd"; $cmd["smtpd_sasl_authenticated_header"] = "yes"; $cmd["smtpd_tls_session_cache_database"] = "btree:/var/lib/postfix/smtpd_tls_cache"; $cert->build(); $cmd["smtpd_delay_reject"] = "yes"; $cmd["cyrus_sasl_config_path"] = "/etc/postfix/sasl"; $cmd["smtpd_tls_session_cache_timeout"] = $main->main_array["smtpd_tls_session_cache_timeout"]; echo "Starting......: " . date("H:i:s") . " SASL authentication running " . count($cmd) . " commands\n"; $unix->chown_func("postfix", "postfix", "/etc/ssl/certs/postfix/*"); while (list($num, $ligne) = each($cmd)) { postconf($num, $ligne); } } else { echo "Starting......: " . date("H:i:s") . " SASL authentication is disabled\n"; postconf("smtpd_sasl_auth_enable", "no"); postconf("smtpd_sasl_authenticated_header", "no"); postconf("smtpd_use_tls", "no"); postconf("smtpd_tls_auth_only", "no"); postconf("smtpd_tls_security_level", "none"); } }