testing/prayer: new aport

8 files changed, 594 insertions, 0 deletions

diff --git a/testing/prayer/APKBUILD b/testing/prayer/APKBUILD
new file mode 100644
index 0000000000..2b6dc316e9
--- /dev/null
+++ b/testing/prayer/APKBUILD
@@ -0,0 +1,67 @@
+# Maintainer:
+# Contributor: Bartłomiej Piotrowski <bpiotrowski@alpinelinux.org>
+
+pkgname=prayer
+pkgver=1.3.5
+pkgrel=0
+pkgdesc='Lightweight webmail interface for IMAP servers'
+url='http://www-uxsup.csx.cam.ac.uk/~dpc22/prayer/'
+arch=all
+license=GPL
+depends=
+makedepends='perl imap-dev openssl-dev db-dev linux-pam-dev tar'
+subpackages=
+source="ftp://ftp.csx.cam.ac.uk/pub/software/email/prayer/prayer-$pkgver.tar.gz
+        buildfix.patch
+        disable_ssl3.patch
+        makefile_install_config.patch
+        no_db_version_check.patch
+        sighandling.patch
+        unbrand_accountd.patch
+        unbrand_cam_template.patch"
+
+prepare() {
+  cd "$srcdir"/$pkgname-$pkgver
+
+  local i
+  for i in $source; do
+    case $i in
+      *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+    esac
+  done
+}
+
+build() {
+  cd "$srcdir"/$pkgname-$pkgver
+  make || return 1
+}
+
+package() {
+  cd "$srcdir"/$pkgname-$pkgver
+  BROOT="$pkgdir" make install
+}
+
+md5sums="e5c632e9abd517ee91f1f1cf5fb0eaf3  prayer-1.3.5.tar.gz
+8194a70b8def543ed2754ea8050fcc81  buildfix.patch
+479044ae50f58166ff3b101e9b0ca77e  disable_ssl3.patch
+e5cfaee5abb3f92b5ad8b19cb31c4d10  makefile_install_config.patch
+7e241e9bd923ccd5deea254684f7023d  no_db_version_check.patch
+4be579fda05ae887b1bbcd5c66145e68  sighandling.patch
+12117d22dfaaf74d68da235b31dec2fc  unbrand_accountd.patch
+807ab15f361fe567047585da7451fac5  unbrand_cam_template.patch"
+sha256sums="aa79da17dceeb7eb24a1744e25286b3518eef882d8682f9959050d2bfb92ae8c  prayer-1.3.5.tar.gz
+a8b483bcb9d951e992fa0679651758a48d0cb0c1b3e79e6b4168b0b8096fa25b  buildfix.patch
+1b8bfb1a560434444992c3cfc050e59384f4737eb834aa2fe89e5f55ccc716e2  disable_ssl3.patch
+1b6baad865cfee27438ebf6a5e73a1d77dff611f02fcccb12da9ce5542f91b5c  makefile_install_config.patch
+af65ba073614068bf3d7136d0193bcf870a9963c66a0adad163c4775573ae875  no_db_version_check.patch
+8a951fad98cffe4a12e52d6afc708b3e7e6b0f5ac2d4d4c8cb6d2a21bc770075  sighandling.patch
+22541d2f5c07660952b27f8389a2ff6240fddb28e09e2e3d93c7646154438180  unbrand_accountd.patch
+ed12c3cd3d6fff26823531b660edeee8b0fc8455f8fc9cffdccb76435bd55820  unbrand_cam_template.patch"
+sha512sums="6bb190fda2ac60c6f3801bc89eb719bea7b479c4417eb5e3315d95118dcfecceca9274fb0478360756d2f361d08ebf1f8176a393dbf1b5a3775a52f46e315be1  prayer-1.3.5.tar.gz
+ac7fc9e26871fd2e11e4e80bb0b6464f1262aa0b7298d043b5663da77c16b97174ac96214b2383432311a4ad6fbb4d35c4bbef0f5783be0462acf600ec15ee05  buildfix.patch
+ebb7710d9368aabeb8107f0cb16c399fb599345ff90fe3b8ae13a86949dd449ef13d7324048b9774183636c1581d1aa507053577608f9eff606b0d328e7ccf52  disable_ssl3.patch
+ce90bbf21d5b5b7eaad69d885012506dcee2386dd522899e1f4b9f7ad7906b050249faf329d7cf4e228735694fc201bef112fd7e2bdb4e19ad9cac3909fb73d1  makefile_install_config.patch
+a968e6cc3ce3c255918a0a520f7c81b0efaafcfd4fd548905167b11c69ce3b633524771af8fcb8866090e35fa1578db3158054bd8d06fd7d86e05e98d46c1e0a  no_db_version_check.patch
+679cbdf560909005cc485317a2c35f4fe5c94eacb938996d58632a030d1a0f456e40ec883ded2a31879b20c9246fede2ead44c740768d1ab936c3a231c7ad8b2  sighandling.patch
+60c56f67e4b29b43973506f77837432d8e2449ea38ceb86b6b430c92af7023257740625bb3bedfe6bfa16d16c9dea73c523a98329e9415f5fc725861cc4de629  unbrand_accountd.patch
+cb230d3b1e64915a6843d72222a11d4d6aea1b5e27f6ba99870cb9011c41abcacbc30c183c19c706f26360001dbd38d3ea274393ddbb8d6d6bbf2661cf1f2568  unbrand_cam_template.patch"
diff --git a/testing/prayer/buildfix.patch b/testing/prayer/buildfix.patch
new file mode 100644
index 0000000000..66d525873a
--- /dev/null
+++ b/testing/prayer/buildfix.patch
@@ -0,0 +1,138 @@
+diff --git a/Config b/Config
+index 54044b7..48da020 100644
+--- a/Config
++++ b/Config
+@@ -10,7 +10,7 @@
+ SSL_ENABLE           = true   # SSL requires OpenSSL
+ SESSION_CACHE_ENABLE = true   # SSL session cache Requires Berkeley DB 3 or 4
+ GZIP_ENABLE          = true   # Enable on the fly compression of pages
+-LDAP_ENABLE          = true   # Add LDAP interface
++LDAP_ENABLE          = false  # Add LDAP interface
+ FENCE_ENABLE         = false  # Use Electric Fence to catch malloc problems
+ MUTEX_SEMAPHORE      = false  # Use SYSV mutexes rather than file locking
+ TIDY_ENABLE          = true   # Use libtidy for HTML sanitisation.
+@@ -30,7 +30,7 @@ ACCOUNTD_PAM_ENABLE  = true   # Enable PAM support in account management daemon
+ # Location of compiler
+ CC           = gcc
+ # Location of make program (GNU make required)
+-MAKE         = gmake
++MAKE         = make
+ # Location of install program (GNU install or compatible required)
+ INSTALL      = install
+ 
+@@ -72,21 +72,21 @@ BASE_LIBS    = -lcrypt -lutil
+ # which points to ../../imap/c-client. This just reduces the amount of
+ # noise output on each line when building the package.
+ #
+-CCLIENT_DIR=../c-client
+-CCLIENT_INCLUDE=-I $(CCLIENT_DIR)
+-CCLIENT_LIBS=./$(CCLIENT_DIR)/c-client.a
++#CCLIENT_DIR=../c-client
++#CCLIENT_INCLUDE=-I $(CCLIENT_DIR)
++#CCLIENT_LIBS=./$(CCLIENT_DIR)/c-client.a
+ 
+ #
+ # Following works with imap-devel RPM package from Redhat 7.
+ #
+-#CCLIENT_INCLUDE = -I/usr/include/imap
+-#CCLIENT_LIBS    = -lc-client
++CCLIENT_INCLUDE = -I/usr/include/imap
++CCLIENT_LIBS    = -lc-client
+ #
+ # Complication:
+ #   The Redhat RPM package links against SSL, PAM and kerberos libraries.
+ #
+-#CCLIENT_SSL_ENABLE  = true
+-#CCLIENT_PAM_ENABLE  = true
++CCLIENT_SSL_ENABLE  = true
++CCLIENT_PAM_ENABLE  = true
+ #CCLIENT_KERB_ENABLE = true
+ 
+ #
+@@ -162,20 +162,19 @@ DB_LIBS=-ldb
+ # RW_GROUP. It is important that nothing else can read the certificate file.
+ 
+ # Build root (used by Redhat RPM system)
+-BROOT=
++#BROOT=
+ 
+ # Directory, User and group for read-write files: log files, sockets etc
+ VAR_PREFIX = /var/spool/prayer
+-RW_USER    = prayer
+-RW_GROUP   = prayer
++RW_USER    = root
++RW_GROUP   = root
+ 
+ # Root Directory, User and group for read-only configuration files.
+ # Default configuration and permissions does not allow prayer user to
+ # update prayer configuration file.
+ 
+-PREFIX    = /usr/local/prayer
+ RO_USER   = root
+-RO_GROUP  = prayer
++RO_GROUP  = root
+ 
+ # Access permissions for general objects (wrt above users and groups)
+ PUBLIC_EXEC  = 0755
+@@ -188,6 +187,6 @@ PRIVATE_DIR  = 0750
+ PRIVATE_FILE = 0640
+ 
+ # Location of configuration files and binaries
+-PRAYER_CONFIG_FILE   = ${PREFIX}/etc/prayer.cf
+-BIN_DIR              = ${PREFIX}/sbin
+-ACCOUNTD_CONFIG_FILE = ${PREFIX}/etc/prayer-accountd.cf
++PRAYER_CONFIG_FILE   = /etc/prayer.cf
++BIN_DIR              = /usr/sbin
++ACCOUNTD_CONFIG_FILE = /etc/prayer-accountd.cf
+diff --git a/session/mm.c b/session/mm.c
+index 19b6fbd..d080eb3 100644
+--- a/session/mm.c
++++ b/session/mm.c
+@@ -31,7 +31,7 @@ static void
+ /* Must call mminit before any other fn */
+ void mm_init()
+ {
+-#include "linkage.c"
++#include <imap/linkage.h>
+ 
+     ml_init();
+ }
+diff --git a/templates/cam/Makefile b/templates/cam/Makefile
+index 9f4122a..ff95283 100644
+--- a/templates/cam/Makefile
++++ b/templates/cam/Makefile
+@@ -7,7 +7,7 @@ include ../../Config
+ endif
+ 
+ CFLAGS  = $(BASECFLAGS)
+-LDFLAGS = $(BASELDFLAGS)
++LDFLAGS := $(BASELDFLAGS)
+ 
+ TYPE=cam
+ 
+diff --git a/templates/old/Makefile b/templates/old/Makefile
+index 31016cf..cf8738a 100644
+--- a/templates/old/Makefile
++++ b/templates/old/Makefile
+@@ -7,7 +7,7 @@ include ../../Config
+ endif
+ 
+ CFLAGS  = $(BASECFLAGS)
+-LDFLAGS = $(BASELDFLAGS)
++LDFLAGS := $(BASELDFLAGS)
+ 
+ TYPE=old
+ 
+diff --git a/templates/src/Makefile b/templates/src/Makefile
+index 5348a14..26cf2f1 100644
+--- a/templates/src/Makefile
++++ b/templates/src/Makefile
+@@ -7,7 +7,7 @@ include ../../Config
+ endif
+ 
+ CFLAGS  = $(BASECFLAGS)
+-LDFLAGS = $(BASELDFLAGS)
++LDFLAGS := $(BASELDFLAGS)
+ 
+ LIB= ../../lib/lib_nossl.a
+ 
diff --git a/testing/prayer/disable_ssl3.patch b/testing/prayer/disable_ssl3.patch
new file mode 100644
index 0000000000..35f74e5121
--- /dev/null
+++ b/testing/prayer/disable_ssl3.patch
@@ -0,0 +1,58 @@
+Description: Disable SSL 3.0 on client as well as server side
+Author: Magnus Holmgren <holmgren@debian.org>
+
+--- a/lib/ssl.c
++++ b/lib/ssl.c
+@@ -387,12 +387,16 @@ void ssl_context_init(struct ssl_config
+     SSL_load_error_strings();
+ 
+     /* Set up client context: only used by accountd */
+-    client_ctx = SSL_CTX_new(SSLv3_client_method());
++    client_ctx = SSL_CTX_new(SSLv23_client_method());
+     SSL_CTX_set_session_cache_mode(client_ctx, SSL_SESS_CACHE_BOTH);
+     SSL_CTX_set_info_callback(client_ctx, info_callback);
+ #ifdef SSL_MODE_AUTO_RETRY
+     SSL_CTX_set_mode(client_ctx, SSL_MODE_AUTO_RETRY);
+ #endif
++    /* SSLv2 now obsolete */
++    SSL_CTX_set_options(client_ctx, SSL_OP_NO_SSLv2);
++    /* SSLv3 now also obsolete */
++    SSL_CTX_set_options(client_ctx, SSL_OP_NO_SSLv3);
+ 
+     if (SSL_CTX_need_tmp_RSA(client_ctx))
+         SSL_CTX_set_tmp_rsa_callback(client_ctx, rsa_callback);
+@@ -420,6 +424,8 @@ void ssl_context_init(struct ssl_config
+ 
+     /* SSLv2 now obsolete */
+     SSL_CTX_set_options(server_ctx, SSL_OP_NO_SSLv2);
++    /* SSLv3 now also obsolete */
++    SSL_CTX_set_options(server_ctx, SSL_OP_NO_SSLv3);
+ 
+     /* Start off with the session cache disabled */
+     SSL_CTX_set_session_cache_mode(server_ctx, SSL_SESS_CACHE_OFF);
+@@ -625,6 +631,12 @@ void *ssl_start_server(int fd, unsigned
+     case TLS1_VERSION:
+         ver = "TLSv1";
+         break;
++    case TLS1_1_VERSION:
++        ver = "TLSv1.1";
++        break;
++    case TLS1_2_VERSION:
++        ver = "TLSv1.2";
++        break;
+     default:
+         ver = "UNKNOWN";
+     }
+@@ -678,6 +690,12 @@ void *ssl_start_client(int fd, unsigned
+     case TLS1_VERSION:
+         ver = "TLSv1";
+         break;
++    case TLS1_1_VERSION:
++        ver = "TLSv1.1";
++        break;
++    case TLS1_2_VERSION:
++        ver = "TLSv1.2";
++        break;
+     default:
+         ver = "UNKNOWN";
+     }
diff --git a/testing/prayer/makefile_install_config.patch b/testing/prayer/makefile_install_config.patch
new file mode 100644
index 0000000000..15002ad0c3
--- /dev/null
+++ b/testing/prayer/makefile_install_config.patch
@@ -0,0 +1,170 @@
+--- a/files/etc/prayer-accountd.cf
++++ b/files/etc/prayer-accountd.cf
+@@ -8,6 +8,10 @@
+ # Default accountd.cf file suitable for RedHat Linux only.
+ # See distribution for some sample files for FreeBSD and Solaris
+ 
++accountd_port = 145
++
++authtype = pam
++
+ msforward_name      = ".MSforward"
+ forward_name        = ".forward"
+ aliases_name        = "vacation.aliases"
+--- a/files/Makefile
++++ b/files/Makefile
+@@ -66,21 +66,16 @@ install-aconfig:
+ 
+ install-motd:
+        $(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_FILE) \
+-       etc/motd.html ${BROOT}${PREFIX}/etc
++       etc/motd.html ${BROOT}/etc/prayer
+ 
+ install:
+-       PREFIX=$(BROOT)$(PREFIX) VAR_PREFIX=$(BROOT)$(VAR_PREFIX) \
+-       RO_USER=$(RO_USER) RO_GROUP=$(RO_GROUP) \
+-       RW_USER=$(RW_USER) RW_GROUP=$(RW_GROUP) \
+-       PUBLIC_DIR=$(PUBLIC_DIR) PRIVATE_DIR=$(PRIVATE_DIR) \
+-       PUBLIC_FILE=$(PUBLIC_FILE) PRIVATE_FILE=$(PRIVATE_FILE) \
+-       PUBLIC_EXEC=$(PUBLIC_FILE) PRIVATE_EXEC=$(PRIVATE_EXEC) \
+-       BIN_DIR=$(BIN_DIR) INSTALL=$(INSTALL) \
+-       ./install.sh
+-       if [ ! -f $(BROOT)$(PREFIX)/certs/prayer.pem ]; then $(MAKE) install-cert; fi
++       ${INSTALL} -d -o ${RO_USER} -g ${RO_GROUP} -m ${PUBLIC_DIR} ${BROOT}${PREFIX}
++       ${INSTALL} -d -o ${RO_USER} -g ${RO_GROUP} -m ${PUBLIC_DIR} ${BROOT}/etc/prayer
++
++       tar -c --owner ${RO_USER} --group ${RO_GROUP} --mode "a-x+X" icons static | tar -C ${BROOT}${PREFIX} -x
+        if [ ! -f $(BROOT)$(PRAYER_CONFIG_FILE) ]; then $(MAKE) install-config; fi
+        if [ ! -f $(BROOT)$(ACCOUNTD_CONFIG_FILE) ]; then $(MAKE) install-aconfig; fi
+-       if [ ! -f $(BROOT)$(PREFIX)/etc/motd.html ]; then $(MAKE) install-motd; fi
++       if [ ! -f $(BROOT)/etc/prayer/motd.html ]; then $(MAKE) install-motd; fi
+ 
+ redhat-install-init.d:
+        install -D -o root -g root -m 755 \
+--- a/files/etc/prayer.cf.SRC
++++ b/files/etc/prayer.cf.SRC
+@@ -20,7 +20,7 @@ var_prefix  = "__VAR_PREFIX__"
+ # User ID to run as if we start off as root
+ prayer_user           = "prayer"
+ # Group ID to run as if we start off as root
+-prayer_group          = "prayer"
++prayer_group          = "nogroup"
+ 
+ # Run prayer as background process.
+ #   TRUE => will return as soon as valid configuration is found.
+@@ -53,7 +53,7 @@ directory_perms       = 0750
+ imapd_user_map      = ""
+ 
+ # Default imapd server.
+-imapd_server        = localhost
++imapd_server        = localhost/notls
+ 
+ # Name of Prayer user preferences file on IMAP server
+ prefs_folder_name   = ".prayer"
+@@ -270,11 +270,11 @@ icon_expire_timeout  = 7d
+ 
+ # Locatation of SSL certificate file (only used if SSL ports defined).
+ # Required if we are going to provide SSL services.
+-ssl_cert_file       = "$prefix/certs/prayer.pem"
++ssl_cert_file       = "/etc/ssl/certs/ssl-cert-snakeoil.pem"
+ 
+ # Locatation of SSL private key file (only used if SSL ports defined).
+ # Required if we are going to provide SSL services.
+-ssl_privatekey_file = "$prefix/certs/prayer.pem"
++ssl_privatekey_file = "/etc/ssl/private/ssl-cert-snakeoil.key"
+ 
+ # Master server will regenerate shared RSA key at this interval:
+ ssl_rsakey_lifespan = 15m
+@@ -282,8 +282,9 @@ ssl_rsakey_lifespan = 15m
+ # RSA key remains fresh in child process for this long after first actual use.
+ ssl_rsakey_freshen  = 15m
+ 
+-# SSL session cache timeout.
+-ssl_session_timeout = 24h
++# SSL session cache timeout. Uncomment to enable SSL session caching.
++# You should also arrange for prayer-ssl-prune to be run periodically.
++#ssl_session_timeout = 24h
+ 
+ # EGD socket, if system has no /dev/urandom
+ #egd_socket = "/var/prngd/urandom"
+@@ -374,13 +375,15 @@ sendmail_path       = /usr/lib/sendmail
+ ispell_path         = /usr/bin/ispell
+ 
+ # Message of the day file
+-motd_path           = "$prefix/etc/motd.html"
++#motd_path           = "/etc/prayer/motd.html"
+ 
+-# HTML to insert into login page
+-#login_insert1_path   = "$prefix/etc/ucsnews.html"
+-
+-# HTML to insert into login page
+-#login_insert2_path   = "$prefix/etc/ucsnews.html"
++# HTML to make available to login template as $login_insert1
++# (only used in "cam" template set).
++#login_insert1_path   = "/etc/prayer/login1.html"
++
++# HTML to make available to login template as $login_insert2
++# (currently not used in any template set).
++#login_insert2_path   = "/etc/prayer/login2.html"
+ 
+ # Login security: Prayer's front page defaults to a login form.
+ # If the user does not connect via SSL then this can be changed
+@@ -409,10 +412,11 @@ bin_dir             = "__BIN_DIR__"
+ 
+ # Various directories used by the running system
+ # Logs stored in $log_dir
+-log_dir             = "$var_prefix/logs"
++log_dir             = "/var/log/prayer"
+ 
+ # $lock_dir used for interlocking between prayer processes
+-lock_dir            = "$var_prefix/locks"
++# (only on Debian GNU/kFreeBSD)
++lock_dir            = "$var_prefix"
+ 
+ # $socket_dir is location for unix domain sockets which connect frontend
+ # to backend in proxy mode of operation.
+@@ -420,7 +424,7 @@ socket_dir          = "$var_prefix/socke
+ 
+ # Split socket directory into 64 subdirs keyed on first letter of sessionID
+ # Code provides compatibility in both directions: can switch back and forward
+-socket_split_dir    = TRUE
++socket_split_dir    = FALSE
+ 
+ # Name of Unix domain socket (in $socket_dir) used for initial handshake
+ # between prayer and prayer-session processes when a user logs in
+@@ -434,7 +438,7 @@ ssl_session_dir     = "$var_prefix/ssl_s
+ tmp_dir             = "$var_prefix/tmp"
+ 
+ # Location for PID files for prayer and prayer-session master processes.
+-pid_dir             = "$var_prefix/pid"
++pid_dir             = "$var_prefix"
+ 
+ # Interface to Hermes finger database
+ #lookup_rpasswd   = "/data/finger/rpasswd.cdb"
+@@ -452,7 +456,7 @@ pid_dir             = "$var_prefix/pid"
+ # Template stuff
+ 
+ template_path = "__PREFIX__/templates"
+-template_set  = "cam"
++template_set  = "old"
+ template_use_compiled = TRUE
+ 
+ template old  "Traditional"
+@@ -601,14 +605,14 @@ hiersep             = "/"
+ dualuse             = FALSE
+ 
+ # Names of postponed_folder and sent_mail_folder, relative to maildir
+-postponed_folder    = "postponed-msgs"
+-sent_mail_folder    = "sent-mail"
++postponed_folder    = "Drafts"
++sent_mail_folder    = "Sent"
+ 
+ # Default domain for outgoing mail. Defaults to "$hostname".
+ # default_domain      = "<valid mail domain>"
+ 
+ # Language for ispell.
+-ispell_language     = "british"
++ispell_language     = "american"
+ 
+ # Size of small and large compose windows
+ small_cols          = 80
diff --git a/testing/prayer/no_db_version_check.patch b/testing/prayer/no_db_version_check.patch
new file mode 100644
index 0000000000..28bb11501d
--- /dev/null
+++ b/testing/prayer/no_db_version_check.patch
@@ -0,0 +1,24 @@
+--- a/lib/mydb_db3.c
++++ b/lib/mydb_db3.c
+@@ -190,21 +190,10 @@ static int myinit(const char *dbdir, int
+ 
+ static int init(const char *dbdir, int myflags)
+ {
+-  int   maj, min, patch;
+-  char *vstr;
+   int   r;
+ 
+   if (dbinit++) return 0;
+ 
+-  vstr = db_version(&maj, &min, &patch);
+-  if (maj != DB_VERSION_MAJOR || min != DB_VERSION_MINOR ||
+-      DB_VERSION_PATCH > patch) {
+-    log_fatal("incorrect version of Berkeley db: "
+-              "compiled against %d.%d.%d, linked against %d.%d.%d",
+-              DB_VERSION_MAJOR, DB_VERSION_MINOR, DB_VERSION_PATCH,
+-              maj, min, patch);
+-  }
+-
+   if (!(r = myinit(dbdir, myflags)))
+     return(0);
+ 
diff --git a/testing/prayer/sighandling.patch b/testing/prayer/sighandling.patch
new file mode 100644
index 0000000000..e7916ea80b
--- /dev/null
+++ b/testing/prayer/sighandling.patch
@@ -0,0 +1,67 @@
+--- a/lib/os.h
++++ b/lib/os.h
+@@ -44,6 +44,8 @@ BOOL os_signal_alarm_clear(void);
+ 
+ BOOL os_signal_init();
+ 
++BOOL os_signal_hup_term_init(void (*hup_fn) (), void (*term_fn) ());
++
+ BOOL os_lock_exclusive(int fd);
+ 
+ BOOL os_lock_shared(int fd);
+--- a/servers/session_server.c
++++ b/servers/session_server.c
+@@ -286,6 +286,7 @@ BOOL session_server(struct config *confi
+     fd_set readfds;
+     pid_t child;
+     unsigned long timeout = 0L;
++    BOOL sighup_seen = NIL;
+ 
+     if (config->direct_enable) {
+         ssl_portlist
+@@ -348,6 +349,18 @@ BOOL session_server(struct config *confi
+             } else {
+                 rc = select(maxfd + 1, &readfds, NIL, NIL, NIL);
+             }
++           if (sighup_seen) {
++               log_misc("SIGHUP received - reexec daemon");
++               close(sockfd);
++               if (config->direct_enable) {
++                   /* Find some way to pass this information along
++                      to the new invocation somehow later. */
++                   portlist_close_all(ssl_portlist);
++                   portlist_close_all(plain_portlist);
++               }
++               log_misc_free();
++               return (T);
++           }
+         }
+         while ((rc < 0) && (errno == EINTR));
+ 
+--- a/shared/log.c
++++ b/shared/log.c
+@@ -502,6 +502,13 @@ BOOL log_misc_init(struct config *config
+     return (log_open(log_misc_ptr, log_name));
+ }
+ 
++void log_misc_free()
++{
++    if ((log_misc_ptr == NIL) || (log_misc_ptr->fd < 0))
++        return;
++    log_free(log_misc_ptr);
++}
++
+ /* log_misc_ping() *******************************************************
+  *
+  * Reopen misc log file if required
+--- a/shared/log.h
++++ b/shared/log.h
+@@ -45,6 +45,8 @@ void log_record_peer_pid(struct log *log
+ BOOL
+ log_misc_init(struct config *config, char *progname, char *misc_log_name);
+ 
++void log_misc_free();
++
+ BOOL log_misc_ping();
+ 
+ void log_misc(char *fmt, ...);
diff --git a/testing/prayer/unbrand_accountd.patch b/testing/prayer/unbrand_accountd.patch
new file mode 100644
index 0000000000..ede0add749
--- /dev/null
+++ b/testing/prayer/unbrand_accountd.patch
@@ -0,0 +1,32 @@
+--- a/accountd/filter.c
++++ b/accountd/filter.c
+@@ -266,7 +266,6 @@ filter_print_vacation(struct config *con
+ 
+     fprintf(file, "# MSshell :: vacation\n");
+     fprintf(file, "if personal\n");
+-    fprintf(file, "   alias %s@cam.ac.uk\n", pwd->pw_name);
+ 
+     if (!filter_print_aliases(config, file))
+         return (NIL);
+@@ -278,7 +277,7 @@ filter_print_vacation(struct config *con
+     fprintf(file, ("This message is automatically generated "
+                    "in response to your mail\\n\\" "\n"));
+     fprintf(file, ("message (perhaps re-directed) to "
+-                   "$local_part@hermes.cam.ac.uk.\\n\\n\"\n"));
++                   "$local_part@$local_domain.\\n\\n\"\n"));
+     fprintf(file, "    file ${home}/vacation.message\n");
+     fprintf(file, "    log  ${home}/vacation.log\n");
+     fprintf(file, "    once ${home}/vacation.once\n");
+@@ -307,10 +306,10 @@ filter_print_spam(struct config *config,
+     threshold = atoi(filter->threshold);
+ 
+     /* XXX (threshold == 0) okay? */
+-    fprintf(file, "if $h_X-Cam-SpamScore contains \"");
++    fprintf(file, "if $h_X-Spam-Level contains \"");
+ 
+     for (i=0 ; i < threshold; i++)
+-        fputc('s', file);
++        fputc('*', file);
+ 
+     fprintf(file, "\" then\n");
+     fprintf(file, "    save mail/spam\n");
diff --git a/testing/prayer/unbrand_cam_template.patch b/testing/prayer/unbrand_cam_template.patch
new file mode 100644
index 0000000000..eeabb8f03e
--- /dev/null
+++ b/testing/prayer/unbrand_cam_template.patch
@@ -0,0 +1,38 @@
+--- a/templates/cam/compose_toolbar.t
++++ b/templates/cam/compose_toolbar.t
+@@ -2,8 +2,6 @@
+ <div id="skip"> <a href="#skip-content" accesskey="2">Skip to content</a></div>
+ <div id="header">
+   <div id="branding">
+-   <a href="http://www.cam.ac.uk/" accesskey="1">
+-   <img src="/icons/ucs-id-small.jpg" alt="" class="logo" /></a>
+   </div>
+   <div id="change-to">
+     <div class="change">
+--- a/templates/cam/login.t
++++ b/templates/cam/login.t
+@@ -42,11 +42,6 @@ table#login td input {margin:0 0 0.5em 0
+ href="#skip-content" accesskey="2">Skip to content</a> </div>
+ <div id="header">
+ <div id="branding">
+-<a href="http://www.cam.ac.uk/" accesskey="1">
+- <img src="/icons/identifier.gif"
+-      alt="University of Cambridge" class="ucam" />
+- <img src="/icons/ucs.gif" alt="" class="logo" />
+-</a>
+ </div>
+ </div>
+ %
+--- a/templates/cam/toolbar.t
++++ b/templates/cam/toolbar.t
+@@ -4,9 +4,7 @@
+ href="#skip-content" accesskey="2">Skip to content</a> </div>
+ <div id="header">
+ <div id="branding">
+- <a href="http://www.cam.ac.uk/" accesskey="1">
+-   <img src="/icons/ucs-id-small.jpg" alt="" class="logo" />
+-</a></div>
++</div>
+ <div id="change-to">
+ <form method="post" accept-charset="UTF-8"
+       enctype="multipart/form-data" action="<% change |s %>">