summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEduardo Chappa <chappa@washington.edu>2020-06-29 03:19:56 -0600
committerEduardo Chappa <chappa@washington.edu>2020-06-29 03:19:56 -0600
commit4d77713f495bc1e797393cb05e88f17f78ff91d1 (patch)
tree1850ff02995d4c70ab32e3b125a39dff7c1414ab
parentac3618ca9d4d5136b8e231c6de23b2da6add204f (diff)
downloadalpine-4d77713f495bc1e797393cb05e88f17f78ff91d1.tar.xz
* Modifications to protect the privacy of users:
+ Alpine does not generate Sender or X-X-Sender by default by making [X] Do Not Generate Sender Header the default. + Alpine does not disclose User Agent by default by making [X] Suppress User Agent When Sending the default. + Alpine uses the domain in the From: header of a message to generate a message-id and suppresses all information about Alpine, version, revision, and time of generation of the message-id from this header. This information is replaced by a random string.
-rw-r--r--alpine/send.c21
-rw-r--r--imap/src/c-client/mail.h1
-rw-r--r--imap/src/c-client/oauth2_aux.h1
-rw-r--r--pith/conf.c4
-rw-r--r--pith/pine.hlp25
-rw-r--r--pith/reply.c59
6 files changed, 54 insertions, 57 deletions
diff --git a/alpine/send.c b/alpine/send.c
index b4e2322f..2e6eace4 100644
--- a/alpine/send.c
+++ b/alpine/send.c
@@ -603,6 +603,7 @@ compose_mail(char *given_to, char *fcc_arg, ACTION_S *role_arg,
int impl, template_len = 0;
long rflags = ROLE_COMPOSE;
PAT_STATE dummy;
+ char *hostpart;
/*================= Compose new message ===============*/
body = mail_newbody();
@@ -611,8 +612,6 @@ compose_mail(char *given_to, char *fcc_arg, ACTION_S *role_arg,
if(given_to)
rfc822_parse_adrlist(&outgoing->to, given_to, ps_global->maildomain);
- outgoing->message_id = generate_message_id();
-
/*
* Setup possible role
*/
@@ -646,6 +645,24 @@ compose_mail(char *given_to, char *fcc_arg, ACTION_S *role_arg,
role->nick);
/*
+ * set ps_global->hostname to something sensible, if possible,
+ * for purposes of generating a message id
+ */
+ hostpart = cpystr(ps_global->hostname);
+ fs_give((void **) &ps_global->hostname);
+ if(role && role->from)
+ ps_global->hostname = cpystr(role->from->host ? role->from->host : "huh");
+ else if(ps_global->maildomain) /* as in generate_from() */
+ ps_global->hostname = cpystr(ps_global->maildomain);
+ else
+ ps_global->hostname = cpystr(hostpart); /* all for nothing */
+ outgoing->message_id = generate_message_id();
+ /* undo the changes above */
+ fs_give((void **) &ps_global->hostname);
+ ps_global->hostname = cpystr(hostpart);
+ fs_give((void **) &hostpart);
+
+ /*
* The type of storage object allocated below is vitally
* important. See SIMPLIFYING ASSUMPTION #37
*/
diff --git a/imap/src/c-client/mail.h b/imap/src/c-client/mail.h
index eb8f0139..65e02288 100644
--- a/imap/src/c-client/mail.h
+++ b/imap/src/c-client/mail.h
@@ -2005,3 +2005,4 @@ void oauth2deviceinfo_get_accesscode(void *, void *);
XOAUTH2_INFO_S *new_xoauth2_info(void);
void free_xoauth2_info(XOAUTH2_INFO_S **);
XOAUTH2_INFO_S *copy_xoauth2_info(XOAUTH2_INFO_S *);
+char *oauth2_generate_state(void);
diff --git a/imap/src/c-client/oauth2_aux.h b/imap/src/c-client/oauth2_aux.h
index b076da3c..7882a3c0 100644
--- a/imap/src/c-client/oauth2_aux.h
+++ b/imap/src/c-client/oauth2_aux.h
@@ -18,7 +18,6 @@
#define OA2_CODE_SUCCESS 0
void mm_login_oauth2_c_client_method (NETMBX *, char *, char *, OAUTH2_S *, unsigned long, int *);
-char *oauth2_generate_state(void);
void oauth2deviceinfo_get_accesscode(void *, void *);
#endif /* C_CLIENT_OAUTH2_AUX_INCLUDED */
diff --git a/pith/conf.c b/pith/conf.c
index 1835c404..8b977ae2 100644
--- a/pith/conf.c
+++ b/pith/conf.c
@@ -2909,7 +2909,7 @@ feature_list(int index)
/* Sending Prefs */
{"disable-sender", "Do Not Generate Sender Header",
- F_DISABLE_SENDER, h_config_disable_sender, PREF_SEND, 0},
+ F_DISABLE_SENDER, h_config_disable_sender, PREF_SEND, 1},
{"use-sender-not-x-sender", "Use Sender Instead of X-X-Sender",
F_USE_SENDER_NOT_X, h_config_use_sender_not_x, PREF_SEND, 0},
{"quell-flowed-text", "Do Not Send Flowed Text",
@@ -3281,7 +3281,7 @@ feature_list(int index)
{"quell-timezone-comment-when-sending", "Suppress Timezone Comment When Sending",
F_QUELL_TIMEZONE, h_config_quell_tz_comment, PREF_MISC, 0},
{"suppress-user-agent-when-sending", NULL,
- F_QUELL_USERAGENT, h_config_suppress_user_agent, PREF_MISC, 0},
+ F_QUELL_USERAGENT, h_config_suppress_user_agent, PREF_MISC, 1},
{"tab-checks-recent", "Tab Checks for Recent Messages",
F_TAB_CHK_RECENT, h_config_tab_checks_recent, PREF_MISC, 0},
{"termdef-takes-precedence", NULL,
diff --git a/pith/pine.hlp b/pith/pine.hlp
index 92f2d9a3..b549bc91 100644
--- a/pith/pine.hlp
+++ b/pith/pine.hlp
@@ -194,19 +194,34 @@ problems you find with this release.
<LI> Expansion of the configuration screen for XOAUTH2 to include
username, and tenant.
+<LI> If a user has more than one client-id for a service, Alpine tries to
+ asks the user which client-id to use and associates that client-id to
+ the credentials in the XOAUTH2 configuration screen.
+ <A HREF="h_xoauth2_config_screen">Learn more</A>.
+
<LI> Addition of a link to the Apache License 2.0 (see above). This is
available from the Release Notes as well as the welcome screen.
+<LI> Modifications to protect the privacy of users:
+<UL>
+<LI> Alpine does not generate Sender or X-X-Sender by default
+ by enabling <a href="h_config_disable_sender"><!--#echo var="FEAT_disable-sender"--></a>
+ as the default.
+<LI> Alpine does not disclose User Agent by default by enabling
+ <A HREF="h_config_suppress_user_agent"><!--#echo var="FEAT_suppress-user-agent-when-sending"--></A>
+ by default.
+<LI> Alpine uses the domain in the From: header of a message
+ to generate a message-id and suppresses all information
+ about Alpine, version, revision, and time of generation
+ of the message-id from this header. This information is
+ replaced by a random string.
+</UL>
+
<LI> Alpine will ding the terminal bell when asking about quitting
when new mail arrives. This is consistent with Alpine dinging the
bell when new mail arrives. The bell will not ding if it is disabled
for status messages. Suggested by Chime Hart.
-<LI> If a user has more than one client-id for a service, Alpine tries to
- asks the user which client-id to use and associates that client-id to
- the credentials in the XOAUTH2 configuration screen.
- <A HREF="h_xoauth2_config_screen">Learn more</A>.
-
<LI> When messages are selected, pressing the &quot;;&quot; command to broaden or narrow
a search, now offers the possibility to completely replace the search, and
is almost equivalent to being a shortcut to &quot;unselect all messages, and select
diff --git a/pith/reply.c b/pith/reply.c
index ab4e97c2..702832a0 100644
--- a/pith/reply.c
+++ b/pith/reply.c
@@ -3346,58 +3346,23 @@ second and a single unique character
char *
generate_message_id(void)
{
- static short osec = 0, cnt = 0;
- char idbuf[128], revisionbuf[128];
char *id;
- time_t now;
- struct tm *now_x;
- char *revision = NULL;
- char *hostpart = NULL;
- char *alpine_name = NULL;
- char *alpine_version = NULL;
- char *system_os = NULL;
-
- now = time((time_t *)0);
- now_x = localtime(&now);
-
- if(now_x->tm_sec == osec)
- cnt++;
- else{
- cnt = 0;
- osec = now_x->tm_sec;
- }
+ char *leftpart;
+ char *hostpart;
- get_alpine_revision_number(revisionbuf, sizeof(revisionbuf));
if(F_ON(F_ROT13_MESSAGE_ID, ps_global)){
- hostpart = rot13(ps_global->hostname);
- alpine_name = rot13("alpine");
- alpine_version = rot5n(ALPINE_VERSION);
- system_os = rot13(SYSTYPE);
- revision = rot5n(revisionbuf);
+ hostpart = rot13(ps_global->hostname);
+ leftpart = rot13(oauth2_generate_state());
} else {
- hostpart = cpystr(ps_global->hostname);
- alpine_name = cpystr("alpine");
- alpine_version = cpystr(ALPINE_VERSION);
- system_os = cpystr(SYSTYPE);
- revision = cpystr(revisionbuf);
+ hostpart = cpystr(ps_global->hostname);
+ leftpart = oauth2_generate_state();
}
-
- if(!hostpart)
- hostpart = cpystr("huh");
-
- snprintf(idbuf, sizeof(idbuf), "<%.6s.%.4s.%.20s.%.10s.%02d%02d%02d%02d%02d%02d%X.%d@%.50s>",
- alpine_name, system_os, alpine_version, revision,(now_x->tm_year) % 100, now_x->tm_mon + 1,
- now_x->tm_mday, now_x->tm_hour, now_x->tm_min, now_x->tm_sec,
- cnt, getpid(), hostpart);
- idbuf[sizeof(idbuf)-1] = '\0';
-
- id = cpystr(idbuf);
-
- if(hostpart) fs_give((void **) &hostpart);
- if(alpine_name) fs_give((void **) & alpine_name);
- if(alpine_version) fs_give((void **)&alpine_version);
- if(system_os) fs_give((void **)&system_os);
- if(revision) fs_give((void **)&revision);
+
+ id = fs_get(strlen(leftpart) + strlen(hostpart) + 4);
+ sprintf(id, "<%s@%s>", leftpart, hostpart);
+
+ fs_give((void **) &hostpart);
+ fs_give((void **) &leftpart);
return(id);
}