* new version 2.20.3

   * SMIME: If a message contains a RFC822 atachment that is
     signed/decrypted add the ability to view its SMIME information.

   * SMIME: The ^E command that gives information on the certificate
     is only available for messages that have a signed or encrypted part.

   * Fix vulnerability in regex library. This only affects those who use
     this library, such as the windows version of Alpine. See
     http://www.kb.cert.org/vuls/id/695940.

   * HTML: Add support for decoding entities in hexadecimal notation.
     Suggested by Tulipánt Gergely.

   * Pico: Add the ability to search for strings in the beginning or end
     of a line. In the search menu, pressing Ctrl-^ toggles the prompt
     to search for a string at the beginning of a line. Another press of
     Ctrl-^ toggles the prompt to search for a string at the end of a line,
     and pressing Ctrl-^ one more time searches for the string anywhere in
     the text.

6 files changed, 119 insertions, 30 deletions

diff --git a/alpine/keymenu.c b/alpine/keymenu.c
index 06ef373e..92b90e6f 100644
--- a/alpine/keymenu.c
+++ b/alpine/keymenu.c
@@ -813,7 +813,25 @@ struct key att_view_keys[] =
 	{"%", N_("Print"), {MC_PRINTMSG,1,{'%'}}, KS_PRINT},
 	NULL_MENU,
 	REPLY_MENU,
-	FORWARD_MENU};
+	FORWARD_MENU,
+
+	HELP_MENU,
+	OTHER_MENU,
+	HOMEKEY_MENU,
+	ENDKEY_MENU,
+	NULL_MENU,
+	NULL_MENU,
+#ifdef SMIME
+	{"^D","Decrypt", {MC_DECRYPT,1,{ctrl('d')},KS_NONE}},
+	{"^E","Security", {MC_SECURITY,1,{ctrl('e')},KS_NONE}},
+#else
+	NULL_MENU,
+	NULL_MENU,
+#endif
+	NULL_MENU,
+	NULL_MENU,
+	NULL_MENU,
+	NULL_MENU};
 INST_KEY_MENU(att_view_keymenu, att_view_keys);
 
 
diff --git a/alpine/keymenu.h b/alpine/keymenu.h
index 58fe0bb7..eaffd29e 100644
--- a/alpine/keymenu.h
+++ b/alpine/keymenu.h
@@ -519,6 +519,8 @@ struct key_menu {
 #define	ATV_PRINT_KEY		20
 #define	ATV_REPLY_KEY		22
 #define	ATV_FORWARD_KEY		23
+#define ATV_DECRYPT_KEY		(ATV_PIPE_KEY + 14)
+#define ATV_SECURITY_KEY	(ATV_DECRYPT_KEY + 1)
 #define VIEW_ATT_KEY		 3
 #define VIEW_FULL_HEADERS_KEY	32
 #define	VIEW_VIEW_HANDLE	26
diff --git a/alpine/mailcmd.c b/alpine/mailcmd.c
index a418891a..2fcd2165 100644
--- a/alpine/mailcmd.c
+++ b/alpine/mailcmd.c
@@ -1476,7 +1476,7 @@ get_out:
 	break;
 
       case MC_SECURITY:
-	state->next_screen = smime_info_screen;
+	smime_info_screen(state);
 	break;
 #endif
 
diff --git a/alpine/mailpart.c b/alpine/mailpart.c
index a1064cf1..e7fd43b9 100644
--- a/alpine/mailpart.c
+++ b/alpine/mailpart.c
@@ -39,6 +39,7 @@ static char rcsid[] = "$Id: mailpart.c 1074 2008-06-04 00:08:43Z hubert@u.washin
 #include "signal.h"
 #include "send.h"
 #include "busy.h"
+#include "smime.h"
 #include "../pith/state.h"
 #include "../pith/conf.h"
 #include "../pith/store.h"
@@ -2522,6 +2523,15 @@ scroll_attachment(char *title, STORE_S *store, SourceType src, HANDLE_S *handles
 	clrbitn(ATV_REPLY_KEY, sargs.keys.bitmap);
 	clrbitn(ATV_EXPORT_KEY, sargs.keys.bitmap);
     }
+#ifdef SMIME
+    if(!(ps_global->smime && ps_global->smime->need_passphrase))
+	clrbitn(ATV_DECRYPT_KEY, sargs.keys.bitmap);
+
+    if(F_ON(F_DONT_DO_SMIME, ps_global) || !MIME_MSG_A(a)){
+	clrbitn(ATV_DECRYPT_KEY, sargs.keys.bitmap);
+	clrbitn(ATV_SECURITY_KEY, sargs.keys.bitmap);
+    }
+#endif
 
     sargs.use_indexline_color = 1;
 
@@ -2536,6 +2546,18 @@ scroll_attachment(char *title, STORE_S *store, SourceType src, HANDLE_S *handles
     return(scrolltool(&sargs));
 }
 
+void
+display_smime_info_att(struct pine *ps, ATTACH_S *a)
+{
+  if(smime_check(a->body->nested.msg->body) == 0){
+      q_status_message(SM_ORDER | SM_DING, 0, 3,
+                         _("Not a signed or encrypted message"));
+      return;
+  }   
+
+  display_smime_info(ps, a->body->nested.msg->env, a->body->nested.msg->body);
+}
+
 
 int
 process_attachment_cmd(int cmd, MSGNO_S *msgmap, SCROLL_S *sparms)
@@ -2634,6 +2656,17 @@ process_attachment_cmd(int cmd, MSGNO_S *msgmap, SCROLL_S *sparms)
 	rv = 1;
 	break;
 
+#ifdef SMIME
+      case MC_DECRYPT:
+        if(ps_global->smime && ps_global->smime->need_passphrase)
+          smime_get_passphrase();
+        break;
+
+      case MC_SECURITY:
+	display_smime_info_att(ps_global, sparms->proc.data.p);
+        break;
+#endif
+
       default:
 	alpine_panic("Unexpected command case");
 	break;
diff --git a/alpine/smime.c b/alpine/smime.c
index 6c175d34..6f2665c7 100644
--- a/alpine/smime.c
+++ b/alpine/smime.c
@@ -97,40 +97,40 @@ smime_get_passphrase(void)
     return rc;	/* better return rc and make the caller check its return value */
 }
 
+int
+smime_check(BODY *body)
+{
+  int rv = 0;
+  PKCS7 *p7 = NULL;
+
+  if(body->type == TYPEMULTIPART){
+	PART *p;
+        
+	for(p=body->nested.part; p && rv == 0; p=p->next)
+	  rv += smime_check(&p->body);
+  }
+  if(rv > 0) return rv;
+  if(body->sparep)
+	p7 = get_smime_sparep_type(body->sparep) == P7Type
+		? (PKCS7 *)get_smime_sparep_data(body->sparep)
+		: NULL;
+  if(p7 && (PKCS7_type_is_signed(p7) || PKCS7_type_is_enveloped(p7)))
+    rv += 1;
+  return rv;
+}
+
 
 void
-smime_info_screen(struct pine *ps)
-{
-    long      msgno;
-    OtherMenu what;
-    int       offset = 0;
-    BODY     *body;
-    ENVELOPE *env;
+display_smime_info(struct pine *ps, ENVELOPE *env, BODY *body)
+{    
+    OtherMenu what = FirstMenu;
     HANDLE_S *handles = NULL;
     SCROLL_S  scrollargs;
     STORE_S  *store = NULL;
-    
-    ps->prev_screen = smime_info_screen;
-    ps->next_screen = SCREEN_FUN_NULL;
-
-    if(mn_total_cur(ps->msgmap) > 1L){
-	q_status_message(SM_ORDER | SM_DING, 0, 3,
-			 _("Can only view one message's information at a time."));
-	return;
-    }
-    /* else check for existence of smime bits */
+    long  msgno;
+    int	  offset = 0;
 
     msgno = mn_m2raw(ps->msgmap, mn_get_cur(ps->msgmap));
-    
-    env = mail_fetch_structure(ps->mail_stream, msgno, &body, 0);
-    if(!env || !body){
-	q_status_message(SM_ORDER, 0, 3,
-			 _("Can't fetch body of message."));
-	return;
-    }
-    
-    what = FirstMenu;
-
     store = so_get(CharStar, NULL, EDIT_ACCESS);
 
     while(ps->next_screen == SCREEN_FUN_NULL){
@@ -183,6 +183,41 @@ smime_info_screen(struct pine *ps)
     so_give(&store);
 }
 
+void
+smime_info_screen(struct pine *ps)
+{
+    long      msgno;
+    BODY     *body;
+    ENVELOPE *env;
+    
+/*    ps->prev_screen = smime_info_screen;
+    ps->next_screen = SCREEN_FUN_NULL; */
+
+    msgno = mn_m2raw(ps->msgmap, mn_get_cur(ps->msgmap));
+    
+    env = mail_fetch_structure(ps->mail_stream, msgno, &body, 0);
+
+    if(!env || !body){
+	q_status_message(SM_ORDER, 0, 3,
+			 _("Can't fetch body of message."));
+	return;
+    }
+
+    if(smime_check(body) == 0){
+      q_status_message(SM_ORDER | SM_DING, 0, 3,
+			 _("Not a signed or encrypted message"));
+      return;
+    }
+
+    if(mn_total_cur(ps->msgmap) > 1L){
+	q_status_message(SM_ORDER | SM_DING, 0, 3,
+			 _("Can only view one message's information at a time."));
+	return;
+    }
+
+    display_smime_info(ps, env, body);
+}
+
 
 void
 format_smime_info(int pass, BODY *body, long msgno, gf_io_t pc)
diff --git a/alpine/smime.h b/alpine/smime.h
index d0367e0e..b584be2e 100644
--- a/alpine/smime.h
+++ b/alpine/smime.h
@@ -29,7 +29,8 @@ int    smime_certificate_error_ask(int error);
 void   smime_info_screen(struct pine *ps);
 void   smime_config_screen(struct pine *, int edit_exceptions);
 int    smime_related_var(struct pine *, struct variable *);
-
+void   display_smime_info(struct pine *, ENVELOPE *, BODY *);
+int    smime_check(BODY *);	/* check that the message is smime */
 
 #endif /* PINE_SMIME_INCLUDED */
 #endif /* SMIME */