summaryrefslogtreecommitdiff
path: root/imap/src/c-client
diff options
context:
space:
mode:
authorEduardo Chappa <chappa@washington.edu>2020-01-04 20:08:32 -0700
committerEduardo Chappa <chappa@washington.edu>2020-01-04 20:08:32 -0700
commitf398f615b6df385aec2b3553310cc237b29e068a (patch)
tree5af79c6a9a180c72c58a9d9cd2d79a1d7657d152 /imap/src/c-client
parent77191bf3e4e049603fb6a0547876259c29c71dbd (diff)
downloadalpine-f398f615b6df385aec2b3553310cc237b29e068a.tar.xz
* The feature that stopped alpine from saving passwords in the password
file prevented users from actually saving their passwords in Windows and MAC OS. Fix the code so that passwords will be saved. Also, update the documentation of this feature. * Fix a buffer overflow bug in the XOAUTH2 code (off by one error). * Update PC-Alpine to work with Libressl version 3.0.2 instead of version 2.5.5 (update build.bat and lib files from the LibreSSL build). * Erase SSLXXXXXX file. * ssl_nt.c actually directs the code to ssl_libressl.c or ssl_win.c. The file ssl_libressl.c is the file ssl_unix.c from the unix osdep directory. The file ssl_win.c is the native SSL windows code. The Unix side provides S/MIME support for Alpine and the latest encryption protocols support for Alpine when connecting to a secure server, while the windows side provide TLSv1_3 support for Alpine, but not S/MIME support. In order to provide unix code for TLSv1_3 (once LibreSSL supports it) edit the file os_nt.c and remove the comments on the #ifdef section. This would provide both TLSv1_3 and S/MIME support with unix code. On the other hand, when we provide TLSv1_3 with the Windows code we need to undefine DF_ENCRYPTION_RANGE, and this is done in the file include/config.wnt.h. The way this is done as of this moment is by commenting an #else directive that preceedes this #undefine. * Update makefile.nt and friends in the windows side to account for the addition of XOAUTH2, and the use of only ssl_nt.c when dealing with Alpine. * Define SMIME_SSLCERTS as c:\libressl\ssl\certs, so that these certificates be considered while checking a digital S/MIME signature. * Improvements to the SMARTTIME24 token to account for changes in year.
Diffstat (limited to 'imap/src/c-client')
-rw-r--r--imap/src/c-client/auth_oa2.c2
-rw-r--r--imap/src/c-client/http.c9
2 files changed, 3 insertions, 8 deletions
diff --git a/imap/src/c-client/auth_oa2.c b/imap/src/c-client/auth_oa2.c
index d77b0102..907f722f 100644
--- a/imap/src/c-client/auth_oa2.c
+++ b/imap/src/c-client/auth_oa2.c
@@ -36,7 +36,7 @@ AUTHENTICATOR auth_oa2 = {
*/
char *oauth2_generate_state(void)
{
- char rv[36];
+ char rv[37];
int i;
rv[0] = '\0';
diff --git a/imap/src/c-client/http.c b/imap/src/c-client/http.c
index 1e580c6a..5e9f8aa8 100644
--- a/imap/src/c-client/http.c
+++ b/imap/src/c-client/http.c
@@ -357,7 +357,6 @@ void
http_add_header_data(HTTPSTREAM *stream, char *hdata)
{
char *hname, *h;
- size_t hlen;
int found = 1;
if(!stream || !hdata || !*hdata) return;
@@ -534,7 +533,7 @@ http_add_header_data(HTTPSTREAM *stream, char *hdata)
HTTP_PARAM_LIST_S *
http_parse_token_list(char *h, int num)
{
- char *s = h, *t, *u, c, d;
+ char *s = h, *t, c;
HTTP_PARAM_LIST_S *rv = NIL;
if(!s || !*s || num == 0) return NIL;
@@ -652,7 +651,7 @@ PARAMETER *
http_parse_parameter(char *s, int flag)
{
PARAMETER *p;
- char *t, *u, c, d;
+ char *t, *u, c;
/* Step 1:
* separate the parameters into a list separated by ";"
@@ -996,7 +995,6 @@ http_post_param2(char *url, HTTP_PARAM_S *param)
char *
http_get_param(char *base_url, HTTP_PARAM_S *param)
{
- HTTPSTREAM *stream;
char *url, *reply;
url = http_get_param_url(base_url, param);
@@ -1054,7 +1052,6 @@ long
http_send (HTTPSTREAM *stream, HTTP_REQUEST_S *req)
{
long ret;
- int len;
char *s = NULL;
if (!stream->netstream)
@@ -1085,7 +1082,6 @@ http_status_line_get(char *status_line)
HTTP_STATUS_S *rv = NULL;
char *version, *s;
int status;
- int len;
if(!status_line) return NIL;
@@ -1121,7 +1117,6 @@ long
http_reply (HTTPSTREAM *stream)
{
int in_header = 1;
- HTTP_STATUS_S reply_status;
unsigned long size;
if (stream->response) fs_give ((void **) &stream->response);