* The feature that stopped alpine from saving passwords in the password

     file prevented users from actually saving their passwords in Windows
     and MAC OS. Fix the code so that passwords will be saved. Also,
     update the documentation of this feature.

   * Fix a buffer overflow bug in the XOAUTH2 code (off by one error).

   * Update PC-Alpine to work with Libressl version 3.0.2 instead of
     version 2.5.5 (update build.bat and lib files from the LibreSSL
     build).

   * Erase SSLXXXXXX file.

   * ssl_nt.c actually directs the code to ssl_libressl.c or ssl_win.c.
     The file ssl_libressl.c is the file ssl_unix.c from the unix osdep
     directory. The file ssl_win.c is the native SSL windows code. The
     Unix side provides S/MIME support for Alpine and the latest
     encryption protocols support for Alpine when connecting to a secure
     server, while the windows side provide TLSv1_3 support for Alpine,
     but not S/MIME support.

     In order to provide unix code for TLSv1_3 (once LibreSSL supports it)
     edit the file os_nt.c and remove the comments on the #ifdef section.
     This would provide both TLSv1_3 and S/MIME support with unix code. On
     the other hand, when we provide TLSv1_3 with the Windows code we need
     to undefine DF_ENCRYPTION_RANGE, and this is done in the file
     include/config.wnt.h. The way this is done as of this moment is by
     commenting an #else directive that preceedes this #undefine.

   * Update makefile.nt and friends in the windows side to account for the
     addition of XOAUTH2, and the use of only ssl_nt.c when dealing with
     Alpine.

   * Define SMIME_SSLCERTS as c:\libressl\ssl\certs, so that these
     certificates be considered while checking a digital S/MIME signature.

   * Improvements to the SMARTTIME24 token to account for changes in year.

1 files changed, 7 insertions, 7 deletions

diff --git a/libressl/include/openssl/pem.h b/libressl/include/openssl/pem.h
index d1916a18..adc85226 100644
--- a/libressl/include/openssl/pem.h
+++ b/libressl/include/openssl/pem.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: pem.h,v 1.17 2016/09/04 16:22:54 jsing Exp $ */
+/* $OpenBSD: pem.h,v 1.19 2018/08/24 19:51:31 tb Exp $ */
 /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -385,8 +385,8 @@ int	PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data, long *len,
 #ifndef OPENSSL_NO_BIO
 int	PEM_read_bio(BIO *bp, char **name, char **header,
 	    unsigned char **data, long *len);
-int	PEM_write_bio(BIO *bp, const char *name, char *hdr, unsigned char *data,
-	    long len);
+int	PEM_write_bio(BIO *bp, const char *name, const char *hdr,
+	    const unsigned char *data, long len);
 int	PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
 	    const char *name, BIO *bp, pem_password_cb *cb, void *u);
 void *	PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp,
@@ -403,8 +403,8 @@ int	PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
 
 int	PEM_read(FILE *fp, char **name, char **header,
 	    unsigned char **data, long *len);
-int	PEM_write(FILE *fp, char *name, char *hdr, unsigned char *data,
-	    long len);
+int	PEM_write(FILE *fp, const char *name, const char *hdr,
+	    const unsigned char *data, long len);
 void *  PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
 	    pem_password_cb *cb, void *u);
 int	PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
@@ -421,8 +421,8 @@ void	PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
 int	PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
 	    unsigned char *out, int *outl, EVP_PKEY *priv);
 
-void    PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
-void    PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt);
+int    PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
+int    PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt);
 int	PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
 	    unsigned int *siglen, EVP_PKEY *pkey);