summaryrefslogtreecommitdiff
path: root/pith
diff options
context:
space:
mode:
authorEduardo Chappa <chappa@washington.edu>2020-01-04 20:08:32 -0700
committerEduardo Chappa <chappa@washington.edu>2020-01-04 20:08:32 -0700
commitf398f615b6df385aec2b3553310cc237b29e068a (patch)
tree5af79c6a9a180c72c58a9d9cd2d79a1d7657d152 /pith
parent77191bf3e4e049603fb6a0547876259c29c71dbd (diff)
downloadalpine-f398f615b6df385aec2b3553310cc237b29e068a.tar.xz
* The feature that stopped alpine from saving passwords in the password
file prevented users from actually saving their passwords in Windows and MAC OS. Fix the code so that passwords will be saved. Also, update the documentation of this feature. * Fix a buffer overflow bug in the XOAUTH2 code (off by one error). * Update PC-Alpine to work with Libressl version 3.0.2 instead of version 2.5.5 (update build.bat and lib files from the LibreSSL build). * Erase SSLXXXXXX file. * ssl_nt.c actually directs the code to ssl_libressl.c or ssl_win.c. The file ssl_libressl.c is the file ssl_unix.c from the unix osdep directory. The file ssl_win.c is the native SSL windows code. The Unix side provides S/MIME support for Alpine and the latest encryption protocols support for Alpine when connecting to a secure server, while the windows side provide TLSv1_3 support for Alpine, but not S/MIME support. In order to provide unix code for TLSv1_3 (once LibreSSL supports it) edit the file os_nt.c and remove the comments on the #ifdef section. This would provide both TLSv1_3 and S/MIME support with unix code. On the other hand, when we provide TLSv1_3 with the Windows code we need to undefine DF_ENCRYPTION_RANGE, and this is done in the file include/config.wnt.h. The way this is done as of this moment is by commenting an #else directive that preceedes this #undefine. * Update makefile.nt and friends in the windows side to account for the addition of XOAUTH2, and the use of only ssl_nt.c when dealing with Alpine. * Define SMIME_SSLCERTS as c:\libressl\ssl\certs, so that these certificates be considered while checking a digital S/MIME signature. * Improvements to the SMARTTIME24 token to account for changes in year.
Diffstat (limited to 'pith')
-rw-r--r--pith/conf.c6
-rw-r--r--pith/conftype.h4
-rw-r--r--pith/mailindx.c2
-rw-r--r--pith/pine.hlp18
4 files changed, 21 insertions, 9 deletions
diff --git a/pith/conf.c b/pith/conf.c
index ea133a74..c802d011 100644
--- a/pith/conf.c
+++ b/pith/conf.c
@@ -3116,11 +3116,11 @@ feature_list(int index)
{"disable-password-caching", NULL,
F_DISABLE_PASSWORD_CACHING, h_config_disable_password_caching,
PREF_MISC, 0},
-#ifdef PASSFILE
+#ifdef LOCAL_PASSWD_CACHE
{"disable-password-file-saving", NULL,
F_DISABLE_PASSWORD_FILE_SAVING, h_config_disable_password_file_saving,
PREF_MISC, 0},
-#endif /* PASSFILE */
+#endif /* LOCAL_PASSWD_CACHE */
{"disable-regular-expression-matching-for-alternate-addresses", NULL,
F_DISABLE_REGEX, h_config_disable_regex, PREF_MISC, 0},
{"disable-save-input-history", NULL,
@@ -8205,8 +8205,6 @@ get_supported_options(void)
#ifdef TLS1_3_VERSION
strcat(tmp, "TLSv1.3, ");
#endif /* TLS1_3_VERSION */
- strcat(tmp, "DTLSv1, ");
- strcat(tmp, "DTLSv1.2, ");
tmp[strlen(tmp)-2] = '.';
tmp[strlen(tmp)-1] = '\0';
}
diff --git a/pith/conftype.h b/pith/conftype.h
index 42573ce3..0e782e62 100644
--- a/pith/conftype.h
+++ b/pith/conftype.h
@@ -359,9 +359,9 @@ typedef enum {
F_AUTO_INCLUDE_IN_REPLY,
F_DISABLE_CONFIG_SCREEN,
F_DISABLE_PASSWORD_CACHING,
-#ifdef PASSFILE
+#ifdef LOCAL_PASSWD_CACHE
F_DISABLE_PASSWORD_FILE_SAVING,
-#endif /* PASSFILE */
+#endif /* LOCAL_PASSWD_CACHE */
F_DISABLE_REGEX,
F_DISABLE_PASSWORD_CMD,
F_DISABLE_UPDATE_CMD,
diff --git a/pith/mailindx.c b/pith/mailindx.c
index 4c649964..3d7e5c70 100644
--- a/pith/mailindx.c
+++ b/pith/mailindx.c
@@ -4961,7 +4961,7 @@ date_str(char *datesrc, IndexColType type, int v, char *str, size_t str_len,
/* (if message dated this month or last month...) */
if((d.year == now.year && d.month >= now.month - 6) ||
- (d.year == now.year - 1 && d.month == 12 && now.month == 6)){
+ (d.year == now.year - 1 && d.month == 12 && now.month <= 6)){
daydiff = day_of_year(&now) - day_of_year(&d);
diff --git a/pith/pine.hlp b/pith/pine.hlp
index aa86c17c..38d76e7a 100644
--- a/pith/pine.hlp
+++ b/pith/pine.hlp
@@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any
reasonable place to be called from.
Dummy change to get revision in pine.hlp
============= h_revision =================
-Alpine Commit 380 2019-12-19 08:22:29
+Alpine Commit 381 2020-01-04 20:07:10
============= h_news =================
<HTML>
<HEAD>
@@ -33910,7 +33910,15 @@ That is a separate and independent feature.
<BODY>
<H1>FEATURE: <!--#echo var="FEAT_disable-password-file-saving"--></H1>
-This feature changes the behavior of Alpine when a login name and password combination
+<P> This feature disables caching of passwords, even if your version of Alpine allows
+saving passwords. For MAC OS users saving passwords is done using the Apple Key Chain, for
+Windows users caching passwords is done using the internal Windows Credentials, and for
+other users this is done by using the password file. In this feature, the phrase
+&quot;password file&quot; is a misnomer and represents the way in which your system
+stores passwords.
+
+<P>
+Specifically, this feature changes the behavior of Alpine when a login name and password combination
for a specific server is not found in the password file. The default behavior is that
Alpine will ask the user if they wish to save this information in the password file for future
use. It is assumed that if a user created a password file it is because they intend
@@ -33918,6 +33926,12 @@ to use it, but in some instances a user might want to save some passwords and no
In this case, enabling this feature will make Alpine not add any more passwords to the
password file and will only use the passwords that it already saved. If you wish to allow
Alpine to save more passwords in the password file, disable this feature.
+
+<P> Regardless of which method Alpine uses to store passwords, this is done in a secure
+way when compiled with OpenSSL or LibreSSL. This is very likely to be your version, and
+you can check this by reading the encryption features
+<A HREF="X-Alpine-Config:">supported</A> by Alpine.
+
<P>
<UL>
<LI><A HREF="h_finding_help">Finding more information and requesting help</A>