diff options
author | Eduardo Chappa <chappa@washington.edu> | 2015-12-14 19:11:35 -0700 |
---|---|---|
committer | Eduardo Chappa <chappa@washington.edu> | 2015-12-14 19:11:35 -0700 |
commit | fe6139e073a2810420a8f6f869171a262929022d (patch) | |
tree | 37960c85dfc2d4a902a600d535c74effdb0ad36c /pith | |
parent | 29fbd1d5e424fadcf54a338aee8e57a9285fdf4b (diff) | |
download | alpine-fe6139e073a2810420a8f6f869171a262929022d.tar.xz |
* S/MIME: When reading a local certificate, Alpine converts the name of
the certificate to lowercase, which may make Alpine not be able to
read such certificate. Reported by Dennis Davis.
Diffstat (limited to 'pith')
-rw-r--r-- | pith/pine.hlp | 8 | ||||
-rw-r--r-- | pith/smime.c | 12 | ||||
-rw-r--r-- | pith/smkeys.c | 7 | ||||
-rw-r--r-- | pith/smkeys.h | 2 |
4 files changed, 17 insertions, 12 deletions
diff --git a/pith/pine.hlp b/pith/pine.hlp index 1ec429fe..859724dd 100644 --- a/pith/pine.hlp +++ b/pith/pine.hlp @@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any reasonable place to be called from. Dummy change to get revision in pine.hlp ============= h_revision ================= -Alpine Commit 115 2015-12-07 00:01:48 +Alpine Commit 116 2015-12-14 19:09:59 ============= h_news ================= <HTML> <HEAD> @@ -195,7 +195,7 @@ Additions include: in lower case, as some SMTP servers, such as those of libero.it reject messages if the boundary attribute is in uppercase. - <LI> SMIME: The ^E command that gives infromation on the certificate + <LI> SMIME: The ctrl-E command that gives information on the certificate is only available for messages that have a signed or encrypted part. @@ -325,6 +325,10 @@ Bugs that have been addressed include: <LI> SMIME: Alpine does not remove remporary files created when adding a CA certificate to a container. Reported by Holger Trapp. + <LI> SMIME: When reading a local certificate, Alpine converts the name + of the certificate to lowercase, which may make Alpine not be able + to read such certificate. Reported by Dennis Davis. + <LI> Pico: Searching for a string that is too long causes Pico to crash in the next search. diff --git a/pith/smime.c b/pith/smime.c index 30f42a22..e4448e74 100644 --- a/pith/smime.c +++ b/pith/smime.c @@ -928,7 +928,7 @@ certlist_from_personal_certs(PERSONAL_CERT *pc) cl = fs_get(sizeof(CertList)); memset((void *)cl, 0, sizeof(CertList)); cl->name = cpystr(pc->name); - x = get_cert_for(pc->name, Public); + x = get_cert_for(pc->name, Public, 1); if(x){ if(x->cert_info){ cl->data.date_from = smime_get_date(x->cert_info->validity->notBefore); @@ -1087,7 +1087,7 @@ get_personal_certs(char *path) /* chop off ".key" trailier */ buf2[strlen(buf2)-4] = 0; /* Look for certificate */ - cert = get_cert_for(buf2, Public); + cert = get_cert_for(buf2, Public, 1); if(cert){ PERSONAL_CERT *pc; @@ -2317,7 +2317,7 @@ encrypt_outgoing_message(METAENV *header, BODY **bodyP) for(a=*pf->addr; a; a=a->next){ snprintf(buf, sizeof(buf), "%s@%s", a->mailbox, a->host); - if((cert = get_cert_for(buf, Public)) != NULL){ + if((cert = get_cert_for(buf, Public, 1)) != NULL){ sk_X509_push(encerts,cert); }else{ q_status_message2(SM_ORDER, 1, 1, @@ -2332,7 +2332,7 @@ encrypt_outgoing_message(METAENV *header, BODY **bodyP) for(a=header->env->from; a ; a = a->next){ snprintf(buf, sizeof(buf), "%s@%s", a->mailbox, a->host); - if((cert = get_cert_for(buf, Public)) != NULL + if((cert = get_cert_for(buf, Public, 1)) != NULL && sk_X509_find(encerts, cert) == -1) sk_X509_push(encerts,cert); } @@ -2496,7 +2496,7 @@ int smime_extract_and_save_cert(PKCS7 *p7, int check_cert) if((email = get_x509_subject_email(x)) != NULL){ for(j = 0; email[j] != NULL; j++){ - if((cert = get_cert_for(email[j], Public)) == NULL + if((cert = get_cert_for(email[j], Public, 1)) == NULL || same_cert(x, cert) == 0){ if(check_cert == 0 || smime_validate_cert(x, &error) == 0 @@ -2547,7 +2547,7 @@ do_signature_verify(PKCS7 *p7, BIO *in, BIO *out, int silent) if(cl->x509_cert == NULL){ char *s = strrchr(cl->name, '.'); *s = '\0'; - cl->x509_cert = get_cert_for(cl->name, Public); + cl->x509_cert = get_cert_for(cl->name, Public, 1); *s = '.'; } } diff --git a/pith/smkeys.c b/pith/smkeys.c index c5c24bcb..ce7ad873 100644 --- a/pith/smkeys.c +++ b/pith/smkeys.c @@ -865,7 +865,7 @@ save_cert_for(char *email, X509 *cert, WhichCerts ctype) * The caller should free the cert. */ X509 * -get_cert_for(char *email, WhichCerts ctype) +get_cert_for(char *email, WhichCerts ctype, int tolower) { char certfilename[MAXPATH]; char emailaddr[MAXPATH]; @@ -883,7 +883,8 @@ get_cert_for(char *email, WhichCerts ctype) emailaddr[sizeof(emailaddr)-1] = 0; /* clean it up (lowercase, space removal) */ - emailstrclean(emailaddr); + if(tolower) + emailstrclean(emailaddr); if(ps_global->smime->publictype == Keychain){ #ifdef APPLEKEYCHAIN @@ -1052,7 +1053,7 @@ mem_to_personal_certs(char *contents) if(strncmp(EMAILADDRLEADER, line, strlen(EMAILADDRLEADER)) == 0){ name = line + strlen(EMAILADDRLEADER); - cert = get_cert_for(name, Public); + cert = get_cert_for(name, Public, 1); keytext = p; /* advance p past this record */ diff --git a/pith/smkeys.h b/pith/smkeys.h index e7dbe396..0a2b0065 100644 --- a/pith/smkeys.h +++ b/pith/smkeys.h @@ -51,7 +51,7 @@ typedef struct personal_cert { int add_certs_in_dir(X509_LOOKUP *lookup, char *path, char *ext, CertList **cdata); X509_STORE *get_ca_store(void); PERSONAL_CERT *get_personal_certs(char *d); -X509 *get_cert_for(char *email, WhichCerts ctype); +X509 *get_cert_for(char *email, WhichCerts ctype, int tolower); void save_cert_for(char *email, X509 *cert, WhichCerts ctype); char **get_x509_subject_email(X509 *x); EVP_PKEY *load_key(PERSONAL_CERT *pc, char *pass, int flag); |