diff options
author | Eduardo Chappa <chappa@washington.edu> | 2014-02-15 22:27:58 -0700 |
---|---|---|
committer | Eduardo Chappa <chappa@washington.edu> | 2014-02-15 22:27:58 -0700 |
commit | aa7d9f18ca61e2fb1998bcaedee9ecdfa93a0728 (patch) | |
tree | 72bee5a33580c59500d71f0fd324a0523deea4a0 /pith | |
parent | 4a1cb9fd5554ef858945894a4dbe36e55f965934 (diff) | |
download | alpine-aa7d9f18ca61e2fb1998bcaedee9ecdfa93a0728.tar.xz |
* Fixes to documentation to update old washington.edu/alpine site
for patches.freeiz.com/alpine/. Work in progress.
* prototype function tigetstr in pico/osdep/terminal.c
* folders encoded in modified utf7 are transformed their names to a human
readable utf8.
* New attempt to fix smime support in Alpine. Messages sent by alpine
with or without attachments should validate in all servers and in
all folder formats.
Diffstat (limited to 'pith')
-rw-r--r-- | pith/folder.c | 11 | ||||
-rw-r--r-- | pith/folder.h | 1 | ||||
-rw-r--r-- | pith/mailcmd.c | 30 | ||||
-rw-r--r-- | pith/pine.hlp | 2 | ||||
-rw-r--r-- | pith/send.c | 5 | ||||
-rw-r--r-- | pith/smime.c | 159 | ||||
-rw-r--r-- | pith/stream.c | 5 |
7 files changed, 127 insertions, 86 deletions
diff --git a/pith/folder.c b/pith/folder.c index 037bf1ba..da0ea6d5 100644 --- a/pith/folder.c +++ b/pith/folder.c @@ -1410,6 +1410,17 @@ unsigned char *folder_name_decoded(unsigned char *mailbox) return s; } +/* mutf7 encoded name of a folder, from its name in utf8. + * memory freed by caller. + */ +unsigned char *folder_name_encoded(unsigned char *mailbox) +{ + unsigned char *s; + s = (char *) utf8_to_mutf7(mailbox); + if (s == NULL) s = cpystr(mailbox); + return s; +} + int mail_list_in_collection(char **mailbox, char *ref, char *name, char *tail) { diff --git a/pith/folder.h b/pith/folder.h index 6c9f7adf..e3bc30f1 100644 --- a/pith/folder.h +++ b/pith/folder.h @@ -130,5 +130,6 @@ void refresh_folder_list(CONTEXT_S *, int, int, MAILSTREAM **); int folder_complete_internal(CONTEXT_S *, char *, size_t, int *, int); void folder_delete(int, FLIST *); unsigned char *folder_name_decoded(unsigned char *); +unsigned char *folder_name_encoded(unsigned char *); #endif /* PITH_FOLDER_INCLUDED */ diff --git a/pith/mailcmd.c b/pith/mailcmd.c index 73be580c..ad3e409e 100644 --- a/pith/mailcmd.c +++ b/pith/mailcmd.c @@ -755,7 +755,7 @@ do_broach_folder(char *newfolder, CONTEXT_S *new_context, MAILSTREAM **streamp, snprintf(status_msg, sizeof(status_msg), "%sOpening \"", do_reopen ? "Re-" : ""); fname = folder_name_decoded((unsigned char *)newfolder); - strncat(status_msg, pretty_fn(fname ? (char*) fname : newfolder), + strncat(status_msg, pretty_fn(fname ? (char *) fname : newfolder), sizeof(status_msg)-strlen(status_msg) - 2); if(fname) fs_give((void **)&fname); status_msg[sizeof(status_msg)-2] = '\0'; @@ -1469,8 +1469,11 @@ expunge_and_close(MAILSTREAM *stream, char **final_msg, long unsigned int flags) && context_isambig(folder))){ ret = 'y'; } - else if(pith_opt_expunge_prompt) - ret = (*pith_opt_expunge_prompt)(stream, pretty_fn(folder), delete_count); + else if(pith_opt_expunge_prompt){ + unsigned char *fname = folder_name_decoded((unsigned char *)folder); + ret = (*pith_opt_expunge_prompt)(stream, pretty_fn((char *)fname), delete_count); + if(fname) fs_give((void **) &fname); + } /* get this message back in queue */ if(moved_msg) @@ -1479,6 +1482,7 @@ expunge_and_close(MAILSTREAM *stream, char **final_msg, long unsigned int flags) if(ret == 'y'){ long filtered; + unsigned char *fname = folder_name_decoded((unsigned char *)folder); filtered = any_lflagged(sp_msgmap(stream), MN_EXLD); @@ -1487,13 +1491,14 @@ expunge_and_close(MAILSTREAM *stream, char **final_msg, long unsigned int flags) no_close ? "" : "Clos", no_close ? "" : ing, no_close ? "" : " \"", - no_close ? "" : pretty_fn(folder), + no_close ? "" : pretty_fn((char *)fname), no_close ? "" : "\". ", final_msg ? "Kept" : "Keeping", comatose(stream->nmsgs - filtered - delete_count), plural(stream->nmsgs - filtered - delete_count), ing, long2string(delete_count)); + if(fname) fs_give((void **)&fname); if(final_msg) *final_msg = cpystr(buff2); else @@ -1566,11 +1571,12 @@ expunge_and_close(MAILSTREAM *stream, char **final_msg, long unsigned int flags) } if(!no_close){ + unsigned char *fname = folder_name_decoded((unsigned char *)folder); if(stream->nmsgs){ snprintf(buff2, sizeof(buff2), "Clos%s folder \"%.*s\". %s%s%s message%s.", ing, - sizeof(buff2)-50, pretty_fn(folder), + sizeof(buff2)-50, pretty_fn((char *) fname), final_msg ? "Kept" : "Keeping", (stream->nmsgs == 1L) ? " single" : " all ", (stream->nmsgs > 1L) @@ -1579,8 +1585,9 @@ expunge_and_close(MAILSTREAM *stream, char **final_msg, long unsigned int flags) } else{ snprintf(buff2, sizeof(buff2), "Clos%s empty folder \"%.*s\"", - ing, sizeof(buff2)-50, pretty_fn(folder)); + ing, sizeof(buff2)-50, pretty_fn((char *) fname)); } + if(fname) fs_give((void **)&fname); if(final_msg) *final_msg = cpystr(buff2); @@ -1626,7 +1633,9 @@ expunge_and_close(MAILSTREAM *stream, char **final_msg, long unsigned int flags) delete_count++; if(delete_count && pith_opt_expunge_prompt){ - ret = (*pith_opt_expunge_prompt)(stream, pretty_fn(folder), delete_count); + unsigned char *fname = folder_name_decoded((unsigned char *)folder); + ret = (*pith_opt_expunge_prompt)(stream, pretty_fn((char *) fname), delete_count); + if(fname) fs_give((void **)&fname); if(ret == 'y'){ char seq[64]; @@ -1639,10 +1648,13 @@ expunge_and_close(MAILSTREAM *stream, char **final_msg, long unsigned int flags) if(F_ON(F_NEWS_CROSS_DELETE, ps_global)) cross_delete_crossposts(stream); } - else + else{ + unsigned char *fname = folder_name_decoded((unsigned char *)folder); snprintf(buff2, sizeof(buff2), "Clos%s read-only folder \"%.*s\". No changes to save", - ing, sizeof(buff2)-60, pretty_fn(folder)); + ing, sizeof(buff2)-60, pretty_fn((char *) fname)); + if(fname) fs_give((void **)&fname); + } if(final_msg) *final_msg = cpystr(buff2); diff --git a/pith/pine.hlp b/pith/pine.hlp index b2ac8b16..4cca9be0 100644 --- a/pith/pine.hlp +++ b/pith/pine.hlp @@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any reasonable place to be called from. Dummy change to get revision in pine.hlp ============= h_revision ================= -Alpine Commit 44 2014-02-09 21:12:14 +Alpine Commit 45 2014-02-15 22:27:53 ============= h_news ================= <HTML> <HEAD> diff --git a/pith/send.c b/pith/send.c index 4af84ebe..3f21f1f3 100644 --- a/pith/send.c +++ b/pith/send.c @@ -4287,6 +4287,11 @@ pine_rfc822_output_body(struct mail_bodystruct *body, soutr_t f, void *s) /* output trailing cookie */ snprintf (t = tmp, sizeof(tmp), "--%s--",cookie); tmp[sizeof(tmp)-1] = '\0'; +#ifdef SMIME + if(ps_global->smime && ps_global->smime->do_sign + && strlen(tmp) < sizeof(tmp)-2) + strncat(tmp, "\r\n", 2); +#endif if(lmc.so && !lmc.all_written){ so_puts(lmc.so, t); so_puts(lmc.so, "\015\012"); diff --git a/pith/smime.c b/pith/smime.c index e34cfb6b..8d7bbd27 100644 --- a/pith/smime.c +++ b/pith/smime.c @@ -56,7 +56,6 @@ static int app_RAND_write_file(const char *file); static void smime_init(void); static const char *openssl_error_string(void); static void create_local_cache(char *base, BODY *b); -static BIO *raw_part_to_bio(long msgno, const char *section); static long rfc822_output_func(void *b, char *string); static int load_private_key(PERSONAL_CERT *pcert); static void setup_pkcs7_body_for_signature(BODY *b, char *description, @@ -1469,50 +1468,6 @@ end: /* - * Plonk the contents (mime headers and body) of the given - * section of a message to a BIO_s_mem BIO object. - */ -static BIO * -raw_part_to_bio(long msgno, const char *section) -{ - unsigned long len; - char *text; - BIO *bio; - - bio = BIO_new(BIO_s_mem()); - - if(bio){ - - (void) BIO_reset(bio); - - /* First grab headers of the chap */ - text = mail_fetch_mime(ps_global->mail_stream, msgno, (char*) section, &len, 0); - - if(text){ - BIO_write(bio, text, len); - - /** Now grab actual body */ - text = mail_fetch_body (ps_global->mail_stream, msgno, (char*) section, &len, 0); - if(text){ - BIO_write(bio, text, len); - } - else{ - BIO_free(bio); - bio = NULL; - } - - } - else{ - BIO_free(bio); - bio = NULL; - } - } - - return bio; -} - - -/* Get (and decode) the body of the given section of msg */ static STORE_S* @@ -1684,6 +1639,40 @@ free_smime_body_sparep(void **sparep) } } +/* Big comment, explaining the mess that exists out there + + When Alpine sends a message, it constructs that message, computes the + signature, but then it forgets the message it signed and reconstructs it + again. Since it signs a message containing a notice about "mime aware + tools", but it does not send that we do not include that in the part that + is signed, and that takes care of much of the problems. + + Another problem is what is received from the servers. All servers tested + seem to transmit the message that was signed intact and Alpine can check + the signature correctly. That is not a problem. The problem arises when + the message includes attachments. In this case different servers send + different things, so it will be up to us to figure out what is the text + that was actually signed. Confused? here is the story: + + When a message containing and attachment is sent by Alpine, UW-IMAP, + Panda-IMAP, Gmail, and local reading of folders send exactly the message + that was sent by Alpine, but GMX.com, Exchange, and probably other servers + add a trailing \r\n in the message, so when validating the signature, + these messages will not validate. There are several things that can be + done. + + 1. Add a trailing \r\n to any message that contains attachments, sign that + and send that. In this way, all messages will validate with all + servers. + + 2. Compatibility mode: If a message has an attachment, contains a trailing + \r\n and does not validate (sent by an earlier version of Alpine), + remove the trailing \r\n and try to revalidate again. + + 3. We do not add \r\n to validate a message that we sent, because that + would only work in Alpine, and not in any other client. That would not + be a good thing to do. + */ /* * Given a multipart body of type multipart/signed, attempt to verify it. @@ -1696,55 +1685,77 @@ do_detached_signature_verify(BODY *b, long msgno, char *section) BIO *in = NULL; PART *p; int result, modified_the_body = 0; - char newSec[100]; + unsigned long mimelen, bodylen; + char newSec[100], *mimetext, *bodytext; char *what_we_did; dprint((9, "do_detached_signature_verify(msgno=%ld type=%d subtype=%s section=%s)", msgno, b->type, b->subtype ? b->subtype : "NULL", (section && *section) ? section : (section != NULL) ? "Top" : "NULL")); smime_init(); snprintf(newSec, sizeof(newSec), "%s%s1", section ? section : "", (section && *section) ? "." : ""); - in = raw_part_to_bio(msgno, newSec); - if(in){ + mimetext = mail_fetch_mime(ps_global->mail_stream, msgno, (char*) newSec, &mimelen, 0); - snprintf(newSec, sizeof(newSec), "%s%s2", section ? section : "", (section && *section) ? "." : ""); - p7 = get_pkcs7_from_part(msgno, newSec); + if(mimetext) + bodytext = mail_fetch_body (ps_global->mail_stream, msgno, (char*) newSec, &bodylen, 0); - if(!p7) - goto end; + if (mimetext == NULL || bodytext == NULL) + return modified_the_body; - result = do_signature_verify(p7, in, NULL); + snprintf(newSec, sizeof(newSec), "%s%s2", section ? section : "", (section && *section) ? "." : ""); - if(b->subtype) - fs_give((void**) &b->subtype); + if((p7 = get_pkcs7_from_part(msgno, newSec)) == NULL) + return modified_the_body; - b->subtype = cpystr(OUR_PKCS7_ENCLOSURE_SUBTYPE); - b->encoding = ENC8BIT; + /* first try with what get got */ + if((in = BIO_new(BIO_s_mem())) == NULL) + return modified_the_body; - if(b->description) - fs_give ((void**) &b->description); + (void) BIO_reset(in); + BIO_write(in, mimetext, mimelen); + BIO_write(in, bodytext, bodylen); - what_we_did = result ? _("This message was cryptographically signed.") : - _("This message was cryptographically signed but the signature could not be verified."); + /* Try compatibility with the past and check if this message + validates when we remove the last two characters + */ + if(((result = do_signature_verify(p7, in, NULL)) == 0) + && bodylen > 2 + && (strncmp(bodytext+bodylen-2,"\r\n", 2) == 0)){ + BIO_free(in); + if((in = BIO_new(BIO_s_mem())) == NULL) + return modified_the_body; - b->description = cpystr(what_we_did); + (void) BIO_reset(in); + BIO_write(in, mimetext, mimelen); + BIO_write(in, bodytext, bodylen-2); - b->sparep = p7; - p7 = NULL; + result = do_signature_verify(p7, in, NULL); + } - p = b->nested.part; - - /* p is signed plaintext */ - if(p && p->next) - mail_free_body_part(&p->next); /* hide the pkcs7 from the viewer */ + BIO_free(in); + if(b->subtype) + fs_give((void**) &b->subtype); - BIO_free(in); + b->subtype = cpystr(OUR_PKCS7_ENCLOSURE_SUBTYPE); + b->encoding = ENC8BIT; - modified_the_body = 1; - } + if(b->description) + fs_give ((void**) &b->description); -end: - PKCS7_free(p7); + what_we_did = result ? _("This message was cryptographically signed.") : + _("This message was cryptographically signed but the signature could not be verified."); + + b->description = cpystr(what_we_did); + + b->sparep = p7; + + p = b->nested.part; + + /* p is signed plaintext */ + if(p && p->next) + mail_free_body_part(&p->next); /* hide the pkcs7 from the viewer */ + + modified_the_body = 1; return modified_the_body; } diff --git a/pith/stream.c b/pith/stream.c index e96e6089..5201a440 100644 --- a/pith/stream.c +++ b/pith/stream.c @@ -3264,7 +3264,7 @@ streams_died(void) int rv = 0; int i; MAILSTREAM *m; - char *folder; + unsigned char *folder; for(i = 0; i < ps_global->s_pool.nstream; i++){ m = ps_global->s_pool.streams[i]; @@ -3273,7 +3273,7 @@ streams_died(void) if(!sp_noticed_dead_stream(m)){ rv++; sp_set_noticed_dead_stream(m, 1); - folder = STREAMNAME(m); + folder = folder_name_decoded((unsigned char *)STREAMNAME(m)); q_status_message1(SM_ORDER | SM_DING, 3, 3, _("MAIL FOLDER \"%s\" CLOSED DUE TO ACCESS ERROR"), short_str(pretty_fn(folder) ? pretty_fn(folder) : "?", @@ -3287,6 +3287,7 @@ streams_died(void) if(pith_opt_icon_text) (*pith_opt_icon_text)(tmp_20k_buf, IT_MCLOSED); } + if(folder) fs_give((void **)&folder); } } else{ |