summaryrefslogtreecommitdiff
path: root/pith
diff options
context:
space:
mode:
Diffstat (limited to 'pith')
-rw-r--r--pith/folder.c11
-rw-r--r--pith/folder.h1
-rw-r--r--pith/mailcmd.c30
-rw-r--r--pith/pine.hlp2
-rw-r--r--pith/send.c5
-rw-r--r--pith/smime.c159
-rw-r--r--pith/stream.c5
7 files changed, 127 insertions, 86 deletions
diff --git a/pith/folder.c b/pith/folder.c
index 037bf1ba..da0ea6d5 100644
--- a/pith/folder.c
+++ b/pith/folder.c
@@ -1410,6 +1410,17 @@ unsigned char *folder_name_decoded(unsigned char *mailbox)
return s;
}
+/* mutf7 encoded name of a folder, from its name in utf8.
+ * memory freed by caller.
+ */
+unsigned char *folder_name_encoded(unsigned char *mailbox)
+{
+ unsigned char *s;
+ s = (char *) utf8_to_mutf7(mailbox);
+ if (s == NULL) s = cpystr(mailbox);
+ return s;
+}
+
int
mail_list_in_collection(char **mailbox, char *ref, char *name, char *tail)
{
diff --git a/pith/folder.h b/pith/folder.h
index 6c9f7adf..e3bc30f1 100644
--- a/pith/folder.h
+++ b/pith/folder.h
@@ -130,5 +130,6 @@ void refresh_folder_list(CONTEXT_S *, int, int, MAILSTREAM **);
int folder_complete_internal(CONTEXT_S *, char *, size_t, int *, int);
void folder_delete(int, FLIST *);
unsigned char *folder_name_decoded(unsigned char *);
+unsigned char *folder_name_encoded(unsigned char *);
#endif /* PITH_FOLDER_INCLUDED */
diff --git a/pith/mailcmd.c b/pith/mailcmd.c
index 73be580c..ad3e409e 100644
--- a/pith/mailcmd.c
+++ b/pith/mailcmd.c
@@ -755,7 +755,7 @@ do_broach_folder(char *newfolder, CONTEXT_S *new_context, MAILSTREAM **streamp,
snprintf(status_msg, sizeof(status_msg), "%sOpening \"", do_reopen ? "Re-" : "");
fname = folder_name_decoded((unsigned char *)newfolder);
- strncat(status_msg, pretty_fn(fname ? (char*) fname : newfolder),
+ strncat(status_msg, pretty_fn(fname ? (char *) fname : newfolder),
sizeof(status_msg)-strlen(status_msg) - 2);
if(fname) fs_give((void **)&fname);
status_msg[sizeof(status_msg)-2] = '\0';
@@ -1469,8 +1469,11 @@ expunge_and_close(MAILSTREAM *stream, char **final_msg, long unsigned int flags)
&& context_isambig(folder))){
ret = 'y';
}
- else if(pith_opt_expunge_prompt)
- ret = (*pith_opt_expunge_prompt)(stream, pretty_fn(folder), delete_count);
+ else if(pith_opt_expunge_prompt){
+ unsigned char *fname = folder_name_decoded((unsigned char *)folder);
+ ret = (*pith_opt_expunge_prompt)(stream, pretty_fn((char *)fname), delete_count);
+ if(fname) fs_give((void **) &fname);
+ }
/* get this message back in queue */
if(moved_msg)
@@ -1479,6 +1482,7 @@ expunge_and_close(MAILSTREAM *stream, char **final_msg, long unsigned int flags)
if(ret == 'y'){
long filtered;
+ unsigned char *fname = folder_name_decoded((unsigned char *)folder);
filtered = any_lflagged(sp_msgmap(stream), MN_EXLD);
@@ -1487,13 +1491,14 @@ expunge_and_close(MAILSTREAM *stream, char **final_msg, long unsigned int flags)
no_close ? "" : "Clos",
no_close ? "" : ing,
no_close ? "" : " \"",
- no_close ? "" : pretty_fn(folder),
+ no_close ? "" : pretty_fn((char *)fname),
no_close ? "" : "\". ",
final_msg ? "Kept" : "Keeping",
comatose(stream->nmsgs - filtered - delete_count),
plural(stream->nmsgs - filtered - delete_count),
ing,
long2string(delete_count));
+ if(fname) fs_give((void **)&fname);
if(final_msg)
*final_msg = cpystr(buff2);
else
@@ -1566,11 +1571,12 @@ expunge_and_close(MAILSTREAM *stream, char **final_msg, long unsigned int flags)
}
if(!no_close){
+ unsigned char *fname = folder_name_decoded((unsigned char *)folder);
if(stream->nmsgs){
snprintf(buff2, sizeof(buff2),
"Clos%s folder \"%.*s\". %s%s%s message%s.",
ing,
- sizeof(buff2)-50, pretty_fn(folder),
+ sizeof(buff2)-50, pretty_fn((char *) fname),
final_msg ? "Kept" : "Keeping",
(stream->nmsgs == 1L) ? " single" : " all ",
(stream->nmsgs > 1L)
@@ -1579,8 +1585,9 @@ expunge_and_close(MAILSTREAM *stream, char **final_msg, long unsigned int flags)
}
else{
snprintf(buff2, sizeof(buff2), "Clos%s empty folder \"%.*s\"",
- ing, sizeof(buff2)-50, pretty_fn(folder));
+ ing, sizeof(buff2)-50, pretty_fn((char *) fname));
}
+ if(fname) fs_give((void **)&fname);
if(final_msg)
*final_msg = cpystr(buff2);
@@ -1626,7 +1633,9 @@ expunge_and_close(MAILSTREAM *stream, char **final_msg, long unsigned int flags)
delete_count++;
if(delete_count && pith_opt_expunge_prompt){
- ret = (*pith_opt_expunge_prompt)(stream, pretty_fn(folder), delete_count);
+ unsigned char *fname = folder_name_decoded((unsigned char *)folder);
+ ret = (*pith_opt_expunge_prompt)(stream, pretty_fn((char *) fname), delete_count);
+ if(fname) fs_give((void **)&fname);
if(ret == 'y'){
char seq[64];
@@ -1639,10 +1648,13 @@ expunge_and_close(MAILSTREAM *stream, char **final_msg, long unsigned int flags)
if(F_ON(F_NEWS_CROSS_DELETE, ps_global))
cross_delete_crossposts(stream);
}
- else
+ else{
+ unsigned char *fname = folder_name_decoded((unsigned char *)folder);
snprintf(buff2, sizeof(buff2),
"Clos%s read-only folder \"%.*s\". No changes to save",
- ing, sizeof(buff2)-60, pretty_fn(folder));
+ ing, sizeof(buff2)-60, pretty_fn((char *) fname));
+ if(fname) fs_give((void **)&fname);
+ }
if(final_msg)
*final_msg = cpystr(buff2);
diff --git a/pith/pine.hlp b/pith/pine.hlp
index b2ac8b16..4cca9be0 100644
--- a/pith/pine.hlp
+++ b/pith/pine.hlp
@@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any
reasonable place to be called from.
Dummy change to get revision in pine.hlp
============= h_revision =================
-Alpine Commit 44 2014-02-09 21:12:14
+Alpine Commit 45 2014-02-15 22:27:53
============= h_news =================
<HTML>
<HEAD>
diff --git a/pith/send.c b/pith/send.c
index 4af84ebe..3f21f1f3 100644
--- a/pith/send.c
+++ b/pith/send.c
@@ -4287,6 +4287,11 @@ pine_rfc822_output_body(struct mail_bodystruct *body, soutr_t f, void *s)
/* output trailing cookie */
snprintf (t = tmp, sizeof(tmp), "--%s--",cookie);
tmp[sizeof(tmp)-1] = '\0';
+#ifdef SMIME
+ if(ps_global->smime && ps_global->smime->do_sign
+ && strlen(tmp) < sizeof(tmp)-2)
+ strncat(tmp, "\r\n", 2);
+#endif
if(lmc.so && !lmc.all_written){
so_puts(lmc.so, t);
so_puts(lmc.so, "\015\012");
diff --git a/pith/smime.c b/pith/smime.c
index e34cfb6b..8d7bbd27 100644
--- a/pith/smime.c
+++ b/pith/smime.c
@@ -56,7 +56,6 @@ static int app_RAND_write_file(const char *file);
static void smime_init(void);
static const char *openssl_error_string(void);
static void create_local_cache(char *base, BODY *b);
-static BIO *raw_part_to_bio(long msgno, const char *section);
static long rfc822_output_func(void *b, char *string);
static int load_private_key(PERSONAL_CERT *pcert);
static void setup_pkcs7_body_for_signature(BODY *b, char *description,
@@ -1469,50 +1468,6 @@ end:
/*
- * Plonk the contents (mime headers and body) of the given
- * section of a message to a BIO_s_mem BIO object.
- */
-static BIO *
-raw_part_to_bio(long msgno, const char *section)
-{
- unsigned long len;
- char *text;
- BIO *bio;
-
- bio = BIO_new(BIO_s_mem());
-
- if(bio){
-
- (void) BIO_reset(bio);
-
- /* First grab headers of the chap */
- text = mail_fetch_mime(ps_global->mail_stream, msgno, (char*) section, &len, 0);
-
- if(text){
- BIO_write(bio, text, len);
-
- /** Now grab actual body */
- text = mail_fetch_body (ps_global->mail_stream, msgno, (char*) section, &len, 0);
- if(text){
- BIO_write(bio, text, len);
- }
- else{
- BIO_free(bio);
- bio = NULL;
- }
-
- }
- else{
- BIO_free(bio);
- bio = NULL;
- }
- }
-
- return bio;
-}
-
-
-/*
Get (and decode) the body of the given section of msg
*/
static STORE_S*
@@ -1684,6 +1639,40 @@ free_smime_body_sparep(void **sparep)
}
}
+/* Big comment, explaining the mess that exists out there
+
+ When Alpine sends a message, it constructs that message, computes the
+ signature, but then it forgets the message it signed and reconstructs it
+ again. Since it signs a message containing a notice about "mime aware
+ tools", but it does not send that we do not include that in the part that
+ is signed, and that takes care of much of the problems.
+
+ Another problem is what is received from the servers. All servers tested
+ seem to transmit the message that was signed intact and Alpine can check
+ the signature correctly. That is not a problem. The problem arises when
+ the message includes attachments. In this case different servers send
+ different things, so it will be up to us to figure out what is the text
+ that was actually signed. Confused? here is the story:
+
+ When a message containing and attachment is sent by Alpine, UW-IMAP,
+ Panda-IMAP, Gmail, and local reading of folders send exactly the message
+ that was sent by Alpine, but GMX.com, Exchange, and probably other servers
+ add a trailing \r\n in the message, so when validating the signature,
+ these messages will not validate. There are several things that can be
+ done.
+
+ 1. Add a trailing \r\n to any message that contains attachments, sign that
+ and send that. In this way, all messages will validate with all
+ servers.
+
+ 2. Compatibility mode: If a message has an attachment, contains a trailing
+ \r\n and does not validate (sent by an earlier version of Alpine),
+ remove the trailing \r\n and try to revalidate again.
+
+ 3. We do not add \r\n to validate a message that we sent, because that
+ would only work in Alpine, and not in any other client. That would not
+ be a good thing to do.
+ */
/*
* Given a multipart body of type multipart/signed, attempt to verify it.
@@ -1696,55 +1685,77 @@ do_detached_signature_verify(BODY *b, long msgno, char *section)
BIO *in = NULL;
PART *p;
int result, modified_the_body = 0;
- char newSec[100];
+ unsigned long mimelen, bodylen;
+ char newSec[100], *mimetext, *bodytext;
char *what_we_did;
dprint((9, "do_detached_signature_verify(msgno=%ld type=%d subtype=%s section=%s)", msgno, b->type, b->subtype ? b->subtype : "NULL", (section && *section) ? section : (section != NULL) ? "Top" : "NULL"));
smime_init();
snprintf(newSec, sizeof(newSec), "%s%s1", section ? section : "", (section && *section) ? "." : "");
- in = raw_part_to_bio(msgno, newSec);
- if(in){
+ mimetext = mail_fetch_mime(ps_global->mail_stream, msgno, (char*) newSec, &mimelen, 0);
- snprintf(newSec, sizeof(newSec), "%s%s2", section ? section : "", (section && *section) ? "." : "");
- p7 = get_pkcs7_from_part(msgno, newSec);
+ if(mimetext)
+ bodytext = mail_fetch_body (ps_global->mail_stream, msgno, (char*) newSec, &bodylen, 0);
- if(!p7)
- goto end;
+ if (mimetext == NULL || bodytext == NULL)
+ return modified_the_body;
- result = do_signature_verify(p7, in, NULL);
+ snprintf(newSec, sizeof(newSec), "%s%s2", section ? section : "", (section && *section) ? "." : "");
- if(b->subtype)
- fs_give((void**) &b->subtype);
+ if((p7 = get_pkcs7_from_part(msgno, newSec)) == NULL)
+ return modified_the_body;
- b->subtype = cpystr(OUR_PKCS7_ENCLOSURE_SUBTYPE);
- b->encoding = ENC8BIT;
+ /* first try with what get got */
+ if((in = BIO_new(BIO_s_mem())) == NULL)
+ return modified_the_body;
- if(b->description)
- fs_give ((void**) &b->description);
+ (void) BIO_reset(in);
+ BIO_write(in, mimetext, mimelen);
+ BIO_write(in, bodytext, bodylen);
- what_we_did = result ? _("This message was cryptographically signed.") :
- _("This message was cryptographically signed but the signature could not be verified.");
+ /* Try compatibility with the past and check if this message
+ validates when we remove the last two characters
+ */
+ if(((result = do_signature_verify(p7, in, NULL)) == 0)
+ && bodylen > 2
+ && (strncmp(bodytext+bodylen-2,"\r\n", 2) == 0)){
+ BIO_free(in);
+ if((in = BIO_new(BIO_s_mem())) == NULL)
+ return modified_the_body;
- b->description = cpystr(what_we_did);
+ (void) BIO_reset(in);
+ BIO_write(in, mimetext, mimelen);
+ BIO_write(in, bodytext, bodylen-2);
- b->sparep = p7;
- p7 = NULL;
+ result = do_signature_verify(p7, in, NULL);
+ }
- p = b->nested.part;
-
- /* p is signed plaintext */
- if(p && p->next)
- mail_free_body_part(&p->next); /* hide the pkcs7 from the viewer */
+ BIO_free(in);
+ if(b->subtype)
+ fs_give((void**) &b->subtype);
- BIO_free(in);
+ b->subtype = cpystr(OUR_PKCS7_ENCLOSURE_SUBTYPE);
+ b->encoding = ENC8BIT;
- modified_the_body = 1;
- }
+ if(b->description)
+ fs_give ((void**) &b->description);
-end:
- PKCS7_free(p7);
+ what_we_did = result ? _("This message was cryptographically signed.") :
+ _("This message was cryptographically signed but the signature could not be verified.");
+
+ b->description = cpystr(what_we_did);
+
+ b->sparep = p7;
+
+ p = b->nested.part;
+
+ /* p is signed plaintext */
+ if(p && p->next)
+ mail_free_body_part(&p->next); /* hide the pkcs7 from the viewer */
+
+ modified_the_body = 1;
return modified_the_body;
}
diff --git a/pith/stream.c b/pith/stream.c
index e96e6089..5201a440 100644
--- a/pith/stream.c
+++ b/pith/stream.c
@@ -3264,7 +3264,7 @@ streams_died(void)
int rv = 0;
int i;
MAILSTREAM *m;
- char *folder;
+ unsigned char *folder;
for(i = 0; i < ps_global->s_pool.nstream; i++){
m = ps_global->s_pool.streams[i];
@@ -3273,7 +3273,7 @@ streams_died(void)
if(!sp_noticed_dead_stream(m)){
rv++;
sp_set_noticed_dead_stream(m, 1);
- folder = STREAMNAME(m);
+ folder = folder_name_decoded((unsigned char *)STREAMNAME(m));
q_status_message1(SM_ORDER | SM_DING, 3, 3,
_("MAIL FOLDER \"%s\" CLOSED DUE TO ACCESS ERROR"),
short_str(pretty_fn(folder) ? pretty_fn(folder) : "?",
@@ -3287,6 +3287,7 @@ streams_died(void)
if(pith_opt_icon_text)
(*pith_opt_icon_text)(tmp_20k_buf, IT_MCLOSED);
}
+ if(folder) fs_give((void **)&folder);
}
}
else{