| Age | Commit message (Collapse) | Author |
|---|
|
|
|
password file is not unlocked by cancellation, or the authentication
for an XOAUTH2 server is cancelled, or the password of an account is
changed.
|
|
are lost.
|
|
and the local password cache (password file or system local cache.)
|
|
|
|
non-authenticated state which could lead to denial of service.
Reported by Damian Poddebniak from Münster University of Applied
Sciences.
|
|
this commit fixes that.
|
|
have a delay when cancelling authentication.
|
|
within 60 seconds of expiration of the access token.
|
|
to login. Reported by Frank Tobin.
|
|
using /tls
on an insecure connection. However, if the connection is PREAUTH, Alpine
will not upgrade the connection to a secure connection, because a client
must not issue a STARTTLS to a server that supports it in authenticated
state. This makes Alpine continue to use an insecure connection with the
server, exposing user data. Reported by Damian Poddebniak and Fabian
Ising, from Münster University of Applied Sciences.
|
|
|
|
/starttls instead of /tls. This should cause less confusion in Alpine users
in the future.
|
|
|
|
even though we do not report the full command used.
|
|
protocols (SMTP, NNTP, POP3) as some SMTP servers do not support a
round-trip two step authentication. For example, davmail does not
support PLAIN authentication in SMTP using the challenge-response
scheme. Implemented after a report by Geoffrey Bodwin.
|
|
Alexander Perlis for suggesting it and explaining how the method works.
|
|
fixed those that belong to the source code of Alpine and do not come
from an external source. List contributed by Jens Schleusener.
|
|
Gmail.
|
|
a. Add a new variable: encryption-protocol-range, which can be
used to specify the minimum and maximum versions of the TLS
protocol that Alpine will attempt to use to encrypt its
communication with the server.
b. Add support for the Server Name Identification (SNI) extension
needed for TLSv1.3.
c. Remove the DTLS code. It was not being used.
|
|
when added support for internationalization in folders. Based on a
report by Michael Rutter.
|
|
server. Based on a report by Stefan in the Alpine-info mailing
list.
|
|
LibreSSL in connecting to external servers. This complements the
changes to support S/MIME. In particular, we add support for
validation of certificates by using C:\\libressl\ssl\certs as the
place to save CA certificates. In order to help users, some
certificates are distributed. TODO: Kerberos port, w2k.
|
|
|
|
servers that implement the X-GM-EXT-1 capability (such as the one
offered by Gmail.) This allows users to do selection in Alpine as if
they were doing a search in the web interface for Gmail.
|
|
command. The Exchange server adds a white space (US-ASCII 32)
at the end of the reply to a STATUS command, making the parser
fail, and ignoring the reply of the STATUS command.
|
|
|
|
|
|
* Add command line argument -smimedir, which allows to specify
the default path for a directory that contains the public, private,
and ca directories. This is useful in case a user has a backup of
old certificates that cannot be installed in the ~/.alpine-smime
dir.
* Update to alpine man page to include documentation on missing command
line options such as -nowrite_password_cache, -passfile, -pwdcertdir,
and -smimedir.
* Various changes in the code to quell some compiler issued warnings in
Mac OSX. Reported by Joe St Sauver. This includes the removing
deprecated ldap functions from the code and the test in the configure
script. The switch to not deprecated functions is done by the use of
the belvar structure, which is not completely appropriate for what we
are doing, but it is sufficient for our needs. The berval structure
is more appropriate for binary data, but it works well with string
data, which is what we need.
* Various changes in the code to quell some warnings issued by clang
3.5.
|
|
* check bounds and tie strings off to improve security. Contributed by
James Jerkins.
* Alpine crashed when a user attempted to add a folder collection, due
to bug in GET_NAMESPACE in imap4r1.c.
|
|
* Upgrade UW-IMAP to Panda IMAP from https://github.com/jonabbey/panda-imap.
* Replace tabs by spaces in From and Subject fields to control for size in
screen of these fields. Change only in index screen display.
|
|
* Fix in configure script for recognition of SSL files in Ubuntu 12.04
* Alpine does not attempt to automatically reopen a collection that
was not opened due to cancellation by the user. Instead, the user
must try to open it explicitly.
* few improvements on new /tls1, /tls1_1, etc. options.
|
|
* Add /tls1, /tls1_1, /tls1_2 and /dtls1 to the definition of a
server to use different ways to connect using ssl, for example
{server.com/tls1} will attempt to connect to server.com at the ssl
imap port (port 993) and establish a connection using TLSv1. These
flags can be used in conjunction with the /ssl flag, the ssl flag is
redundant. Conversely, however, the /ssl flag does not imply any of
these flags; the /ssl flag means SSLv3 or, if not available, SSLv2 in
the SSL port.
* WebAlpine: add _GNU_SOURCE to make pubcookie build.
* On my way to make 'make dist' and 'make distcheck' actually work.
|
|
|
|
a url by
a browser.
|
|
|
