summaryrefslogtreecommitdiff
path: root/imap/src/c-client
AgeCommit message (Collapse)Author
2019-10-27 * Fix a bug in commit 418e8bc5789d... which made Alpine ignore a challengeEduardo Chappa
during authentication using CRAM-MD5. The intention was to ignore the challenge in the PLAIN authentication. This made Alpine fail to authenticate when using the CRAM-MD5 authenticator. Reported by Stefan Mueller.
2019-09-01 * Improvements to documentation and behavior of Alpine when users get aEduardo Chappa
non-empty challenge in a smtp server.
2019-08-22 * Ignore extra text in challenge from smtp server during authentication.Eduardo Chappa
2019-08-20 * Improve code that determines the type of encryption that is used accordingEduardo Chappa
to user's request.
2019-07-11 * Alpine crashes when trying to post an article in a newsgroup and theEduardo Chappa
connection is closed while the post is being composed, but later the post is attempted to be sent. In some instances, the stream may be open and closed during this time, but Alpine does not realize the connection was closed and attempts the post without a netstream, producing a crash.
2019-06-22 * New version 2.21.99999 (06/22/2019)Eduardo Chappa
2019-05-08 * Buffer overflow bug on auth_md5.c, where not enough dynamic memoryEduardo Chappa
was being allocated. Based on a report by Erich Eckner.
2019-05-04 * Initial release of XOAUTH2 authentication support in Alpine forEduardo Chappa
Gmail.
2019-02-17 * Rewrite support for specific SSL encryption protocols, includingEduardo Chappa
a. Add a new variable: encryption-protocol-range, which can be used to specify the minimum and maximum versions of the TLS protocol that Alpine will attempt to use to encrypt its communication with the server. b. Add support for the Server Name Identification (SNI) extension needed for TLSv1.3. c. Remove the DTLS code. It was not being used.
2019-02-15 * Restore recognition of empty directories. It was deleted by mistakeEduardo Chappa
when added support for internationalization in folders. Based on a report by Michael Rutter.
2019-02-15 * Add /auth=XYZ to the way to define a server. This allows users toEduardo Chappa
select the method to authenticate to an IMAP, SMTP or POP3 server. Examples are /auth=plain, or /auth=gssapi, etc.
2019-01-26 * Ignore errors coming from errors in parsing the ID from an IMAPEduardo Chappa
server. Based on a report by Stefan in the Alpine-info mailing list.
2018-12-08 * Let the client do a RSET when an error occurs while sending anEduardo Chappa
email via SMTP, but still report the previous error to the client.
2018-12-08 * Alpine would not report an error correctly in the case that there wasEduardo Chappa
a failure using an SMTP server. This was due to c-client sending a RSET command after the failure and Alpine reporting the reply of this command.
2018-09-29 * Add the /tls1_3 modifier to establish connections use the TLS protocolEduardo Chappa
version 1.3.
2018-08-12 * Several changes to the compilation of Alpine in Windows to useEduardo Chappa
LibreSSL in connecting to external servers. This complements the changes to support S/MIME. In particular, we add support for validation of certificates by using C:\\libressl\ssl\certs as the place to save CA certificates. In order to help users, some certificates are distributed. TODO: Kerberos port, w2k.
2018-07-06 * Remap UBOGON from 0xfffd to 0xfff8, since 0xfffd represents a missingEduardo Chappa
character in UTF-8, but 0xfff8 is undefined.
2018-06-14 * More changes to make Valgrind happy.Eduardo Chappa
2018-05-21 * Add the "g" option to the select command that works in IMAPEduardo Chappa
servers that implement the X-GM-EXT-1 capability (such as the one offered by Gmail.) This allows users to do selection in Alpine as if they were doing a search in the web interface for Gmail.
2018-05-13 * More changes to make Valgrind happy. Work in progress.Eduardo Chappa
2018-02-26 * New version 2.21.999Eduardo Chappa
* rewrite of some code in pith/ical.c to make sure function prototypes are correct. * Add a separator line to the calendar entry in case, the calendar is sent as the main body of the message.
2018-01-14 * Change to imap4r1.c to ignore text after a reply to a STATUSEduardo Chappa
command. The Exchange server adds a white space (US-ASCII 32) at the end of the reply to a STATUS command, making the parser fail, and ignoring the reply of the STATUS command.
2017-09-29 * NTLM authentication support with the ntlm library, in Unix systems.Eduardo Chappa
Based on code provided by Maciej W. Rozycki.
2017-03-17 * New version 2.21Eduardo Chappa
2016-11-18 * Remove limit of encoded words in the c-client library, since anyEduardo Chappa
limit makes a search eventually fail for a long enough encoded word.
2016-08-11 * Protect all calls to mail_elt in pith/ and alpine/ code. Protect meansEduardo Chappa
to check for correct range of message number before calling mail_elt. * Work in progress: correct some uses of system calls that do not check for returned value. This work will follow the lead given by Christian Kujau and Asheesh Laroia. Expect more changes of this type in subsequent commits.
2016-06-15 * Add a missing call to fclose in newsrc.c. Reported by DavidEduardo Chappa
Binderman.
2016-02-10 * Add support to c-client of special-use mailboxes for client use.Eduardo Chappa
2016-02-02 * New version 2.20.11Eduardo Chappa
* Update of copyright notice * Update to release notes to indicate support of RFC 2971.
2016-02-01 * Added support for RFC 2971 - IMAP ID extension.Eduardo Chappa
2015-07-26 * Fix compilation error in arg.c when pwdcertdir was being freed, evenEduardo Chappa
though a password file might have not been defined. * Work on reducing the number of warnings in OSX.
2015-07-24 * new version 2.20.9.Eduardo Chappa
* Add command line argument -smimedir, which allows to specify the default path for a directory that contains the public, private, and ca directories. This is useful in case a user has a backup of old certificates that cannot be installed in the ~/.alpine-smime dir. * Update to alpine man page to include documentation on missing command line options such as -nowrite_password_cache, -passfile, -pwdcertdir, and -smimedir. * Various changes in the code to quell some compiler issued warnings in Mac OSX. Reported by Joe St Sauver. This includes the removing deprecated ldap functions from the code and the test in the configure script. The switch to not deprecated functions is done by the use of the belvar structure, which is not completely appropriate for what we are doing, but it is sufficient for our needs. The berval structure is more appropriate for binary data, but it works well with string data, which is what we need. * Various changes in the code to quell some warnings issued by clang 3.5.
2015-04-17NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICEEduardo Chappa
* Call to utf8_parameters was not prototyped. * Call to utf8_parameters did not return NULL when the value to be searched was not defined by that function, causing a crash. Reported and fixed by Dennis Davis.
2015-03-25 * new version 2.20.4Eduardo Chappa
* If the charset of a message can not be determined, use the value set in the "Unknown Character Set" option. * Resizing setup screen will redraw screen. * Unix Alpine only. Experimental: If Alpine/Pico finds a UCS4 code in the width ambiguous zone, it will use other means to determine the width, such as call wcwidth.
2015-01-25 * new version 2.20.1Eduardo Chappa
* Ignore message from smtp server after a successful authentication challenge. * Alpine would not set include and lib paths for OpenSSL if this was installed in /usr/local/ssl. * If the .pinerc file is a symbolic link, Alpine might not write its contents when saving its configuration. * The _INIT_ token does not skip over non-alpha numeric characters in the name. Reported by Andreas Fehr. * If SSLDIR is defined somehow, do not disable S/MIME if the SSLCERTSDIR is not found. * Mismatch in size of UCS and CELL caused a corruption in the content of a pointer, which made the speller in PC-Alpine get the content of a word incorrectly. * Update splash screen to version 2.20 in main repository. * Skip testing openssl compatibility version when cross-compilation is detected. Fix contributed by Antti Seppälä.
2015-01-07 * new version 2.19.9999Eduardo Chappa
* crash on importing certificates that do not have an email address associated to them, such as those of a Certificate Authority. * Disable saving new passwords to the password file. Implemented by Louis Raphael from dpslabs.com. * Panda IMAP does not decode correctly Korean text encoded in UTF-8. Reported by Chulho Yang.
2014-06-20 * new version 2.19.9992Eduardo Chappa
* Alpine would not parse options from the command line, such as -patterns-filters2, correctly. * Add /usr/local/include as a path to find include and libs files for openssl in FreeBSD. * Management certificate screen now prints, in addition to the e-mail address of the owner of the certificates, the dates of validity and the MD5 hash of such certificates. * crash when processing message/rfc822 attachments that are encoded in base64. * Openssl: if /usr/local/ssl exists, assume that this is the intended place where ssl libraries, include files and certificates are located. Typically, distributions do not use this directory, so its existence indicates that Openssl has been specially installed there, so it is probably a preferred place to get the system Openssl files. * Postponed messages whose content-type is text/html, text/enriched and text/richtext are sent with that content-type, even though, after resuming composition, Alpine had changed its type to text/plain. * HTML: <BR>, <BR />, and <BR/&> are considered the same inline tag; the same is valid for the <HR> tag.
2014-05-17 * New version 2.19.999Eduardo Chappa
* Introduce the option "Validate Using Certificate Store Only", and make it the default. This will make Alpine check for the validity of signatures in certificates that a user has installed in their system, and not in the certificates that come with the message. A user can override this, although is not recommended, by disabling this feature. * When viewing a signed message, the ^E command would present an empty screen or Alpine would crash because when Alpine would get the PKCS7 body of the message from body->sparep, it would not decode it properly due to the new way in which the sparep pointer is encoded that was introduced in version 2.19.991. * When a signed message is forwarded, the message might not be filtered correctly, and mime information might make it into the body of the forwarded message. In order to produce this, the message must be forwarded from the index screen and not be opened. The reason why this makes a difference is because opening a signed message changes its body structure. The reason why a person could forward a message before reading it is because the person could already be aware of the content of the message (e.g. the message is in the sent-mail folder). * When a message fails to validate and the body is saved from the server for validation, be careful in the way that body part pointers are set, in order to do this we split the mail_body function into two parts, one that gets the body, the other that gets the section of the body. The new function that gets the section of the body (mail_body_section), is used to assign pointers of the reconstructed new body. * When a container has not been defined, transferring messages to a container will succeed, and the name of the container will be written on screen. * When Alpine is receiving the envelopes from an imap server, it attempts to generate the index line immediately; while doing so it might need to compute a score, and for this, it might need to go back and do some operation in the same imap server. In this case, Alpine will crash with a "lock when already locked" message. In order to avoid this crash, a new check in match_pattern was added to Alpine to avoid the second trip to a server that is busy sending us envelopes. Reported by Peter Koellner. * Update copyright notice in mswin.rc and pmapi.rc, as well as first time user notice and special request notice. * Alpine cannot handle correctly some characters in the Windows-1256 character set, which might lead to a crash or a corruption in the screen. Work was done to contain the bug. A more complete fix will be done in a future release. Reported by Professor Robert Funnell. * Decode the name of attachment names, so they can be written as part of the description of the part. * When transferring certificates to a local container, create container with default names PublicContainer, PrivateContainer and CAContainer, as appropriate for these files, unless the user has provided some other names.
2014-05-02 * Create help for explaining how encrypted password file supportEduardo Chappa
works. * When a message is sent encrypted, add the sender certificate so that the sender can decrypt it too. * When a message is signed and encrypted, first sign it and then encrypt it. This changes the usual order of encrypting and then signing, and it has the shortcoming of making bigger messages. However, this is the way that most clients work with S/MIME, and so for compatibility with other programs, we will send signed, then encrypted, instead of encrypted, then signed. Hmm... should we sign the encrypted part? * Avoid the first RSET smtp command, as this causes delays in some evily managed servers.
2014-02-02 * Update to version 2.19.5Eduardo Chappa
* check bounds and tie strings off to improve security. Contributed by James Jerkins. * Alpine crashed when a user attempted to add a folder collection, due to bug in GET_NAMESPACE in imap4r1.c.
2013-11-16 * Crash when tcp connection to NNTP server was lost after connectionEduardo Chappa
had been established, but lost immediately afterwards. * Small fixes to pine.hlp (alignment issues) * Add server name to debug in pine_tcptimeout function.
2013-11-02 * Update to version 2.19.1Eduardo Chappa
* Upgrade UW-IMAP to Panda IMAP from https://github.com/jonabbey/panda-imap. * Replace tabs by spaces in From and Subject fields to control for size in screen of these fields. Change only in index screen display.
2013-10-06 * new version 2.11.8Eduardo Chappa
* Fix in configure script for recognition of SSL files in Ubuntu 12.04 * Alpine does not attempt to automatically reopen a collection that was not opened due to cancellation by the user. Instead, the user must try to open it explicitly. * few improvements on new /tls1, /tls1_1, etc. options.
2013-09-21 * Version 2.11.6Eduardo Chappa
* Add /tls1, /tls1_1, /tls1_2 and /dtls1 to the definition of a server to use different ways to connect using ssl, for example {server.com/tls1} will attempt to connect to server.com at the ssl imap port (port 993) and establish a connection using TLSv1. These flags can be used in conjunction with the /ssl flag, the ssl flag is redundant. Conversely, however, the /ssl flag does not imply any of these flags; the /ssl flag means SSLv3 or, if not available, SSLv2 in the SSL port. * WebAlpine: add _GNU_SOURCE to make pubcookie build. * On my way to make 'make dist' and 'make distcheck' actually work.
2013-05-31 * somehow all.patch got here. Reversing.Eduardo Chappa
2013-05-31 * Fix not allow remote execution by adding PIPE_NOSHELL to the opening of ↵Eduardo Chappa
a url by a browser.
2013-02-04Fix SMTP bugEduardo Chappa
2013-02-03Initial Alpine VersionEduardo Chappa