| Age | Commit message (Collapse) | Author |
|---|
|
file prevented users from actually saving their passwords in Windows
and MAC OS. Fix the code so that passwords will be saved. Also,
update the documentation of this feature.
* Fix a buffer overflow bug in the XOAUTH2 code (off by one error).
* Update PC-Alpine to work with Libressl version 3.0.2 instead of
version 2.5.5 (update build.bat and lib files from the LibreSSL
build).
* Erase SSLXXXXXX file.
* ssl_nt.c actually directs the code to ssl_libressl.c or ssl_win.c.
The file ssl_libressl.c is the file ssl_unix.c from the unix osdep
directory. The file ssl_win.c is the native SSL windows code. The
Unix side provides S/MIME support for Alpine and the latest
encryption protocols support for Alpine when connecting to a secure
server, while the windows side provide TLSv1_3 support for Alpine,
but not S/MIME support.
In order to provide unix code for TLSv1_3 (once LibreSSL supports it)
edit the file os_nt.c and remove the comments on the #ifdef section.
This would provide both TLSv1_3 and S/MIME support with unix code. On
the other hand, when we provide TLSv1_3 with the Windows code we need
to undefine DF_ENCRYPTION_RANGE, and this is done in the file
include/config.wnt.h. The way this is done as of this moment is by
commenting an #else directive that preceedes this #undefine.
* Update makefile.nt and friends in the windows side to account for the
addition of XOAUTH2, and the use of only ssl_nt.c when dealing with
Alpine.
* Define SMIME_SSLCERTS as c:\libressl\ssl\certs, so that these
certificates be considered while checking a digital S/MIME signature.
* Improvements to the SMARTTIME24 token to account for changes in year.
|
|
not need/want to build using pam. Add more robustness to the configure
process, to add -lcrypt to the build flags when --with-bundled-tools=no is
given.
|
|
default. In order to build the imap tools (such as mtest, imapd,
etc.) the configure script must be given the --with-bundled-tools
option. Similarly, libpam is not required anymore, unless the option
--with-bundled-tools is used.
|
|
during authentication using CRAM-MD5. The intention was to ignore the
challenge in the PLAIN authentication. This made Alpine fail to
authenticate when using the CRAM-MD5 authenticator. Reported by Stefan
Mueller.
|
|
The issue with logic was that of the two checks for validation of
if the first one was not done, the second one would not
be done. The intention was to do the second check if the
first check failed. Reported by Erich Ecknet.
|
|
* Document request message for first time use reports IMAP for any remote
connection. Report the correct type of service instead.
|
|
for a read of zero bytes, but this causes problems. Reported by Greg
Oster.
|
|
update takes care of building with LibreSSL.
|
|
non-empty challenge in a smtp server.
|
|
|
|
to user's request.
|
|
connection is closed while the post is being composed, but later the
post is attempted to be sent. In some instances, the stream may be
open and closed during this time, but Alpine does not realize the
connection was closed and attempts the post without a netstream,
producing a crash.
|
|
has been disabled during the compilation of the Openssl library.
|
|
|
|
and not the new calls.
|
|
was being allocated. Based on a report by Erich Eckner.
|
|
Gmail.
|
|
"mechanic" in comp.mail.pine.
* Configure script modifications to set the ldap-dir value correctly.
* Fix some typos in documentation.
|
|
modifications in the ssl_unix module.
|
|
a. Add a new variable: encryption-protocol-range, which can be
used to specify the minimum and maximum versions of the TLS
protocol that Alpine will attempt to use to encrypt its
communication with the server.
b. Add support for the Server Name Identification (SNI) extension
needed for TLSv1.3.
c. Remove the DTLS code. It was not being used.
|
|
when added support for internationalization in folders. Based on a
report by Michael Rutter.
|
|
select the method to authenticate to an IMAP, SMTP or POP3 server.
Examples are /auth=plain, or /auth=gssapi, etc.
|
|
server. Based on a report by Stefan in the Alpine-info mailing
list.
|
|
email via SMTP, but still report the previous error to the client.
|
|
a failure using an SMTP server. This was due to c-client sending a
RSET command after the failure and Alpine reporting the reply of this
command.
|
|
that is available in case that this is not defined by OpenSSL.
|
|
version 1.3.
|
|
LibreSSL in connecting to external servers. This complements the
changes to support S/MIME. In particular, we add support for
validation of certificates by using C:\\libressl\ssl\certs as the
place to save CA certificates. In order to help users, some
certificates are distributed. TODO: Kerberos port, w2k.
|
|
character in UTF-8, but 0xfff8 is undefined.
|
|
coming from the configure script and imap/Makefile. Remove the double
definition from imap/Makefile. Reported and patched by Wang Kang.
|
|
|
|
servers that implement the X-GM-EXT-1 capability (such as the one
offered by Gmail.) This allows users to do selection in Alpine as if
they were doing a search in the web interface for Gmail.
|
|
calendar.
When "More Details" is selected for each individual event, the description
of that entry is shown only. When the calendar is opened from the view
attachment list screen, all entries will be shown. Mske sure there are no
memory leaks.
* Reverse some of the changes to make valgrind happy, as this may make Alpine crash
by using memory that was released.
|
|
|
|
* rewrite of some code in pith/ical.c to make sure function prototypes are
correct.
* Add a separator line to the calendar entry in case, the calendar is sent
as the main body of the message.
|
|
command. The Exchange server adds a white space (US-ASCII 32)
at the end of the reply to a STATUS command, making the parser
fail, and ignoring the reply of the STATUS command.
|
|
to TLS_client_methodto when compiling Alpine with OpenSSL 1.1.
|
|
* The online repo does not mimic the root local directory
from which it is created. This is an attempt to fix this.
This caused the problem that kerberos was not working
with the bytes on the repo, but it would work on the root
which created it. Reported by Holger Trapp.
|
|
in case the user has ldap installed.
|
|
(alpine.exe had already been added in the previous commit.)
|
|
Based on code provided by Maciej W. Rozycki.
|
|
|
|
|
|
limit makes a search eventually fail for a long enough encoded
word.
|
|
Users have the option to build with older versions of OpenSSL or with
version 1.1.0. The current code is transitional and it is intended
that we will move Alpine to build exclusively with version 1.1.0 or
above in the future. This update also recognizes if we are using
LibreSSL. It was tested with version 2.4.2.
|
|
to check for correct range of message number before calling mail_elt.
* Work in progress: correct some uses of system calls that do not check
for returned value. This work will follow the lead given by Christian
Kujau and Asheesh Laroia. Expect more changes of this type in
subsequent commits.
|
|
not correctly made. Reported and patched by Christian Kujau. Final
patch uses fprintf instead of printf.
|
|
later when it becomes an issue again.
* Minor fix to documentation.
|
|
|
|
Binderman.
|
