summaryrefslogtreecommitdiff
path: root/pico
AgeCommit message (Collapse)Author
2015-03-15 * new version 2.20.3Eduardo Chappa
* SMIME: If a message contains a RFC822 atachment that is signed/decrypted add the ability to view its SMIME information. * SMIME: The ^E command that gives information on the certificate is only available for messages that have a signed or encrypted part. * Fix vulnerability in regex library. This only affects those who use this library, such as the windows version of Alpine. See http://www.kb.cert.org/vuls/id/695940. * HTML: Add support for decoding entities in hexadecimal notation. Suggested by Tulipánt Gergely. * Pico: Add the ability to search for strings in the beginning or end of a line. In the search menu, pressing Ctrl-^ toggles the prompt to search for a string at the beginning of a line. Another press of Ctrl-^ toggles the prompt to search for a string at the end of a line, and pressing Ctrl-^ one more time searches for the string anywhere in the text.
2015-02-28 * new version 2.20.2Eduardo Chappa
* Further enhancement to the configure script in finding the location of the SSL include and library files, when they are installed in th e default location by openssl. * When Alpine sends an attachment, it will set the boundary attribute in lower case, as some SMTP servers, such as those of libero.it reject messages if the boundary attribute is in uppercase. * Alpine fails to remove temporary files used during a display or sending filter. Fix contributed by Phil Brooke. * SMIME: Crash when checking the signature of a message that contains a RFC822 attached message. Reported by Holger Trapp and Bjorn Krellner.
2015-01-25 * new version 2.20.1Eduardo Chappa
* Ignore message from smtp server after a successful authentication challenge. * Alpine would not set include and lib paths for OpenSSL if this was installed in /usr/local/ssl. * If the .pinerc file is a symbolic link, Alpine might not write its contents when saving its configuration. * The _INIT_ token does not skip over non-alpha numeric characters in the name. Reported by Andreas Fehr. * If SSLDIR is defined somehow, do not disable S/MIME if the SSLCERTSDIR is not found. * Mismatch in size of UCS and CELL caused a corruption in the content of a pointer, which made the speller in PC-Alpine get the content of a word incorrectly. * Update splash screen to version 2.20 in main repository. * Skip testing openssl compatibility version when cross-compilation is detected. Fix contributed by Antti Seppälä.
2015-01-07 * new version 2.19.9999Eduardo Chappa
* crash on importing certificates that do not have an email address associated to them, such as those of a Certificate Authority. * Disable saving new passwords to the password file. Implemented by Louis Raphael from dpslabs.com. * Panda IMAP does not decode correctly Korean text encoded in UTF-8. Reported by Chulho Yang.
2014-05-17 * New version 2.19.999Eduardo Chappa
* Introduce the option "Validate Using Certificate Store Only", and make it the default. This will make Alpine check for the validity of signatures in certificates that a user has installed in their system, and not in the certificates that come with the message. A user can override this, although is not recommended, by disabling this feature. * When viewing a signed message, the ^E command would present an empty screen or Alpine would crash because when Alpine would get the PKCS7 body of the message from body->sparep, it would not decode it properly due to the new way in which the sparep pointer is encoded that was introduced in version 2.19.991. * When a signed message is forwarded, the message might not be filtered correctly, and mime information might make it into the body of the forwarded message. In order to produce this, the message must be forwarded from the index screen and not be opened. The reason why this makes a difference is because opening a signed message changes its body structure. The reason why a person could forward a message before reading it is because the person could already be aware of the content of the message (e.g. the message is in the sent-mail folder). * When a message fails to validate and the body is saved from the server for validation, be careful in the way that body part pointers are set, in order to do this we split the mail_body function into two parts, one that gets the body, the other that gets the section of the body. The new function that gets the section of the body (mail_body_section), is used to assign pointers of the reconstructed new body. * When a container has not been defined, transferring messages to a container will succeed, and the name of the container will be written on screen. * When Alpine is receiving the envelopes from an imap server, it attempts to generate the index line immediately; while doing so it might need to compute a score, and for this, it might need to go back and do some operation in the same imap server. In this case, Alpine will crash with a "lock when already locked" message. In order to avoid this crash, a new check in match_pattern was added to Alpine to avoid the second trip to a server that is busy sending us envelopes. Reported by Peter Koellner. * Update copyright notice in mswin.rc and pmapi.rc, as well as first time user notice and special request notice. * Alpine cannot handle correctly some characters in the Windows-1256 character set, which might lead to a crash or a corruption in the screen. Work was done to contain the bug. A more complete fix will be done in a future release. Reported by Professor Robert Funnell. * Decode the name of attachment names, so they can be written as part of the description of the part. * When transferring certificates to a local container, create container with default names PublicContainer, PrivateContainer and CAContainer, as appropriate for these files, unless the user has provided some other names.
2014-04-25 * When downloading a signed message, and processing it, we useEduardo Chappa
body->nested.part instead of b->nested.part in the do_detached_signature_verify function, and save its body and mime headers in create_local_cache. Now all signed messages should verify correctly. * Protect against potential crash bug in write_passfile function by checking if text != NULL. text can only be null if there are no passwords to save. We assume we could get write_passfile called with null arguments, so this is just to protect that. * Add handling of corner cases to several functions by initializing some variables. Reported and patched by James Jerkins. * When selecting the certificate/key pair to encrypt/decrypt the password file choose it in this order: - if -pwdcertdir is given look for certificates there, if nothing there, we bail out; - otherwise we look in the default directory, if anything there and it matches to be a key/cert pair, we use it; - otherwise we check if smime_init() has been called. If not we call it; - we check if a key/cert pair has been found with smime initialized, if so, use it and copy it to the default directory; - if not, check if there is anything in the default smime directories (.alpine-smime/private and .alpine-smime/public), and in this case copy it to the default. - otherwise we bail. We will eventually create a certificate/key pair for the user; - finally, if we called smime_init(), we call smime_deinit(). Throughout this process, if smime_init() was not called before we tried to get the cert/key pair we exit this process without ps_global->smime->inited set, so that other process that need to call smime_init() get the right structure initialized. This is done because we might pick a cert/key pair to decrypt the password file.
2014-04-09 * Update to version 2.19.11Eduardo Chappa
2014-04-09 * patch by Sam Hathaway to make web alpine build when debug is turnedEduardo Chappa
off. * Fix compilation bug that made build fail if passfile was not defined.
2014-03-10 * Bump version to 2.19.9.Eduardo Chappa
* Fix windows strings to match version.
2014-02-17 * Encrypted and signed messages sent by Thunderbird did not validate.Eduardo Chappa
2014-02-15 * Fixes to documentation to update old washington.edu/alpine siteEduardo Chappa
for patches.freeiz.com/alpine/. Work in progress. * prototype function tigetstr in pico/osdep/terminal.c * folders encoded in modified utf7 are transformed their names to a human readable utf8. * New attempt to fix smime support in Alpine. Messages sent by alpine with or without attachments should validate in all servers and in all folder formats.
2014-02-09 * Add .pine-crash to man page.Eduardo Chappa
* Add backward search support for Pico and file browser. * Style tag in html body causes all text to disappear until we find a </style> tag. * Shorten name of temporary file for a mailcap command.
2014-02-02 * Update to version 2.19.5Eduardo Chappa
* check bounds and tie strings off to improve security. Contributed by James Jerkins. * Alpine crashed when a user attempted to add a folder collection, due to bug in GET_NAMESPACE in imap4r1.c.
2013-12-27 * new address alpine-count@patches.freeiz.com for counting users ofEduardo Chappa
Alpine. * When writing the .pinerc file, lines could not be longer than 10,000 characters, or else this caused corruption in the .pinerc data. Now they are allowed to be of any size. * Fix a problem that made Alpine remove files before they were open by the viewer. It requires that the user has an equivalent to a command such as "ps auxww" to list the list of processes. The default is "/bin/ps auxww", but it can be changed at compile time with the option --with-ps-cmd. * Remove -lregex from linker flags when building --with-supplied-regex. * Fix _INIT_ token for reply quote string to include support for 8-bit in personal names.
2013-11-18 * Update to version 2.19.3Eduardo Chappa
* Alpine computes the signature of a signed message on a different message than the one it sends, because of this, messages that are sent can not be validated either in the sent-mail folder, nor in the server that receives such message.
2013-11-08 * Update to version 2.19.2Eduardo Chappa
* Update OpenSSL configuration of Mac OSX. * If Homebrew is installed, use it; else * if Macports is installed, use it; else * if Fink is installaed, use it; else * use openssl as distributed in the Mac.
2013-10-13 * Fixes in Pico so that it will crash in big files, instead of loopingEduardo Chappa
forever. Todo: see how this can be improved. * Add support for UID EXPUNGE in selected folders.
2013-08-28 * Tune for help formatting in pine.hlpEduardo Chappa
* Pico: Justification works without need to define a quote string, it allows justification of blocks indented with spaces.
2013-08-18 * Opening a folder updates recent count in maildrops.Eduardo Chappa
* Fixes to configure script so that it will not require PAM for every system. * Fix to configure script so that it will use CPPFLAGS instead of CPPCFLAGS, and so the --with-ssl-include-dir option take effect during the build. Fix by Ulf-Dietrich Braumann. * Fix in WebAlpine: do not use deprecated dereference in pointer, needs to use tcl_getstringresult() instead. Reported by Ulf-Dietrich Braumann. * Fix in configure script to detect location of tcl library; add /usr/local in FreeBSD and fix a bug in configure script that used $alpine_TCLINC instead of $alpine_TCLINC/tcl.h. Reported and fixed by Werner Scheinast. * Move SSL configurations from UW-IMAP to configure script.
2013-08-11 * reverse backward search momemtarily, it will be released as patch,Eduardo Chappa
included in all.patch, and later released when it has been thoroughly tested.
2013-08-04 * New version 2.10.99999Eduardo Chappa
* Pico: search backwards. * do not allow List- headers to be set up by users in accordance with RFC 2369. * minor fixes for new justification support (add comparison of a line with the previous *and* the next).
2013-07-21 * Unix only: Support for local .pinerc files that are symbolic linksEduardo Chappa
.pinerc -> some/other/file
2013-07-15 * Fix support for quote strings that have trailing spaces.Eduardo Chappa
2013-07-14 * Further improvement to justification to deal with quote strings thatEduardo Chappa
only contain spaces (ASCII 32). There is more to do to deal with TABs and non-breaking spaces.
2013-07-10 * Change to configure to not to build Web Alpine if tcl.h is not found by theEduardo Chappa
configure script.
2013-07-09 * Improvements in justification: Quoted lines that are followed by aEduardo Chappa
space after the quote string were considered paragraphs by themselves, now they are considered part of a paragraph, as they are. Based on joint work with Jeff Franklin for the Pine 4.5X series.
2013-06-22 * fix crushing bug when Alpine bails on read error during a tcp timeout.Eduardo Chappa
2013-06-03 * Changes to configure.ac to add -lkrb5 to the linkEduardo Chappa
* Changes to avoud errors in compilation when -Wformat-security is used * Remove RFC files from source code
2013-05-31 * somehow all.patch got here. Reversing.Eduardo Chappa
2013-05-31 * Fix not allow remote execution by adding PIPE_NOSHELL to the opening of ↵Eduardo Chappa
a url by a browser.
2013-02-03Initial Alpine VersionEduardo Chappa