| Age | Commit message (Collapse) | Author |
|---|
|
* Introduce the option "Validate Using Certificate Store Only", and
make it the default. This will make Alpine check for the validity of
signatures in certificates that a user has installed in their
system, and not in the certificates that come with the message. A
user can override this, although is not recommended, by disabling
this feature.
* When viewing a signed message, the ^E command would present an
empty screen or Alpine would crash because when Alpine would get the
PKCS7 body of the message from body->sparep, it would not decode it
properly due to the new way in which the sparep pointer is encoded
that was introduced in version 2.19.991.
* When a signed message is forwarded, the message might not be filtered
correctly, and mime information might make it into the body of the
forwarded message. In order to produce this, the message must be
forwarded from the index screen and not be opened. The reason why
this makes a difference is because opening a signed message changes
its body structure. The reason why a person could forward a message
before reading it is because the person could already be aware of
the content of the message (e.g. the message is in the sent-mail
folder).
* When a message fails to validate and the body is saved from the server
for validation, be careful in the way that body part pointers are
set, in order to do this we split the mail_body function into two
parts, one that gets the body, the other that gets the section of
the body. The new function that gets the section of the body
(mail_body_section), is used to assign pointers of the reconstructed
new body.
* When a container has not been defined, transferring messages to a
container will succeed, and the name of the container will be
written on screen.
* When Alpine is receiving the envelopes from an imap server, it
attempts to generate the index line immediately; while doing so it
might need to compute a score, and for this, it might need to go
back and do some operation in the same imap server. In this case,
Alpine will crash with a "lock when already locked" message. In
order to avoid this crash, a new check in match_pattern was added to
Alpine to avoid the second trip to a server that is busy sending us
envelopes. Reported by Peter Koellner.
* Update copyright notice in mswin.rc and pmapi.rc, as well as first
time user notice and special request notice.
* Alpine cannot handle correctly some characters in the Windows-1256
character set, which might lead to a crash or a corruption in the
screen. Work was done to contain the bug. A more complete fix will be
done in a future release. Reported by Professor Robert Funnell.
* Decode the name of attachment names, so they can be written as part
of the description of the part.
* When transferring certificates to a local container, create container
with default names PublicContainer, PrivateContainer and CAContainer,
as appropriate for these files, unless the user has provided some
other names.
|
|
body->nested.part instead of b->nested.part in the
do_detached_signature_verify function, and save its body and mime
headers in create_local_cache. Now all signed messages should
verify correctly.
* Protect against potential crash bug in write_passfile function by
checking if text != NULL. text can only be null if there are no
passwords to save. We assume we could get write_passfile called
with null arguments, so this is just to protect that.
* Add handling of corner cases to several functions by initializing some
variables. Reported and patched by James Jerkins.
* When selecting the certificate/key pair to encrypt/decrypt the password
file choose it in this order:
- if -pwdcertdir is given look for certificates there, if nothing
there, we bail out;
- otherwise we look in the default directory, if anything there
and it matches to be a key/cert pair, we use it;
- otherwise we check if smime_init() has been called. If not
we call it;
- we check if a key/cert pair has been found with smime initialized,
if so, use it and copy it to the default directory;
- if not, check if there is anything in the default smime directories
(.alpine-smime/private and .alpine-smime/public), and in this
case copy it to the default.
- otherwise we bail. We will eventually create a certificate/key
pair for the user;
- finally, if we called smime_init(), we call smime_deinit().
Throughout this process, if smime_init() was not called before
we tried to get the cert/key pair we exit this process without
ps_global->smime->inited set, so that other process that need
to call smime_init() get the right structure initialized. This is
done because we might pick a cert/key pair to decrypt the password
file.
|
|
|
|
off.
* Fix compilation bug that made build fail if passfile was not defined.
|
|
* Fix windows strings to match version.
|
|
|
|
for patches.freeiz.com/alpine/. Work in progress.
* prototype function tigetstr in pico/osdep/terminal.c
* folders encoded in modified utf7 are transformed their names to a human
readable utf8.
* New attempt to fix smime support in Alpine. Messages sent by alpine
with or without attachments should validate in all servers and in
all folder formats.
|
|
* Add backward search support for Pico and file browser.
* Style tag in html body causes all text to disappear until we find
a </style> tag.
* Shorten name of temporary file for a mailcap command.
|
|
* check bounds and tie strings off to improve security. Contributed by
James Jerkins.
* Alpine crashed when a user attempted to add a folder collection, due
to bug in GET_NAMESPACE in imap4r1.c.
|
|
Alpine.
* When writing the .pinerc file, lines could not be longer than
10,000 characters, or else this caused corruption in the .pinerc data.
Now they are allowed to be of any size.
* Fix a problem that made Alpine remove files before they were open by
the viewer. It requires that the user has an equivalent to a command
such as "ps auxww" to list the list of processes. The default is
"/bin/ps auxww", but it can be changed at compile time with the option
--with-ps-cmd.
* Remove -lregex from linker flags when building --with-supplied-regex.
* Fix _INIT_ token for reply quote string to include support for 8-bit
in personal names.
|
|
* Alpine computes the signature of a signed message on a different message than the one
it sends, because of this, messages that are sent can not be validated either in the
sent-mail folder, nor in the server that receives such message.
|
|
* Update OpenSSL configuration of Mac OSX.
* If Homebrew is installed, use it; else
* if Macports is installed, use it; else
* if Fink is installaed, use it; else
* use openssl as distributed in the Mac.
|
|
forever. Todo: see how this can be improved.
* Add support for UID EXPUNGE in selected folders.
|
|
* Pico: Justification works without need to define a quote string, it
allows justification of blocks indented with spaces.
|
|
* Fixes to configure script so that it will not require PAM for every system.
* Fix to configure script so that it will use CPPFLAGS instead of
CPPCFLAGS, and so the --with-ssl-include-dir option take effect
during the build. Fix by Ulf-Dietrich Braumann.
* Fix in WebAlpine: do not use deprecated dereference in pointer,
needs to use tcl_getstringresult() instead. Reported by Ulf-Dietrich
Braumann.
* Fix in configure script to detect location of tcl library; add
/usr/local in FreeBSD and fix a bug in configure script that used
$alpine_TCLINC instead of $alpine_TCLINC/tcl.h. Reported and fixed
by Werner Scheinast.
* Move SSL configurations from UW-IMAP to configure script.
|
|
included in all.patch, and later released when it has been thoroughly
tested.
|
|
* Pico: search backwards.
* do not allow List- headers to be set up by users in accordance with
RFC 2369.
* minor fixes for new justification support (add comparison of a line
with the previous *and* the next).
|
|
.pinerc -> some/other/file
|
|
|
|
only contain spaces (ASCII 32). There is more to do to deal with TABs
and non-breaking spaces.
|
|
configure script.
|
|
space after the quote string were considered paragraphs by themselves,
now they are considered part of a paragraph, as they are. Based on
joint work with Jeff Franklin for the Pine 4.5X series.
|
|
|
|
* Changes to avoud errors in compilation when -Wformat-security is used
* Remove RFC files from source code
|
|
|
|
a url by
a browser.
|
|
|
