Age | Commit message (Collapse) | Author |
|
|
|
|
|
option due to an undefined value for DF_ENCRYPTION_RANGE.
Reported by David Morris.
|
|
|
|
|
|
negotiating a secure connection with a SSL server. Work in
collaboration with professor Martin Trusler.
|
|
delete a line before overwriting it. It is meant to work around bugs in
terminals that need it. Work in collaboration with professor Martin Trusler.
|
|
|
|
a user to specify the location of server certificates that the user trusts.
|
|
in Windows 10, and it should work in Windows 8.1. It needs testing in
Windows 7 and Windows Vista.
|
|
Now w32 and wnt are the same code, so we are only left with wnt
and wxp.
|
|
+ Alpine does not generate Sender or X-X-Sender by default
by making [X] Do Not Generate Sender Header the default.
+ Alpine does not disclose User Agent by default by making
[X] Suppress User Agent When Sending the default.
+ Alpine uses the domain in the From: header of a message
to generate a message-id and suppresses all information
about Alpine, version, revision, and time of generation
of the message-id from this header. This information is
replaced by a random string.
|
|
browser, by using
the "External" command in the ATTACHMENT INDEX screen.
* Experimental: New configuration variable "External Command Loads Inline Images Only"
that controls if Alpine will pass to an external browser a link to all the images in
the HTML message, or will only pass a link to inline images included in the message.
For your privacy and security this feature is enabled by default.
|
|
to display content. Suggested by Carl Edquist. In addition to remove
configurable process table command and it corresponding sleep time.
|
|
of this writing, the port w32 is the same as the port wxp, but it
is intended to target other 32 bit operating systems.
|
|
Aditya Mahajan.
|
|
of CA certificates. This complements the variable system-certs-path that
gives the location the directory that containes CA certificates.
|
|
|
|
location of the directory where folders are located. In PC-Alpine
this must be C:\libressl\ssl\certs. The C: drive can be replaced by
the name of the drive where the binary and DLL files are located.
|
|
|
|
fixed those that belong to the source code of Alpine and do not come
from an external source. List contributed by Jens Schleusener.
|
|
client-id and client-secret information.
|
|
file prevented users from actually saving their passwords in Windows
and MAC OS. Fix the code so that passwords will be saved. Also,
update the documentation of this feature.
* Fix a buffer overflow bug in the XOAUTH2 code (off by one error).
* Update PC-Alpine to work with Libressl version 3.0.2 instead of
version 2.5.5 (update build.bat and lib files from the LibreSSL
build).
* Erase SSLXXXXXX file.
* ssl_nt.c actually directs the code to ssl_libressl.c or ssl_win.c.
The file ssl_libressl.c is the file ssl_unix.c from the unix osdep
directory. The file ssl_win.c is the native SSL windows code. The
Unix side provides S/MIME support for Alpine and the latest
encryption protocols support for Alpine when connecting to a secure
server, while the windows side provide TLSv1_3 support for Alpine,
but not S/MIME support.
In order to provide unix code for TLSv1_3 (once LibreSSL supports it)
edit the file os_nt.c and remove the comments on the #ifdef section.
This would provide both TLSv1_3 and S/MIME support with unix code. On
the other hand, when we provide TLSv1_3 with the Windows code we need
to undefine DF_ENCRYPTION_RANGE, and this is done in the file
include/config.wnt.h. The way this is done as of this moment is by
commenting an #else directive that preceedes this #undefine.
* Update makefile.nt and friends in the windows side to account for the
addition of XOAUTH2, and the use of only ssl_nt.c when dealing with
Alpine.
* Define SMIME_SSLCERTS as c:\libressl\ssl\certs, so that these
certificates be considered while checking a digital S/MIME signature.
* Improvements to the SMARTTIME24 token to account for changes in year.
|
|
|
|
update takes care of building with LibreSSL.
|
|
|
|
options.
|
|
that fix the following startup crashes:
* Crash when Alpine started with empty url fragment;
* Crash when Alpine started with option last-time-prune-questioned
in wrong format;
* Crash when Alpine started with printf formatting characters from
command line; and
* Crash when Alpine started with an extremely long command line
option.
* Crash when Alpine is started with the wrong piped input when
opening a folder from the command line. Reported by Mateusz
Kocielski from LogicalTrust.
|
|
a. Add a new variable: encryption-protocol-range, which can be
used to specify the minimum and maximum versions of the TLS
protocol that Alpine will attempt to use to encrypt its
communication with the server.
b. Add support for the Server Name Identification (SNI) extension
needed for TLSv1.3.
c. Remove the DTLS code. It was not being used.
|
|
version 1.3.
|
|
we need to allocate memory for storing the resolved path. Reported by
Fabian Schmidt.
|
|
a connection that is having problems being kept alive after the
number of seconds configured in this variable, if the connection has
not recovered. The default is 0, which means to keep the connection
alive and wait for the connection to recover.
|
|
* rewrite of some code in pith/ical.c to make sure function prototypes are
correct.
* Add a separator line to the calendar entry in case, the calendar is sent
as the main body of the message.
|
|
|
|
to control features and variables when you start to reply to a
message.
|
|
file would not be created if it did not exist.
|
|
* Add the configuration variable "default-directories", which is called
"Extra Directories for Save" in the configuration screen. This
variable saves a list of directories that are readily accessible for
save or export of attachments. This makes it easier to save
attachments in directories that are hard to navigate to, or that are
accessed frequently.
|
|
In order to produce a crash one needed to use the ^T subcommand and
do a search in a LDAP directory. The crash is produced by changes to
the text in the title bar. Reported by Heinrich Mislik in the
Alpine-info list.
* Add ignore size option to Alpine, which helps users deal with some
servers that compute sizes incorrectly but send complete messages
when users save messages from those servers.
|
|
* Update of copyright notice
* Update to release notes to indicate support of RFC 2971.
|
|
user to choose the dictionary used to spell, in case the user
communicates in more than one language. Examples of values for the
variable are "en_US" or "de_DE", etc. Only the first 10 dictionaries
are offered.
|
|
symbolic link by Kyle George from tcpsoft.com to use realpath.
|
|
|
|
in system.h.
|
|
* Add command line argument -smimedir, which allows to specify
the default path for a directory that contains the public, private,
and ca directories. This is useful in case a user has a backup of
old certificates that cannot be installed in the ~/.alpine-smime
dir.
* Update to alpine man page to include documentation on missing command
line options such as -nowrite_password_cache, -passfile, -pwdcertdir,
and -smimedir.
* Various changes in the code to quell some compiler issued warnings in
Mac OSX. Reported by Joe St Sauver. This includes the removing
deprecated ldap functions from the code and the test in the configure
script. The switch to not deprecated functions is done by the use of
the belvar structure, which is not completely appropriate for what we
are doing, but it is sufficient for our needs. The berval structure
is more appropriate for binary data, but it works well with string
data, which is what we need.
* Various changes in the code to quell some warnings issued by clang
3.5.
|
|
* Ignore message from smtp server after a successful authentication
challenge.
* Alpine would not set include and lib paths for OpenSSL if this was
installed in /usr/local/ssl.
* If the .pinerc file is a symbolic link, Alpine might not write its
contents when saving its configuration.
* The _INIT_ token does not skip over non-alpha numeric characters in
the name. Reported by Andreas Fehr.
* If SSLDIR is defined somehow, do not disable S/MIME if the
SSLCERTSDIR is not found.
* Mismatch in size of UCS and CELL caused a corruption in the
content of a pointer, which made the speller in PC-Alpine get
the content of a word incorrectly.
* Update splash screen to version 2.20 in main repository.
* Skip testing openssl compatibility version when cross-compilation is
detected. Fix contributed by Antti Seppälä.
|
|
* crash on importing certificates that do not have an email address
associated to them, such as those of a Certificate Authority.
* Disable saving new passwords to the password file. Implemented
by Louis Raphael from dpslabs.com.
* Panda IMAP does not decode correctly Korean text encoded in UTF-8.
Reported by Chulho Yang.
|
|
* Aggregate operations allows bouncing a list of messages using a role.
Suggested by Ulf-Dietrich Braumann.
* Compilation error of module pith/reply.c if SMIME is not defined (as in
Windows Alpine). There was a misplaced parenthesis.
* Update to S/MIME to explain how to use a PKCS12 certificate in
Alpine.
* Fix error in compare_certs function, that would modify the name of
the certificates after sorting them, and return when no certificates
are given.
* When replying to several messages, subject will be decoded first,
and then stripped from re/fwd before they are compared to determine
the subject of the replied message.
* Add $(LIBINTL) to the flags to link rpdump, rpload, alpined and
alpineldap because MAC OSX 10.8 x86_64 needs it.
* When the download of an attachment is interrumpted, Alpine stills
caches what was downloaded, making the download incomplete for
subsequent calls of Alpine attempting to open the attachment. In the
future, Alpine will not cache any downloaded part of the attachment
when it is interrupted.
|
|
* Introduce the option "Validate Using Certificate Store Only", and
make it the default. This will make Alpine check for the validity of
signatures in certificates that a user has installed in their
system, and not in the certificates that come with the message. A
user can override this, although is not recommended, by disabling
this feature.
* When viewing a signed message, the ^E command would present an
empty screen or Alpine would crash because when Alpine would get the
PKCS7 body of the message from body->sparep, it would not decode it
properly due to the new way in which the sparep pointer is encoded
that was introduced in version 2.19.991.
* When a signed message is forwarded, the message might not be filtered
correctly, and mime information might make it into the body of the
forwarded message. In order to produce this, the message must be
forwarded from the index screen and not be opened. The reason why
this makes a difference is because opening a signed message changes
its body structure. The reason why a person could forward a message
before reading it is because the person could already be aware of
the content of the message (e.g. the message is in the sent-mail
folder).
* When a message fails to validate and the body is saved from the server
for validation, be careful in the way that body part pointers are
set, in order to do this we split the mail_body function into two
parts, one that gets the body, the other that gets the section of
the body. The new function that gets the section of the body
(mail_body_section), is used to assign pointers of the reconstructed
new body.
* When a container has not been defined, transferring messages to a
container will succeed, and the name of the container will be
written on screen.
* When Alpine is receiving the envelopes from an imap server, it
attempts to generate the index line immediately; while doing so it
might need to compute a score, and for this, it might need to go
back and do some operation in the same imap server. In this case,
Alpine will crash with a "lock when already locked" message. In
order to avoid this crash, a new check in match_pattern was added to
Alpine to avoid the second trip to a server that is busy sending us
envelopes. Reported by Peter Koellner.
* Update copyright notice in mswin.rc and pmapi.rc, as well as first
time user notice and special request notice.
* Alpine cannot handle correctly some characters in the Windows-1256
character set, which might lead to a crash or a corruption in the
screen. Work was done to contain the bug. A more complete fix will be
done in a future release. Reported by Professor Robert Funnell.
* Decode the name of attachment names, so they can be written as part
of the description of the part.
* When transferring certificates to a local container, create container
with default names PublicContainer, PrivateContainer and CAContainer,
as appropriate for these files, unless the user has provided some
other names.
|
|
body->nested.part instead of b->nested.part in the
do_detached_signature_verify function, and save its body and mime
headers in create_local_cache. Now all signed messages should
verify correctly.
* Protect against potential crash bug in write_passfile function by
checking if text != NULL. text can only be null if there are no
passwords to save. We assume we could get write_passfile called
with null arguments, so this is just to protect that.
* Add handling of corner cases to several functions by initializing some
variables. Reported and patched by James Jerkins.
* When selecting the certificate/key pair to encrypt/decrypt the password
file choose it in this order:
- if -pwdcertdir is given look for certificates there, if nothing
there, we bail out;
- otherwise we look in the default directory, if anything there
and it matches to be a key/cert pair, we use it;
- otherwise we check if smime_init() has been called. If not
we call it;
- we check if a key/cert pair has been found with smime initialized,
if so, use it and copy it to the default directory;
- if not, check if there is anything in the default smime directories
(.alpine-smime/private and .alpine-smime/public), and in this
case copy it to the default.
- otherwise we bail. We will eventually create a certificate/key
pair for the user;
- finally, if we called smime_init(), we call smime_deinit().
Throughout this process, if smime_init() was not called before
we tried to get the cert/key pair we exit this process without
ps_global->smime->inited set, so that other process that need
to call smime_init() get the right structure initialized. This is
done because we might pick a cert/key pair to decrypt the password
file.
|
|
* check bounds and tie strings off to improve security. Contributed by
James Jerkins.
* Alpine crashed when a user attempted to add a folder collection, due
to bug in GET_NAMESPACE in imap4r1.c.
|