summaryrefslogtreecommitdiff
path: root/pith/imap.c
AgeCommit message (Collapse)Author
2022-06-02 * New version 2.26Eduardo Chappa
2021-10-10 * Alpine might delete all passwords from the password file if theEduardo Chappa
password file is not unlocked by cancellation, or the authentication for an XOAUTH2 server is cancelled, or the password of an account is changed.
2021-10-03 * Code clean up and removal of some warnings.Eduardo Chappa
2021-09-09 * Alpine will delete passwords that do not work from internal memoryEduardo Chappa
and the local password cache (password file or system local cache.)
2021-08-23 * Fix some memory leaks reported by Valgrind.Eduardo Chappa
2021-08-15 * The c-client library parses information from an IMAP server duringEduardo Chappa
non-authenticated state which could lead to denial of service. Reported by Damian Poddebniak from Münster University of Applied Sciences.
2021-04-10 * New alpha version 2.24.1Eduardo Chappa
2020-01-19 * Initial release of Alpine version 2.22.Eduardo Chappa
2019-05-07 * Few improvements in the password management code.Eduardo Chappa
2019-05-04 * Initial release of XOAUTH2 authentication support in Alpine forEduardo Chappa
Gmail.
2018-02-26 * New version 2.21.999Eduardo Chappa
* rewrite of some code in pith/ical.c to make sure function prototypes are correct. * Add a separator line to the calendar entry in case, the calendar is sent as the main body of the message.
2017-03-17 * New version 2.21Eduardo Chappa
2016-11-22 * Minor updates to source to update copyright notices (part 1)Eduardo Chappa
2016-06-17 * Work in progress: Alpine calls non-safe functions while handling aEduardo Chappa
signal. An attempt is being made to correct this in the future. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825772.
2016-02-28 * Add the ability to change the private key and certificates usedEduardo Chappa
to encrypt a password file in the SMIME setup configuration screen.
2016-02-02 * New version 2.20.11Eduardo Chappa
* Update of copyright notice * Update to release notes to indicate support of RFC 2971.
2015-01-07 * new version 2.19.9999Eduardo Chappa
* crash on importing certificates that do not have an email address associated to them, such as those of a Certificate Authority. * Disable saving new passwords to the password file. Implemented by Louis Raphael from dpslabs.com. * Panda IMAP does not decode correctly Korean text encoded in UTF-8. Reported by Chulho Yang.
2014-12-07 * new version 2.19.9993Eduardo Chappa
* Aggregate operations allows bouncing a list of messages using a role. Suggested by Ulf-Dietrich Braumann. * Compilation error of module pith/reply.c if SMIME is not defined (as in Windows Alpine). There was a misplaced parenthesis. * Update to S/MIME to explain how to use a PKCS12 certificate in Alpine. * Fix error in compare_certs function, that would modify the name of the certificates after sorting them, and return when no certificates are given. * When replying to several messages, subject will be decoded first, and then stripped from re/fwd before they are compared to determine the subject of the replied message. * Add $(LIBINTL) to the flags to link rpdump, rpload, alpined and alpineldap because MAC OSX 10.8 x86_64 needs it. * When the download of an attachment is interrumpted, Alpine stills caches what was downloaded, making the download incomplete for subsequent calls of Alpine attempting to open the attachment. In the future, Alpine will not cache any downloaded part of the attachment when it is interrupted.
2014-04-25 * When downloading a signed message, and processing it, we useEduardo Chappa
body->nested.part instead of b->nested.part in the do_detached_signature_verify function, and save its body and mime headers in create_local_cache. Now all signed messages should verify correctly. * Protect against potential crash bug in write_passfile function by checking if text != NULL. text can only be null if there are no passwords to save. We assume we could get write_passfile called with null arguments, so this is just to protect that. * Add handling of corner cases to several functions by initializing some variables. Reported and patched by James Jerkins. * When selecting the certificate/key pair to encrypt/decrypt the password file choose it in this order: - if -pwdcertdir is given look for certificates there, if nothing there, we bail out; - otherwise we look in the default directory, if anything there and it matches to be a key/cert pair, we use it; - otherwise we check if smime_init() has been called. If not we call it; - we check if a key/cert pair has been found with smime initialized, if so, use it and copy it to the default directory; - if not, check if there is anything in the default smime directories (.alpine-smime/private and .alpine-smime/public), and in this case copy it to the default. - otherwise we bail. We will eventually create a certificate/key pair for the user; - finally, if we called smime_init(), we call smime_deinit(). Throughout this process, if smime_init() was not called before we tried to get the cert/key pair we exit this process without ps_global->smime->inited set, so that other process that need to call smime_init() get the right structure initialized. This is done because we might pick a cert/key pair to decrypt the password file.
2014-02-02 * Update to version 2.19.5Eduardo Chappa
* check bounds and tie strings off to improve security. Contributed by James Jerkins. * Alpine crashed when a user attempted to add a folder collection, due to bug in GET_NAMESPACE in imap4r1.c.
2013-05-31 * somehow all.patch got here. Reversing.Eduardo Chappa
2013-05-31 * Fix not allow remote execution by adding PIPE_NOSHELL to the opening of ↵Eduardo Chappa
a url by a browser.
2013-02-03Initial Alpine VersionEduardo Chappa