Age | Commit message (Collapse) | Author |
|
|
|
user agrees to save a certificate of another user, use the saved
certificate immediately to verify the smime message. Reported by
Stefan Mueller.
|
|
"mechanic" in comp.mail.pine.
* Configure script modifications to set the ldap-dir value correctly.
* Fix some typos in documentation.
|
|
S/MIME,
and then reenabled it. This crash was due to a double free of memory. To avoid
this in the future, we created a function free_x509_store(), which whenever
called, will only free memory once. A similar crash would occur when one
attempted to enter the S/MIME configuration screen if S/MIME was turned off.
In this case, Alpine would try to dereference a null pointer.
|
|
signing first and encrypting second, which makes Alpine fail to parse
the signed data after encryption. Reported by Holger Trapp.
|
|
LibreSSL in connecting to external servers. This complements the
changes to support S/MIME. In particular, we add support for
validation of certificates by using C:\\libressl\ssl\certs as the
place to save CA certificates. In order to help users, some
certificates are distributed. TODO: Kerberos port, w2k.
|
|
decrypt the password file correctly. Reported by Kyle George.
|
|
make it easier to find functions when I need to do so.
|
|
closed.
* A message could fail to verify its signature even if the
certificate was saved when the message was open. Based on a report by
David Woodhouse to the RedHat bugzilla system.
|
|
us.
* Some distributions of OpenSSL do not define ERR_free_strings and
EVP_cleanup, so we only execute them when defined. Reported by Erich
Eckner.
|
|
|
|
a certificate (as opposed to the message is corrupt) retry at most two
more times to get the data out using the PKCS7_verify function, and let
the user know about the error.
|
|
a signature fails to verify. This causes Alpine to crash. Patch
submitted by Linus Torvalds.
|
|
* rewrite of some code in pith/ical.c to make sure function prototypes are
correct.
* Add a separator line to the calendar entry in case, the calendar is sent
as the main body of the message.
|
|
|
|
|
|
.ilk files in a PC-Alpine "build clean" command.
|
|
when s_cert_store is NULL, and also only freeing s_cert_store when all
certificates in the .alpine-smime/ca directory fail to load.
|
|
|
|
since clients such as Thunderbird do not validate signatures that use
sha1 digest.
|
|
|
|
what happened and decide accordingly. Fixes the fact that Alpine will
fail to create self signed certificate, when the .pwd directory does
not exist.
|
|
the password file is encrypted using a private key/public certificate
pair. If one such pair cannot be found, one will be created.
|
|
entering a password to read an encrypted message will make Alpine
forget the key and not ask the password to unlock it again in case it
is necessary to unlock it again. Reported by Ulf-Dietrich Braumann.
|
|
Users have the option to build with older versions of OpenSSL or with
version 1.1.0. The current code is transitional and it is intended
that we will move Alpine to build exclusively with version 1.1.0 or
above in the future. This update also recognizes if we are using
LibreSSL. It was tested with version 2.4.2.
|
|
adding memory freeing calls when necessary.
|
|
user is sometimes asked to import a certificate and sometimes a key.
* Fix a case of memory freed twice introduced in commit 4bf825141c...
|
|
that encrypts password file in case that the new key/certificate pairs
have the same name as the old key/certificate.
|
|
to encrypt a password file in the SMIME setup configuration screen.
|
|
file, writes a non-secure encrypted password file until Alpine is
restarted again.
|
|
* Update of copyright notice
* Update to release notes to indicate support of RFC 2971.
|
|
the certificate to lowercase, which may make Alpine not be able to
read such certificate. Reported by Dennis Davis.
|
|
in signatures, when the option "Validate Using Certificate Store Only"
is enabled. If the user does not wish to save it, validation will fail.
|
|
remote server and the private key is not available.
* SMIME: Management of several alternate name (SAN) certificates is
improved. When importing a SAN certificate, also import a certificate
for the filename, besides for the e-mail addresses in the
certificate.
* When saving an attachment, the "^T" command leads to a screen where the
"A" command can be used to add a file. A directory can be added by
pressing "^X" after the "A" command. Added after a suggestion by
Stefan Goessling.
|
|
file containing the certificate, as the name to be displayed in the
certificate management screen for certificate authorities. Suggested
by Matthias Rieber.
|
|
being transferred, a local copy was not being retained, and therefore
no copy was being transferred to the remote server.
|
|
|
|
remote containers. Reported by Matthias Rieber.
|
|
lisblank.
* Clean up some code in pith/smime.c.
|
|
not using it anyway.)
|
|
in system.h.
|
|
* SMIME: Cancelling entering password to unlock key will not reprompt.
* Creating repo at repo.or.cz
|
|
* SMIME: Crash when a certificate has an invalid date of validity. Also
Alpine will use the function ASN1_TIME_print to determine the date of
validity. Reported by Ben Stienstra.
* SMIME: Crash when atempting to unlock the password file and an
incorrect password is entered.
* Alpine version 2.20.4 would not build in Windows, due to a missing
#ifdef SMIME directive in file alpine/mailpart.c. Reported by
Ulf-Dietrich Braunmann.
* Pico: Code reorganization in the search command to make it easier to
add subcommands of the search command.
* Pico: Search command can do a case sensitive match. Use the Ctrl-^
subcommand of the search command to bring this choice into view.
* For a multipart/alternative message, the Take Address command will
work on the part that is being read.
|
|
* SMIME: If a message contains a RFC822 atachment that is
signed/decrypted add the ability to view its SMIME information.
* SMIME: The ^E command that gives information on the certificate
is only available for messages that have a signed or encrypted part.
* Fix vulnerability in regex library. This only affects those who use
this library, such as the windows version of Alpine. See
http://www.kb.cert.org/vuls/id/695940.
* HTML: Add support for decoding entities in hexadecimal notation.
Suggested by Tulipánt Gergely.
* Pico: Add the ability to search for strings in the beginning or end
of a line. In the search menu, pressing Ctrl-^ toggles the prompt
to search for a string at the beginning of a line. Another press of
Ctrl-^ toggles the prompt to search for a string at the end of a line,
and pressing Ctrl-^ one more time searches for the string anywhere in
the text.
|
|
* Further enhancement to the configure script in finding the location
of the SSL include and library files, when they are installed in th e
default location by openssl.
* When Alpine sends an attachment, it will set the boundary attribute
in lower case, as some SMTP servers, such as those of libero.it
reject messages if the boundary attribute is in uppercase.
* Alpine fails to remove temporary files used during a display or sending
filter. Fix contributed by Phil Brooke.
* SMIME: Crash when checking the signature of a message that contains
a RFC822 attached message. Reported by Holger Trapp and Bjorn Krellner.
|
|
* crash on importing certificates that do not have an email address
associated to them, such as those of a Certificate Authority.
* Disable saving new passwords to the password file. Implemented
by Louis Raphael from dpslabs.com.
* Panda IMAP does not decode correctly Korean text encoded in UTF-8.
Reported by Chulho Yang.
|
|
* Aggregate operations allows bouncing a list of messages using a role.
Suggested by Ulf-Dietrich Braumann.
* Compilation error of module pith/reply.c if SMIME is not defined (as in
Windows Alpine). There was a misplaced parenthesis.
* Update to S/MIME to explain how to use a PKCS12 certificate in
Alpine.
* Fix error in compare_certs function, that would modify the name of
the certificates after sorting them, and return when no certificates
are given.
* When replying to several messages, subject will be decoded first,
and then stripped from re/fwd before they are compared to determine
the subject of the replied message.
* Add $(LIBINTL) to the flags to link rpdump, rpload, alpined and
alpineldap because MAC OSX 10.8 x86_64 needs it.
* When the download of an attachment is interrumpted, Alpine stills
caches what was downloaded, making the download incomplete for
subsequent calls of Alpine attempting to open the attachment. In the
future, Alpine will not cache any downloaded part of the attachment
when it is interrupted.
|
|
* Alpine would not parse options from the command line, such
as -patterns-filters2, correctly.
* Add /usr/local/include as a path to find include and libs files
for openssl in FreeBSD.
* Management certificate screen now prints, in addition to the e-mail
address of the owner of the certificates, the dates of validity
and the MD5 hash of such certificates.
* crash when processing message/rfc822 attachments that are encoded
in base64.
* Openssl: if /usr/local/ssl exists, assume that this is the intended
place where ssl libraries, include files and certificates are located.
Typically, distributions do not use this directory, so its existence
indicates that Openssl has been specially installed there, so it
is probably a preferred place to get the system Openssl files.
* Postponed messages whose content-type is text/html, text/enriched and
text/richtext are sent with that content-type, even though, after
resuming composition, Alpine had changed its type to text/plain.
* HTML: <BR>, <BR />, and <BR/&> are considered the same inline tag;
the same is valid for the <HR> tag.
|
|
* S/MIME Alpine would compute incorrectly the signature of a message
that contains 8bit if the option "Enable 8bit ESMTP Negotiation" is
enabled, the message contains 8bit characters and the smtp server
supports 8bit sending.
* Crash while redrawing S/MIME configuration screen when importing a
certificate
* When forwarding a message before opening it, the message might not be
found. The problem is in the forward_body function, where the section
of the body is not correctly set in all instances.
* When forwarding a signed message Alpine might forward the message as
a multipart message, instead of just selecting the body of the
message. Change to forward the signed part only. This aligns Alpine
with what it does when it replies to a similar message.
|
|
none is specified.
|