summaryrefslogtreecommitdiff
path: root/pith/smkeys.h
AgeCommit message (Collapse)Author
2016-11-22 * Minor updates to source to update copyright notices (part 1)Eduardo Chappa
2016-10-05 * When Alpine is compiled with password file and SMIME supportEduardo Chappa
the password file is encrypted using a private key/public certificate pair. If one such pair cannot be found, one will be created.
2016-09-03 * Alpine does not build with openssl 1.1.0, so this update fixes that.Eduardo Chappa
Users have the option to build with older versions of OpenSSL or with version 1.1.0. The current code is transitional and it is intended that we will move Alpine to build exclusively with version 1.1.0 or above in the future. This update also recognizes if we are using LibreSSL. It was tested with version 2.4.2.
2016-02-28 * Add the ability to change the private key and certificates usedEduardo Chappa
to encrypt a password file in the SMIME setup configuration screen.
2015-12-14 * S/MIME: When reading a local certificate, Alpine converts the name ofEduardo Chappa
the certificate to lowercase, which may make Alpine not be able to read such certificate. Reported by Dennis Davis.
2015-09-09 * SMIME: Offer the common name of the person, instead of the name ofEduardo Chappa
file containing the certificate, as the name to be displayed in the certificate management screen for certificate authorities. Suggested by Matthias Rieber.
2014-12-07 * new version 2.19.9993Eduardo Chappa
* Aggregate operations allows bouncing a list of messages using a role. Suggested by Ulf-Dietrich Braumann. * Compilation error of module pith/reply.c if SMIME is not defined (as in Windows Alpine). There was a misplaced parenthesis. * Update to S/MIME to explain how to use a PKCS12 certificate in Alpine. * Fix error in compare_certs function, that would modify the name of the certificates after sorting them, and return when no certificates are given. * When replying to several messages, subject will be decoded first, and then stripped from re/fwd before they are compared to determine the subject of the replied message. * Add $(LIBINTL) to the flags to link rpdump, rpload, alpined and alpineldap because MAC OSX 10.8 x86_64 needs it. * When the download of an attachment is interrumpted, Alpine stills caches what was downloaded, making the download incomplete for subsequent calls of Alpine attempting to open the attachment. In the future, Alpine will not cache any downloaded part of the attachment when it is interrupted.
2014-06-20 * new version 2.19.9992Eduardo Chappa
* Alpine would not parse options from the command line, such as -patterns-filters2, correctly. * Add /usr/local/include as a path to find include and libs files for openssl in FreeBSD. * Management certificate screen now prints, in addition to the e-mail address of the owner of the certificates, the dates of validity and the MD5 hash of such certificates. * crash when processing message/rfc822 attachments that are encoded in base64. * Openssl: if /usr/local/ssl exists, assume that this is the intended place where ssl libraries, include files and certificates are located. Typically, distributions do not use this directory, so its existence indicates that Openssl has been specially installed there, so it is probably a preferred place to get the system Openssl files. * Postponed messages whose content-type is text/html, text/enriched and text/richtext are sent with that content-type, even though, after resuming composition, Alpine had changed its type to text/plain. * HTML: <BR>, <BR />, and <BR/&> are considered the same inline tag; the same is valid for the <HR> tag.
2014-05-31 * new version 2.19.9991Eduardo Chappa
* S/MIME Alpine would compute incorrectly the signature of a message that contains 8bit if the option "Enable 8bit ESMTP Negotiation" is enabled, the message contains 8bit characters and the smtp server supports 8bit sending. * Crash while redrawing S/MIME configuration screen when importing a certificate * When forwarding a message before opening it, the message might not be found. The problem is in the forward_body function, where the section of the body is not correctly set in all instances. * When forwarding a signed message Alpine might forward the message as a multipart message, instead of just selecting the body of the message. Change to forward the signed part only. This aligns Alpine with what it does when it replies to a similar message.
2014-04-25 * When downloading a signed message, and processing it, we useEduardo Chappa
body->nested.part instead of b->nested.part in the do_detached_signature_verify function, and save its body and mime headers in create_local_cache. Now all signed messages should verify correctly. * Protect against potential crash bug in write_passfile function by checking if text != NULL. text can only be null if there are no passwords to save. We assume we could get write_passfile called with null arguments, so this is just to protect that. * Add handling of corner cases to several functions by initializing some variables. Reported and patched by James Jerkins. * When selecting the certificate/key pair to encrypt/decrypt the password file choose it in this order: - if -pwdcertdir is given look for certificates there, if nothing there, we bail out; - otherwise we look in the default directory, if anything there and it matches to be a key/cert pair, we use it; - otherwise we check if smime_init() has been called. If not we call it; - we check if a key/cert pair has been found with smime initialized, if so, use it and copy it to the default directory; - if not, check if there is anything in the default smime directories (.alpine-smime/private and .alpine-smime/public), and in this case copy it to the default. - otherwise we bail. We will eventually create a certificate/key pair for the user; - finally, if we called smime_init(), we call smime_deinit(). Throughout this process, if smime_init() was not called before we tried to get the cert/key pair we exit this process without ps_global->smime->inited set, so that other process that need to call smime_init() get the right structure initialized. This is done because we might pick a cert/key pair to decrypt the password file.
2014-04-18 * Set default ssl configuration for Homebrew in MAC OSX toEduardo Chappa
/usr/local/etc/openssl, under the advice of Sam Hathaway. * Add management certificate support for containers. * Fix crashing bugs introduced in version 2.19.9, which did not allow alpine to start with the -passfile and use a remote pinerc. Reported by Ulf-Dietrich Braumann. * fix a bug which was introduced in version 2.19.9, where Alpine would free a certificate associated to a key after encryption, and so this could not be used during decryption. We use X509_dup to copy the cert and so make the copy be freed, and not the original. * S/MIME: sign messages using intermediate certificates when needed and possible.
2014-03-09 * Forwarding messages with attachments of content-type multipart,Eduardo Chappa
failed when attempting to sign it, with and "Error writing pipe" error. * Using a .pinerc file outside the home directory made Alpine not find the .alpine-smime directory with certificates. * Configuration screen for S/MIME adds ability to manage certificates. (currently available to users who manage certificates in directories, not in containers, which will be available in the next alpha release.)
2013-10-06 * new version 2.11.8Eduardo Chappa
* Fix in configure script for recognition of SSL files in Ubuntu 12.04 * Alpine does not attempt to automatically reopen a collection that was not opened due to cancellation by the user. Instead, the user must try to open it explicitly. * few improvements on new /tls1, /tls1_1, etc. options.
2013-02-03Initial Alpine VersionEduardo Chappa