summaryrefslogtreecommitdiff
path: root/pith
AgeCommit message (Collapse)Author
2020-01-10 * Add file ssl_win.c, which is necessary for the compilation ofEduardo Chappa
PC-Alpine.
2020-01-07 * Do not add -lcrypt to LIBS when it is not required. Reported by RyanEduardo Chappa
Elliot.
2020-01-04 * The feature that stopped alpine from saving passwords in the passwordEduardo Chappa
file prevented users from actually saving their passwords in Windows and MAC OS. Fix the code so that passwords will be saved. Also, update the documentation of this feature. * Fix a buffer overflow bug in the XOAUTH2 code (off by one error). * Update PC-Alpine to work with Libressl version 3.0.2 instead of version 2.5.5 (update build.bat and lib files from the LibreSSL build). * Erase SSLXXXXXX file. * ssl_nt.c actually directs the code to ssl_libressl.c or ssl_win.c. The file ssl_libressl.c is the file ssl_unix.c from the unix osdep directory. The file ssl_win.c is the native SSL windows code. The Unix side provides S/MIME support for Alpine and the latest encryption protocols support for Alpine when connecting to a secure server, while the windows side provide TLSv1_3 support for Alpine, but not S/MIME support. In order to provide unix code for TLSv1_3 (once LibreSSL supports it) edit the file os_nt.c and remove the comments on the #ifdef section. This would provide both TLSv1_3 and S/MIME support with unix code. On the other hand, when we provide TLSv1_3 with the Windows code we need to undefine DF_ENCRYPTION_RANGE, and this is done in the file include/config.wnt.h. The way this is done as of this moment is by commenting an #else directive that preceedes this #undefine. * Update makefile.nt and friends in the windows side to account for the addition of XOAUTH2, and the use of only ssl_nt.c when dealing with Alpine. * Define SMIME_SSLCERTS as c:\libressl\ssl\certs, so that these certificates be considered while checking a digital S/MIME signature. * Improvements to the SMARTTIME24 token to account for changes in year.
2019-12-19 * Update to configure script to work with LibreSSL. Reported by Michael.Eduardo Chappa
2019-12-14 * When more than one server was given in the server-name configurationEduardo Chappa
option of rldap servers, none of them worked. Reported by Robert Wolf.
2019-11-25 * Add lnpno port to imap/src/osdep/unix/Makefile to account for ports that doEduardo Chappa
not need/want to build using pam. Add more robustness to the configure process, to add -lcrypt to the build flags when --with-bundled-tools=no is given.
2019-11-23 * Change in build process. Now Alpine will not build the imap tools byEduardo Chappa
default. In order to build the imap tools (such as mtest, imapd, etc.) the configure script must be given the --with-bundled-tools option. Similarly, libpam is not required anymore, unless the option --with-bundled-tools is used.
2019-11-22 * Alpine crashes when opening a remote imap folder and computing scores.Eduardo Chappa
Reported by Paul DeStefano.
2019-10-29 * Bug in Pico, which makes Alpine (and Pico) print garbage in the screenEduardo Chappa
when a screen is resized to a large number of rows. The solution was to change the type of two variables from "signed char" to "int". Reported by Joshua Miller.
2019-10-27 * Fix a bug in commit 418e8bc5789d... which made Alpine ignore a challengeEduardo Chappa
during authentication using CRAM-MD5. The intention was to ignore the challenge in the PLAIN authentication. This made Alpine fail to authenticate when using the CRAM-MD5 authenticator. Reported by Stefan Mueller.
2019-10-08 * Compilation problem and error in logic in function ssl_validate_cert.Eduardo Chappa
The issue with logic was that of the two checks for validation of if the first one was not done, the second one would not be done. The intention was to do the second check if the first check failed. Reported by Erich Ecknet.
2019-10-06 * Check for name of server in "server validation code" in more places.Eduardo Chappa
* Document request message for first time use reports IMAP for any remote connection. Report the correct type of service instead.
2019-10-03 * Fix compilation errors when Alpine is built with "--without-ssl" option.Eduardo Chappa
2019-09-26 * Return a read() to be a read of one byte. The current code has a codeEduardo Chappa
for a read of zero bytes, but this causes problems. Reported by Greg Oster.
2019-09-22 * Alpine removes trailing spaces from passwords, which creates failuresEduardo Chappa
when login into an account. Reported by R. Lyons.
2019-09-06 * Fixes so that Alpine will build in the Windows operating system. ThisEduardo Chappa
update takes care of building with LibreSSL.
2019-09-01 * Improvements to the pico manual as well as on the code that displaysEduardo Chappa
the table of color codes.
2019-09-01 * Improvements to documentation and behavior of Alpine when users get aEduardo Chappa
non-empty challenge in a smtp server.
2019-08-22 * Ignore extra text in challenge from smtp server during authentication.Eduardo Chappa
2019-08-20 * Improve code that determines the type of encryption that is used accordingEduardo Chappa
to user's request.
2019-08-09 * Bug: When a user cancels a connection, Alpine returns an empty passwordEduardo Chappa
to c-client, which in turn tries an empty password instead of cancelling the connection.
2019-08-01 * Improvements to the documentation on the meaning of the /tls unaryEduardo Chappa
parameter to make sure the user understands that this is used when the STARTLS command is needed and not when a TLS encryption is needed.
2019-07-31 * PC-Alpine will always offer the UTF8 encoded name when an attachmentEduardo Chappa
is being saved.
2019-07-19 * Alpine crashes with error "Lock when already locked" because itEduardo Chappa
attempts to check for new mail on a locked stream that is being used for a save operation. Reported by Carlos E.R.
2019-07-11 * Alpine crashes when trying to post an article in a newsgroup and theEduardo Chappa
connection is closed while the post is being composed, but later the post is attempted to be sent. In some instances, the stream may be open and closed during this time, but Alpine does not realize the connection was closed and attempts the post without a netstream, producing a crash.
2019-07-08 * Correct a misspelling. Pointed out by Holger Trapp.Eduardo Chappa
2019-07-05 * Fix compilation error produced when a specific encryption protocolEduardo Chappa
has been disabled during the compilation of the Openssl library.
2019-07-03 * Fix compilation errors in MacOS. Fix provided by Doug Luce.Eduardo Chappa
2019-07-03 * Fix some errors in documentation pointed out by Holger Trapp.Eduardo Chappa
2019-06-30 * Update to some documentation on security using SSL, TLS and STARTTLS.Eduardo Chappa
2019-06-22 * New version 2.21.99999 (06/22/2019)Eduardo Chappa
2019-06-21 * Do not use a delay when printing messages to screen when the initialEduardo Chappa
keystroke sequence of commands is active. Based on a report from Holger Trapp.
2019-06-05 * Add revision string to first time user report.Eduardo Chappa
2019-06-05 * Add revision number to message id. This helps me to figure out whenEduardo Chappa
problems exist, so I can go back to the exact bits that caused the problem.
2019-06-04 * Temporarily reverse a code used when signing: There are two versionsEduardo Chappa
of Openssl that do different things. I need to understand them better. In the mean time, we go back to the original code.
2019-06-03 * Return some code used to sign messages. Apparently openssl is notEduardo Chappa
consistent in what it signs. Problem reported by Björn Krellner.
2019-05-27 * make sure that Password file saving option matches list ofEduardo Chappa
options.
2019-05-25 * Modified test for LibreSSL, since OpenSSL next version will beEduardo Chappa
version 3.0.
2019-05-23 * When Alpine is set to validate a message using the user's store, andEduardo Chappa
user agrees to save a certificate of another user, use the saved certificate immediately to verify the smime message. Reported by Stefan Mueller.
2019-05-23 * Add backward search in the index screen. Based on patch by Astyanax Foo,Eduardo Chappa
submitted in 2009, but resubmitted by Erich Eckner on 2019.
2019-05-23 * Experimental: Attempt to fix a "digest failure" in which AlpineEduardo Chappa
fails to add a trailing line to signed text. Reported by Stefan Mueller.
2019-05-23 * Code to limit versions of the encryption protocol uses old calls,Eduardo Chappa
and not the new calls.
2019-05-08 * Buffer overflow bug on auth_md5.c, where not enough dynamic memoryEduardo Chappa
was being allocated. Based on a report by Erich Eckner.
2019-05-07 * Few improvements in the password management code.Eduardo Chappa
2019-05-05 * Alpine stops parsing the mailcap file when it finds an invalid entry.Eduardo Chappa
Reported by Matt Roberds to the Debian bug system at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886370.
2019-05-04 * Initial release of XOAUTH2 authentication support in Alpine forEduardo Chappa
Gmail.
2019-04-28 * Compilation failure in Solaris when ldap is enabled. Reported byEduardo Chappa
"mechanic" in comp.mail.pine. * Configure script modifications to set the ldap-dir value correctly. * Fix some typos in documentation.
2019-03-29 * Patches from Michał Dardas and Mateusz Kocielski from LogicalTrustEduardo Chappa
that fix the following startup crashes: * Crash when Alpine started with empty url fragment; * Crash when Alpine started with option last-time-prune-questioned in wrong format; * Crash when Alpine started with printf formatting characters from command line; and * Crash when Alpine started with an extremely long command line option. * Crash when Alpine is started with the wrong piped input when opening a folder from the command line. Reported by Mateusz Kocielski from LogicalTrust.
2019-02-28 * Remove generated files from git repository. Patch provided by ErichEduardo Chappa
Eckner.
2019-02-17 * Rewrite support for specific SSL encryption protocols, includingEduardo Chappa
a. Add a new variable: encryption-protocol-range, which can be used to specify the minimum and maximum versions of the TLS protocol that Alpine will attempt to use to encrypt its communication with the server. b. Add support for the Server Name Identification (SNI) extension needed for TLSv1.3. c. Remove the DTLS code. It was not being used.