Age | Commit message (Collapse) | Author |
|
PC-Alpine.
|
|
Elliot.
|
|
file prevented users from actually saving their passwords in Windows
and MAC OS. Fix the code so that passwords will be saved. Also,
update the documentation of this feature.
* Fix a buffer overflow bug in the XOAUTH2 code (off by one error).
* Update PC-Alpine to work with Libressl version 3.0.2 instead of
version 2.5.5 (update build.bat and lib files from the LibreSSL
build).
* Erase SSLXXXXXX file.
* ssl_nt.c actually directs the code to ssl_libressl.c or ssl_win.c.
The file ssl_libressl.c is the file ssl_unix.c from the unix osdep
directory. The file ssl_win.c is the native SSL windows code. The
Unix side provides S/MIME support for Alpine and the latest
encryption protocols support for Alpine when connecting to a secure
server, while the windows side provide TLSv1_3 support for Alpine,
but not S/MIME support.
In order to provide unix code for TLSv1_3 (once LibreSSL supports it)
edit the file os_nt.c and remove the comments on the #ifdef section.
This would provide both TLSv1_3 and S/MIME support with unix code. On
the other hand, when we provide TLSv1_3 with the Windows code we need
to undefine DF_ENCRYPTION_RANGE, and this is done in the file
include/config.wnt.h. The way this is done as of this moment is by
commenting an #else directive that preceedes this #undefine.
* Update makefile.nt and friends in the windows side to account for the
addition of XOAUTH2, and the use of only ssl_nt.c when dealing with
Alpine.
* Define SMIME_SSLCERTS as c:\libressl\ssl\certs, so that these
certificates be considered while checking a digital S/MIME signature.
* Improvements to the SMARTTIME24 token to account for changes in year.
|
|
|
|
option of rldap servers, none of them worked. Reported by Robert
Wolf.
|
|
not need/want to build using pam. Add more robustness to the configure
process, to add -lcrypt to the build flags when --with-bundled-tools=no is
given.
|
|
default. In order to build the imap tools (such as mtest, imapd,
etc.) the configure script must be given the --with-bundled-tools
option. Similarly, libpam is not required anymore, unless the option
--with-bundled-tools is used.
|
|
Reported by Paul DeStefano.
|
|
when a screen is resized to a large number of rows. The solution was
to change the type of two variables from "signed char" to "int".
Reported by Joshua Miller.
|
|
during authentication using CRAM-MD5. The intention was to ignore the
challenge in the PLAIN authentication. This made Alpine fail to
authenticate when using the CRAM-MD5 authenticator. Reported by Stefan
Mueller.
|
|
The issue with logic was that of the two checks for validation of
if the first one was not done, the second one would not
be done. The intention was to do the second check if the
first check failed. Reported by Erich Ecknet.
|
|
* Document request message for first time use reports IMAP for any remote
connection. Report the correct type of service instead.
|
|
|
|
for a read of zero bytes, but this causes problems. Reported by Greg
Oster.
|
|
when login into an account. Reported by R. Lyons.
|
|
update takes care of building with LibreSSL.
|
|
the table of color codes.
|
|
non-empty challenge in a smtp server.
|
|
|
|
to user's request.
|
|
to c-client, which in turn tries an empty password instead of
cancelling the connection.
|
|
parameter to make sure the user understands that this is used when the
STARTLS command is needed and not when a TLS encryption is needed.
|
|
is being saved.
|
|
attempts to check for new mail on a locked stream that is being used
for a save operation. Reported by Carlos E.R.
|
|
connection is closed while the post is being composed, but later the
post is attempted to be sent. In some instances, the stream may be
open and closed during this time, but Alpine does not realize the
connection was closed and attempts the post without a netstream,
producing a crash.
|
|
|
|
has been disabled during the compilation of the Openssl library.
|
|
|
|
|
|
|
|
|
|
keystroke sequence of commands is active. Based on a report from Holger
Trapp.
|
|
|
|
problems exist, so I can go back to the exact bits that caused the
problem.
|
|
of Openssl that do different things. I need to understand them
better. In the mean time, we go back to the original code.
|
|
consistent in what it signs. Problem reported by Björn Krellner.
|
|
options.
|
|
version 3.0.
|
|
user agrees to save a certificate of another user, use the saved
certificate immediately to verify the smime message. Reported by
Stefan Mueller.
|
|
submitted in 2009, but resubmitted by Erich Eckner on 2019.
|
|
fails to add a trailing line to signed text. Reported by Stefan Mueller.
|
|
and not the new calls.
|
|
was being allocated. Based on a report by Erich Eckner.
|
|
|
|
Reported by Matt Roberds to the Debian bug system at
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886370.
|
|
Gmail.
|
|
"mechanic" in comp.mail.pine.
* Configure script modifications to set the ldap-dir value correctly.
* Fix some typos in documentation.
|
|
that fix the following startup crashes:
* Crash when Alpine started with empty url fragment;
* Crash when Alpine started with option last-time-prune-questioned
in wrong format;
* Crash when Alpine started with printf formatting characters from
command line; and
* Crash when Alpine started with an extremely long command line
option.
* Crash when Alpine is started with the wrong piped input when
opening a folder from the command line. Reported by Mateusz
Kocielski from LogicalTrust.
|
|
Eckner.
|
|
a. Add a new variable: encryption-protocol-range, which can be
used to specify the minimum and maximum versions of the TLS
protocol that Alpine will attempt to use to encrypt its
communication with the server.
b. Add support for the Server Name Identification (SNI) extension
needed for TLSv1.3.
c. Remove the DTLS code. It was not being used.
|