From ec605304db0b92d68e151574ab0f80babee6d4a6 Mon Sep 17 00:00:00 2001 From: Eduardo Chappa Date: Fri, 3 Apr 2015 17:07:25 -0600 Subject: * new version 2.20.6 * SMIME: Cancelling entering password to unlock key will not reprompt. * Creating repo at repo.or.cz --- VERSION | 2 +- alpine/osdep/mswin.rc | 8 ++++---- configure | 20 ++++++++++---------- doc/alpine.1 | 2 +- doc/tech-notes/index.html | 2 +- doc/tech-notes/tech-notes.txt | 2 +- mapi/pmapi.c | 2 +- mapi/pmapi.rc | 8 ++++---- pith/pine.hlp | 4 +++- pith/smime.c | 27 +++++++++++++++++---------- po/Makefile.in | 2 +- 11 files changed, 44 insertions(+), 35 deletions(-) diff --git a/VERSION b/VERSION index 099548ba..f1d06450 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.20.5 +2.20.6 diff --git a/alpine/osdep/mswin.rc b/alpine/osdep/mswin.rc index 17f8c2da..d0ca0649 100644 --- a/alpine/osdep/mswin.rc +++ b/alpine/osdep/mswin.rc @@ -244,8 +244,8 @@ END // VS_VERSION_INFO VERSIONINFO - FILEVERSION 2,20,5,0 - PRODUCTVERSION 2,20,5,0 + FILEVERSION 2,20,6,0 + PRODUCTVERSION 2,20,6,0 FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x1L @@ -267,12 +267,12 @@ BEGIN #else VALUE "FileDescription", "Alpine\0" #endif - VALUE "FileVersion", "2.20.5\0" + VALUE "FileVersion", "2.20.6\0" VALUE "InternalName", "alpine\0" VALUE "LegalCopyright", "Copyright 2006-2009 University of Washington, Copyright 2013-2014\0" VALUE "OriginalFilename", "alpine.exe\0" VALUE "ProductName", "alpine\0" - VALUE "ProductVersion", "2.20.5\0" + VALUE "ProductVersion", "2.20.6\0" END END BLOCK "VarFileInfo" diff --git a/configure b/configure index 779de061..85226522 100755 --- a/configure +++ b/configure @@ -1,7 +1,7 @@ #! /bin/sh # From configure.ac Rev:17 by chappa@washington.edu. # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for alpine 2.20.5. +# Generated by GNU Autoconf 2.69 for alpine 2.20.6. # # Report bugs to . # @@ -591,8 +591,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='alpine' PACKAGE_TARNAME='alpine' -PACKAGE_VERSION='2.20.5' -PACKAGE_STRING='alpine 2.20.5' +PACKAGE_VERSION='2.20.6' +PACKAGE_STRING='alpine 2.20.6' PACKAGE_BUGREPORT='chappa@washington.edu' PACKAGE_URL='' @@ -1466,7 +1466,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures alpine 2.20.5 to adapt to many kinds of systems. +\`configure' configures alpine 2.20.6 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1536,7 +1536,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of alpine 2.20.5:";; + short | recursive ) echo "Configuration of alpine 2.20.6:";; esac cat <<\_ACEOF @@ -1830,7 +1830,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -alpine configure 2.20.5 +alpine configure 2.20.6 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2436,7 +2436,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by alpine $as_me 2.20.5, which was +It was created by alpine $as_me 2.20.6, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3305,7 +3305,7 @@ fi # Define the identity of the package. PACKAGE='alpine' - VERSION='2.20.5' + VERSION='2.20.6' cat >>confdefs.h <<_ACEOF @@ -21303,7 +21303,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by alpine $as_me 2.20.5, which was +This file was extended by alpine $as_me 2.20.6, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -21369,7 +21369,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -alpine config.status 2.20.5 +alpine config.status 2.20.6 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/doc/alpine.1 b/doc/alpine.1 index 9321b156..d7aba4b7 100644 --- a/doc/alpine.1 +++ b/doc/alpine.1 @@ -1,4 +1,4 @@ -.TH alpine 1 "Version 2.20.5" +.TH alpine 1 "Version 2.20.6" .SH NAME alpine \- an Alternatively Licensed Program for Internet News and Email .SH SYNTAX diff --git a/doc/tech-notes/index.html b/doc/tech-notes/index.html index c7fa29a1..5b3e46f8 100644 --- a/doc/tech-notes/index.html +++ b/doc/tech-notes/index.html @@ -3,7 +3,7 @@

Alpine Technical Notes

-Version 2.20.5, March 2015 +Version 2.20.6, April 2015

Table of Contents

diff --git a/doc/tech-notes/tech-notes.txt b/doc/tech-notes/tech-notes.txt index 0123ee81..cfdb45c1 100644 --- a/doc/tech-notes/tech-notes.txt +++ b/doc/tech-notes/tech-notes.txt @@ -1,7 +1,7 @@ Alpine Technical Notes - Version 2.20.5, March 2015 + Version 2.20.6, April 2015 Table of Contents diff --git a/mapi/pmapi.c b/mapi/pmapi.c index 3a1c3c75..16898a7c 100644 --- a/mapi/pmapi.c +++ b/mapi/pmapi.c @@ -1952,7 +1952,7 @@ BOOL APIENTRY DllMain( now = time((time_t *)0); tm_now = localtime(&now); - fprintf(ms_global->dfd, "pmapi32.dll for Alpine Version 2.20.5\r\n"); + fprintf(ms_global->dfd, "pmapi32.dll for Alpine Version 2.20.6\r\n"); fprintf(ms_global->dfd, " Build date: %s\r\n", datestamp); fprintf(ms_global->dfd, " please report all bugs to chappa@gmx.com\r\n"); diff --git a/mapi/pmapi.rc b/mapi/pmapi.rc index dbb9a99e..54956421 100644 --- a/mapi/pmapi.rc +++ b/mapi/pmapi.rc @@ -98,8 +98,8 @@ END // VS_VERSION_INFO VERSIONINFO - FILEVERSION 2,20,5,0 - PRODUCTVERSION 2,20,5,0 + FILEVERSION 2,20,6,0 + PRODUCTVERSION 2,20,6,0 FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x29L @@ -117,14 +117,14 @@ BEGIN VALUE "Comments", "alpine info: http://patches.freeiz.com/alpine\0" VALUE "CompanyName", "Patches for Alpine\0" VALUE "FileDescription", "Simple MAPI DLL for Alpine for Windows\0" - VALUE "FileVersion", "2.20.5\0" + VALUE "FileVersion", "2.20.6\0" VALUE "InternalName", "pmapi32\0" VALUE "LegalCopyright", "Copyright ? University of Washington 2006-2009, Eduardo Chappa 2013-2014\0" VALUE "LegalTrademarks", "Apache License, Version 2.0\0" VALUE "OriginalFilename", "pmapi32.dll\0" VALUE "PrivateBuild", " \0" VALUE "ProductName", "Simple MAPI for Alpine for Windows\0" - VALUE "ProductVersion", "2.20.5\0" + VALUE "ProductVersion", "2.20.6\0" VALUE "SpecialBuild", " \0" END END diff --git a/pith/pine.hlp b/pith/pine.hlp index 7eb2f955..6815233f 100644 --- a/pith/pine.hlp +++ b/pith/pine.hlp @@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any reasonable place to be called from. Dummy change to get revision in pine.hlp ============= h_revision ================= -Alpine Commit 72 2015-03-31 12:22:49 +Alpine Commit 73 2015-04-03 17:07:19 ============= h_news ================= @@ -237,6 +237,8 @@ Bugs that have been addressed include: a RFC822 attached message. Reported by Holger Trapp and Björn Krellner. +

  • SMIME: Cancelling entering password to unlock key will not reprompt. +
  • Fix vulnerability in regex library. This only affects those who use this library, such as the windows version of Alpine. See http://www.kb.cert.org/vuls/id/695940 diff --git a/pith/smime.c b/pith/smime.c index 9cef212b..841a2743 100644 --- a/pith/smime.c +++ b/pith/smime.c @@ -75,9 +75,9 @@ int smime_extract_and_save_cert(PKCS7 *p7); int same_cert(X509 *, X509 *); CertList * certlist_from_personal_certs(PERSONAL_CERT *pc); #ifdef PASSFILE -void load_key_and_cert(char *pathkeydir, char *pathcertdir, char **keyfile, char **certfile, EVP_PKEY **pkey, X509 **pcert); +int load_key_and_cert(char *pathkeydir, char *pathcertdir, char **keyfile, char **certfile, EVP_PKEY **pkey, X509 **pcert); #endif /* PASSFILE */ -EVP_PKEY *load_pkey_with_prompt(char *fpath, char *text, char *prompt); +EVP_PKEY *load_pkey_with_prompt(char *fpath, char *text, char *prompt, int *); void smime_remove_trailing_crlf(char **mimetext, unsigned long *mimelen, char **bodytext, unsigned long *bodylen); void smime_remove_folding_space(char **mimetext, unsigned long *mimelen, char **bodytext, unsigned long *bodylen); int smime_validate_extra_test(char *mimetext, unsigned long mimelen, char *bodytext, unsigned long bodylen, PKCS7 *p7, int nflag); @@ -122,19 +122,23 @@ get_smime_sparep_data(void *s) * key/certificate pair that matches. Delete pairs that you do not want used, * if you do not want them selected. All parameters must be non-null. * Memory freed by caller. + * Return values: + * -1 : user cancelled load + * 0 : load was successful + * 1 : there was an error in the loading. */ -void +int load_key_and_cert(char *pathkeydir, char *pathcertdir, char **keyfile, char **certfile, EVP_PKEY **pkey, X509 **pcert) { char buf[MAXPATH+1], pathkey[MAXPATH+1], prompt[MAILTMPLEN]; DIR *dirp; struct dirent *d; - int b = 0; + int b = 0, ret = 1; /* assume error */ if(pathkeydir == NULL || pathcertdir == NULL || keyfile == NULL || pkey == NULL || certfile == NULL || pcert == NULL) - return; + return 1; *keyfile = NULL; *certfile = NULL; @@ -153,7 +157,7 @@ load_key_and_cert(char *pathkeydir, char *pathcertdir, char **keyfile, buf[strlen(buf)-4] = '\0'; snprintf(prompt, sizeof(prompt), _("Enter password of key <%s> to unlock password file: "), buf); - if((*pkey = load_pkey_with_prompt(pathkey, NULL, prompt)) != NULL){ + if((*pkey = load_pkey_with_prompt(pathkey, NULL, prompt, &ret)) != NULL){ if(load_cert_for_key(pathcertdir, *pkey, certfile, pcert)){ b = 1; /* break */ *keyfile = cpystr(buf); @@ -169,6 +173,7 @@ load_key_and_cert(char *pathkeydir, char *pathcertdir, char **keyfile, } closedir(dirp); } + return ret; } @@ -231,7 +236,8 @@ setup_pwdcert(void **pwdcert) if(setup_dir == 0) return; - load_key_and_cert(pathdir, pathdir, &keyfile, &certfile, &pkey, &pcert); + if(load_key_and_cert(pathdir, pathdir, &keyfile, &certfile, &pkey, &pcert) < 0) + return; if(certfile && keyfile){ pc = (PERSONAL_CERT *) fs_get(sizeof(PERSONAL_CERT)); @@ -296,7 +302,7 @@ setup_pwdcert(void **pwdcert) snprintf(prompt, sizeof(prompt), _("Enter password of key <%s> to unlock password file: "), pc->name); - if((pkey = load_pkey_with_prompt(pathkey, text, prompt)) != NULL){ + if((pkey = load_pkey_with_prompt(pathkey, text, prompt, NULL)) != NULL){ pc2 = (PERSONAL_CERT *) fs_get(sizeof(PERSONAL_CERT)); memset((void *)pc2, 0, sizeof(PERSONAL_CERT)); pc2->name = cpystr(pc->name); @@ -549,7 +555,7 @@ get_cert_deleted(WhichCerts ctype, int num) } EVP_PKEY * -load_pkey_with_prompt(char *fpath, char *text, char *prompt) +load_pkey_with_prompt(char *fpath, char *text, char *prompt, int *ret) { EVP_PKEY *pkey; int rc = 0; /* rc == 1, cancel, rc == 0 success */ @@ -575,6 +581,7 @@ load_pkey_with_prompt(char *fpath, char *text, char *prompt) BIO_free(in); + if(ret) *ret = rc == 1 ? -1 : pkey != NULL ? 0 : 1; return pkey; } @@ -614,7 +621,7 @@ import_certificate(WhichCerts ctype) snprintf(prompt, sizeof(prompt), _("Enter passphrase for <%s>: "), filename); prompt[sizeof(prompt)-1] = '\0'; - if((key = load_pkey_with_prompt(full_filename, NULL, prompt)) != NULL){ + if((key = load_pkey_with_prompt(full_filename, NULL, prompt, NULL)) != NULL){ if(SMHOLDERTYPE(ctype) == Directory){ build_path(buf, PATHCERTDIR(ctype), filename, sizeof(buf)); if(strcmp(buf + strlen(buf) - 4, EXTCERT(ctype)) != 0 && strlen(buf) + 4 < sizeof(buf)){ diff --git a/po/Makefile.in b/po/Makefile.in index 78dba2e7..dec3b36b 100644 --- a/po/Makefile.in +++ b/po/Makefile.in @@ -11,7 +11,7 @@ # Origin: gettext-0.16 PACKAGE = alpine -VERSION = 2.20.5 +VERSION = 2.20.6 PACKAGE_BUGREPORT = chappa@washington.edu SHELL = /bin/sh -- cgit v1.2.3-54-g00ecf