Kevin McCarthy [Sun, 8 Feb 2015 22:19:41 +0000 (14:19 -0800)]
Cache uid validity in crypt_key_t.
In order to find the validity for a crypt_key_t, the code has to loop
through the key->kobj->uids list up to the correct index. This is a
bit silly since the uid is available when the crypt_key_t is created in
get_candidates().
This patch adds a validity field, and changes the various places to use
that instead of looping.
Also fix a bug in _crypt_compare_trust(): it was using the validity of
the first uid instead of the corresponding uid's validity.
Kevin McCarthy [Sun, 8 Feb 2015 21:44:10 +0000 (13:44 -0800)]
Fix pgp-gpgme to set revoke/expired/disabled flags.
The code wasn't settings those flags in get_candidates().
This patch adds it to the pgp path. I don't know if these flags apply
to SMIME so am leaving them out for the smime branch.
Fix up crypt_select_key() to follow the same logic as pgp_select_key().
Kevin McCarthy [Mon, 2 Feb 2015 21:25:17 +0000 (13:25 -0800)]
Fix mutt_parse_crypt_hdr() sign_as behavior.
Currently, if a message is postponed with only the E encryption flag,
when it is resumed, pgp_sign_as will be overwritten (with an empty
string).
This intention of the behavior was probably to restore the exact state
of pgp_sign_as upon resuming. However, if the message wasn't marked for
signing, the state of pgp_sign_as is not known. This patch changes the
mutt_parse_crypt_hdr() to only set an empty pgp_sign_as if there is an S
flag (and if set_empty_signas is true).
mutt_edit_headers() also uses the function, but it doesn't want to
overwrite pgp_sign_as with just an S flag. The set_signas parameter is
renamed to (a hopefully clearer) "set_empty_signas".
Kevin McCarthy [Thu, 15 Jan 2015 22:18:53 +0000 (14:18 -0800)]
Send the IMAP \Draft flag when postponing a message.
This patch adds a mx_open_new_message() flag, M_SET_DRAFT. It also adds
a MESSAGE->flags.draft flag.
mutt_write_fcc() passes the M_SET_DRAFT flag to mx_open_new_message(),
which then sets MESSAGE->flags.draft. Then, imap_append_message() is
able to see this flag and so adds the \Draft flag.
The imap_append_message() function started to have a bit too many flags,
so this version of the patch separates out the flag generating code into
a simpler version.
Kevin McCarthy [Thu, 29 Jan 2015 23:40:34 +0000 (15:40 -0800)]
Clean up sasl warnings.
These were caused by assigning callback functions to the
sasl_callback_t.proc member. The callback type doesn't list any
parameters, because parameters vary by callback. The fix was simply
assigning a cast.
Cyrus-sasl2 has a sasl_callback_ft typedef that their sample code uses
for this purpose, but it is in a different header, saslplug.h, and
isn't in their 1.5 tree. Since this is probably not portable to other
implementations, I just added an equivalent cast.
Kevin McCarthy [Wed, 28 Jan 2015 00:15:31 +0000 (16:15 -0800)]
Clean up gnutls warnings.
Most of the warning were caused by deprecated types:
gnutls_certificate_credentials
gnutls_certificate_status
gnutls_datum
gnutls_digest_algorithm
gnutls_session
gnutls_transport_ptr
gnutls_x509_crt
Even though I believe the replacements have been around for a while, the
patch adds autoconf checks and fallback typedefs.
One warning was caused by casting an int to a pointer for the second
parameter to gnutls_transport_set_ptr(). Recent gnutls has a
replacement gnutls_transport_set_int() macro, but this macro simply
(eventually) casts the parameter using "(gnutls_transport_ptr_t)(long)".
So this patch just does the same.
Kevin McCarthy [Mon, 26 Jan 2015 02:09:56 +0000 (18:09 -0800)]
Remove GPG_AGENT_INFO check for GnuPG 2.1 compatibility. (closes #3715)
GnuPG version 2.1 stops exporting the GPG_AGENT_INFO environment
variable, so mutt can't check for the presence of that to ensure the
agent is running.
For GPGME, we can check for the OpenPGP protocol being present. For
classic pgp, we have to trust the user setting.
This patch is based on the patches sent by CustaiCo and muffins. Thank
you both for reporting the problem and creating a patch.
Kevin McCarthy [Mon, 19 Jan 2015 23:58:38 +0000 (15:58 -0800)]
pgp_getkeybystr: Pull key matching out of the address match loop.
Since the key is invariant inside the address loop, there is no need to
match against it with each address.
All the keys should have at least one address record (see bb3b01f41ed2),
but in case a record was malformed, add a check for that to keep the
same logic.
Eike Rathke [Wed, 21 Jan 2015 09:14:17 +0000 (10:14 +0100)]
HEAD is dead, remove wrong instruction from doc/devel-notes.txt
Branch HEAD was closed over a year ago. If one was following the instruction
to update -C HEAD you'd end up with an empty source tree and had to checkout
the default branch again.
Eike Rathke [Sun, 18 Jan 2015 16:50:42 +0000 (17:50 +0100)]
Allow short and long key ID user input in crypt_getkeybystr()
The following did not work, e.g. when leaving a key list, and at the "Sign as"
or "Encrypt to" prompt attempting to enter a key ID:
* set pgp_long_ids=no
* enter a long key ID, with or without leading 0x
* set pgp_long_ids=yes
* enter a short key ID without leading 0x
Specifically entering a long key ID should always be possible as evil32.com
has shown.
This also cleans up the logic used to determine the matching condition, which
was quite convoluted.. it even slightly speeds up the loop as less string
operations are involved in the inner condition.
This only changes how the result obtained from the crypt_* gpgme interface is
filtered.
Eike Rathke [Sun, 18 Jan 2015 16:45:41 +0000 (17:45 +0100)]
Allow short and long key ID user input in pgp_getkeybystr()
The following did not work, e.g. when leaving a key list, and at the "Sign as"
or "Encrypt to" prompt attempting to enter a key ID:
* set pgp_long_ids=no
* enter a long key ID, with or without leading 0x
* set pgp_long_ids=yes
* enter a short key ID without leading 0x
Specifically entering a long key ID should always be possible as evil32.com
has shown.
This also cleans up the logic used to determine the matching condition, which
was quite convoluted.. it even slightly speeds up the loop as less string
operations are involved in the inner condition.
This only changes how the result obtained from the pgp_* command line
interface is filtered.
Kevin McCarthy [Sat, 17 Jan 2015 22:34:13 +0000 (14:34 -0800)]
Fix some context, data, and key memory leaks in gpgme.
The context and data cleanup just involved adding missing
gpgme_release() and gpgme_data_release() calls in a few places.
The key usage was a little more involved:
* Fix crypt_free_key(). It wasn't freeing the key passed in, and
didn't work properly if multiple keys were passed in. It also was
missing a call to gpgme_key_unref().
* Add free_recipient_set() to properly unref all the keys before
freeing the array.
* Fix get_candidates() to ref keys added to the crypt_key_t list, and
unref the keys returned by gpgme_op_keylist_next().
* Change usages of gpgme_key_release() to gpgme_key_unref(). The former
was deprecated in gpgme version 0.4.1 (2003-06-06).
Kevin McCarthy [Tue, 12 Aug 2014 21:04:55 +0000 (14:04 -0700)]
Add a scratch buffer to the history ring. (closes #3082)
This patch creates an extra slot in the history ring for a scratch
buffer (at h->last). If you are editing inside that buffer, it is
preserved when you scroll up/down through the history. Editing while in
other places in history are *not* preserved with this patch.
Another behavior change worth noting with this patch: the position in
history is now reset to the scratch buffer after each input entry.
Before, the position would be stay wherever it was - you didn't restart
at the "bottom" each time.
Kevin McCarthy [Wed, 6 Nov 2013 21:07:04 +0000 (13:07 -0800)]
Add option to encrypt postponed messages. (closes #3665)
This patch is based on Christian Brabandt's patch sent
to mutt-users.
Add two new configuration variables: $postpone_encrypt and
$postpone_encrypt_as. When $postpone_encrypt is set and a message is
marked for encryption, the message will be encrypted using the key
specified in $postpone_encrypt_as before saving the message.
In this patch, $postpone_encrypt_as must be specified. I experimented
with passing safe_strdup( NONULL (PostponeEncryptAs)) when unspecified,
but although gpg.conf has a default-key setting, I could not get it to
work properly. (pgpclassic gave an error message and gpgme sefaulted.)
Although not necessary, this patch turns off signing during encryption
of the postponed message (and turns it back on before saving), since
there is no need to sign the message yet.
Kevin McCarthy [Wed, 30 Oct 2013 01:25:52 +0000 (18:25 -0700)]
Add gpg signature name. (closes #3478)
Some mail clients display "noname" for the gpg signature
attachment. This patch sets the mime name to "signature.asc".
The patch is based on
http://dev.mutt.org/trac/attachment/ticket/3478/gpg_signature_name.patch
with the changes:
- removes the configuration options
- removes mime description
Kevin McCarthy [Sat, 3 Jan 2015 19:33:10 +0000 (11:33 -0800)]
Change bounce to use mutt_parse_adrlist() for address parsing.
When prompting for recipients, forwarding, replying, and mailing all use
mutt_parse_adrlist() to parse the addresses. This allows for addresses
to be separated by spaces.
Bounce message currently uses rfc822_parse_adrlist(), which doesn't
allow the spaces. This one-line patch simply changes bounce to behave
the same as mail, reply, and forwarding for the address prompt.
Kevin McCarthy [Thu, 1 Jan 2015 04:35:38 +0000 (20:35 -0800)]
Fix segfault of extract-keys (^K) under gpgme. (closes #3698)
This patch is based on the patch by Ben Price, which relocated the
safe_fclose (&in) after its use by keydata in pgp_gpgme_extract_keys.
Thank you for the patch!
In addition, this patch:
* removes spurious (debug?) output when the extract keys is finished.
* adds a gpgme_data_release() call to free the keydata.
Kevin McCarthy [Thu, 1 Jan 2015 04:35:38 +0000 (20:35 -0800)]
Fix segfault of extract-keys (^K) under gpgme. (closes #3698)
This patch is based on the patch by Ben Price, which relocated the
safe_fclose (&in) after its use by keydata in pgp_gpgme_extract_keys.
Thank you for the patch!
In addition, this patch:
* removes spurious (debug?) output when the extract keys is finished.
* adds a gpgme_data_release() call to free the keydata.
Kevin McCarthy [Tue, 6 Jan 2015 02:28:59 +0000 (18:28 -0800)]
Fix segv in pgp_getkeybystr(). (closes #3725)
When searching for keys, and the user supplies "" to match against,
pgp_getkeybystr will have values:
p = "";
l = 0;
After returning from pgp_select_key(), it will try to assign to
p[l-1].
(As a note, the function is chopping off and restoring the trailing
"!" character because of ticket #1928.)
Kevin McCarthy [Fri, 15 Aug 2014 03:12:28 +0000 (20:12 -0700)]
Fix variable name in configure.ac.
$ac_cv_search_STRINGPREP_CHECK_VERSION should be
$ac_cv_search_stringprep_check_version, to match the first parameter of
the AC_SEARCH_LIBS([stringprep_check_version] above.
Running configure was giving a "test: =: unary operator expected" error.
Kevin McCarthy [Tue, 12 Aug 2014 21:33:17 +0000 (14:33 -0700)]
Wrap pgp_uid_t->addr in NONULL(). (closes #3564)
The previous patch introduced the possibility for addr to be null. Mutt
is surprisingly robust against null strings, but there are a few places
that should be wrapped in NONULL().
Kevin McCarthy [Tue, 12 Aug 2014 21:33:17 +0000 (14:33 -0700)]
Fix parse_pub_line to allow an empty User-ID field for a pub record. (see #3564)
A key whose primary uid record has an empty User-ID will result in the
user being unable to use the key to encrypt an email in mutt. This is
because the mutt functions for key selection iterate through the address
fields of a key for matching against and for displaying to the user.
This change allows a pgp_uid_t record to be created for a pub record
whose User-ID field is blank. So the key will have one address record,
albeit with a null addr field.
Kevin McCarthy [Sun, 3 Nov 2013 03:12:41 +0000 (20:12 -0700)]
Override draft headers with arguments. (closes #3580)
Currently, if the -H option is used, it is not possible to redefine the
recipient addresses with positional argument. This patch fixes it as
well as CC, Bcc, and Subject headers.
This patch is based on the patch by Petr Písař at
http://dev.mutt.org/trac/attachment/ticket/3580/override_draft_headers_with_arguments.patch
This version of the patch merges the To, Cc, and Bcc commandline
arguments into the template, and fixes a few small problems with the
previous patch.
This patch also moves the fin close outside the "if (tempfile)" block,
since it is opened outside that block.
Kevin McCarthy [Sat, 21 Jun 2014 20:51:38 +0000 (13:51 -0700)]
Enable %a format string for all pgp command configs. (closes #3699)
Currently, the documentation states that, with the exception of
pgp_getkeys_command, all the PGP format commands should be available to
the pgp_*_command configuration variables.
However, the %a format is actually only enabled for
pgp_clearsign_command, pgp_encrypt_sign_command, and pgp_sign_command.
Philip Rinn discovered this problem when he was trying to add a
"--encrypt-to %a" to pgp_encrypt_only_command. Rather than just fix
the one configuration he was having the problem with, this patch
enables %a usage for all of them. (With the exception of the documented
pgp_getkeys_command.)
Kevin McCarthy [Thu, 19 Dec 2013 03:19:30 +0000 (19:19 -0800)]
Note correct usage of $edit_headers. (closes #3673)
Ticket 3673 shows that it isn't necessarily obvious a blank
line is needed between the headers and body of a message when using
$edit_headers. This patch adds a small note to the documentation,
indicating the blank line should be preserved between the headers and
body.
Kevin McCarthy [Fri, 15 Aug 2014 03:12:28 +0000 (20:12 -0700)]
Fix variable name in configure.ac.
$ac_cv_search_STRINGPREP_CHECK_VERSION should be
$ac_cv_search_stringprep_check_version, to match the first parameter of
the AC_SEARCH_LIBS([stringprep_check_version] above.
Running configure was giving a "test: =: unary operator expected" error.
This patch is based off of the patch at
http://dev.mutt.org/trac/attachment/ticket/3515/624058-gnutls-deprecated-set-priority.patch
The mutt source has changed since then, with more TLS options being
added. This patch therefore uses a slightly different strategy for generating the
priority string.
The patch also adds autoconf support, as requested by brendan at
http://dev.mutt.org/trac/ticket/3515#comment:1
Unknown [Mon, 7 Oct 2013 17:09:25 +0000 (17:09 +0000)]
Problems with muttrc.5:
Ambiguous or invalid backslash. This doesn't cause groff a problem.
but it confuses doclifter and may confuse older troff implementations.
Unknown or invalid macro. That is, one that does not fit in the
macro set that the man page seems to be using. This is a serious
error; it often means part of your text is being lost or rendered
incorrectly.
Use local definitions of .EX/.EE or .DS/.DE to avoid low-level troff
requests in the page body. There are plans to add these to groff man;
in the interim, this patch adds a compatible definition to your page.
Kevin McCarthy [Sat, 5 Oct 2013 07:57:49 +0000 (15:57 +0800)]
Fix segfault when viewing text attachments in compose menu. (closes #3644)
The segfault was introduced in changeset b9f9e3147eb4. Since decoding
and charset conversion aren't needed for attachments when composing a
message, this patch reverts to just using mutt_save_attachment() to view
"raw data" for text attachments in the compose/send case.
This patch is based on Michael Elkins' patch at
http://dev.mutt.org/trac/attachment/ticket/3644/view_attach_compose_segfault
with just a missing return value check added.
Aaron Schrab [Sat, 5 Oct 2013 19:25:00 +0000 (19:25 +0000)]
Consistently use mutt_buffer_init function
Despite the existence of the mutt_buffer_init function, most
initializations were instead done with memset. Use the specific
function instead to make it easier if later changes are made to how the
initialization should be done.
Michael Elkins [Fri, 4 Oct 2013 18:22:15 +0000 (18:22 +0000)]
When recalling a postponed message that does not have a x-mutt-fcc header
field, generate a default FCC just as we do for new messages. If x-mutt-fcc is
present but empty, we assume that means the user does not want a copy.