On a hostname mismatch, saving the certificate is pointless because
mutt will ask the user no matter if the certificate is saved or not.
The only invocation allowing "accept always" is guarded by a call to
check_certificate_digest(), which means the check_certificate_file()
check is redundant. Therefore remove that check and add a comment
noting why.
Thanks to Matthias Andree for the original version of this patch.
Kevin McCarthy [Thu, 9 Mar 2017 18:56:21 +0000 (10:56 -0800)]
Prevent skipped certs from showing a second time. (see #3916)
OpenSSL sometimes passes a skipped certificate to
ssl_verify_callback() a second time, with preverify_ok=1. From
OpenSSL's viewpoint there is nothing wrong with this, but mutt will
end up showing the certificate in the interactive prompt again.
Cache the last cert and position, and compare with the latest when
skip_mode and preverify_ok are both set.
Kevin McCarthy [Wed, 8 Mar 2017 02:26:06 +0000 (18:26 -0800)]
Move the OpenSSL partial chain support check inside configure.ac. (see #3916)
Instead of directly checking whether X509_V_FLAG_PARTIAL_CHAIN is
defined everywhere, do it once inside configure. This will allow
better support in the future if the test needs to change.
Matthias Andree [Wed, 8 Mar 2017 02:26:04 +0000 (18:26 -0800)]
Add $ssl_verify_partial_chains option for OpenSSL. (closes #3916)
The reworked OpenSSL certificate validation took away a "feature" of
the previous implementation: the ability to reject a node in the chain
and yet continue to the next node.
If this new option is set to 'yes', enables OpenSSL's
X509_V_FLAG_PARTIAL_CHAIN flag to reinstate the functionality and permit
to use a non-root certificate as the trust anchor.
This option is only available if OpenSSL offers the
X509_V_FLAG_PARTIAL_CHAIN macro, which should be the case as of 1.0.2b
or later.
Code written by Kevin McCarthy and Matthias Andree.
Richard Russon [Sat, 11 Mar 2017 19:11:12 +0000 (19:11 +0000)]
merge: add lua scripting
* lua: add basic working example
* Adding basic Lua scripting basics to mutt
* Refactor of the regex parsing code into its own function
* Added new headers mutt_commands.h and mutt_options.h
* Added -B option for batch mode. exiting before any mail sending feature
* Lua API for Mutt's config and commandline
Guyzmo [Sun, 15 Jan 2017 02:29:23 +0000 (03:29 +0100)]
Lua API for Mutt's config and commandline
* adds the following to Mutt's API:
* `:lua` to execute a line of Lua
* `:lua-source` to load and run a Lua source file
* exposes the following Mutt API in Lua:
* `mutt.message()` To write a message on Mutt's command line
* `mutt.error()` To write an error message on Mutt's command line
* `mutt.enter()` run an arbitrary Mutt command, like with `:enter-command`
* `mutt.get()` get a variable from Mutt
* `mutt.set()` sets a variable from Mutt (with type enforcement)
* `mutt.call()` calls a command available in mutt, with arguments
* `mutt.command.*` exposes all the commands from within Mutt
* For some technical details:
* proper error handling of the Lua interpreter
* exposed mutt_option_set and mutt_option_get from init
Guyzmo [Sat, 14 Jan 2017 12:31:58 +0000 (13:31 +0100)]
Adding basic Lua scripting basics to mutt
* adding two commands:
- lua: to parse a line of lua code
- lua-source: to load and parse a lua file
* binding two mutt functions in lua:
- mutt_message and
- mutt_error
Richard Russon [Sat, 11 Mar 2017 18:46:00 +0000 (18:46 +0000)]
fix: Garbage in chdir prompt due to unescaped string
I upgraded one of my stable systems to stretch and noticed that when
changing the directory with 'c', there was some garbage at the end of
the string in the prompt. I've not noticed that before on my main
amd64 system, but this stable system is i386, so different alignment
and word size that can affect this kind of thing.
I tracked it down to an unescaped string handling.
Damien Riegel [Sat, 18 Feb 2017 19:19:58 +0000 (14:19 -0500)]
mx: don't make MUTT_NNTP and MUTT_COMPRESSED conditional
Other symbols like MUTT_IMAP and MUTT_POP don't depend on their
respective configuration flags to be defined, keep the same logic for
MUTT_NNTP and MUTT_COMPRESSED. That makes it easier to remove some
ifdef.
Damien Riegel [Sat, 18 Feb 2017 18:41:19 +0000 (13:41 -0500)]
mx: remove `#ifdef USE_COMPRESSED` in mx_fastclose_mailbox
Some code to cleanup compressed mailbox on close depends on an #ifdef
block in mx_fastclose_mailbox, but this mailbox specific code should be
implemented in the mx_ops' close function.
This commit moves the call to `mutt_free_compress_info` in the mailbox
close function, allowing us to mark it static and to remove the ifdef.
Richard Russon [Mon, 6 Mar 2017 12:45:01 +0000 (12:45 +0000)]
merge: upstream fixes (mutt/default)
* Clear out extraneous errors before SSL_connect() (see #3916)
* SSL: Fix memory leak in subject alternative name code. (closes #3920)
* Increase ACCOUNT.pass field size. (closes #3921)
Kevin McCarthy [Sun, 5 Mar 2017 23:24:45 +0000 (15:24 -0800)]
Increase ACCOUNT.pass field size. (closes #3921)
#3921 reported his password token used for Google XOAUTH2 is size 129.
The ACCOUNT structure currently uses a size 128 buffer. Who knew a
password field would ever be bigger than that?
Since the ACCOUNT structure has no allocation/dellocation routines,
the easiest fix is to increase the size. Bump the size up to 256.
Kevin McCarthy [Sun, 5 Mar 2017 23:24:45 +0000 (15:24 -0800)]
Increase ACCOUNT.pass field size. (closes #3921)
#3921 reported his password token used for Google XOAUTH2 is size 129.
The ACCOUNT structure currently uses a size 128 buffer. Who knew a
password field would ever be bigger than that?
Since the ACCOUNT structure has no allocation/dellocation routines,
the easiest fix is to increase the size. Bump the size up to 256.
Tobias Angele [Tue, 28 Feb 2017 01:47:24 +0000 (02:47 +0100)]
github: added template for Pull Requests, issues and a CONTRIBUTION.md (#339)
* PR template is based on https://gitlab.com/snippets/35985 (thanks @guyzmo)
* tips for good commit messages are based on tpope's guide:
http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
Richard Russon [Sat, 25 Feb 2017 00:43:07 +0000 (00:43 +0000)]
merge: upstream fixes (mutt/default)
* Add 1.8.0 entries to the UPDATING file.
* Reword some of the UPDATING entries.
* Minor touchups to documentation and UPDATING file.
* Updated Esperanto translation.
* Updated Dutch translation.
* Updated Japanese translation.
* automatic post-release commit for mutt-1.8.0
Mehdi ABAAKOUK [Fri, 24 Feb 2017 14:43:36 +0000 (15:43 +0100)]
Use getaddrinfo_a if possible (#420)
When getaddrinfo_a is avialable we can use it to set a timeout for the
dns resolution. This avoid to have mutt that freeze on startup when the
network connection isn't working and the hosts/hostname misconfigured on
the system.
Richard Russon [Mon, 20 Feb 2017 16:52:49 +0000 (16:52 +0000)]
merge: upstream fixes (mutt/default)
* Change "allow_dups" into a flag at hash creation.
* Filter expired local certs for OpenSSL verification.
* Plug memory leak in weed-expired-certs code.
* Fix potential cert memory leak in check_certificate_by_digest().
* Show SHA1 fp in interactive cert check menu.
* Prevent null pointer exception for h->ai_canonname
Prevent null pointer exception for h->ai_canonname
The getaddrinfo call in line 54 sets &h to a struct addrinfo. If a
canonical name cannot be found for the node argument of getaddrinfo,
h->ai_canonname is set to NULL. In that case, the strchr call in line
58 can lead to segfault. This behavior was observed on a macos sierra
while the hostname was 192.168.1.3 (unfortunately this happens quite
often in macos).
The fix is simple, just check h->ai_canonname for the NULL value.
Kevin McCarthy [Sun, 12 Feb 2017 20:24:51 +0000 (12:24 -0800)]
Fix potential cert memory leak in check_certificate_by_digest().
Thanks to Matthias Andree's debugging, it appears the cert is not
freed when PEM_read_X509() encounters EOF. Change the return value
check to not overwrite cert. It is already updated via the second
parameter.
Matthias Andree [Sun, 12 Feb 2017 17:59:48 +0000 (09:59 -0800)]
Plug memory leak in weed-expired-certs code.
X509_STORE_add_cert() creates a copy of the certificate we're offering,
so we need to free our copy afterwards. This isn't documented, but from
observed behaviour in OpenSSL 1.0.2 and its master branch source code.
Change PEM_read_X509() call to reuse cert to avoid free/reallocation
overhead.
Kevin McCarthy [Sun, 12 Feb 2017 17:59:41 +0000 (09:59 -0800)]
Filter expired local certs for OpenSSL verification.
OpenSSL has trouble establishing the chain and verifying when
duplicate expired certs are loaded in from $certificate_file. A
warning about this is mentioned in
SSL_CTX_load_verify_locations(3SSL).
Filter out expired certs when loading verify certs. Note that the
full certicates file is still used for verification in
check_certificate_by_digest().
Kevin McCarthy [Fri, 10 Feb 2017 21:01:21 +0000 (13:01 -0800)]
Change "allow_dups" into a flag at hash creation.
Instead of having an "allow_dups" parameter for hash_insert(), add a
flag, MUTT_HASH_ALLOW_DUPS, to hash_create().
Currently ReverseAlias, subj_hash, and thread_hash allow duplicate
keys. Change those hashes to pass the flag at creation, and remove
the last parameter from all callers of hash_insert().
projects / neomutt / log