Richard Russon [Mon, 7 Mar 2016 04:41:20 +0000 (04:41 +0000)]
merge: bug-fixes - various downstream bug fixes
* add strndup.c strnlen.c
* fix spelling typo
* More careful file writing for aliases and attachments
* Bye srandom() and random()
* Remove TLS version notification
* Use unlocked libc IO everywhere.
* Add browser sort by description, message count and new message count
* fix %* index_format
* build fix for po package name
* mute build warning
David Wilson [Tue, 22 Oct 2013 18:34:57 +0000 (11:34 -0700)]
Use unlocked libc IO everywhere.
Since mutt does not use threads, there is no reason it should use the
locked variants of the FILE* IO functions. This checks if the unlocked
functions are available, and if so enables them globally via mutt.h.
Cuts load time for a 56k message, 1.8GB /var/mail mailbox from 14
seconds to ~6 seconds, since we avoid acquiring and releasing a mutex
for every character of input read.
Sami Farin [Wed, 16 Oct 2013 18:34:57 +0000 (11:34 -0700)]
Bye srandom() and random()
Prefer getrandom on Linux, use /dev/urandom otherwise to
get entropy for MIME boundaries, message-id, Maildir filename,
temporary filename. Using MUTT_RANDTAG_LEN (currently 16) base32
characters for boundaries and message-id.
Sami Farin [Wed, 16 Oct 2013 18:34:57 +0000 (11:34 -0700)]
More careful file writing for aliases and attachments
Use fsync and check for errors when appending to alias file,
saving attachments, and bouncing a message. Still more checks are needed.
Also preserve errno if safe_fsync_close fails.
Kevin McCarthy [Mon, 17 Aug 2015 21:51:07 +0000 (14:51 -0700)]
Add idn to MUTTLIBS instead of LIBS (see #3638)
Currently, -lidn is included while linking all the mutt binaries. Add
it to MUTTLIBS instead so it's only used for the mutt linking.
Also, add $LIBICONV to $LIBS before checking for some of the idna
functions. On some sytems, there are apparently issues when using
static linking. (Thanks to grarpamp for reporting).
Kevin McCarthy [Mon, 17 Aug 2015 19:31:40 +0000 (12:31 -0700)]
Change mutt_adv_mktemp to call mutt_mktemp instead of mktemp. (see #3638).
mutt_mktemp is currently called in 95% of the cases in mutt, and
is already our "own rolled" version of mktemp. The "insecure mktemp
warning" discussion keeps coming up, so instead add prefix and suffix
functionality to mutt_mktemp() and call that.
All other uses of Tempdir in the mutt source did not call
mutt_expand_path() first, so remove that from mutt_adv_mktemp().
Kevin McCarthy [Wed, 29 Jul 2015 16:07:51 +0000 (09:07 -0700)]
Add error handling for ^ and other empty mailbox shortcuts.
(closes #2402) (closes #3735)
Explicitly mention the ^ example in the documentation added in 6d733cab6b45.
Add an error message for ^ when CurrentFolder is not set. Add checks
for other mailbox shortcuts that expand to the empty string. This
could happen if the @alias shortcut was accidentally used, or the value
referenced by a shortcut isn't set yet.
Kevin McCarthy [Mon, 27 Jul 2015 21:09:55 +0000 (14:09 -0700)]
Add "Mailbox Matching in Hooks" section to manual.
Folder-hook and mbox-hook perform mailbox shortcut expansion on the
regexp parameter. Add a section to the manual to give examples and make
the behavior clearer.
In certain circumstances, Exchange corrupts a multipart/encrypted block
into:
<multipart/mixed>
<text/plain>
<application/pgp-encrypted> [BASE64-encoded]
<application/octet-stream> [BASE64-encoded]
This patch pulls the full detection of valid/invalid multiparts
into mutt_body_handler(). It extracts a run_decode_and_handler()
function, which is reused by new intermediate handlers to decode
the application/octet-stream part before passing it directly to
crypt_pgp_encrypted_handler. These intermediate handlers then check
and set any GOODSIG flags back into the parent part.
This change may result in less error messages for invalid
multipart/encrypted parts. Instead, mutt will default to the
multipart_handler if it isn't fully "correct".
Viewing attachments uses crypt_pgp_decrypt_mime() which bypasses the
handler mechanism. Add decoding to the decrypt_mime() functions for pgp
and gpgme.
Thanks to Vincent Brillault for his analysis and initial patch.
Kevin McCarthy [Thu, 23 Jul 2015 21:57:04 +0000 (14:57 -0700)]
Fix compiler type warnings. (closes #3765)
The output of mutt_local_tz() was being passed to abs(). Technically
the return type is time_t, but it represents a small value: the timezone
offset in seconds. Add a safe explicit cast to int.
Change the txt parameter of mutt_make_help() to type const char *.
Typically all calls run the txt parameter through _(), which
accepts const char * and returns a char *. However, if NLS is not
enabled, _() is a noop, simply returning the parameter itself. In
mutt_compile_help(), items[i].name is const char *, so it will generate
a warning when passed as the txt parameter of mutt_make_help().
On some systems, e.g. OS X, snprintf is defined as a macro. One call
in hcache.c was embedding directives inside the snprintf call. This is
apparently undefined behavior, so duplicate the call instead.
Kevin McCarthy [Tue, 21 Jul 2015 19:34:49 +0000 (12:34 -0700)]
Imap: Fix flag caching after sync.
The flags cached in IMAP_HEADER_DATA were not updated to match the
HEADER flags after a sync. This means if a flag were toggled and synced
twice, the second sync was not sending the flag update.
Kevin McCarthy [Thu, 9 Jul 2015 21:50:05 +0000 (14:50 -0700)]
Use $(VAR) instead of @VAR@ in Makefile.am files. (closes #3664)
The @VAR@ form is not overridable, such as the case for #3664 where the
reporter wanted to override DOTLOCK_GROUP.
It's doubtful targets need to be overriden, but it makes sense to be
consistent in the usage of automake substituted variables unless there
is a particular reason/bug to work around.
Kevin McCarthy [Thu, 2 Jul 2015 18:21:19 +0000 (11:21 -0700)]
Convert from using mkinstalldirs to $(MKDIR_P).
The automake mkinstalldirs script is now deprecated. "install-sh -d"
can be used in place. Configure.ac already includes AC_PROG_INSTALL,
which will ensure install-sh is bundled. Add AC_PROG_MKDIR_P, which
will set $(MKDIR_P) to either a thread-safe "mkdir -p" or will fall back
to using install-sh.
Kevin McCarthy [Mon, 29 Jun 2015 21:35:28 +0000 (14:35 -0700)]
Add note to manual clarifying push/exec and folder-hook order.
Folder-hooks are executed in the order declared. However, push/exec
commands will simply prepend to the keyboard buffer. If there are
multiple push/exec commands, each will prepend to the earlier one. The
result is that they will end up being "run" in reverse order once keyboard
buffer processing starts.
Kevin McCarthy [Fri, 26 Jun 2015 19:23:26 +0000 (12:23 -0700)]
Fix IMAP segfault due to NULL capstr.
After a failed login, the connection is left open but capstr is freed.
If a second login attempt is made, imap_auth_sasl was trying to strstr
using the NULL capstr.
Add a NONULL around the capstr parameter to strstr. Change
imap_conn_find() to keep the capstr around until a successful
authentication occurs.
Model the smime.c searching off of classic pgp searching. Create
smime_get_key_by_hash()/addr()/str() functions that use a single
smime_get_candidates() function to search the index.
Use the new smime_keys generated purpose flag in the index to filter by
KEYFLAG_CANENCRYPT and KEYFLAG_CANSIGN. Old style indices fall back to
all-inclusive behavior.
Kevin McCarthy [Sun, 7 Jun 2015 20:59:19 +0000 (13:59 -0700)]
smime_keys: Add purpose flag to index.
A subsequent patch will change smime.c to use the purpose to filter
certs and keys that can't be used for signing or encryption.
Issuer, trust, and purpose flags were also added to the keys index file,
to keep parsing simpler in smime_keys as well as smime.c. The trust and
purpose are derived from the cert. Issuer is set to '?' as this should
never be needed for keys.
Kevin McCarthy [Mon, 25 May 2015 17:59:50 +0000 (10:59 -0700)]
smime_keys: Handle certificate chains in add_cert. (closes #3339) (closes #3559)
Find all chains in the certificate provided. For each chain create a
separate leaf and intermediate certificate file. Because Mutt controls
the label prompt, use a single label for all chains.
Also, loosen up cert file parsing to allow attributes even if they
aren't delimited by a "Bag Attributes" header.
Thanks to David J. Weller-Fahy for his testing and feedback!
Kevin McCarthy [Mon, 18 May 2015 20:27:12 +0000 (13:27 -0700)]
smime_keys: Convert openssl execution to use open("-|",...). (see #3575) (see #2456)
This does a fork/exec, bypassing the shell, and so handles
spaces, quotes, and other shell-characters problems better than the
simple fix in changeset:c66a6bd5d0d5
This also fixes the "verify with crl" bug in #2456: the grep is now done
in perl.
Thank you Vincent Lefevre for your review and feedback!
Kevin McCarthy [Fri, 15 May 2015 17:47:38 +0000 (10:47 -0700)]
Start cleaning up and fixing smime_keys.pl (closes #3324) (see #2456)
* Convert to using File::Temp (#3324). This was also suggested at
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775199
* Use File::Temp for add_p12 temp file. (#2456)
* Make the query_label() method a bit more robust with empty strings,
ctrl-d, and leading spaces.
* Clean up openssl_do_verify() logic. Mark cert as invalid
rather that die'ing if an openssl verify command fails.
* General cleanup:
- Clearly separate op handler, certificate management, and helper
functions by section and using prefixes.
- Create openssl helper functions to reduce copy/paste invocations
and make the code clearer.
- Make indentation consistent at 2 spaces.
- Change handle_add_pem() to re-use handle_add_chain() once the
correct files are identified.
- Change openssl_parse_pem() to return a single array of data
structures representing the parsed certs/keys.
Kevin McCarthy [Sun, 3 May 2015 23:25:45 +0000 (16:25 -0700)]
Provide SSL cipher selection option. (closes #3167)
Creates a $ssl_ciphers option that allows direct selection of the
ciphers for OpenSSL (via SSL_CTX_set_cipher_list) and GnuTLS (via
gnutls_priority_set_direct).
Fix performance regression for ~b/~B searching. (closes #3743)
In mutt_is_autoview(), changeset b58cdfacfb89 introduced a call to
rfc1524_mailcap_lookup() before checking if the MIME type should
be autoviewed based on the user's preferences. This caused a major
performance regression for ~b/~B searching.
Rearrange mutt_is_autoview() to check the user preferences first, then
search for a mailcap entry only if the MIME type should be autoviewed.
In order to preserve correct mime_lookup behavior, re-add a call to
mutt_check_lookup_list() before scanning the AutoViewList.
Kevin McCarthy [Sun, 19 Apr 2015 20:15:50 +0000 (13:15 -0700)]
Add $crypt_confirmhook option. (see #3727)
Allow the confirmation prompt for crypt-hooks to be disabled. This is
useful for multiple crypt-hook users (e.g. encrypted mailing lists), or
just for people who are certain of their crypt-hooks and don't want to
be prompted every time.
Kevin McCarthy [Sun, 19 Apr 2015 20:15:48 +0000 (13:15 -0700)]
Allow multiple crypt-hooks with the same regexp. (closes #3727).
Changes the crypt-hook to accumulate a LIST of hooks with
the same regexp, as opposed to replacing the hook data.
This is useful for the case of encrypted mailing lists.
Update pgp classic and gpgme to process a LIST of crypt-hook
values instead of just one.
This version of the patch creates a new _mutt_list_hook() function that
(in theory) other hooks could use if they were changed to return a list.
It also changes the behavior when a crypt-hook is declined: previously
it would immediately use the original recipient for key selection. Now
it will only do that if all crypt-hooks for a recipient are declined.
This allows all, a subset, or none of the hooks to be used.
Thanks to Rejo Zenger, Remco Rijnders, and Dale Woolridge for their work
on various versions of this patch.
Kevin McCarthy [Thu, 16 Apr 2015 01:57:17 +0000 (18:57 -0700)]
Use fingerprints instead of keyIDs internally. (see #3695)
Add a helper function, pgp_fpr_or_lkeyid(), that returns the fingerprint
if available, otherwise falls back to the long key id. Convert Mutt to
use that value for pgp command invocation.
Change gpgme to use an equivalent crypt_fpr_or_lkeyid() function in a
couple places too (for keylist generation and sign-as key selection).
Update documentation to mention fingerprints and the --with-fingerprint
option for gpg invocation.
Change pgp_long_ids to default: yes, but add a note mentioning
it's only used for the display of key IDs in a few places.
Kevin McCarthy [Tue, 7 Apr 2015 01:39:09 +0000 (18:39 -0700)]
Clarify hook pattern vs regexp in muttrc.man page.
Updates to the muttrc.man page were inadvertently not included in
changeset:aac979f8b529. Fix mbox-hook and crypt-hook to show
they accept a regexp, not a pattern.