Kevin McCarthy [Sat, 8 Apr 2017 21:21:15 +0000 (14:21 -0700)]
Ensure mutt stays in endwin during calls to pipe_msg() (closes #3929)
The previous commit solved the problem reported in #3929: progressbar
output while downloading a message via IMAP was refreshing the mutt
ncurses session after launching the pipe program.
To ensure another place in the code doesn't inadvertantly generate
output, wrap OPTKEEPQUIET around the calls to
pipe_msg()/mutt_wait_filter() too.
Kevin McCarthy [Sat, 8 Apr 2017 21:18:26 +0000 (14:18 -0700)]
Silence imap progress messages for pipe-message. (see #3929)
_mutt_pipe_message() calls endwin(), and then calls pipe_msg(). If an
imap message body hasn't already been downloaded, this can end up
calling imap_fetch_message().
The progress messages in imap_fetch_message() were restoring curses,
just after extract_url was running. This was leading to a condition
where mutt curses didn't think the screen had changed after
extract_url exited.
There was already a check for isendwin() inside imap_fetch_message(),
but it wasn't wrapped around the progressbar creation/usage. Add a
check for those places too.
Kevin McCarthy [Wed, 5 Apr 2017 23:09:39 +0000 (16:09 -0700)]
Don't create query menu until after initial prompt. (see #3877)
A resize in the prompt will trigger a redraw, but the data won't be
loaded yet, displaying a blank screen instead of the previous menu.
Once the query is done, the data is loaded, but the menu->redraw state
has been changed by the resize.
We could manually flag a redraw, but it makes more sense visually
logically to just create the menu after the query and results are
loaded.
Kevin McCarthy [Sat, 1 Apr 2017 01:15:31 +0000 (18:15 -0700)]
Remove refresh parameter from mutt_enter_fname().
Also remove it from mutt_save_message(), which used it to pass through
to mutt_enter_fname(). The callers of this already had redraw logic,
to which REDRAW_STATUS merely needed to be added.
Kevin McCarthy [Sat, 1 Apr 2017 01:15:28 +0000 (18:15 -0700)]
Create R_MENU redraw option.
Previously, the R_INDEX option meant both the index as well as all
other menus. The removal of the OPTFORCEREDRAWINDEX option caused problems
with redrawing other menus for options such as arrow_cursor.
One solution would be change R_INDEX back to meaning "everything"
except pager, but there are only a handful of options that affect
other menus.
Instead, create R_MENU to indicate options that affect either all
menus or one of the other menus beside the index and pager.
Kevin McCarthy [Mon, 27 Mar 2017 01:31:43 +0000 (18:31 -0700)]
Remove redraw parameter from crypt send_menus.
The parameter was used to notify the caller if the sign (a)s menu was
invoked, which displayed the key selection menu. This is no longer
necessary with the menu stack pop operation.
Kevin McCarthy [Mon, 27 Mar 2017 01:31:41 +0000 (18:31 -0700)]
Set refresh when popping the menu stack.
This removes the need for the OPTNEEDREDRAW option and MAYBE_REDRAW
macro previously used to communicate back the need to refresh after
exiting a menu.
Remove the redraw parameter from ci_bounce_message() and
mix_make_chain() which served the same purpose.
Kevin McCarthy [Sun, 26 Mar 2017 19:27:15 +0000 (12:27 -0700)]
Fix mutt_refresh() pausing during macro events.
Changeset a07e8215a0ef split input buffering into two pools.
Unfortunately, the mutt_refresh() was not changed to check the correct
buffer count, resulting in unnecessary refreshes during macros.
The SSL interactive certificate prompts set OPTIGNOREMACROEVENTS and
then put up a confirmation menu. Perhaps we've just been lucky, but
it seems we should refresh the screen in those cases if we're in the
middle of a macro. Add a check for this option in mutt_refresh() too.
Kevin McCarthy [Mon, 20 Mar 2017 17:16:03 +0000 (10:16 -0700)]
Fix setenv overwriting to not truncate the envlist. (see #3922)
The refactor in 2b9c40f13e13 exposed a bug I hadn't noticed. The
match loop performed a FREE() on the slot. Then, below, it was
checking if (*envp) to see whether it was overwriting or creating a
new slot. However, FREE() nulls out *envp. This would end up
truncating the envlist just after the set slot!
Move the free down, using a mutt_str_replace(), when overwriting the
slot.
Kevin McCarthy [Sat, 18 Mar 2017 20:38:20 +0000 (13:38 -0700)]
Fix conststrings type mismatches. (closes #3926)
The generation programs for conststrings.c: txt2c.c and txt2c.sh,
specified the resultant types as "unsigned char[]" while main.c
declared them as "const char[]".
txt2.c generates 0xXX hex codes for each individual character, thus
the "unsigned" definition. With link-time optimization, some versions
of gcc notice the mismatch and emit a warning.
Change the declarations to match the definitions and cast to char[]
when they are used.
Add shortcuts for IMAP and POP mailboxes in the file browser
Mailbox list may not be properly displayed in a standard 80-column
terminal window if the $folder variable contains a long URL. In such
a case only left part of each entry name can be visible with the default
value of $folder_format. What's worse, this visible part may not be
enough to distinguish between the entries.
Thus in this case mutt_pretty_mailbox() will be just as useful as for
local mailboxes.
Kevin McCarthy [Thu, 9 Mar 2017 21:00:10 +0000 (13:00 -0800)]
Add SNI support for OpenSSL. (see #3923)
The original patch for this is by Phil Pennock at:
https://people.spodhuis.org/phil.pennock/software/mutt-patches/
I have removed the OpenSSL version check and defined(OPENSSL_NO_TLSEXT)
check because:
* SSL_set_tlsext_host_name() was added in 0.9.8f [11 Oct 2007]
* OpenSSL 1.1 no longer has the OPENSSL_NO_TLSEXT compilation option
* https://rt.openssl.org/Ticket/Display.html?id=2788&user=guest&pass=guest
shows that the no-tlsext compilation option has been broken for some time.
* Going forward, I'd like to minimize and start removing cruft required
to support ancient/insecure versions of libraries.
On a hostname mismatch, saving the certificate is pointless because
mutt will ask the user no matter if the certificate is saved or not.
The only invocation allowing "accept always" is guarded by a call to
check_certificate_digest(), which means the check_certificate_file()
check is redundant. Therefore remove that check and add a comment
noting why.
Thanks to Matthias Andree for the original version of this patch.
Kevin McCarthy [Thu, 9 Mar 2017 18:56:21 +0000 (10:56 -0800)]
Prevent skipped certs from showing a second time. (see #3916)
OpenSSL sometimes passes a skipped certificate to
ssl_verify_callback() a second time, with preverify_ok=1. From
OpenSSL's viewpoint there is nothing wrong with this, but mutt will
end up showing the certificate in the interactive prompt again.
Cache the last cert and position, and compare with the latest when
skip_mode and preverify_ok are both set.
Kevin McCarthy [Wed, 8 Mar 2017 02:26:06 +0000 (18:26 -0800)]
Move the OpenSSL partial chain support check inside configure.ac. (see #3916)
Instead of directly checking whether X509_V_FLAG_PARTIAL_CHAIN is
defined everywhere, do it once inside configure. This will allow
better support in the future if the test needs to change.
Matthias Andree [Wed, 8 Mar 2017 02:26:04 +0000 (18:26 -0800)]
Add $ssl_verify_partial_chains option for OpenSSL. (closes #3916)
The reworked OpenSSL certificate validation took away a "feature" of
the previous implementation: the ability to reject a node in the chain
and yet continue to the next node.
If this new option is set to 'yes', enables OpenSSL's
X509_V_FLAG_PARTIAL_CHAIN flag to reinstate the functionality and permit
to use a non-root certificate as the trust anchor.
This option is only available if OpenSSL offers the
X509_V_FLAG_PARTIAL_CHAIN macro, which should be the case as of 1.0.2b
or later.
Code written by Kevin McCarthy and Matthias Andree.
Kevin McCarthy [Sun, 5 Mar 2017 23:24:45 +0000 (15:24 -0800)]
Increase ACCOUNT.pass field size. (closes #3921)
#3921 reported his password token used for Google XOAUTH2 is size 129.
The ACCOUNT structure currently uses a size 128 buffer. Who knew a
password field would ever be bigger than that?
Since the ACCOUNT structure has no allocation/dellocation routines,
the easiest fix is to increase the size. Bump the size up to 256.
Prevent null pointer exception for h->ai_canonname
The getaddrinfo call in line 54 sets &h to a struct addrinfo. If a
canonical name cannot be found for the node argument of getaddrinfo,
h->ai_canonname is set to NULL. In that case, the strchr call in line
58 can lead to segfault. This behavior was observed on a macos sierra
while the hostname was 192.168.1.3 (unfortunately this happens quite
often in macos).
The fix is simple, just check h->ai_canonname for the NULL value.
Kevin McCarthy [Sun, 12 Feb 2017 20:24:51 +0000 (12:24 -0800)]
Fix potential cert memory leak in check_certificate_by_digest().
Thanks to Matthias Andree's debugging, it appears the cert is not
freed when PEM_read_X509() encounters EOF. Change the return value
check to not overwrite cert. It is already updated via the second
parameter.
Matthias Andree [Sun, 12 Feb 2017 17:59:48 +0000 (09:59 -0800)]
Plug memory leak in weed-expired-certs code.
X509_STORE_add_cert() creates a copy of the certificate we're offering,
so we need to free our copy afterwards. This isn't documented, but from
observed behaviour in OpenSSL 1.0.2 and its master branch source code.
Change PEM_read_X509() call to reuse cert to avoid free/reallocation
overhead.
Kevin McCarthy [Sun, 12 Feb 2017 17:59:41 +0000 (09:59 -0800)]
Filter expired local certs for OpenSSL verification.
OpenSSL has trouble establishing the chain and verifying when
duplicate expired certs are loaded in from $certificate_file. A
warning about this is mentioned in
SSL_CTX_load_verify_locations(3SSL).
Filter out expired certs when loading verify certs. Note that the
full certicates file is still used for verification in
check_certificate_by_digest().
Kevin McCarthy [Fri, 10 Feb 2017 21:01:21 +0000 (13:01 -0800)]
Change "allow_dups" into a flag at hash creation.
Instead of having an "allow_dups" parameter for hash_insert(), add a
flag, MUTT_HASH_ALLOW_DUPS, to hash_create().
Currently ReverseAlias, subj_hash, and thread_hash allow duplicate
keys. Change those hashes to pass the flag at creation, and remove
the last parameter from all callers of hash_insert().
Kevin McCarthy [Sat, 4 Feb 2017 20:53:38 +0000 (12:53 -0800)]
Add LMDB backend support for header cache. (see #3691)
Based on the original from JP Mens:
https://gist.github.com/jpmens/15969d9d678a3d450e4e
The following performance patch was manually applied on top of the
original patch:
https://github.com/neomutt/neomutt/commit/7e5380cd4c40d119ff83b2cf5f51f2cdb8a95ab3
Kevin McCarthy [Tue, 31 Jan 2017 22:27:36 +0000 (14:27 -0800)]
Simplify mutt_label_complete().
It was derived from mutt_command_complete(), which had more complex
requirements. For labels, we just need to skip whitespace and
complete based on the passed in buffer.
Therefore, we don't need the pos parameter, or to work backwards from
the end of the buffer.
Kevin McCarthy [Tue, 31 Jan 2017 22:27:28 +0000 (14:27 -0800)]
Permit tab completion of pattern expressions with ~y (labels).
Thanks to David Champion for the original patch. This version is
slightly different, as I couldn't get the original patch working.
This version simply scans backward for the first ~, and if it is ~y,
invokes completion.
Kevin McCarthy [Sun, 29 Jan 2017 19:02:50 +0000 (11:02 -0800)]
Fix the x-label update code check location.
The x-label comparison was outside the "beginning of header" block.
This meant that it could theoretically match a continuation line.
Additionally, the continuation lines of x-labels would not be
stripped, because the comparison was after the ignore variable was
reset.
Move the comparison inside the block and before the ignore reset.
David Champion [Sun, 29 Jan 2017 02:47:57 +0000 (18:47 -0800)]
Adds label completion.
A global label hash is added, to which labels are added as they're parsed
from a mailbox file or edited manually by the user. Reference counts are
kept in the hash table so that unused labels are removed from available
completions. Completion is available in the label editor only, but it
may be feasible to add for search expressions if the preceding text ends
with '~y'.
David Champion [Tue, 24 Jan 2017 03:01:50 +0000 (19:01 -0800)]
Add subjectrx command to replace matching subjects with something else.
This lets you define regular expressions-replacement pairs for subject
display. When a Subject: matches the regular expression, the replacement
value will be displayed instead in the message index. Backreferences
are supported.
This is especially nice for simplifying subjects that are overly wordy,
such as mailing list posts (with [Listname] tags, etc), mail from
ticketing systems or bug trackers, etc. It lets you reduce clutter in
your mutt display without altering the messages themselves.
David Champion [Tue, 24 Jan 2017 03:01:36 +0000 (19:01 -0800)]
Abstract the SPAM_LIST as a generic REPLACE_LIST
REPLACE_LIST can be used more generally as a list of pattern
match-replace settings. SPAM_LIST was a special case of this, so
spam handling has been been changed to use REPLACE_LIST instead, and
SPAM_LIST was removed.
A generic function for performing a REPLACE_LIST replacement has
been added in mutt_apply_replace().
Commited by Kevin McCarthy with some buffer overflow fixes in
mutt_apply_replace().
Kevin McCarthy [Tue, 24 Jan 2017 02:46:16 +0000 (18:46 -0800)]
Improve Reply-to vs From comparison when replying. (closes #3909)
Prior to this patch, if the Reply-to mailbox matched the From mailbox,
mutt would always use the From address. This was probably done to
preserve the display name, as the Reply-to address is often missing one.
Unfortunately, there are circumstances where the Reply-to display-name
has significance, such as in ticket 3909.
Change mutt so that it only uses the From address if the Reply-To has
no display-name.