Alpine 2.23
* Implementation of XOAUTH2 authentication support for Outlook. Based on
documentation suggested by Andrew C Aitchison.
* Add support for the OAUTHBEARER authentication method in Gmail. Thanks to
Alexander Perlis for suggesting it and explaining how the method works.
* Creation of Alpine's Privacy Policy. This is presented as a link to an
online document from the Release Notes (Link at the top of this document.)
Upon user request, Alpine downloads and displays this document. Links to
the privacy policy are also displayed when a user starts Alpine for the
first time, or when a user starts a new version of Alpine. There is no
default exit greeting command for these screens, and to exit the user must
press "E", instead of the old default, which was the RETURN command. The
RETURN command will open the handle on which the cursor is on, which by
default is the Privacy Policy.
* Support for the SASL-IR IMAP extension that avoids a round trip during
authentication. Similar support added for the SMTP, NNTP and POP3
protocols. Thanks to Geoffrey Bodwin for a report that lead to this
implementation.
* Alpine can pass an HTML message to an external web browser, by using the
"External" command in the ATTACHMENT INDEX screen.
* New configuration variable external-command-loads-inline-images-oly that
controls if Alpine will keep the source link to all the images in the HTML
message, or will only pass a link to inline images included in the message.
For your privacy and security this feature is enabled by default.
* When reading an email and a user selects an email address to which to
compose a message from the message, the user will be able to select a role
to compose that message.
* New variable system-certs-path that allows users to indicate the location
of the directory where certificates are located. In PC-Alpine this must be
C:\libressl\ssl\certs. The C: drive can be replaced by the name of the
drive where the binary and DLL files are located.
* New variable system-certs-file that allows users to configure the location
of a container of certificate authority (CA) certificates to be used to
validate certificates of remote servers.
* Remove sleep of 5 seconds for mailcap programs that use the terminal to
display content. Suggested by Carl Edquist. In addition, remove
configurable process table command and its corresponding sleep time.
Bugs that have been addressed include:
* Security Bug: Alpine can be configured to start a secure connection using
/tls on an insecure connection. However, if the connection is PREAUTH,
Alpine will not upgrade the connection to a secure connection, because a
client must not issue a STARTTLS to a server that supports it in
authenticated state. This makes Alpine continue to use an insecure
connection with the server, exposing user data. Reported by Damian
Poddebniak and Fabian Ising from Muenster University of Applied Sciences.
* Selecting by subject might not copy the subject of the current message to
the selection text correctly. Reported by Iosif Fettich.
* Alpine does not set the return path correctly when using a role while
bouncing a message. Reported by Dr. C. Griewatsch.
* Bug in PC-Alpine that made Alpine go into an infinite loop and consume CPU
when it was iconized. Reported by Holger Schieferdecker in comp.mail.pine.
* Crash in Alpine when attempting to reply to a multipart/alternative message
that is malformed, and the option to include attachments in reply is
enabled. Reported and patched by Peter Tirsek.
* Bug that makes Alpine split encoded words in the subject of a message in
the middle of a utf-8 character into two encoded words, breaking the
encoding. Reported by Jean Chevalier.
* Alpine would not redraw the screen when a check for new mail in an incoming
folder failed due to a failure while validating the server certificate,
and the user did not allow the connection to proceed.
* Crash in Alpine while resizing the screen when using any of the tokens
SUBJKEYTEXT, SUBJECTTEXT, or SUBJKEYINITTEXT in the index format, and the
screen was resized. Reported by Iggy Mogo.
* When Alpine is trying to authenticate to Gmail, using the XOAUTH2 method,
it does not display the url the user needs to open, in order to authorize
Alpine to access Gmail using XOAUTH2 when Alpine still has not created a
screen. Reported by Baron Fujimoto.
* When an html anchor does not quote the link in the href parameter, alpine
does not link to it.
* Attempt to fix a bug that breaks scrolling of a message in Alpine when the
screen is resized. Reported in the Debian bug system at
https://bugs.debian.org/cgi-bin/bugreport.cgie?bug=956361.
Alpine 2.24
* Implementation of XOAUTH2 for Yahoo! Mail.
* Expansion of the configuration screen for XOAUTH2 to include username,
authorization flow, and tenant.
* XOAUTH2: automatic renew of access token and connection to a server within
60 seconds of expiration of the access token.
* If a user has more than one client-id for a service, Alpine asks the user
which client-id to use and associates that client-id to the credentials in
the XOAUTH2 configuration screen.
* Addition of Yandex.com to the list of services that Alpine can use XOAUTH2
to authenticate for reading and sending email.
* Addition of a link to the Apache License 2.0 (see above). This is available
from the Release Notes as well as the welcome screen.
* Modifications to protect the privacy of users:
+ Alpine does not generate Sender or X-X-Sender by default by enabling
[X] Disable Sender as the default.
+ Alpine does not disclose User Agent by default by enabling [X] Suppress
User Agent by default.
+ Alpine uses the domain in the From: header of a message to generate a
message-id and suppresses all information about Alpine, version,
revision, and time of generation of the message-id from this header.
This information is replaced by a random string.
* Unix Alpine displays configure options and flags when invoked as "alpine
-v". Suggested by Matt Ackeret.
* Alpine will ding the terminal bell when asking about quitting when new mail
arrives. This is consistent with Alpine dinging the bell when new mail
arrives. The bell will not ding if it is disabled for status messages.
Suggested by Chime Hart.
* When messages are selected, pressing the ";" command to broaden or narrow a
search, now offers the possibility to completely replace the search, and is
almost equivalent to being a shortcut to "unselect all messages, and select
again". The difference is that cancelling this command will not unselect
all currently selected messages. Suggested by Holger Trapp.
* Alpine will not write debug files unless started with the option -d, so for
example "alpine -d 2" will generate a debug file at level 2, but just
issuing the alpine command will not write any debug to a file.
* Experimental: Attempt to implement the Encryption Range in Windows. It
works in Windows 10, and it should work in Windows 8.1. It needs testing in
Windows 7 and Windows Vista.
* Addition of variables user-certs-path and user-certs-file which allow a
user to specify locations for certificates that the user trusts.
* Ignore non-empty initial challenge in the GSSAPI authenticator. Based on a
patch written by Jarek Polok, but submitted by Ignacio Reguero.
* When a server expires a refresh token, Alpine needs to cancel it
internally. Alpine will attempt to get a new one when it reopens the folder
after it cancels it.
* Set up the IMAP ID at the moment of logging in to the server, rather than
as a one time option, in case we need to use a special IMAP ID.
Bugs that have been addressed include:
* When Alpine starts a PREAUTH connection, it might still ask the user to
login. Reported by Frank Tobin.
* Crash while resizing the screen when viewing a calendar event.
* When Alpine opens a folder in a server whose address is given numerically
it might crash due to an incorrect freeing of memory. Reported by Wang
Kang.
* Crash when Alpine frees memory on a system where LC_CTYPE is not
configured, and the user calls the file browser to attach files to a
message. Reported by Luis Gerardo Tejero.
* Invalid signatures created by Alpine, when built with recent releases of
the Openssl-1.1.1 series (but not in the Openssl-1.0.1 series). Fix
contributed by Bernd Edlinger.
* After returning from the directory side of a dual-folder, sometimes Alpine
would return to the first folder in the parent directory or to the
dual-folder. The fix is to return to the original dual-folder as intended.
Reported by Holger Trapp.
* When an attachment is deleted and the original message is saved, Alpine
might write only a part of the name of the file deleted. Reported by Holger
Trapp.
* URLs that are surrounded by white space are not cleaned by Alpine before
passing them to the browser, resulting in no display of the URL when Alpine
tries to open it. Reported by Gregory Heytings.
* When Alpine is built without smime, password file functionality might fail.
Reported by Andres Fehr.
* Crash in PC-Alpine when using the eXternal command.
* Fix in Macs that made Alpine abort a ssh connection to an imap server.
Reported and assisted by Wang Kang.
Additions include:
* Support for XOAUTH2 authentication method in Gmail.
* PC-Alpine builds with LibreSSL and supports S/MIME.
* NTLM authentication support with the ntlm library, in Unix systems. Based
on code provided by Maciej W. Rozycki.
* Add /tls1_3 flag for servers that support it. Read more information in the
secure protocols help.
* To increase user's privacy, remove phone-home code that would prompt users
to send an email message upon starting Alpine for the first time for
purposes of counting. Your use of Alpine does not disclose information
about you or your use of Alpine to the developers of Alpine.
* New variable encryption-protocol-range that allows users to configure
versions of the SSL/TLS protocol that Alpine is restricted to try when
establishing a secure connection SSL/TLS to a remote server. The default
can be set at compilation time.
* Add -dict option to PC-Pico, which allows users to choose a dictionary when
spelling. Sample usage: -dict "en_US, de_DE, fr_FR".
* Improvements to the configure stage of compilation. Some of these
contributed by Helmut Grohne. See Bug 876164 in Debian.
* Add "remove password" command to the management screen for the password
file encryption key. This allows users to use their password file without
entering a master password.
* Add the "g" option to the select command that works in IMAP servers that
implement the X-GM-EXT-1 capability (such as the one offered by Gmail.)
This allows users to do selection in Alpine as if they were doing a search
in the web interface for Gmail.
* New variable close-connection-timeout, which tells Alpine to close a
connection that is having problems being kept alive after the number of
seconds configured in this variable, if the connection has not recovered.
The default is 0, which means to keep the connection alive and wait for the
connection to recover.
* When a message is of type multipart/mixed, and its first part is multipart/
signed, Alpine will include the text of the original message in a reply
message, instead of including a multipart attachment. Suggested by Barry
Landy.
* S/MIME: Some clients do not transform messages to canonical form when
signing first and encrypting second, which makes Alpine fail to parse the
signed data after encryption. Reported by Holger Trapp.
* Add /auth=XYZ to the way to define a server. This allows users to select
the method to authenticate to an IMAP, SMTP or POP3 server. Examples are /
auth=plain, or /auth=gssapi, etc.
* Add backward search in the index screen. Based on patch by Astyanax Foo,
submitted in 2009, but resubmitted by Erich Eckner on 2019.
* SMIME: When Alpine is set to validate a message using the user's store, and
user agrees to save a certificate of another user, use the saved
certificate immediately to verify the smime message. Reported by Stefan
Mueller.
* Do not use a delay when printing messages to screen when the initial
keystroke sequence of commands is active. Based on a report from Holger
Trapp.
* In PC-Alpine, when the decoded name of an attachment does not agree with
its encoded name, Alpine will offer to save the file using the UTF8 encoded
name.
Bugs that have been addressed include:
* Width of characters is not always determined correctly when wcwidth is
used. Revert to using code for the Windows operating system. Reported by
Andrew Ho.
* The call realpath(..., NULL) gives an error in Solaris, which means that we
need to allocate memory for storing the resolved path. Reported by Fabian
Schmidt.
* Crash when attempting to bounce a message due to lack of space in allocated
space for key menu array. Reported by David Sewell.
* Crash when a CA certificate failed to load, and user attempted to view
certificate information of other certificate authorities.
* Crash in the S/MIME configuration screen when a user turned off S/MIME, and
then re-enabled it. Also crash when attempting to enter the S/MIME
configuration screen if S/MIME was turned off.
* Deactivate some color code from Pico (as standalone editor in the windows
version) until I find a way to activate it again. This is not critical and
it is not something that PC-Pico must have (some of it already exists in
other ways, like color support, what does not exist is the more complex
code that Unix-Pico has with color codes for specific colors.)
* When a message is multipart, and the first part is flowed text, then
forwarding the message will set the first part to be flowed, and sent that
way even when the option Do Not Send Flowed Text is enabled. Reported by
Holger Trapp.
* When a message/rfc822 part of a message is encoded with
Content-Transfer-Encoding: QUOTED-PRINTABLE, Alpine will stop processing
that message. Later this causes Alpine to crash because when it displays
messages, it assumes that both header and body parts are processed.
Reported by Mark Crispin in 2010, in the Alpine-info list (message with
subject "crash bug in alpine/mailpart.c:format_msg_att()") with no example,
and reported now by Holger Trapp, with an example.
* In addition to the previous report, Alpine encodes message/rfc822 messages
as QUOTED-PRINTABLE, in contradiction with RFC 2045, when it receives a
report that its encoding is 8bit. We preserve the encoding reported by the
IMAP server, and do not encode in QUOTED-PRINTABLE.
* Update build.bat file to add /DWINVER=0x0501 so that Alpine can build when
using Visual Studio 2017. Fix contributed by Ulf-Dietrich Braunmann.
* When the locale is not set up to UTF-8, alpine might determine the width of
a character incorrectly. Reported by Alexandre Fedotov.
* In some rare cases, when attachments are deleted before saving emails, the
filenames will be displayed in RFC1522 representation, instead of in
decoded form. Reported and patched by Wang Kang.
* When colors are edited from the main setup configuration screen, some color
settings are not updated until Alpine is restarted. Reported by Andrew
Hill.
* If the first part of a message is multipart/alternative, and the first part
of this is also a multipart type, then Alpine might fail to select the
first text part when replying to a message. Reported by Lucio Chiappetti.
* TLS 1.2 works does not work if Alpine is compiled with openssl >= 1.1.0.
Reported and patched by Kyle George.
* If the directory where Alpine saves the certificates is empty, alpine would
not create a self-signed certificate to encrypt the password file.
* S/MIME: The list of public certificates is freed before it is reused when a
signature fails to verify. This causes Alpine to crash. Patch submitted by
Linus Torvalds.
* S/MIME: A message could fail to verify its signature even if the
certificate was saved when the message was open. Based on a report by David
Woodhouse to the RedHat bugzilla system.
* When there are time changes in the clock, Alpine might go to sleep for big
amounts of time while displaying messages in the screen. Reset sleep time
to 5 seconds in case it finds it needs to sleep more than 5 seconds or a
negative amount of time.
* Restore recognition of empty directories. It was deleted by mistake when
added support for internationalization in folders. Based on a report by
Michael Rutter.
* Alpine stops parsing the mailcap file when it finds an invalid entry.
Reported by Matt Roberds to the Debian bug system at https://
bugs.debian.org/cgi-bin/bugreport.cgi?bug=886370.
* Crash with error "Lock when already locked" when an attempt to check for
new mail on a locked stream that is being used for a save operation.
Reported by Carlos E.R.
* Alpine removes trailing spaces from passwords, making a longin attempt
fail. Reported by R. Lyons.
* Alpine crashes when opening a remote imap folder and computing scores.
Reported by Paul DeStefano.
* When more than one server was given in the server-name configuration option
of rldap servers, none of them worked. Reported by Robert Wolf.
Patch (minus the mtest.c one) from Marco Beishuizen in PR pkg/53437.
Additions include:
- PC-Alpine: New configuration option "Aspell Dictionaries"
allows a user to choose the dictionary used to spell check, in case the
user communicates in more than one language. Examples of values for the
variable are "en_US" or "de_DE", etc. Only the first
10 dictionaries are offered.
- Unix-Alpine: Connect securely to a LDAP server on a secure port. Based
on a contribution by Wang Kang.
- Colors configured in Alpine are inherited in the composer.
- When Alpine is compiled with password file and SMIME support the
password file is encrypted using a private key/public certificate pair. If
one such pair cannot be found, one will be created.
- Alpine builds with any version of OpenSSL greater than or equal to
1.0.0c. This includes version 1.1.0. Alpine also builds with LibreSSL.
- New SHORTSUBJECT, SHORTSUBJKEY and SHORTSUBJKEYINIT token for index
format, which removes text in the SUBJECT between "[" and "]".
- New SMARTTIME24 token for index screen. It is close to SMARTDATETIME but
it differns in that it gives the time in which the message was sent for
messages that are less than a week old. it uses a 24 hour format.
- Alpine will include attachments when forwarding some
multipart/alternative messages for which it did not use to include
attachments.
- New configuration option alternate-reply-menu which adds more ways to
control features and variables when you start to reply to a message.
- Added support for RFC 2971 - IMAP ID extension.
- Add configuration ignore-size-changes that allows users to ignore errors
in the computation of the size of a message from defective servers.
- SMIME: Upgrade the default signature digest from sha1 to sha-256, since
clients such as Thunderbird do not validate signatures that use sha1 digest.
- Add the configuration variable "default-directories", which is
called default-directories, which is a variable saves a list of
directories that are readily accessible for save or export of attachments.
This makes it easier to save attachments in directories that are hard to
navigate to, or that are accessed frequently.
- When a filename is attached and its name is encoded, the save attachment
command will offer to save the file in the encoded form. This might work
for some users, but the save command will have a subcommand ^N to decode
the file name and save the file with the decoded name.
- The TAB key allows autocomplete in the Fcc field in the composer
headers, as well as autocompletes automatically when only one possibility
exists for the ^J attach command.
- Add support for the "TYPE" and "VALUE" attributes of
the html OL tag.
- Ignore message from smtp server after a successful authentication
challenge.
- When a message is saved in the Form Letter folder, add the ability to
save the role being used to compose such message so that settings such as
the SMTP server set in the role can be used when sending such form
message. Suggested and patched by Frank Doepper.
- If SSLDIR is defined somehow, do not disable S/MIME if the SSLCERTSDIR
is not found.
- When Alpine sends an attachment, it will set the boundary attribute in
lower case, as some SMTP servers, such as those of libero.it reject
messages if the boundary attribute is in uppercase.
- Add the ability to change the private key and certificates used to
encrypt a password file in the SMIME setup configuration screen.
- SMIME: The ctrl-E command that gives information on the certificate is
only available for messages that have a signed or encrypted part.
- SMIME: If a message contains a RFC822 attachment that is
signed/decrypted add the ability to view its SMIME information.
- SMIME: Certificate information in the S/MIME screen is available for
certificates stored in a container.
- SMIME: Offer the common name of the person, instead of the name of file
containing the certificate, as the name to be displayed in the certificate
management screen for certificate authorities. Suggested by Matthias
Rieber.
- SMIME: Management of several alternate name (SAN) certificates is
improved. When importing a SAN certificate, also import a certificate for
the filename, besides for the e-mail addresses in the certificate.
Suggested by Matthias Rieber.
- SMIME: add full year when displaying information about a certificate in
the certificate management screen. Suggested by Matthias Rieber.
- SMIME: sort certificates by some type of alphabetical order in the
displayed name.
- SMIME: Alpine will ask users if they wish to save S/MIME certificates
included in signatures, when the option "Validate Using Certificate Store
Only" is enabled. If the user does not wish to save it, validation will
fail.
- HTML: Add support for decoding entities in hexadecimal notation.
Suggested by Tulipant Gergely.
- The "#" command, when used as part of an aggregate operation will allow
users to select the role used in either replying, forwarding or replying
to the group of selected messages, Suggested by Hisashi T Fujinaka.
- If the charset of a message can not be determined, use the value set in
the unknown charset set value for its value.
- Resizing setup screen will redraw screen.
- Unix Alpine only. Experimental: If Alpine/Pico finds a UCS4 code in the
width ambiguous zone, it will use other means to determine the width, such
as call wcwidth.
- Pico: Code reorganization in the search command to make it easier to add
subcommands of the search command.
- Pico: Search command can do a case sensitive match. Use the Ctrl-^
subcommand of the search command to bring this choice into view.
- Pico: Add the ability to search for strings in the beginning or end of a
line. Use the Ctrl-^ subcommand of the search command to bring this choice
into view.
- For a multipart/alternative message, the Take Address command will work
on the part that is being read.
- When sending a message, allow for 512 characters of consecutive
non-white space before folding the subject line.
- Make sure titlebar (the line at the top of the screen) always contains
the name of the folder/newsgroup that is open, if this fits in the title.
- The feature scramble-message-id will also scramble the name, version and
operative system in the message-id header. Based on a contribution by
Dennis Davis, which is itself based on a contribution by Mark Hills.
- Change in logic in imap_set_password function to make Alpine ask if a
user wants to save a password before reading the password file.
- When exporting all parts of a message, if two attachments have the same
name, do not overwrite a file more than once, but instead add a counter
number to the filename to make a new file that does not exist in the file
system.
- Add the Control-R subcommand to the save command for attachments. This
subcommand toggles if the saving will be done in binary mode for text
attachments. When a user saves an attachment using binary mode it will be
saved as it was sent, otherwise the attachment will be transformed to
UTF-8 for further transformation through internal and user defined filters
for saving.
- Add command line argument -smimedir, which allows to specify the default
path for a directory that contains the public, private, and ca
directories. This is useful in case a user has a backup of old
certificates that cannot be installed in the ~/.alpine-smime dir.
- Reimplementation of the code that allows the .pinerc file to be a
symbolic link by Kyle George from tcpsoft.com to use realpath.
- When saving an attachment, the "^T" command leads to a screen where the
"A" command can be used to add a file. A directory can be added by
pressing "^X" after the "A" command. Added after a suggestion by Stefan
Goessling.
- When saving an attachment, the ^Y and ^V commands allow a user to scroll
through the history of directories used to save attachments, while
preserving the given name of the file. Suggested by Peter Koellner.
- SMIME: Turn off automatic signing and encrypting of a message when
bouncing. Suggested after a discussion with Matthias Rieber.
- When messages are selected, warn the user if a message that is not
selected will be bounced, or if not all selected messages will be bounced.
Suggested by Ulf-Dietrich Braumann.
- The bounce command adds a subcommand to choose a role.
- When selecting messages by number, the "." character can be
used to specify the message on which the cursor is on.
- When Alpine opens an attachment, it sometimes changes the extension of
the file that is being opened and replaces it by another for the same mime
type. If Alpine finds that the extension of the file corresponds with the
mime type, according to the mime-types file, then it will keep it, and no
substitution will be made.
- Set no restrictions on the length of encoded subjects, but encode words
in length of no more than 75 characters.
Bugs that have been addressed include:
- SMIME: Crash when a certificate has an invalid date of validity. Also
Alpine will use the function ASN1_TIME_print to determine the date of
validity. Reported by Ben Stienstra.
- SMIME: Crash when attempting to unlock the password file and an
incorrect password is entered.
- SMIME: Crash when checking the signature of a message that contains a
RFC822 attached message. Reported by Holger Trapp and Bjorn Krellner.
- SMIME: Cancelling entering password to unlock key will not reprompt.
- SMIME: fix a bug that did not allow users to transfer certificates to
remote containers. Reported by Matthias Rieber.
- SMIME: certificates included in messages were not being transferred to a
remote container.
- SMIME: Crash if public certificates are located in an inaccessible
remote server and the private key is not available.
- SMIME: Alpine does not remove temporary files created when adding a CA
certificate to a container. Reported by Holger Trapp.
- SMIME: When reading a local certificate, Alpine converts the name of the
certificate to lowercase, which may make Alpine not be able to read such
certificate. Reported by Dennis Davis.
- SMIME: If the option "Remember S/MIME Passphrase" is disabled, then
entering a password to read an encrypted message will make Alpine forget
the key and not ask the password to unlock it again in case it is
necessary to unlock it again. Reported by Ulf-Dietrich Braumann.
- Alpine would use freed memory while trying to compute the color of the
titlebar. This happened when trying to continue a postponed message.
- Alpine failed to read an encrypted password file if too many passwords
were saved in the password file.
- When selecting messages while in Threaded Index Screen, some messages
other than top of threads could appear in the index, making Alpine display
messages "out of the screen."
- The index format would be chopped at the position of an unrecognized
token, instead of skipping the token as intended.
- Work in progress: Avoid calling non-safe functions when Alpine receives
a signal. See bug report
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825772.
- Crash when attempting to read a message after a bounce command. In order
to produce a crash one needed to use the ^T subcommand and do a search in
a LDAP directory. The crash is produced by changes to the text in the
title bar. Reported by Heinrich Mislik in the Alpine-info list.
- HTML messages that contain UTF-8 may wrap at the wrong position, making
Alpine not display the correct character at the position that wrapping is
done. Reported by Wang Kang.
- Pico: Searching for a string that is too long causes Pico to crash in
the next search.
- Fix vulnerability in regex library. This only affects those who use this
library, such as the windows version of Alpine. See
http://www.kb.cert.org/vuls/id/695940">http://www.kb.cert.org/vuls/id/695940
for more details.
- Alpine would not set include and lib paths for OpenSSL if this was
installed in /usr/local/ssl.
- If the .pinerc file is a symbolic link, Alpine might not write its
contents when saving its configuration.
- The _INIT_ token does not skip over non-alphanumeric characters in the
name. Reported by Andreas Fehr.
- When opening an INBOX folder in a context different from the incoming
folders collection, from the command line, Alpine would open the INBOX
folder from the incoming folders collection.
- Mismatch in size of UCS and CELL caused a corruption in the content of a
pointer, which made the speller in PC-Alpine get the content of a word
incorrectly.
- Skip testing openssl compatibility version when cross-compilation is
detected. Fix contributed by Antti Seppalla
- Alpine fails to remove temporary files used during a display or sending
filter. Fix contributed by Phil Brooke.
- When the index is in zoomed state, adding new messages to the selection
would not show those messages if those messages are on top of the current
message in the top of the screen. Reported by Ulf-Dietrich Braumann. In
addition, when the user scrolls through the index, this scroll smoothly,
without jumping pages. Reported by Holger Trapp.
- Crash when reviewing history of saving attachments.
- Crash when canceling a goto command on a local collection that has not
been expanded and attempting to expand such collection.
- Crash in Pico when forwarding messages that contain a direction mark at
the end of a line. Reported by James Mingo.
- Solve compilation errors when Alpine is built with Visual Studio 2015.
Additions include:
- Upgrade UW-IMAP to Panda IMAP from https://github.com/jonabbey/panda-imap.
- S/MIME: Add screen to manage certificates.
- S/MIME: Signatures are validated using the user's certificates instead of the ones included in the message. Behavior can be disabled by disabling the option "Validate Using Certificate Store Only" which is enabled by default.
- S/MIME: sign messages using intermediate certificates when needed and possible.
- S/MIME: validation of certificates for servers that modify signed content.
- S/MIME: signed and encrypted messages will be signed first and encrypted second, so that they can be decoded by other clients.
- S/MIME: add the sender certificate to the list of certificates in encrypted messages to make it possible for the sender to decrypt the message they sent.
- S/MIME: When transferring certificates to a local container, create container with default names PublicContainer, PrivateContainer and CAContainer, as appropriate for these files, unless the user has provided some other names.
- HTML: Style tag in body of html message causes Alpine to not write its content until a new </style>
- HTML: <BR>, <BR />, and <BR/> are considered the same inline tag, the same is valid for the <HR> tag.
- S/MIME: Forwarding a message will include the signed part as part of the text and not as a multipart message, just as the reply command does.
- Unix Alpine: If a password file is defined, and S/MIME is enabled, the key and certificate used to encrypt the password file are saved in the ~/.alpine-smime/.pwd directory, or in the directory specified by the -pwdcertdir command line option.
- Add support to selective expunge through a subcommand of the select-apply commands.
- Pico: New subcommand of the search command, allows to reverse the direction of search.
- Add /tls1, /tls1_1, /tls1_2 and /dtls1 to the definition of a server to use different ways to connect using ssl, for example {server.com/tls1} will attempt to connect to server.com at the ssl imap port (port 993) and establish a connection using TLSv1. These flags can be used in conjunction with the /ssl flag, the ssl flag is redundant. Conversely, however, the /ssl flag does not imply any of these flags; the /ssl flag means SSLv3 or, if not available, SSLv2 in the SSL port.
- Alpine does not attempt to automatically reopen a collection that was not opened due to cancellation by the user. Instead, the user must try to open it explicitly.
- Alpine searches for a certificate that matches an email address in all addresses in a certificate (instead of just the first one) but when it tries to unlock the certificate, it asks for the password for the first email address in that certificate.
- Experimental: Write the content-type of a message in lowercase, as some non-compliant servers do not understand uppercase content-type, such as those of GMX.de.
- Experimental: Do not send the RSET command before attempting to send a message, as this causes a delay in some evily managed servers.
- Opening a folder updates recent count in maildrops (this already works for other types of folders)
- Automatically redraw screen after opening an attachment instead of simply clearing it.
- Pico: Justification works without need of a predefined quote string. This allows justification of blocks of text that are indented with spaces.
- Decode the name of attachment names, so they can be written as part of the description of the part.
- Check bounds and tie strings off to improve security. Contributed by James Jerkins.
- Replace tabs by spaces in From and Subject fields to control for size in screen of these fields. Change only in index screen display.
- Aggregate operations allows bouncing a list of messages using a role. Suggested by Ulf-Dietrich Braumann.
- Disable saving new passwords to the password file. Implemented by Louis Raphael from dpslabs.com.
- Makefile: Add $(LIBINTL) to the flags to link rpdump, rpload, alpined and alpineldap because MAC OSX 10.8 x86_64 needs it. Reported by Charles M. Register.
Bugs that have been addressed include:
- S/MIME: signed messages that contained an attachment would not validate.
- S/MIME: signed and encrypted messages from Thunderbird would not validate.
Thanks to Andreas Schamanek for testing, debugging and advising during the
process of fixing this problem.
- S/MIME: Forwarding messages with multipart content-type failed to be signed
with "Error writing pipe" message. Reported by Andreas Schamanek and Stefan
Mueller.
- S/MIME: Certificates are lost when using a pinerc file outside of the home
directory.
- S/MIME: accessing the S/MIME configuration screen would deinitialize SMIME
making it not possible to sign or encrypt messages.
- S/MIME: Forwarding a signed message might make the body contain mime
information that is not part of the body, and hence making the body of the
message seem wrong.
- S/MIME Alpine would compute incorrectly the signature of a message that
contains 8bit if the option "Enable 8bit ESMTP Negotiation" is enabled, the
message contains 8bit characters and the smtp server supports 8bit sending.
- When replying to several messages, subject will be decoded first, and then
stripped from re/fwd before they are compared to determine the subject of
the replied message.
- Fix in WebAlpine: do not use deprecated dereference in pointer, needs to
use tcl_getstringresult() instead. Reported by Ulf-Dietrich Braumann.
- WebAlpine: fail to build with debug disabled. Fix from Sam Hathaway.
- WebAlpine: add _GNU_SOURCE to make pubcookie build.
- Transformation of UTF-8 to MUTF7 was not being done when creating a folder
in an IMAP server.
- Fix _INIT_ token for reply quote string to include support for 8-bit in
personal names. Reported by Lev Gorenstein.
- When writing the .pinerc file, lines were truncated if they were longer
than 10,000 characters. This could cause data corruption, so now lines are
allowed to be of any length.
- In Unix Alpine (but not in MAC OSX) fix a problem that made Alpine remove
attachments before they were open by a mailcap viewer. It requires that the
user has an equivalent to a command such as "ps auxww" to list the list of
processes, and check if there is any program using the attachment. The default
is "/bin/ps auxww", but it can be changed at compile time with the option
--with-ps-cmd. See the help of the variable mailcap-check-interval for more
information.
- Crash when tcp connection to NNTP server was lost after connection had been
established, but lost immediately afterwards.
- Crash with message "lock when already locked", when painting an index was
based on scores that needed information from a remote addressbook in the
same server as the folder opened. Reported by Peter Koellner.
- Crash in message/rfc822 attachments encoded in base64.
- Postponed messages whose content-type is text/html, text/enriched and
text/richtext are sent with that content-type, even though, after resuming
composition, Alpine had changed its type to text/plain.
- Alpine cannot handle correctly some characters in the Windows-1256
character set, which might lead to a crash or a corruption in the screen.
Work was done to contain the bug. A more complete fix will be done in a future
release. Reported by Professor Robert Funnell.
- WebAlpine: add _GNU_SOURCE to make pubcookie build.
- Save command did not warn of existence of a message with a deleted
attachment in an aggregate save, unless cursor was positioned on a message
with a deleted attachment. Reported by Florian Herzig.
- DATE tokens were not internally transformed to UTF-8, which made their
values not appear complete in the screen. Reported by Werner Scheinast.
- Fixes to configure script so that it will not require PAM for every system.
- Fix to configure script so that it will use CPPFLAGS instead of CPPCFLAGS,
and so the --with-ssl-include-dir option take effect during the build. Fix
by Ulf-Dietrich Braumann.
- Quoted string in URL Viewers configuration variable were not unquoted
before passing to viewer.
- Fix in configure script to detect location of tcl library; add /usr/local
in FreeBSD and fix a bug in configure script that used $alpine_TCLINC
instead of $alpine_TCLINC/tcl.h. Reported and fixed by Werner Scheinast.
- Move SSL configurations from UW-IMAP to configure script, and update
OpenSSL configuration for Mac OSX.
- Remove -lregex from linker flags when building --with-supplied-regex.
- When the download of an attachment is interrumpted, Alpine stills caches
what was downloaded, making the download incomplete for subsequent calls of
Alpine attempting to open the attachment. In the future, Alpine will not cache
any downloaded part of the attachment when it is interrupted. CVS:
----------------------------------------------------------------------
Alpine uses a function called panic(). However, mach/mach.h, which somehow
ends up always included, defines panic with different arguments. Rename
alpine's panic to Panic on Darwin.
Version 2.11 includes several new features and bug fixes.
Additions include:
Increase encryption of S/MIME encrypted messages.
Alpine requires version 1.0.0c of Openssl to build.
Pico: Improvements in justification of paragraphs: lines that begin with a
quote string, followed by a space were considered individual paragraphs, now
they are considered part of a paragraph. Based on earlier joint work with Jeff
Franklin.
Unix Alpine: Allow local .pinerc file to be a symbolic link.
- Experimental extended support of recognition of UTF-8 in urls based on
information from http://url.spec.whatwg.org.
- Added recognition of ws and wss URIs.
- Add ability to color folder names, directory names, and text in the FOLDER
SCREEN.
- Add the ability to color any token used in the display of the INDEX SCREEN.
- New option preserve-original-fields that adds the ability to preserve To: and
Cc: fields when replying to a message, as specified by original sender.
- Add a _SILENT_ token to the list of tokens for a display filter, so that
Alpine will not redraw the screen when it is unnecessary.
- Added Quota subcommands for printing, forwarding, saving, etc.
Bugs that have been addressed include:
- Crash when a non-compliant SMTP server closes a connection without a QUIT
command.
- Crash when resizing the screen in a configuration screen.
- Do not bail out during a tcp timeout, instead close connection and avoid
crash.
- Do not use a shell to open a browser.
- Configure script did not test for crypto or pam libraries.
- Configure script attempted to build web component, even if header file tcl.h
was not present.
- Change Cygwin directory separator to "/".
- Alpine could set List- headers, contrary to RFC 2369.
this conflicts with the "typedef struct { } STRING" used througout
Alpine.
Since Alpine does not actually use the OpenSSL STRING def, obscure
it with #define and pretend it does not exist.
values on NetBSD, we we get correctly referred to __utime50() which can handle
64-bit values. This fixes a problem where mailbox mtimes were being reset to 0
Note that this actually causes some build warnings as the code uses
"time_t tp[2]" instead of "struct utimbuf tp" (contains two time_t values)
Although the <os_bsi.h> file says it is used for BSDI, it seems to be used by
NetBSD and OpenBSD, both of which have the <utime.h> and <time.h>
bump PKGREVISION
Changes since 1.10
Additions include:
* Redesigned Web Alpine interface
* Experimental S/MIME support added in UNIX versions of Alpine
* Attempt to include the attachment filename as part of the name
of the temporary file used when viewing an attachment with an
external program. Add some randomness to that filename to make
it hard to predict the filename. Add a filename extension,
usually derived from the type/subtype, to the temporary
filename. This was previously done only on Windows and MacOS
X.
* Enhance address completion in the composer (TAB command) so
that it looks through nicknames, fullnames, and addresses from
the address book; addresses from the message being viewed, if
any; and the results from LDAP Directory Server lookups for
all of the defined directory servers that have the
"Use-Implicitly-From-Composer" feature set.
* Make the default character set setting more liberal in what it
will accept from the UNIX nl_langinfo call and the various
values of LANG seen in the wild
* Remove the Alpine revision number from the titlebar in released
versions while leaving it there in snapshot versions
* Add a feature to suppress the display of asterisks when you
type a password for Alpine
* Add line wrapping when displaying PRE formatted sections of HTML
* When the Convert Dates To Localtime feature is turned on
convert not only the dates in the index screen but also the dates
in the MESSAGE VIEW
Bugs that have been addressed in this release include:
* Crash when using tab-completion for selecting a Save filename
* Make Web Alpine help text images relative for more portability
* Fixed attach save of html parts in Web Alpine
* Viewing, printing, exporting, replying, and bouncing of message
digests was broken. Replying and bouncing should not have
been allowed at all for digests. It would be nice to have a
more standard index-like view of a message digest but that has
not been addressed with this minor bug fix.
* Adjust wrapping of HTML messages so that the margins specified
by Viewer Margin Left and Viewer Margin Right are observed
correctly
* Interrupt of WhereIs command in index was broken
* The Unknown Character Set option did not work correctly
interpreting unknown characters in message headers
* Long address lines could cause blank continuation lines
* Save to a local default INBOX failed if the primary collection
was also local, which it is by default. The save went to
~/mail/inbox instead.
* Make a default save folder of "inbox" always mean the real
inbox, not the inbox in the primary collection
* Address book entries with lots of addresses would be truncated
when entered in the composer with a screen size wider than 270
or so charcters
* Some fields in the index screen were truncated when the screen
width was wider than 256 characters
* Crash when TABing to next folder, the next folder with new mail
is a POP folder, and there is a more than 10 minute pause
between typing the TAB and typing the Yes
The Maildir patch was altered on the master server without changing the
URL, so we have to alter DIST_SUBDIR, which affects the main distfile
as well. Emailed author to see if putting up versioned patchfile URLs is
feasible
The change in the Maildir patch:
- Fixed a bug which made Alpine not to delete folders correctly in
a #mc/ collection.
(Approved by agc for update during the freeze)
Changes from Alpine 1.00 to 1.10
New in Alpine 1.10
Version 1.10 addresses bugs found in previous releases and has
a few additions as well.
Additions include:
* Add the possibility of setting a default role (see Roles
Screen) which may be convenient if your work flow involves
acting in one role for a while then switching to another role
and staying in the new role for another period of time
* When Saving and the IMAP server problem "Message to save
shrank!" is encountered, ask the user if he or she wants to
continue with the risky Save anyway instead of aborting. This
may be helpful if your IMAP server is broken in this way but
be aware that it is possible there was a real error instead of
just a broken server implementation.
* Some configure adjustments for Kerberos detection and for SCO
OpenServer 5 support
* Hide INBOX in a collection if it also appears as an Incoming
Folder
* Show asterisks for feedback when the user is typing a password
* Performance improvement for threading of large folders
* Previously, the search used to find Pattern matches containing
To patterns searched for both To and Resent-To headers. The
relatively complicated search this produces causes problems
when using some deficient IMAP servers. Now the default is to
look only for To headers and ignore the presence of
Resent-To. The previous behavior may be restored with the Use
Resent-To in Rules feature.
* Add an Unknown Character Set to help with reading malformed
unlabeled messages
* Suppress User Agent When Sending option added
* Map some Shift-LeftArrow escape sequences to LeftArrow
* Add feature Warn if Blank Fcc
Bugs that have been addressed in this release include:
* Crash when encountering certain errors from an SMTP server
* Crash in composer caused by overflow in replace_pat()
* Hang when authenticating to an SMTP server that fails with a
"connection disconnected" error
* Bug in handling of trailing tab character in flowed text
* Security enhancement for mailcap parameter substitution
* Strip From Sigdashes on Reply did not work if the message being
replied to was not flowed text and Do Not Send Flowed Text was
not turned on
* Don't allow printer to be changed through hidden config screen
if system administrator didn't want it to be allowed
* Attempts are sometimes made to set the Forwarded flag when
alpine should know that it won't work, causing error messages
to appear
* A Reply Indent String of double-quote double-quote didn't work
right
* Quoting wasn't being done to protect special characters from
the MacOS X shell when URL-Viewers was not defined
* On MacOS X message attachments should be shown internally
instead of being shown using the Mail application
* When replying to a message with a charset of X-UNKNOWN Alpine
would sometimes set the outgoing charset to X-UNKNOWN, making
the result unreadable
* When the sending of a message failed lines with leading spaces
had one additional space inserted in each of those lines when
the user was returned to the composer
* The WhereIs command missed some index lines that contained
non-ascii characters because it was truncating the line being
searched so that it was shorter than what was visible on the
screen
* When composing, an attachment with a long name that causes
wrapping in just the wrong place would generate an error and
cause the send of the attachment to fail
* After calling the file browser to attach a file in the
composer, a resize of the window when back in the composer
would redraw the last screen that had been shown in the
browser instead of the current composer screen
* Possible crash in index screen when encountering unparseable
addresses or when using one of the PRIORITY tokens or the
HEADER token in the Index Format
* Problems with Header Color editing if the configuration option
Viewer Header Colors was inadvertently changed to the Empty
Value in the hidden config screen
* When resuming the final postponed message from an Exchange
server the user could get a certificate validation failure
because alpine was trying to validate the canonical name of
the folder instead of the name the user used
* Windows line endings in a mimetypes file on a Unix system cause
a failure to find a match
* Make matching of extension names case independent in mimetypes
files
* Windows dialog boxes for entering text were not working correctly
* Replying to or Forwarding multipart/alternative messages which
had a single text/html part did not work well
* Printing the print confirmation page caused a crash
* A To line with a long, quoted personal name could display
incorrectly if it was close to the same width as the screen
* When Enable Incoming Folders Checking and Incoming Checking
Includes Total are turned on hide (0/0) when the folder is
empty
* Folder completion while Saving didn't work if the collection
being saved to was the local home directory
can be disabled to remove the behavior again.
In spite of UW's "recommendations" against enabling this, it should be up
to the sysadmin and user whether to use the rope to build a bridge or
hang him/herself. PC-Pine has it enabled by default; there's no reason
besides FUD to make the Un*x build any different.
- The default configure scripts end up encoding '${prefix}' (note quotes)
at the start of /etc/pine.conf{,.fixed}. Use --with-system-pinerc and
--with-system-fixed-pinerc to explicitly set them to ${PKG_SYSCONFDIR}
pkgsrc portability patches submitted back upstream but ignored.
Additions include:
* Configuration support for Tru64 and some fixes for other systems
* New color option Header General Color to color all headers in MESSAGE
TEXT screen
* Added NONE color setting for Index symbols and Keyword colors so that
the background color of a symbol can be set to not blot out the
background color of an index line. There is also a similar NORM color
that tracks the Normal Color
* New color options Index Subject Color and Index From Color options to
color parts of MESSAGE INDEX lines
* Some improvements to Enable Incoming Folders Checking option,
including new options Incoming Checking Includes Total, Incoming
Checking Uses Recent, and Incoming Check Interval Secondary
* Eliminate address book sorting wars when two different systems sort an
address book differently. Instead of checking that the address book is
correctly sorted whenever it is opened the sorting will only happen
when a change is made. The sort order you see is the sort order from
the last system where a change was made.
* Added a new category of Rule called a Search Rule. A Search Rule has a
Pattern but no Action is associated with that Pattern. It is used with
the Select command in the MESSAGE INDEX screen to Select the set of
messages that match a rule's Pattern.
* Added minor adjustment to display of opening text with Opening Text
Separator Characters option. Display of opening text is controlled by
configuring your Index Format option to include one of the Subject
tokens that causes this behavior (SUBJECTTEXT, SUBJKEYTEXT, or
SUBJKEYINITTEXT).
* Added tokens OPENINGTEXT and OPENINGTEXTDQ for use with the Index
Format option. These are alternative ways to display the opening text
of a message in the index screen.
* Added SHORTIMAPSTATUS token for the Index Format
* The default values of many features have been changed, exposing a more
advanced user interface by default. In addition, though the names of
features used in the configuration files remains the same, the
displayed text in the Config screen is no longer tied directly to that
name.
* Changed Windows Alpine so that it can show up in the list of default
programs in Vista.
Bugs that have been addressed in this release include:
* INBOX displayed twice in some situations when there was a folder named
INBOX
* Crash in PC-Alpine related to traditional UNIX mailbox format
* Canceling out of the password prompt when opening an incoming folder
was causing the re-open of a previously opened folder to fail
* News collection display empty after canceling out of password prompt
* Extra password prompt when adding incoming folder after canceling out
of earlier password prompt
* Recognize and ignore XML processing instructions in HTML messages
* Window title was being set using Unicode characters instead of the
local character set of the display terminal
* The option Busy Cue Spinner Only was displaying an oncoming two-engine
airplane instead of a spinner
* Got rid of default green Subject header color added in 0.99
* Title Closed Color wasn't being shown when in the composer
* Disable-Input-History, which was added in previous version, is changed
to Disable Save Input History and its effect is restricted to
ambiguous situations, like Save
* Added missing input history command for Pipe Attachment
* Cannot open another folder after an empty directory is opened when
Combined Folder Display and Expanded View of Folders options are set
* When answering No to the commit changes question after changing the
Inbox Path the change was written to the config file anyway
* When the Threading Display Style results in the information being
truncated add a thread depth indicator in brackets at the right hand
edge
