c8c2a75bce
Patch (minus the mtest.c one) from Marco Beishuizen in PR pkg/53437. Additions include: - PC-Alpine: New configuration option "Aspell Dictionaries" allows a user to choose the dictionary used to spell check, in case the user communicates in more than one language. Examples of values for the variable are "en_US" or "de_DE", etc. Only the first 10 dictionaries are offered. - Unix-Alpine: Connect securely to a LDAP server on a secure port. Based on a contribution by Wang Kang. - Colors configured in Alpine are inherited in the composer. - When Alpine is compiled with password file and SMIME support the password file is encrypted using a private key/public certificate pair. If one such pair cannot be found, one will be created. - Alpine builds with any version of OpenSSL greater than or equal to 1.0.0c. This includes version 1.1.0. Alpine also builds with LibreSSL. - New SHORTSUBJECT, SHORTSUBJKEY and SHORTSUBJKEYINIT token for index format, which removes text in the SUBJECT between "[" and "]". - New SMARTTIME24 token for index screen. It is close to SMARTDATETIME but it differns in that it gives the time in which the message was sent for messages that are less than a week old. it uses a 24 hour format. - Alpine will include attachments when forwarding some multipart/alternative messages for which it did not use to include attachments. - New configuration option alternate-reply-menu which adds more ways to control features and variables when you start to reply to a message. - Added support for RFC 2971 - IMAP ID extension. - Add configuration ignore-size-changes that allows users to ignore errors in the computation of the size of a message from defective servers. - SMIME: Upgrade the default signature digest from sha1 to sha-256, since clients such as Thunderbird do not validate signatures that use sha1 digest. - Add the configuration variable "default-directories", which is called default-directories, which is a variable saves a list of directories that are readily accessible for save or export of attachments. This makes it easier to save attachments in directories that are hard to navigate to, or that are accessed frequently. - When a filename is attached and its name is encoded, the save attachment command will offer to save the file in the encoded form. This might work for some users, but the save command will have a subcommand ^N to decode the file name and save the file with the decoded name. - The TAB key allows autocomplete in the Fcc field in the composer headers, as well as autocompletes automatically when only one possibility exists for the ^J attach command. - Add support for the "TYPE" and "VALUE" attributes of the html OL tag. - Ignore message from smtp server after a successful authentication challenge. - When a message is saved in the Form Letter folder, add the ability to save the role being used to compose such message so that settings such as the SMTP server set in the role can be used when sending such form message. Suggested and patched by Frank Doepper. - If SSLDIR is defined somehow, do not disable S/MIME if the SSLCERTSDIR is not found. - When Alpine sends an attachment, it will set the boundary attribute in lower case, as some SMTP servers, such as those of libero.it reject messages if the boundary attribute is in uppercase. - Add the ability to change the private key and certificates used to encrypt a password file in the SMIME setup configuration screen. - SMIME: The ctrl-E command that gives information on the certificate is only available for messages that have a signed or encrypted part. - SMIME: If a message contains a RFC822 attachment that is signed/decrypted add the ability to view its SMIME information. - SMIME: Certificate information in the S/MIME screen is available for certificates stored in a container. - SMIME: Offer the common name of the person, instead of the name of file containing the certificate, as the name to be displayed in the certificate management screen for certificate authorities. Suggested by Matthias Rieber. - SMIME: Management of several alternate name (SAN) certificates is improved. When importing a SAN certificate, also import a certificate for the filename, besides for the e-mail addresses in the certificate. Suggested by Matthias Rieber. - SMIME: add full year when displaying information about a certificate in the certificate management screen. Suggested by Matthias Rieber. - SMIME: sort certificates by some type of alphabetical order in the displayed name. - SMIME: Alpine will ask users if they wish to save S/MIME certificates included in signatures, when the option "Validate Using Certificate Store Only" is enabled. If the user does not wish to save it, validation will fail. - HTML: Add support for decoding entities in hexadecimal notation. Suggested by Tulipant Gergely. - The "#" command, when used as part of an aggregate operation will allow users to select the role used in either replying, forwarding or replying to the group of selected messages, Suggested by Hisashi T Fujinaka. - If the charset of a message can not be determined, use the value set in the unknown charset set value for its value. - Resizing setup screen will redraw screen. - Unix Alpine only. Experimental: If Alpine/Pico finds a UCS4 code in the width ambiguous zone, it will use other means to determine the width, such as call wcwidth. - Pico: Code reorganization in the search command to make it easier to add subcommands of the search command. - Pico: Search command can do a case sensitive match. Use the Ctrl-^ subcommand of the search command to bring this choice into view. - Pico: Add the ability to search for strings in the beginning or end of a line. Use the Ctrl-^ subcommand of the search command to bring this choice into view. - For a multipart/alternative message, the Take Address command will work on the part that is being read. - When sending a message, allow for 512 characters of consecutive non-white space before folding the subject line. - Make sure titlebar (the line at the top of the screen) always contains the name of the folder/newsgroup that is open, if this fits in the title. - The feature scramble-message-id will also scramble the name, version and operative system in the message-id header. Based on a contribution by Dennis Davis, which is itself based on a contribution by Mark Hills. - Change in logic in imap_set_password function to make Alpine ask if a user wants to save a password before reading the password file. - When exporting all parts of a message, if two attachments have the same name, do not overwrite a file more than once, but instead add a counter number to the filename to make a new file that does not exist in the file system. - Add the Control-R subcommand to the save command for attachments. This subcommand toggles if the saving will be done in binary mode for text attachments. When a user saves an attachment using binary mode it will be saved as it was sent, otherwise the attachment will be transformed to UTF-8 for further transformation through internal and user defined filters for saving. - Add command line argument -smimedir, which allows to specify the default path for a directory that contains the public, private, and ca directories. This is useful in case a user has a backup of old certificates that cannot be installed in the ~/.alpine-smime dir. - Reimplementation of the code that allows the .pinerc file to be a symbolic link by Kyle George from tcpsoft.com to use realpath. - When saving an attachment, the "^T" command leads to a screen where the "A" command can be used to add a file. A directory can be added by pressing "^X" after the "A" command. Added after a suggestion by Stefan Goessling. - When saving an attachment, the ^Y and ^V commands allow a user to scroll through the history of directories used to save attachments, while preserving the given name of the file. Suggested by Peter Koellner. - SMIME: Turn off automatic signing and encrypting of a message when bouncing. Suggested after a discussion with Matthias Rieber. - When messages are selected, warn the user if a message that is not selected will be bounced, or if not all selected messages will be bounced. Suggested by Ulf-Dietrich Braumann. - The bounce command adds a subcommand to choose a role. - When selecting messages by number, the "." character can be used to specify the message on which the cursor is on. - When Alpine opens an attachment, it sometimes changes the extension of the file that is being opened and replaces it by another for the same mime type. If Alpine finds that the extension of the file corresponds with the mime type, according to the mime-types file, then it will keep it, and no substitution will be made. - Set no restrictions on the length of encoded subjects, but encode words in length of no more than 75 characters. Bugs that have been addressed include: - SMIME: Crash when a certificate has an invalid date of validity. Also Alpine will use the function ASN1_TIME_print to determine the date of validity. Reported by Ben Stienstra. - SMIME: Crash when attempting to unlock the password file and an incorrect password is entered. - SMIME: Crash when checking the signature of a message that contains a RFC822 attached message. Reported by Holger Trapp and Bjorn Krellner. - SMIME: Cancelling entering password to unlock key will not reprompt. - SMIME: fix a bug that did not allow users to transfer certificates to remote containers. Reported by Matthias Rieber. - SMIME: certificates included in messages were not being transferred to a remote container. - SMIME: Crash if public certificates are located in an inaccessible remote server and the private key is not available. - SMIME: Alpine does not remove temporary files created when adding a CA certificate to a container. Reported by Holger Trapp. - SMIME: When reading a local certificate, Alpine converts the name of the certificate to lowercase, which may make Alpine not be able to read such certificate. Reported by Dennis Davis. - SMIME: If the option "Remember S/MIME Passphrase" is disabled, then entering a password to read an encrypted message will make Alpine forget the key and not ask the password to unlock it again in case it is necessary to unlock it again. Reported by Ulf-Dietrich Braumann. - Alpine would use freed memory while trying to compute the color of the titlebar. This happened when trying to continue a postponed message. - Alpine failed to read an encrypted password file if too many passwords were saved in the password file. - When selecting messages while in Threaded Index Screen, some messages other than top of threads could appear in the index, making Alpine display messages "out of the screen." - The index format would be chopped at the position of an unrecognized token, instead of skipping the token as intended. - Work in progress: Avoid calling non-safe functions when Alpine receives a signal. See bug report https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825772. - Crash when attempting to read a message after a bounce command. In order to produce a crash one needed to use the ^T subcommand and do a search in a LDAP directory. The crash is produced by changes to the text in the title bar. Reported by Heinrich Mislik in the Alpine-info list. - HTML messages that contain UTF-8 may wrap at the wrong position, making Alpine not display the correct character at the position that wrapping is done. Reported by Wang Kang. - Pico: Searching for a string that is too long causes Pico to crash in the next search. - Fix vulnerability in regex library. This only affects those who use this library, such as the windows version of Alpine. See http://www.kb.cert.org/vuls/id/695940">http://www.kb.cert.org/vuls/id/695940 for more details. - Alpine would not set include and lib paths for OpenSSL if this was installed in /usr/local/ssl. - If the .pinerc file is a symbolic link, Alpine might not write its contents when saving its configuration. - The _INIT_ token does not skip over non-alphanumeric characters in the name. Reported by Andreas Fehr. - When opening an INBOX folder in a context different from the incoming folders collection, from the command line, Alpine would open the INBOX folder from the incoming folders collection. - Mismatch in size of UCS and CELL caused a corruption in the content of a pointer, which made the speller in PC-Alpine get the content of a word incorrectly. - Skip testing openssl compatibility version when cross-compilation is detected. Fix contributed by Antti Seppalla - Alpine fails to remove temporary files used during a display or sending filter. Fix contributed by Phil Brooke. - When the index is in zoomed state, adding new messages to the selection would not show those messages if those messages are on top of the current message in the top of the screen. Reported by Ulf-Dietrich Braumann. In addition, when the user scrolls through the index, this scroll smoothly, without jumping pages. Reported by Holger Trapp. - Crash when reviewing history of saving attachments. - Crash when canceling a goto command on a local collection that has not been expanded and attempting to expand such collection. - Crash in Pico when forwarding messages that contain a direction mark at the end of a line. Reported by James Mingo. - Solve compilation errors when Alpine is built with Visual Studio 2015.
216 lines
7.8 KiB
C
216 lines
7.8 KiB
C
$NetBSD: patch-imap_src_mtest_mtest.c,v 1.3 2018/07/24 12:39:36 bsiegert Exp $
|
||
|
||
- patch up buffer handling (required to build on openbsd)
|
||
|
||
--- imap/src/mtest/mtest.c.orig 2017-02-06 00:06:22.499218141 +0000
|
||
+++ imap/src/mtest/mtest.c
|
||
@@ -151,6 +151,7 @@ void mm (MAILSTREAM *stream,long debug)
|
||
void *sdb = NIL;
|
||
char cmd[MAILTMPLEN],tmp[MAILTMPLEN];
|
||
char *s, *arg;
|
||
+ size_t argmax;
|
||
unsigned long i;
|
||
unsigned long last = 0;
|
||
BODY *body;
|
||
@@ -158,7 +159,9 @@ void mm (MAILSTREAM *stream,long debug)
|
||
while (stream) {
|
||
prompt ("MTest> ",cmd, sizeof(cmd)); /* prompt user, get command */
|
||
/* get argument */
|
||
- if ((arg = strchr (cmd,' ')) != NULL) *arg++ = '\0';
|
||
+ if (arg)
|
||
+ argmax = sizeof(cmd) - (arg - cmd);
|
||
+
|
||
switch (*ucase (cmd)) { /* dispatch based on command */
|
||
case 'B': /* Body command */
|
||
if (arg) last = atoi (arg);
|
||
@@ -185,7 +188,8 @@ void mm (MAILSTREAM *stream,long debug)
|
||
break;
|
||
}
|
||
arg = cmd;
|
||
- sprintf (arg,"%lu",last);
|
||
+ argmax = sizeof(cmd);
|
||
+ snprintf (arg, argmax, "%lu",last);
|
||
}
|
||
if (last && (last <= stream->nmsgs))
|
||
mail_setflag (stream,arg,"\\DELETED");
|
||
@@ -198,6 +202,7 @@ void mm (MAILSTREAM *stream,long debug)
|
||
case 'F': /* Find command */
|
||
if (!arg) {
|
||
arg = "%";
|
||
+ argmax = 0;
|
||
if ((s = sm_read (tmp,&sdb)) != NULL) {
|
||
puts ("Local network subscribed mailboxes:");
|
||
do if (*s == '{') (mm_lsub (NIL,NIL,s,NIL));
|
||
@@ -251,7 +256,7 @@ void mm (MAILSTREAM *stream,long debug)
|
||
}
|
||
/* get the new mailbox */
|
||
while (!(stream = mail_open (stream,arg,debug))) {
|
||
- prompt ("Mailbox: ",arg, sizeof(arg));
|
||
+ prompt ("Mailbox: ",arg, argmax);
|
||
if (!arg[0]) break;
|
||
}
|
||
last = 0;
|
||
@@ -323,7 +328,8 @@ void mm (MAILSTREAM *stream,long debug)
|
||
break;
|
||
}
|
||
arg = cmd;
|
||
- sprintf (arg,"%lu",last);
|
||
+ argmax = sizeof(cmd);
|
||
+ snprintf (arg, argmax, "%lu",last);
|
||
}
|
||
if (last > 0 && last <= stream->nmsgs)
|
||
mail_clearflag (stream,arg,"\\DELETED");
|
||
@@ -384,7 +390,7 @@ void overview_header (MAILSTREAM *stream
|
||
tmp[3] = elt->answered ? 'A' : ' ';
|
||
tmp[4] = elt->deleted ? 'D' : ' ';
|
||
mail_parse_date (&selt,ov->date);
|
||
- sprintf (tmp+5,"%4lu) ",elt->msgno);
|
||
+ snprintf (tmp+5, sizeof(tmp)-5, "%4lu) ",elt->msgno);
|
||
mail_date (tmp+11,&selt);
|
||
tmp[17] = ' ';
|
||
tmp[18] = '\0';
|
||
@@ -394,11 +400,12 @@ void overview_header (MAILSTREAM *stream
|
||
for (adr = ov->from; adr && !adr->host; adr = adr->next);
|
||
if (adr) { /* if a personal name exists use it */
|
||
if (!(t = adr->personal))
|
||
- sprintf (t = tmp+400,"%s@%s",adr->mailbox,adr->host);
|
||
+ snprintf (t = tmp+400, sizeof(tmp)-400, "%s@%s",adr->mailbox,adr->host);
|
||
memcpy (tmp+18,t,(size_t) min (20,(long) strlen (t)));
|
||
}
|
||
strcat (tmp," ");
|
||
if ((i = elt->user_flags) != 0L) {
|
||
+ /* XXX bounds? */
|
||
strcat (tmp,"{");
|
||
while (i) {
|
||
strcat (tmp,stream->user_flags[find_rightmost_bit (&i)]);
|
||
@@ -406,7 +413,7 @@ void overview_header (MAILSTREAM *stream
|
||
}
|
||
strcat (tmp,"} ");
|
||
}
|
||
- sprintf (tmp + strlen (tmp),"%.25s (%lu chars)",
|
||
+ snprintf (tmp + strlen (tmp), 400 - strlen(tmp), "%.25s (%lu chars)",
|
||
ov->subject ? ov->subject : " ",ov->optional.octets);
|
||
puts (tmp);
|
||
}
|
||
@@ -423,6 +430,7 @@ void header (MAILSTREAM *stream,long msg
|
||
unsigned long i;
|
||
char tmp[MAILTMPLEN];
|
||
char *t;
|
||
+ size_t len;
|
||
MESSAGECACHE *cache = mail_elt (stream,msgno);
|
||
mail_fetchstructure (stream,msgno,NIL);
|
||
tmp[0] = cache->recent ? (cache->seen ? 'R': 'N') : ' ';
|
||
@@ -430,7 +438,7 @@ void header (MAILSTREAM *stream,long msg
|
||
tmp[2] = cache->flagged ? 'F' : ' ';
|
||
tmp[3] = cache->answered ? 'A' : ' ';
|
||
tmp[4] = cache->deleted ? 'D' : ' ';
|
||
- sprintf (tmp+5,"%4lu) ",cache->msgno);
|
||
+ snprintf (tmp+5, sizeof(tmp)-5, "%4lu) ",cache->msgno);
|
||
mail_date (tmp+11,cache);
|
||
tmp[17] = ' ';
|
||
tmp[18] = '\0';
|
||
@@ -445,7 +453,9 @@ void header (MAILSTREAM *stream,long msg
|
||
strcat (tmp,"} ");
|
||
}
|
||
mail_fetchsubject (t = tmp + strlen (tmp),stream,msgno,(long) 25);
|
||
- sprintf (t += strlen (t)," (%lu chars)",cache->rfc822_size);
|
||
+ len = strlen (t);
|
||
+ t += len;
|
||
+ snprintf (t, sizeof(tmp)-len, " (%lu chars)",cache->rfc822_size);
|
||
puts (tmp);
|
||
}
|
||
|
||
@@ -459,31 +469,57 @@ void display_body (BODY *body,char *pfx,
|
||
{
|
||
char tmp[MAILTMPLEN];
|
||
char *s = tmp;
|
||
+ size_t len, smax = sizeof(tmp);
|
||
PARAMETER *par;
|
||
PART *part; /* multipart doesn't have a row to itself */
|
||
if (body->type == TYPEMULTIPART) {
|
||
/* if not first time, extend prefix */
|
||
- if (pfx) sprintf (tmp,"%s%ld.",pfx,++i);
|
||
+ if (pfx) snprintf (tmp, sizeof(tmp), "%s%ld.",pfx,++i);
|
||
else tmp[0] = '\0';
|
||
for (i = 0,part = body->nested.part; part; part = part->next)
|
||
display_body (&part->body,tmp,i++);
|
||
}
|
||
else { /* non-multipart, output oneline descriptor */
|
||
if (!pfx) pfx = ""; /* dummy prefix if top level */
|
||
- sprintf (s," %s%ld %s",pfx,++i,body_types[body->type]);
|
||
- if (body->subtype) sprintf (s += strlen (s),"/%s",body->subtype);
|
||
- if (body->description) sprintf (s += strlen (s)," (%s)",body->description);
|
||
- if ((par = body->parameter) != NULL) do
|
||
- sprintf (s += strlen (s),";%s=%s",par->attribute,par->value);
|
||
+ snprintf (s, smax, " %s%ld %s",pfx,++i,body_types[body->type]);
|
||
+ if (body->subtype) {
|
||
+ len = strlen(s);
|
||
+ s += len;
|
||
+ smax -= len;
|
||
+ snprintf (s, smax, "/%s",body->subtype);
|
||
+ }
|
||
+ if (body->description) {
|
||
+ len = strlen(s);
|
||
+ s += len;
|
||
+ smax -= len;
|
||
+ snprintf (s, smax, " (%s)",body->description);
|
||
+ }
|
||
+ if (par = body->parameter) do {
|
||
+ len = strlen(s);
|
||
+ s += len;
|
||
+ smax -= len;
|
||
+ snprintf (s, smax, ";%s=%s",par->attribute,par->value);
|
||
+ }
|
||
while ((par = par->next) != NULL);
|
||
- if (body->id) sprintf (s += strlen (s),", id = %s",body->id);
|
||
+ if (body->id) {
|
||
+ len = strlen(s);
|
||
+ s += len;
|
||
+ smax -= len;
|
||
+ snprintf (s, smax, ", id = %s",body->id);
|
||
+ }
|
||
switch (body->type) { /* bytes or lines depending upon body type */
|
||
case TYPEMESSAGE: /* encapsulated message */
|
||
case TYPETEXT: /* plain text */
|
||
- sprintf (s += strlen (s)," (%lu lines)",body->size.lines);
|
||
+ len = strlen(s);
|
||
+ s += len;
|
||
+ smax -= len;
|
||
+ snprintf (s, smax, " (%lu lines)",body->size.lines);
|
||
break;
|
||
default:
|
||
- sprintf (s += strlen (s)," (%lu bytes)",body->size.bytes);
|
||
+ len = strlen(s);
|
||
+ s += len;
|
||
+ smax -= len;
|
||
+ snprintf (s, smax, " (%lu bytes)",body->size.bytes);
|
||
break;
|
||
}
|
||
puts (tmp); /* output this line */
|
||
@@ -492,7 +528,7 @@ void display_body (BODY *body,char *pfx,
|
||
(body = body->nested.msg->body)) {
|
||
if (body->type == TYPEMULTIPART) display_body (body,pfx,i-1);
|
||
else { /* build encapsulation prefix */
|
||
- sprintf (tmp,"%s%ld.",pfx,i);
|
||
+ snprintf (tmp, sizeof(tmp), "%s%ld.",pfx,i);
|
||
display_body (body,tmp,(long) 0);
|
||
}
|
||
}
|
||
@@ -711,10 +747,13 @@ void mm_login (NETMBX *mb,char *user,cha
|
||
if (curhst) fs_give ((void **) &curhst);
|
||
curhst = (char *) fs_get (1+strlen (mb->host));
|
||
strcpy (curhst,mb->host);
|
||
- sprintf (s = tmp,"{%s/%s",mb->host,mb->service);
|
||
- if (*mb->user) sprintf (tmp+strlen (tmp),"/user=%s",strcpy (user,mb->user));
|
||
- if (*mb->authuser) sprintf (tmp+strlen (tmp),"/authuser=%s",mb->authuser);
|
||
- if (*mb->user) strcat (s = tmp,"} password:");
|
||
+ snprintf (s = tmp, sizeof(tmp), "{%s/%s",mb->host,mb->service);
|
||
+ if (*mb->user) snprintf (tmp+strlen (tmp), sizeof(tmp)-strlen(tmp), "/user=%s",strcpy (user,mb->user));
|
||
+ if (*mb->authuser) snprintf (tmp+strlen (tmp), sizeof(tmp)-strlen(tmp), "/authuser=%s",mb->authuser);
|
||
+ if (*mb->user) {
|
||
+ s = tmp;
|
||
+ snprintf(tmp+strlen(tmp), sizeof(tmp)-strlen(tmp), "%s", "} password:");
|
||
+ }
|
||
else {
|
||
printf ("%s} username: ",tmp);
|
||
fgets (user,NETMAXUSER-1,stdin);
|