| Age | Commit message (Collapse) | Author |
|---|
|
Fixes: 1afaa74a19ee ("gpgme integration. See documentation for $crypt_use_gpgme, and http://www.gnupg.org/aegypten2/.")
|
|
This works around Outlook sending application/pkcs7-mime ".p7m" parts
without a smime-type parameter.
Mutt previously hardcoded an assumption that these were SignedData to
work around an old Outlook book. However Outlook now appears to also
send EnvelopedData in this form.
|
|
|
|
|
|
The code was only looking to see if $envelope_from_address had a
value, not if $use_envelope_from was set.
Add extra safety checks to make sure the mailbox value isn't NULL.
|
|
If the account-hook invoked by mutt_conn_find() modifies
$envelope_from_address, envfrom could point no longer point to the
address.
Move the mutt_conn_find() before the code that determines the envelope
from address.
|
|
|
|
|
|
This is another crash caused by the rfc2047 decoding bug fixed in the
second prior commit.
In this case, an empty header line followed by a header line starting
with ":", would result in t==end.
The mutt_substrdup() further below would go very badly at that point,
with t >= end+1. This could result in either a memcpy onto NULL or a
huge malloc call.
Thanks to Chenyuan Mi (@morningbread) for giving a working example
draft message of the rfc2047 decoding flaw. This allowed me, with
further testing, to discover this additional crash bug.
|
|
When composing an email, miscellaneous extra headers are stored in a
userhdrs list. Mutt first checks to ensure each header contains at
least a colon character, passes the entire userhdr field (name, colon,
and body) to the rfc2047 decoder, and safe_strdup()'s the result on
the userhdrs list. An empty result would from the decode would result
in a NULL headers being added to list.
The previous commit removed the possibility of the decoded header
field being empty, but it's prudent to add a check to the strchr
calls, in case there is another unexpected bug resulting in one.
Thanks to Chenyuan Mi (@morningbread) for discovering the two strchr
crashes, giving a working example draft message, and providing the
stack traces for the two NULL derefences.
|
|
For some reason, the rfc2047 base64 decoder ignored illegal
characters, instead of aborting. This seems innocuous, but in fact
leads to at least three crash-bugs elsewhere in Mutt.
These stem from Mutt, in some cases, passing an entire header
field (name, colon, and body) to the rfc2047 decoder. (It is
technically incorrect to do so, by the way, but is beyond scope for
these fixes in stable). Mutt then assumes the result can't be empty
because of a previous check that the header contains at least a colon.
This commit takes care of the source of the crashes, by aborting the
rfc2047 decode. The following two commits add protective fixes to the
specific crash points.
Thanks to Chenyuan Mi (@morningbread) for discovering the strchr
crashes, giving a working example draft message, and providing the
stack traces for the two NULL derefences.
|
|
It's very old behavior, but doesn't seem to be documented anywhere.
Thanks to Charles for pointing that out.
|
|
|
|
|
|
Commit 012981e8 (in release 2.2.9) updated the GPGME autoconf files,
to fix a build issue with newer GPGME releases.
Unfortunatley that caused a build issue for hosts where the gpg-error
header files aren't in the include path. The newer autoconf file
expect GPG_ERROR_CFLAGS to be added to the list of flags for the
compiler.
Thanks to Will Yardley for reporting the issue and quickly testing the
proposed fix.
|
|
|
|
When uncollapsing, _mutt_traverse_thread() returns the virtual number
of the root message in the thread. <collapse-thread> directly sets
menu->current to this value to cause the cursor to be on the *first*
message of the thread (which isn't the same as the root message when
sort=reverse-threads). <collapse-all> finds the corresponding message
by searching for it after re-indexing.
However, when collapsing, _mutt_traverse_thread() had code to try and
find the *first* message in the thread and return that virtual number.
<collapse-thread> then did the same trick, because the old first
message is now the new root message for sort=reverse-threads.
However, that cleverness caused a bug for <collapse-all> - it can't
use that virtual number directly, and it can't "find" the message at
the index after reindexing.
To fix this, remove the cleverness from _mutt_traverse_thread() when
collapsing. Return the virtual number of the root. Add searching
behavior for <collapse-thread> to fix its behavior.
|
|
|
|
|
|
This is generated from the copyright-updater script, with manual
updates for the main.c and documentation, and po files.
|
|
We don't want to copy the deleted flag over to the trash folder too.
I looked into various ways to keep the UID COPY, but they lead to
niggling issues with error handling along with handling if the server
sends flag updates back to the client.
So for that (hopefully rare) case, abort the fast trash and just use a
regular copy.
|
|
Split XOAUTH2 to use two steps.
This follows the microsoft.com documentation example for smtp. Since
office365 is the main site using XOAUTH2 now, it's better to match
their documentation.
It also matches msmtp's behavior, which probably means somewhere or
another needs it that way.
At the same time, improve response code checking. Mutt was using
smtp_get_resp() before, which returns 0 for both a ready and success
response code. Make sure it's a success response code when done
authenticating.
|
|
The character '/' from base64 alphabet breaks web redirectors if the
message-id from an email is used as part of the URL for redirectors and/
or automatic pointers to an email.
Use the URL safe alphabet from RFC4648 section 5 for message id
generation.
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
|
|
In the base64 safe URL dictionary the characters '+' and '/' are
replaced by '-' and '_'.
Add the characters to Index_64 to allow decoding if needed.
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
|
|
There are cases when using the 'authcode' grant where the authorization
request will succeed but the access token request will fail (for
example: if the user's web browser and terminal use different proxy
settings). The current implementation of the script does not inform
the user that the authorization token is being exchanged for an access
code, with the result that it can appear that a request has both
succeeded (according to the browser) and failed (according to the
terminal output) simultaneously. Add a message to inform the user that
a second request is being made so there is less potential for confusion.
|
|
I think it probably makes more sense to be inside the (if) function
documentation than (equal).
|
|
The maildir_check_mailbox() code was not updating the context deleted
and trashed counts in those cases. This could lead to messages marked
as deleted, but no action being taken on a mailbox sync/close.
wip: fix ctx counts for maildir 'T' flags updates.
|
|
There doesn't appear to be any relationship between $mark_old and "new
mail" status any more.
Commit c26c2531 (from 2002) is the most recent commit that talked
about reducing the meaning of $mark_old, and may have been the commit
to make that separation.
|
|
They evaluate to "yes" and "no", and so need an explicit comparison to
those values when using the equal function.
|
|
I partially changed this to lazily update after a thread update in
commit c9fa0414, but unfortunately didn't investigate the reason for
the color update while setting a flag. Since it was that way, I
assumed it was for a purpose.
However, it turns out there is no need to actively set the header
color in that function. Many places in Mutt already simply reset the
color values to 0 to invalidate and cause a recheck later.
Setting the color there so can even be detrimental, if the user has
slow 'color index' lines. For example doing a <tag-pattern>~A will
cause the color to be computed for the *entire* mailbox. Now, the
user ought to not have a slow color index line, but if they do, this
causes unnecessary pain.
Note that the header->color doesn't have an actual "unset" value,
which could also help performance. Maybe in the future in master
branch.
|
|
"U+200C ZERO WIDTH NON-JOINER" is generating '?' on some systems.
|
|
|
|
|
|
This is useful for octal values of greater (or less) than three
digits.
|
|
The IsPrint() was grabbing values outside the range of a char.
Instead, restrict the range and fall back to the <octal> syntax, which
the muttrc actually accepts.
|
|
The former sets $GPGRT_CONFIG which the latter needs to find and use
gpgrt-config instead of gpgme-config.
|
|
GPGME is transitioning away from gpgme-config, to gpgrt-config, and
the new autoconf files are required to make the transition.
Thanks to Vincent Lefèvre for reporting the problem and helping test
the required fixes.
|
|
Remove the sentence saying it isn't supported from the Batch
Composition Flow section of the manual.
|
|
|
|
|
|
These are the errors output with:
-Werror=implicit-int -Werror=implicit-function-declaration
-Werror=int-conversion -Werror=strict-prototypes
-Werror=old-style-definition
|
|
Indicate more clearly it is talking about "delivered" messages that
arrive in a thread, not about the unread-status of those messages.
|
|
For gpgme < 1.11.0, it used this function to create the encryption key
list. The '!' was interpreted differently back then, and it
apparently didn't check if the returned key had any uids before
referencing it. Add a check to prevent a segv as in the public key
block fix.
|
|
Commit 382355a5 accidentally removed the data import for legacy mode,
which would cause it to produce empty output.
|
|
The gpgme code handling classic application/pgp assumed each key would
have a uid. Change it to check for a missing uid list.
Also change it to list every uid (instead of only the first), and to
put each one on a "uid" line in the output.
The output is only for display, so the format change won't affect
other parts of the code.
Thanks to Mikko Lehto for the high quality bug report, detailing the
exact place of the crash with a reproducing example and a workaround
patch.
|
|
There are some prompts that can cause it to abruptly fail, but it
turns out SMTP has some of those too.
For now, abort if $confirmcreate is set.
Certificate prompts were fixed in commit c46db2be for 2.2.7.
|
|
If $fcc_before_send is set, then abort with an error message.
If it's not set (the default), then continue on, as the message is
already sent.
|
|
The index had some (very very old) code which reset the scroll top
during SIGWINCH handling. This caused a recomputation of the top,
which caused the index to jumble around randomly during resizing.
The last few commits added SigWinch flag setting whenever
mutt_endwin() was called, which meant this jumbling would occur much
more often. (For example when piping a message.)
After looking more closely, this top reset seems to be unnecessary. A
full redraw needs to properly handle the case where "current" is
outside the visible range, because a resize could occur in a called
menu. Additionally, the menu.c code does just fine without this, and
is used for all the other standard menus in Mutt.
Thanks to Vincent Lefèvre for helping test the SigWinch changes, and
reporting this regression.
|
|
|
|
mutt_resize_screen() calls mutt_reflow_windows(), which records window
sizes in those data structures. After a endwin(), curses will also
check the terminal size, but it if uses a different policy than Mutt,
the screen will be drawn incorrectly.
I looked into adding a config option to change this, but ran into a
chicken-egg problem. initscr() must be called before the config is
processed, to allow for color setting. However, use_env() must be
called before initscr(). So for now, just set to policy to ignore the
env vars, except as a fallback.
|
