1. 22 Jun, 2009 1 commit
  2. 16 May, 2008 1 commit
  3. 17 Sep, 2005 2 commits
  4. 27 Jan, 2005 1 commit
  5. 12 Jan, 2004 1 commit
  6. 02 Apr, 2003 1 commit
  7. 05 Jan, 2003 2 commits
  8. 22 Dec, 2002 1 commit
  9. 02 Mar, 2002 1 commit
    • Thomas Roessler's avatar
      smime.c: · 40f96d38
      Thomas Roessler authored
       - the getkeys() function was broken and deleted the last char
         of the certfilename
       - it now lets me use more than one key for the same mailbox
         ie select these.
       - some display output was garbled when the email didn't match.
         i posted some fix to mutt-users, but i don't like that sleep()
         so i dropped the first error message, which basically repeated
         the from/sender field only. so now there's just the message: they
         don't match.
      
      smime_keys:
       - i modified the add_chain to continue even if no roo-cert
         is present (david collantes received som chain that got
         exported from outlook. obiously they don't (always ?)
         include the root cert) it will now abort if neither root
         nor intermediate certs are present.
       - add_cert created index entries with '-' as issuer cert, when
         it should have been '?'. thus verify would fail. (obviously
         nobody ever used that command (add_cert, that is) :)
      
      the feature above obsoletes the hash_cert and fingerprint_cert commands,
      adds import_cert command and ask_cert_label bool. i modified the output
      of smime_keys (a little) so it doesn't look too garbled when supplying
      the label (it is actually interactive :) furthermore, i do a verify
      after the cert was added and modified the verify routine to make the
      cerificate trusted in case of success. (we discussed this in another
      message) that is ok so far, but perhaps this requires some better root
      certificate handling, ie the trust should be somehow connected to the
      root certificate, that maybe added (if the user trusts it and its not
      present already) to the ca-file. i'll think about that some more ... but
      then, there already is the add_root command. hmmm... (btw, you'll now
      never get asked to trust a certificate)
      
      i have not yet deleted the email handling from the import key stuff (in
      smime.c/crypt.c), for i'm thinking about smime_keys using it as an
      additional arg. otoh i don't think users would press ^k if verification
      failed...hmmm... but still, smime_keys does extract the email from the
      certificate either way and does verify it by itself, so the only thing
      that would happen is to have some invalid certificates, that mutt'll
      refuse to use anyways, left in the database....
      
      (From Oliver Ehli.)
      40f96d38
  10. 28 Feb, 2002 1 commit
    • Thomas Roessler's avatar
      The script will try to pick out the end-user cert and pass that to · b70526b6
      Thomas Roessler authored
      openssl. The code which tells the difference may not be perfect. It
      works with all the certs in my collection, though. I won't be at all
      surprised if someone comes across a cert chain which confuses it,
      but it should print out an error in that case. Hopefully they will
      send us the chain so we can adjust our code.
      
      (From Mike Schiraldi.)
      b70526b6
  11. 12 Feb, 2002 1 commit
  12. 11 Feb, 2002 1 commit
  13. 07 Feb, 2002 2 commits
  14. 05 Feb, 2002 2 commits
    • Thomas Roessler's avatar
      Clean-up from Mike Schiraldi. · 2f84e44b
      Thomas Roessler authored
      2f84e44b
    • Thomas Roessler's avatar
      S/MIME fixes from Oliver Ehli: · ee217d50
      Thomas Roessler authored
      - smime_keys.pl:
      
        support for multiple email adrresses in cert: will add one entry
        to {keys, cetrificates}/.index now (for each mailbox)
      
        support for certificates without intermediate certs (e.g. for
        people who are their own CA: use root as intermediate, for it
        probably wouldn't be known to anyone...)
      
        bugfix in handle_pem: the checks if some type of cert is present;
        die() could never be reached, as the variables checked wouldn't
        have been set in that case, so it would break because of undefined
        value or some such thing.... (so it has to check $iter instead)
      
      - smime.c (init.h, ....)
      
        support for importing certificates issued for multiple addresses.
      
        introduced smime_fingerprint_cert_command, so finally certs can
        get compared ... (so the above works..)
      
        cleaned up some error messages, that would mess up the terminal.
      
        fixed typos (init.h)
      ee217d50
  15. 01 Feb, 2002 1 commit
  16. 31 Jan, 2002 1 commit
  17. 24 Jan, 2002 1 commit