1. 19 Jun, 2018 2 commits
  2. 18 Jun, 2018 5 commits
    • Eike Rathke's avatar
      Allow larger passphrase timeout values · 4bc76c2f
      Eike Rathke authored
      This came up in the comp.mail.mutt newsgroup where a user wasn't
      satisfied with the SHORT_MAX seconds ~9 hours limit on passphrase
      timeouts.
      
      For the first time made it necessary for the options parser to be
      able to parse numbers as long values. Also, introduced
      mutt_add_timeout() to detect possible overflow before adding a
      timeout to a time_t value and truncate to TIME_T_MAX instead.
      4bc76c2f
    • Vincent Lefevre's avatar
      Updated French translation. · 508ff237
      Vincent Lefevre authored
      508ff237
    • Kevin J. McCarthy's avatar
      Merge branch 'stable' · e26e5664
      Kevin J. McCarthy authored
      e26e5664
    • Philipp Gesang's avatar
      crypt-gpgme: prevent crash on bad S/MIME signature · df4affd1
      Philipp Gesang authored
      Inform the user about the fingerprint being unavailable instead
      of crashing if the S/MIME signature is bad.
      df4affd1
    • Kevin J. McCarthy's avatar
      Convert context and buffy to use nanosecond timestamps. · 120f63a9
      Kevin J. McCarthy authored
      The inotify interface has an unfortunate side effect of making Mutt
      react too quickly to new mail.  Sometimes, the mail is only
      half-delivered when the mailbox is checked.  Because Mutt is using the
      stat mtime - seconds resolution - this means it won't realize there
      are more messages delivered during the same second.
      
      Nanosecond resolution fields were standardized in POSIX.1-2008, so
      check for and use those if they are available.
      120f63a9
  3. 14 Jun, 2018 3 commits
    • Vincent Lefevre's avatar
      Updated French translation. · 7ec17b81
      Vincent Lefevre authored
      7ec17b81
    • Brandon Long's avatar
      Support for using OAUTHBEARER for smtp. · fcd33398
      Brandon Long authored
      This also means a bunch of smtp auth stuff is now compiled in by
      default (with --enable-smtp) without having sasl
      fcd33398
    • Brandon Long's avatar
      Initial support for OAUTHBEARER for IMAP. · 798f749e
      Brandon Long authored
      Gmail supports RFC 7628 for using OAUTH with IMAP, and they really don't
      like you using password based auth.  You can still enable "less secure
      apps" and then generate an application specific password, but I figured it
      was time to support it.
      
      Being mutt, I punted on some of the "hard" work to an external script, ie
      getting/refreshing the OAUTH tokens.  This avoids the issue of how do you
      have a client-id and client-secret for an open source project, and the fact
      that OAUTH discovery is still nascent, so you'd likely need separate things
      for each of the providers.
      
      At least for Gmail, you can use the oauth2.py script from Google's
      gmail-oauth2-tools:
      https://github.com/google/gmail-oauth2-tools/blob/master/python/oauth2.py
      
      You'd need to get your own oauth client credentials for Gmail here:
      https://console.developers.google.com/apis/credentials
      
      Then, you'd use oauth2.py with --generate_oauth2_token to get a refresh
      token, and configure mutt with:
      
      set imap_authenticators="oauthbearer"
      set imap_user="<email_address>"
      set imap_pass=`/path/to/oauth2.py --quiet --user=<email_address>
      --client_id=<client_id> --client_secret=<client_secret>
      --refresh_token=<refresh_token>`
      
      For this patch, I didn't add any new configuration, but I'm open to
      suggestions on that.
      
      The patch also only support SASL-IR to reduce round-trips to the server,
      but it's certainly possible to change that if we think there are
      OAUTHBEARER IMAP servers that don't support SASL-IR.  It also requires the
      connection to be encrypted as the access token is re-usable for an hour or
      so.  Again, Gmail only allows encrypted IMAP connections, not sure if any
      OAUTHBEARER services allow non-encrypted.
      
      Turns out that auth failure leaves you in SASL mode, so I have a hack to
      issue a noop command on error.  Not sure if that's just OAUTHBEARER
      oddness, or whether I should be using lower level mutt imap functions.
      798f749e
  4. 10 Jun, 2018 1 commit
    • Kevin J. McCarthy's avatar
      Move mutt_getch() timeout value into curs_lib.c · 1acb708b
      Kevin J. McCarthy authored
      Change monitor.c to reference the curs_lib value, instead of
      vice-versa.
      
      We need to store the value for both monitor.c's poll and for
      mutt_monitor_ch() to perform an initial non-blocking check of ncurses'
      getch() buffer.
      1acb708b
  5. 08 Jun, 2018 3 commits
  6. 06 Jun, 2018 1 commit
  7. 05 Jun, 2018 2 commits
    • Kevin J. McCarthy's avatar
      Merge branch 'stable' · 8c99b1f3
      Kevin J. McCarthy authored
      8c99b1f3
    • Kevin J. McCarthy's avatar
      Add GnuPG status fd checks for inline pgp. · edb4ec84
      Kevin J. McCarthy authored
      The difficulty is that "BEGIN PGP MESSAGE" could be a signed and
      armored part, so we can't fail hard if it isn't encrypted.
      
      Change pgp_check_decryption_okay() to return more status codes, with
      >=0 indicating an actual decryption; -2 and -1 indicating plaintext
      found; and -3 indicating an actual DECRYPTION_FAILED status code seen.
      
      Fail hard on -3, but change the message for -2 and -1 to indicate the
      message was not encrypted.
      edb4ec84
  8. 04 Jun, 2018 3 commits
    • Kevin J. McCarthy's avatar
      Merge branch 'stable' · 71263490
      Kevin J. McCarthy authored
      71263490
    • Kevin J. McCarthy's avatar
      Add $pgp_check_gpg_decrypt_status_fd. · 8ec6d766
      Kevin J. McCarthy authored
      If set (the default) mutt performs more thorough checking of the
      $pgp_decrypt_command status output for GnuPG result codes.
      
      Ticket #39 revealed that GnuPG (currently) does not protect against
      messages that have been manipulated to contain an empty encryption
      packet followed by a plaintext packet.
      
      A huge thanks to Marcus Brinkmann for researching this issue, taking
      the time to report it to us (and the GnuPG team), and taking even more
      time to clarify exactly what needed to be checked for.   
      8ec6d766
    • Kevin J. McCarthy's avatar
      Add new timeout functions to work with inotify monitors. · 3d2cef4a
      Kevin J. McCarthy authored
      The ncurses timeout() function doesn't affect the new poll inside
      mutt_monitor_poll().  This meant that $imap_keepalive and $timeout
      were not being respected when the monitor was used.
      
      Create mutt_getch_timeout(), which delegates to timeout() and sets a
      timeout value mutt_monitor_poll() uses too.
      3d2cef4a
  9. 03 Jun, 2018 6 commits
  10. 01 Jun, 2018 1 commit
  11. 28 May, 2018 2 commits
  12. 21 May, 2018 2 commits
    • Kevin J. McCarthy's avatar
      Remove mutt_buffer_new() NULL retval checks. · 63cb8a0a
      Kevin J. McCarthy authored
      It will fail, rather than return NULL.
      
      Further clean up imap_new_data() since it also had NULL checks for
      safe_calloc() that shouldn't happen.
      63cb8a0a
    • Kevin J. McCarthy's avatar
      Fix mutt_strncmp size comparison for 'uncolor header'. · a001b1d3
      Kevin J. McCarthy authored
      Thanks to Fabian Groffen for pointing out the discrepancy.
      
      mutt_extract_token() null-terminates the token,, so actually there is
      no need to use "strncmp" for the comparison in this case.
      
      However, since the token is being checked against Fields there is no
      potential harm of a prefix match, so we should fix the number to be
      consistent with the other token comparisons.
      a001b1d3
  13. 19 May, 2018 1 commit
  14. 17 May, 2018 3 commits
  15. 14 May, 2018 1 commit
  16. 10 May, 2018 2 commits
  17. 09 May, 2018 2 commits