diff options
author | wiz <wiz@pkgsrc.org> | 2016-02-22 12:13:26 +0000 |
---|---|---|
committer | wiz <wiz@pkgsrc.org> | 2016-02-22 12:13:26 +0000 |
commit | 2bc53632d1cce745529104c53621199c4ed48350 (patch) | |
tree | cabd965bb9233a7fd982f69b1e80ce380d0b1700 /mail/mutt | |
parent | cc726a3c1c91de0213923ecee6e30dfcda75257b (diff) | |
download | pkgsrc-2bc53632d1cce745529104c53621199c4ed48350.tar.gz |
mutt{,-kz}: add upstream patch for better S/MIME support, bump PKGREVISION.
# HG changeset patch
# User Kevin McCarthy <kevin@8t8.us>
# Date 1449022827 28800
# Tue Dec 01 18:20:27 2015 -0800
# Node ID 5e5aff1782dc62044197c2230d346bd492706fbf
# Parent 428a92464d5bccccda818bed598610db212fcf7c
Loosen mutt_signed_handler() protocol value consistency check. (closes #3639)
Apparently, for S/MIME, some MUAs mismatch the protocol value of
the multipart/signed and the content-type of the signature: putting
"pkcs7-signature" in one and "x-pkcs7-signature" in the other.
Change mutt_signed_handler() to independently verify the values of the
protocol and the content-type. This still checks for correct values but
doesn't ensure they match between the two (for S/MIME).
Diffstat (limited to 'mail/mutt')
-rw-r--r-- | mail/mutt/Makefile | 4 | ||||
-rw-r--r-- | mail/mutt/distinfo | 3 | ||||
-rw-r--r-- | mail/mutt/patches/patch-crypt.c | 124 |
3 files changed, 128 insertions, 3 deletions
diff --git a/mail/mutt/Makefile b/mail/mutt/Makefile index 0719cd8aba5..8f909d4b1e2 100644 --- a/mail/mutt/Makefile +++ b/mail/mutt/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.174 2016/01/07 15:19:41 wiz Exp $ +# $NetBSD: Makefile,v 1.175 2016/02/22 12:13:26 wiz Exp $ DISTNAME= mutt-1.5.24 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= mail MASTER_SITES= ftp://ftp.mutt.org/pub/mutt/ diff --git a/mail/mutt/distinfo b/mail/mutt/distinfo index d180fbccdb3..825a35fb896 100644 --- a/mail/mutt/distinfo +++ b/mail/mutt/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.39 2015/11/03 23:27:10 agc Exp $ +$NetBSD: distinfo,v 1.40 2016/02/22 12:13:26 wiz Exp $ SHA1 (mutt-1.5.24.tar.gz) = 38a2da5eb01ff83a90a2caee28fa2e95dbfe6898 RMD160 (mutt-1.5.24.tar.gz) = 7fe7e653c27c9b580f958493638c1248d0ad5591 @@ -21,3 +21,4 @@ SHA1 (patch-an) = b9cc3e957bb1650c8e22c0edf0ce112f769664a1 SHA1 (patch-ao) = a5dddb01d30f28337ca825c6461139c2d9f288d5 SHA1 (patch-ap) = c6f79d5c4e19efdc15e9d5a59934da52b16b7a62 SHA1 (patch-aq) = e363d8929ced9731a31af1137b111d3476a3d05d +SHA1 (patch-crypt.c) = 05cc74fe4ff2543029d82cbeedc27302db9ec4a7 diff --git a/mail/mutt/patches/patch-crypt.c b/mail/mutt/patches/patch-crypt.c new file mode 100644 index 00000000000..45bb61a173e --- /dev/null +++ b/mail/mutt/patches/patch-crypt.c @@ -0,0 +1,124 @@ +$NetBSD: patch-crypt.c,v 1.1 2016/02/22 12:13:26 wiz Exp $ + +# HG changeset patch +# User Kevin McCarthy <kevin@8t8.us> +# Date 1449022827 28800 +# Tue Dec 01 18:20:27 2015 -0800 +# Node ID 5e5aff1782dc62044197c2230d346bd492706fbf +# Parent 428a92464d5bccccda818bed598610db212fcf7c +Loosen mutt_signed_handler() protocol value consistency check. (closes #3639) + +Apparently, for S/MIME, some MUAs mismatch the protocol value of +the multipart/signed and the content-type of the signature: putting +"pkcs7-signature" in one and "x-pkcs7-signature" in the other. + +Change mutt_signed_handler() to independently verify the values of the +protocol and the content-type. This still checks for correct values but +doesn't ensure they match between the two (for S/MIME). + +--- crypt.c.orig 2013-02-06 13:22:15.000000000 +0000 ++++ crypt.c +@@ -772,9 +772,8 @@ static void crypt_fetch_signatures (BODY + int mutt_signed_handler (BODY *a, STATE *s) + { + char tempfile[_POSIX_PATH_MAX]; +- char *protocol; +- int protocol_major = TYPEOTHER; +- char *protocol_minor = NULL; ++ int signed_type; ++ int inconsistent = 0; + + BODY *b = a; + BODY **signatures = NULL; +@@ -786,29 +785,44 @@ int mutt_signed_handler (BODY *a, STATE + if (!WithCrypto) + return -1; + +- protocol = mutt_get_parameter ("protocol", a->parameter); + a = a->parts; +- +- /* extract the protocol information */ +- +- if (protocol) ++ signed_type = mutt_is_multipart_signed (b); ++ if (!signed_type) + { +- char major[STRING]; +- char *t; +- +- if ((protocol_minor = strchr (protocol, '/'))) protocol_minor++; +- +- strfcpy (major, protocol, sizeof(major)); +- if((t = strchr(major, '/'))) +- *t = '\0'; +- +- protocol_major = mutt_check_mime_type (major); ++ /* A null protocol value is already checked for in mutt_body_handler() */ ++ state_printf (s, _("[-- Error: " ++ "Unknown multipart/signed protocol %s! --]\n\n"), ++ mutt_get_parameter ("protocol", b->parameter)); ++ return mutt_body_handler (a, s); + } + +- /* consistency check */ +- +- if (!(a && a->next && a->next->type == protocol_major && +- !mutt_strcasecmp (a->next->subtype, protocol_minor))) ++ if (!(a && a->next)) ++ inconsistent = 1; ++ else ++ { ++ switch (signed_type) ++ { ++ case SIGN: ++ if (a->next->type != TYPEMULTIPART || ++ ascii_strcasecmp (a->next->subtype, "mixed")) ++ inconsistent = 1; ++ break; ++ case PGPSIGN: ++ if (a->next->type != TYPEAPPLICATION || ++ ascii_strcasecmp (a->next->subtype, "pgp-signature")) ++ inconsistent = 1; ++ break; ++ case SMIMESIGN: ++ if (a->next->type != TYPEAPPLICATION || ++ (ascii_strcasecmp (a->next->subtype, "x-pkcs7-signature") && ++ ascii_strcasecmp (a->next->subtype, "pkcs7-signature"))) ++ inconsistent = 1; ++ break; ++ default: ++ inconsistent = 1; ++ } ++ } ++ if (inconsistent) + { + state_attach_puts (_("[-- Error: " + "Inconsistent multipart/signed structure! --]\n\n"), +@@ -816,27 +830,6 @@ int mutt_signed_handler (BODY *a, STATE + return mutt_body_handler (a, s); + } + +- +- if ((WithCrypto & APPLICATION_PGP) +- && protocol_major == TYPEAPPLICATION +- && !ascii_strcasecmp (protocol_minor, "pgp-signature")) +- ; +- else if ((WithCrypto & APPLICATION_SMIME) +- && protocol_major == TYPEAPPLICATION +- && !(ascii_strcasecmp (protocol_minor, "x-pkcs7-signature") +- && ascii_strcasecmp (protocol_minor, "pkcs7-signature"))) +- ; +- else if (protocol_major == TYPEMULTIPART +- && !ascii_strcasecmp (protocol_minor, "mixed")) +- ; +- else +- { +- state_printf (s, _("[-- Error: " +- "Unknown multipart/signed protocol %s! --]\n\n"), +- protocol); +- return mutt_body_handler (a, s); +- } +- + if (s->flags & M_DISPLAY) + { + |