mutt{,-kz}: add upstream patch for better S/MIME support, bump PKGREVISION.

# HG changeset patch # User Kevin McCarthy <kevin@8t8.us> # Date 1449022827 28800 # Tue Dec 01 18:20:27 2015 -0800 # Node ID 5e5aff1782dc62044197c2230d346bd492706fbf # Parent 428a92464d5bccccda818bed598610db212fcf7c Loosen mutt_signed_handler() protocol value consistency check. (closes #3639) Apparently, for S/MIME, some MUAs mismatch the protocol value of the multipart/signed and the content-type of the signature: putting "pkcs7-signature" in one and "x-pkcs7-signature" in the other. Change mutt_signed_handler() to independently verify the values of the protocol and the content-type. This still checks for correct values but doesn't ensure they match between the two (for S/MIME).
author: wiz <wiz@pkgsrc.org> 2016-02-22 12:13:26 +0000
committer: wiz <wiz@pkgsrc.org> 2016-02-22 12:13:26 +0000
commit: 2bc53632d1cce745529104c53621199c4ed48350 (patch)
tree: cabd965bb9233a7fd982f69b1e80ce380d0b1700 /mail/mutt
parent: cc726a3c1c91de0213923ecee6e30dfcda75257b (diff)
download: pkgsrc-2bc53632d1cce745529104c53621199c4ed48350.tar.gz
3 files changed, 128 insertions, 3 deletions
diff --git a/mail/mutt/Makefile b/mail/mutt/Makefile
index 0719cd8aba5..8f909d4b1e2 100644
--- a/mail/mutt/Makefile
+++ b/mail/mutt/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.174 2016/01/07 15:19:41 wiz Exp $
+# $NetBSD: Makefile,v 1.175 2016/02/22 12:13:26 wiz Exp $
 
 DISTNAME=		mutt-1.5.24
-PKGREVISION=		1
+PKGREVISION=		2
 CATEGORIES=		mail
 MASTER_SITES=		ftp://ftp.mutt.org/pub/mutt/
 
diff --git a/mail/mutt/distinfo b/mail/mutt/distinfo
index d180fbccdb3..825a35fb896 100644
--- a/mail/mutt/distinfo
+++ b/mail/mutt/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.39 2015/11/03 23:27:10 agc Exp $
+$NetBSD: distinfo,v 1.40 2016/02/22 12:13:26 wiz Exp $
 
 SHA1 (mutt-1.5.24.tar.gz) = 38a2da5eb01ff83a90a2caee28fa2e95dbfe6898
 RMD160 (mutt-1.5.24.tar.gz) = 7fe7e653c27c9b580f958493638c1248d0ad5591
@@ -21,3 +21,4 @@ SHA1 (patch-an) = b9cc3e957bb1650c8e22c0edf0ce112f769664a1
 SHA1 (patch-ao) = a5dddb01d30f28337ca825c6461139c2d9f288d5
 SHA1 (patch-ap) = c6f79d5c4e19efdc15e9d5a59934da52b16b7a62
 SHA1 (patch-aq) = e363d8929ced9731a31af1137b111d3476a3d05d
+SHA1 (patch-crypt.c) = 05cc74fe4ff2543029d82cbeedc27302db9ec4a7
diff --git a/mail/mutt/patches/patch-crypt.c b/mail/mutt/patches/patch-crypt.c
new file mode 100644
index 00000000000..45bb61a173e
--- /dev/null
+++ b/mail/mutt/patches/patch-crypt.c
@@ -0,0 +1,124 @@
+$NetBSD: patch-crypt.c,v 1.1 2016/02/22 12:13:26 wiz Exp $
+
+# HG changeset patch
+# User Kevin McCarthy <kevin@8t8.us>
+# Date 1449022827 28800
+#      Tue Dec 01 18:20:27 2015 -0800
+# Node ID 5e5aff1782dc62044197c2230d346bd492706fbf
+# Parent  428a92464d5bccccda818bed598610db212fcf7c
+Loosen mutt_signed_handler() protocol value consistency check.  (closes #3639)
+
+Apparently, for S/MIME, some MUAs mismatch the protocol value of
+the multipart/signed and the content-type of the signature: putting
+"pkcs7-signature" in one and "x-pkcs7-signature" in the other.
+
+Change mutt_signed_handler() to independently verify the values of the
+protocol and the content-type.  This still checks for correct values but
+doesn't ensure they match between the two (for S/MIME).
+
+--- crypt.c.orig	2013-02-06 13:22:15.000000000 +0000
++++ crypt.c
+@@ -772,9 +772,8 @@ static void crypt_fetch_signatures (BODY
+ int mutt_signed_handler (BODY *a, STATE *s)
+ {
+   char tempfile[_POSIX_PATH_MAX];
+-  char *protocol;
+-  int protocol_major = TYPEOTHER;
+-  char *protocol_minor = NULL;
++  int signed_type;
++  int inconsistent = 0;
+   
+   BODY *b = a;
+   BODY **signatures = NULL;
+@@ -786,29 +785,44 @@ int mutt_signed_handler (BODY *a, STATE 
+   if (!WithCrypto)
+     return -1;
+ 
+-  protocol = mutt_get_parameter ("protocol", a->parameter);
+   a = a->parts;
+-
+-  /* extract the protocol information */
+-  
+-  if (protocol)
++  signed_type = mutt_is_multipart_signed (b);
++  if (!signed_type)
+   {
+-    char major[STRING];
+-    char *t;
+-
+-    if ((protocol_minor = strchr (protocol, '/'))) protocol_minor++;
+-    
+-    strfcpy (major, protocol, sizeof(major));
+-    if((t = strchr(major, '/')))
+-      *t = '\0';
+-    
+-    protocol_major = mutt_check_mime_type (major);
++    /* A null protocol value is already checked for in mutt_body_handler() */
++    state_printf (s, _("[-- Error: "
++                       "Unknown multipart/signed protocol %s! --]\n\n"),
++                  mutt_get_parameter ("protocol", b->parameter));
++    return mutt_body_handler (a, s);
+   }
+ 
+-  /* consistency check */
+-
+-  if (!(a && a->next && a->next->type == protocol_major && 
+-      !mutt_strcasecmp (a->next->subtype, protocol_minor)))
++  if (!(a && a->next))
++    inconsistent = 1;
++  else
++  {
++    switch (signed_type)
++    {
++      case SIGN:
++        if (a->next->type != TYPEMULTIPART ||
++            ascii_strcasecmp (a->next->subtype, "mixed"))
++          inconsistent = 1;
++        break;
++      case PGPSIGN:
++        if (a->next->type != TYPEAPPLICATION ||
++            ascii_strcasecmp (a->next->subtype, "pgp-signature"))
++          inconsistent = 1;
++        break;
++      case SMIMESIGN:
++        if (a->next->type != TYPEAPPLICATION ||
++            (ascii_strcasecmp (a->next->subtype, "x-pkcs7-signature") &&
++             ascii_strcasecmp (a->next->subtype, "pkcs7-signature")))
++          inconsistent = 1;
++        break;
++      default:
++        inconsistent = 1;
++    }
++  }
++  if (inconsistent)
+   {
+     state_attach_puts (_("[-- Error: "
+                          "Inconsistent multipart/signed structure! --]\n\n"),
+@@ -816,27 +830,6 @@ int mutt_signed_handler (BODY *a, STATE 
+     return mutt_body_handler (a, s);
+   }
+ 
+-  
+-  if ((WithCrypto & APPLICATION_PGP)
+-      && protocol_major == TYPEAPPLICATION
+-      && !ascii_strcasecmp (protocol_minor, "pgp-signature"))
+-    ;
+-  else if ((WithCrypto & APPLICATION_SMIME)
+-           && protocol_major == TYPEAPPLICATION
+-	   && !(ascii_strcasecmp (protocol_minor, "x-pkcs7-signature")
+-	       && ascii_strcasecmp (protocol_minor, "pkcs7-signature")))
+-    ;
+-  else if (protocol_major == TYPEMULTIPART
+-	   && !ascii_strcasecmp (protocol_minor, "mixed"))
+-    ;
+-  else
+-  {
+-    state_printf (s, _("[-- Error: "
+-                       "Unknown multipart/signed protocol %s! --]\n\n"),
+-                  protocol);
+-    return mutt_body_handler (a, s);
+-  }
+-  
+   if (s->flags & M_DISPLAY)
+   {
+
author	wiz <wiz@pkgsrc.org>	2016-02-22 12:13:26 +0000
committer	wiz <wiz@pkgsrc.org>	2016-02-22 12:13:26 +0000
commit	2bc53632d1cce745529104c53621199c4ed48350 (patch)
tree	cabd965bb9233a7fd982f69b1e80ce380d0b1700 /mail/mutt
parent	cc726a3c1c91de0213923ecee6e30dfcda75257b (diff)
download	pkgsrc-2bc53632d1cce745529104c53621199c4ed48350.tar.gz