mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2025-01-13 07:34:50 +00:00
Code Issues Releases Activity

Update mutt-devel to Mutt 1.5.4, which fixes the IMAP vulnerability.

Browse Source 
PR:		50150
Submitted by:	maintainer
Approved by:	portmgr (kris)
This commit is contained in:
Peter Pentchev 2003-03-21 17:20:51 +00:00
parent 28ac6e1ebd
commit 74bee551cc
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=77175
7 changed files with 89 additions and 192 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
mail/mutt-devel/Makefile
View File

@ -47,9 +47,6 @@
# If you want to enable extended quoting functions define:
# WITH_MUTT_QUOTE_PATCH
#
# If you want to disable a outlook_compat function for use with smime define:
# WITHOUT_MUTT_SMIME_OUTLOOK_COMPAT
#
# If you want to use the rethreading functions define:
# WITH_MUTT_EDIT_THREADS
#
@ -67,7 +64,7 @@
# WITH_MUTT_IFDEF_PATCH
PORTNAME= mutt-devel
PORTVERSION= 1.5.3
PORTVERSION= 1.5.4
#PORTREVISION?= 0
CATEGORIES+= mail
.if defined(WITH_MUTT_NNTP)
@ -100,8 +97,10 @@ SCRIPTS_ENV= WRKDIR="${WRKDIR}"
.include <bsd.port.pre.mk>
.if defined(WITH_MUTT_COMPRESSED_FOLDERS) || defined(WITH_MUTT_NNTP) || \
defined(WITH_MUTT_QUOTE_PATCH)
.if defined(WITH_MUTT_COMPRESSED_FOLDERS)
PATCH_SITES+= http://www.spinnaker.de/mutt/compressed/:spinnaker
.endif
.if defined(WITH_MUTT_NNTP) || defined(WITH_MUTT_QUOTE_PATCH)
PATCH_SITES+= http://www.mutt.org.ua/download/mutt-${PATCH_VERSION}/:vvv \
http://www2.mutt.org.ua/download/mutt-${PATCH_VERSION}/:vvv \
ftp://ftp.mutt.org.ua/pub/mutt/mutt-${PATCH_VERSION}/:vvv \
@ -112,7 +111,7 @@ PATCH_SITES+= http://www.mutt.org.ua/download/mutt-${PATCH_VERSION}/:vvv \
defined(WITH_MUTT_IFDEF_PATCH)
PATCH_SITES+= http://cedricduval.free.fr/download/mutt/:cd
.endif
.if defined(WITH_MUTT_MBOX_HOOK_PATCH)
.if defined(WITH_MUTT_MBOX_HOOK_PATCH)
PATCH_SITES+= http://home.woolridge.ca/mutt/patches/:dw
.endif
@ -126,6 +125,7 @@ pre-build:
-e "s|^(AUTOHEADER = ).+|\1${AUTOHEADER}|" \
${BUILD_WRKSRC}/Makefile
PATCH_VERSION= 1.5.3
.if !defined(PATCH_VERSION)
PATCH_VERSION= ${PORTVERSION}
.endif
@ -183,10 +183,6 @@ SGML_NEEDED= yes
pre-configure::
${PATCH} ${PATCH_ARGS} < ${PATCHDIR}/extra-patch-pgp-dw
.endif
.if defined(WITHOUT_MUTT_SMIME_OUTLOOK_COMPAT)
pre-configure::
${PATCH} ${PATCH_ARGS} < ${PATCHDIR}/extra-patch-smime-no-outlook
.endif
.if defined(WITH_MUTT_LOCALES_FIX)
CONFIGURE_ARGS+= --enable-locales-fix
@ -206,11 +202,12 @@ CONFIGURE_ARGS+= --with-sasl=${LOCALBASE}
PATCH_DIST_STRIP= -p1
.if defined(WITH_MUTT_COMPRESSED_FOLDERS)
PATCHFILES+= patch-${PATCH_VERSION}.rr.compressed.gz:vvv
PATCHFILES+= patch-${PORTVERSION}.rr.compressed.1.gz:spinnaker
CONFIGURE_ARGS+= --enable-compressed
SGML_NEEDED= yes
.endif
.if defined(WITH_MUTT_NNTP)
.error The WITH_MUTT_NNTP is not available at the moment.
PATCHFILES+= patch-${PATCH_VERSION}.vvv.nntp.gz:vvv
CONFIGURE_ARGS+= --enable-nntp
SGML_NEEDED= yes
@ -226,6 +223,7 @@ CONFIGURE_ARGS+= --enable-imap-edit-threads
SGML_NEEDED= yes
.endif
.if defined(WITH_MUTT_SIGNATURE_MENU)
.error The WITH_MUTT_SIGNATURE_MENU is not available at the moment.
PATCHFILES+= patch-${PATCH_VERSION}.cd.signatures_menu.2.1:cd
SGML_NEEDED= yes
.endif
@ -244,7 +242,6 @@ MAN5= muttrc.5 mbox.5
post-patch::
@${REINPLACE_CMD} -e 's,/usr/bin/gpg,${LOCALBASE}/bin/gpg,g' \
${WRKSRC}/contrib/gpg.rc
@${CP} ${PATCHDIR}/smime.h ${WRKSRC}
pre-configure::
@(cd ${WRKSRC}; ${SETENV} ${AUTOMAKE_ENV} ${ACLOCAL} -I m4)

6
mail/mutt-devel/distinfo
View File

@ -1,9 +1,9 @@
MD5 (mutt/mutt-1.5.3i.tar.gz) = 38a3dec075c7954a5fe62ce178310d22
MD5 (mutt/patch-1.5.3.rr.compressed.gz) = 029b7bf58f53f4c7dcd542beac0c4757
MD5 (mutt/mutt-1.5.4i.tar.gz) = 3d4088f25892af6d71148eef26604f33
MD5 (mutt/patch-1.5.4.rr.compressed.1.gz) = e2c0b3bb0be0e19a4a6cda01078e3eae
MD5 (mutt/patch-1.5.3.vvv.nntp.gz) = 6399a40b4a7ce3448b0329ceec38f35b
MD5 (mutt/patch-1.5.3.vvv.initials.gz) = 9397128c901c32b6de585ef089ead87f
MD5 (mutt/patch-1.5.3.vvv.quote.gz) = dc24cc5765dfbbf98a9c2027d950c07a
MD5 (mutt/patch-1.5.3.cd.edit_threads.9.3) = 753a19d8efdece04cd521c3a3079dc9f
MD5 (mutt/patch-1.5.3.cd.signatures_menu.2.1) = 6db636f0004e73ee2d9f577acd4ed380
MD5 (mutt/patch-1.5.3.cd.ifdef.1) = 01b47e075364834b82da053cac4eb69f
MD5 (mutt/p0-patch-1.5.3.dw.mbox-hook.1) = e7a0a57023cfdfd909f6040e632fff1f
MD5 (mutt/p0-patch-1.5.3.dw.mbox-hook.1) = 09f9b4229a2d63c81cfee7e1d811f84f

137
mail/mutt-devel/files/extra-patch-pgp-dw
View File

@ -1,16 +1,12 @@
Base: http://home.woolridge.ca/mutt/patches/patch-1.5.3.dw.confirm-crypt-hook.1
http://home.woolridge.ca/mutt/patches/patch-1.5.3.dw.multiple-crypt-hook.1
http://home.woolridge.ca/mutt/patches/patch-1.5.3.dw.crypt-autoselectkey.1
--- PATCHES Tue Dec 17 10:47:20 2002
+++ PATCHES Fri Jan 24 11:27:21 2003
--- PATCHES Wed Mar 19 22:33:37 2003
+++ PATCHES Thu Mar 20 21:38:55 2003
@@ -0,0 +1,3 @@
+patch-1.5.3.dw.crypt-autoselectkey.1
+patch-1.5.3.dw.confirm-crypt-hook.1
+patch-1.5.3.dw.multiple-crypt-hook.1
--- doc/manual.sgml.head Tue Dec 17 10:36:42 2002
+++ doc/manual.sgml.head Fri Jan 24 11:26:59 2003
@@ -1423,7 +1423,9 @@
+patch-1.5.4.dw.confirm-crypt-hook.1
+patch-1.5.4.dw.multiple-crypt-hook.2
+patch-1.5.4.dw.crypt-autoselectkey.1
--- doc/manual.sgml.head Tue Mar 4 08:49:49 2003
+++ doc/manual.sgml.head Thu Mar 20 21:38:47 2003
@@ -1422,7 +1422,9 @@
or because, for some reasons, you need to override the key Mutt would
normally use. The crypt-hook command provides a method by which you can
specify the ID of the public key to be used when encrypting messages to
@ -19,18 +15,25 @@ Base: http://home.woolridge.ca/mutt/patches/patch-1.5.3.dw.confirm-crypt-hook.1
+pattern; multiple matching pgp-hook's result in the use of multiple
+keyids for recipient.
<sect1>Adding key sequences to the keyboard buffer<label id="push">
<p>
--- doc/muttrc.man.head Mon Sep 9 21:28:35 2002
+++ doc/muttrc.man.head Fri Jan 24 11:26:59 2003
@@ -287 +287,3 @@
-to a certain recipient.
+to a certain recipient. You may use multiple \fBpgp-hook\fPs with the
+same \fIpattern\fP; multiple matching \fBpgp-hook\fPs result in the use
+of multiple \fIkey-id\fPs for recipient.
--- hook.c Wed Dec 11 16:13:11 2002
+++ hook.c Fri Jan 24 11:26:59 2003
@@ -118,7 +118,11 @@
The meaning of "key id" is to be taken broadly in this context: You
can either put a numerical key ID here, an e-mail address, or even
--- doc/muttrc.man.head Sun Dec 22 20:50:22 2002
+++ doc/muttrc.man.head Thu Mar 20 21:38:47 2003
@@ -286,7 +286,10 @@
specify the ID of the public key to be used when encrypting messages
to a certain recipient. The meaning of "key ID" is to be taken
broadly: This can be a different e-mail address, a numerical key ID,
-or even just an arbitrary search string.
+or even just an arbitrary search string. You may use multiple
+\fBpgp-hook\fPs with the same \fIpattern\fP; multiple matching
+\fBpgp-hook\fPs result in the use of multiple \fIkey-id\fPs for
+recipient.
.TP
\fBpush\fP \fIstring\fP
This command adds the named \fIstring\fP to the keyboard buffer.
--- hook.c Tue Jan 21 13:25:21 2003
+++ hook.c Thu Mar 20 21:38:47 2003
@@ -117,7 +117,11 @@
ptr->rx.not == not &&
!mutt_strcmp (pattern.data, ptr->rx.pattern))
{
@ -42,10 +45,10 @@ Base: http://home.woolridge.ca/mutt/patches/patch-1.5.3.dw.confirm-crypt-hook.1
{
/* these hooks allow multiple commands with the same
* pattern, so if we've already seen this pattern/command pair, just
@@ -445,9 +449,25 @@
@@ -443,9 +447,25 @@
return _mutt_string_hook (chs, M_ICONVHOOK);
}
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
-char *mutt_crypt_hook (ADDRESS *adr)
+LIST *mutt_crypt_hook (ADDRESS *adr)
{
@ -68,16 +71,17 @@ Base: http://home.woolridge.ca/mutt/patches/patch-1.5.3.dw.confirm-crypt-hook.1
+ }
+ return (key_list);
}
#endif /* HAVE_PGP */
--- init.h Mon Dec 9 19:09:21 2002
+++ init.h Fri Jan 24 11:27:21 2003
@@ -1195,6 +1195,16 @@
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
# ifdef HAVE_PGP
#ifdef USE_SOCKET
--- init.h Tue Mar 4 10:28:12 2003
+++ init.h Thu Mar 20 21:38:55 2003
@@ -1192,6 +1192,16 @@
** when you are at the end of a message and invoke the \fInext-page\fP
** function.
*/
+
+
+ { "pgp_autoselectkey", DT_SYN, R_NONE, UL "crypt_autoselectkey", 0 },
+# endif
+ { "crypt_autoselectkey", DT_BOOL, R_NONE, OPTCRYPTAUTOSELECT, 0 },
+ /*
+ ** .pp
@ -85,18 +89,15 @@ Base: http://home.woolridge.ca/mutt/patches/patch-1.5.3.dw.confirm-crypt-hook.1
+ ** one matching key is available. This may be useful in conjunction with
+ ** the \fIcrypt-hook\fP command.
+ */
+# ifdef HAVE_PGP
{ "pgp_autosign", DT_SYN, R_NONE, UL "crypt_autosign", 0 },
# endif
{ "crypt_autosign", DT_BOOL, R_NONE, OPTCRYPTAUTOSIGN, 0 },
@@ -1220,6 +1230,17 @@
** requested as well. IF ``$$smime_is_default'' is set, then
** OpenSSL is used instead to create S/MIME messages and settings can
** be overridden by use of the \fIsmime-menu\fP.
/*
@@ -1216,6 +1226,15 @@
** then OpenSSL is used instead to create S/MIME messages and
** settings can be overridden by use of the \fIsmime-menu\fP.
** (Crypto only)
+ */
+# ifdef HAVE_PGP
+ { "pgp_confirmhook", DT_SYN, R_NONE, UL "crypt_confirmhook", 1 },
+# endif
+ { "crypt_confirmhook", DT_BOOL, R_NONE, OPTCRYPTCONFIRMHOOK, 1 },
+ /*
+ ** .pp
@ -105,29 +106,29 @@ Base: http://home.woolridge.ca/mutt/patches/patch-1.5.3.dw.confirm-crypt-hook.1
+ ** be presented. This is generally considered unsafe, especially where
+ ** typos are concerned.
*/
#ifdef HAVE_PGP
{ "pgp_ignore_subkeys", DT_BOOL, R_NONE, OPTPGPIGNORESUB, 1},
--- mutt.h Fri Dec 6 17:37:21 2002
+++ mutt.h Fri Jan 24 11:27:21 2003
@@ -431,6 +431,7 @@
/*
--- mutt.h Tue Mar 4 08:49:48 2003
+++ mutt.h Thu Mar 20 21:38:55 2003
@@ -425,6 +425,7 @@
/* PGP options */
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
+ OPTCRYPTAUTOSELECT,
OPTCRYPTAUTOSIGN,
OPTCRYPTAUTOENCRYPT,
OPTCRYPTREPLYENCRYPT,
@@ -442,6 +443,7 @@
@@ -434,6 +435,7 @@
OPTSMIMEISDEFAULT,
OPTASKCERTLABEL,
OPTSDEFAULTDECRYPTKEY,
#endif
+ OPTCRYPTCONFIRMHOOK,
#ifdef HAVE_PGP
OPTPGPIGNORESUB,
OPTPGPLONGIDS,
--- pgp.c Mon Dec 16 16:27:26 2002
+++ pgp.c Fri Jan 24 11:27:04 2003
@@ -1051,6 +1051,8 @@
OPTPGPAUTOTRAD,
--- pgp.c Tue Feb 25 22:28:54 2003
+++ pgp.c Thu Mar 20 21:40:39 2003
@@ -1014,6 +1014,8 @@
char *keyID, *keylist = NULL, *t;
size_t keylist_size = 0;
size_t keylist_used = 0;
@ -136,7 +137,7 @@ Base: http://home.woolridge.ca/mutt/patches/patch-1.5.3.dw.confirm-crypt-hook.1
ADDRESS *tmp = NULL, *addr = NULL;
ADDRESS **last = &tmp;
ADDRESS *p, *q;
@@ -1084,70 +1086,97 @@
@@ -1047,70 +1049,97 @@
char buf[LONG_STRING];
q = p;
@ -163,7 +164,7 @@ Base: http://home.woolridge.ca/mutt/patches/patch-1.5.3.dw.confirm-crypt-hook.1
- if (is_numerical_keyid (keyID))
+ keyID = (char *)hook->data;
+ snprintf (buf, sizeof (buf), _("Use keyID = \"%s\" for %s?"), keyID, p->mailbox);
+ if (!option(OPTCRYPTCONFIRMHOOK) || (r = mutt_yesorno (buf, M_YES)) == M_YES)
+ if (!option(OPTCRYPTCONFIRMHOOK) || (r = mutt_yesorno (buf, M_YES)) == M_YES)
{
- if (strncmp (keyID, "0x", 2) == 0)
- keyID += 2;
@ -281,10 +282,9 @@ Base: http://home.woolridge.ca/mutt/patches/patch-1.5.3.dw.confirm-crypt-hook.1
}
rfc822_free_address (&tmp);
diff -ru work.orig/mutt-1.5.3/pgpkey.c work/mutt-1.5.3/pgpkey.c
--- pgpkey.c Wed Dec 11 12:20:05 2002
+++ pgpkey.c Fri Jan 24 11:27:21 2003
@@ -435,6 +435,11 @@
--- pgpkey.c Tue Jan 21 13:25:21 2003
+++ pgpkey.c Thu Mar 20 21:38:32 2003
@@ -435,8 +435,13 @@
return rv;
}
@ -293,9 +293,12 @@ diff -ru work.orig/mutt-1.5.3/pgpkey.c work/mutt-1.5.3/pgpkey.c
+ || (pgp_id_is_valid((uid)) \
+ && pgp_id_is_strong((uid))))
+
static pgp_key_t *pgp_select_key (pgp_key_t *keys,
ADDRESS * p, const char *s)
static pgp_key_t pgp_select_key (pgp_key_t keys,
- ADDRESS * p, const char *s)
+ ADDRESS * p, const char *s)
{
int keymax;
pgp_uid_t **KeyTable;
@@ -450,6 +455,7 @@
pgp_uid_t *a;
int (*f) (const void *, const void *);
@ -345,14 +348,14 @@ diff -ru work.orig/mutt-1.5.3/pgpkey.c work/mutt-1.5.3/pgpkey.c
{
char *s = "";
char buff[LONG_STRING];
--- protos.h Wed Dec 11 23:31:25 2002
+++ protos.h Fri Jan 24 11:26:59 2003
@@ -130,7 +130,7 @@
char *mutt_get_name (ADDRESS *);
--- protos.h Thu Mar 6 22:24:46 2003
+++ protos.h Thu Mar 20 21:38:47 2003
@@ -129,7 +129,7 @@
char *mutt_get_body_charset (char *, size_t, BODY *);
const char *mutt_get_name (ADDRESS *);
char *mutt_get_parameter (const char *, PARAMETER *);
#if defined(HAVE_PGP) || defined(HAVE_SMIME)
-char *mutt_crypt_hook (ADDRESS *);
+LIST *mutt_crypt_hook (ADDRESS *);
#endif /* HAVE_PGP */
char *mutt_make_date (char *, size_t);
const char *mutt_make_version (void);

11
mail/mutt-devel/files/extra-patch-smime-no-outlook
View File

@ -1,11 +0,0 @@
--- smime.c.orig Thu May 2 01:20:42 2002
+++ smime.c Fri Jul 26 18:15:19 2002
@@ -144,7 +144,7 @@
{
len++;
if (!ascii_strcasecmp ((t+len), "p7m"))
-#if 0
+#if 1
return SMIMEENCRYPT;
#else
/* Not sure if this is the correct thing to do, but

10
mail/mutt-devel/files/patch-smime-sender
View File

@ -1,11 +1,11 @@
--- commands.c.orig2 Fri May 31 10:14:06 2002
+++ commands.c Fri May 31 10:32:00 2002
@@ -197,7 +197,7 @@
--- commands.c.orig Thu Mar 20 20:37:21 2003
+++ commands.c Thu Mar 20 20:40:29 2003
@@ -178,7 +178,7 @@
{
if (cur->security & GOODSIGN)
{
- if (!smime_verify_sender(cur))
+ if (option(OPTSMIMENOSENDER) || !smime_verify_sender(cur))
- if (!crypt_smime_verify_sender(cur))
+ if (option(OPTSMIMENOSENDER) || !crypt_smime_verify_sender(cur))
mutt_message ( _("S/MIME signature successfully verified."));
else
mutt_error ( _("S/MIME certificate owner does not match sender."));

92
mail/mutt-devel/files/smime.h
View File

@ -1,92 +0,0 @@
/*
* Copyright (C) 2001,2002 Oliver Ehli <elmy@acm.org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
*/
#ifdef HAVE_SMIME
#include "crypt.h"
WHERE char *SmimeDefaultKey;
WHERE char *SmimeCryptAlg;
WHERE short SmimeTimeout;
WHERE char *SmimeCertificates;
WHERE char *SmimeKeys;
WHERE char *SmimeCryptAlg;
WHERE char *SmimeCALocation;
/* The command formats */
WHERE char *SmimeVerifyCommand;
WHERE char *SmimeVerifyOpaqueCommand;
WHERE char *SmimeDecryptCommand;
WHERE char *SmimeSignCommand;
WHERE char *SmimeSignOpaqueCommand;
WHERE char *SmimeEncryptCommand;
WHERE char *SmimeGetSignerCertCommand;
WHERE char *SmimePk7outCommand;
WHERE char *SmimeGetCertCommand;
WHERE char *SmimeImportCertCommand;
WHERE char *SmimeGetCertEmailCommand;
#define APPLICATION_SMIME (1 << 6)
#define SIGNOPAQUE (1 << 4)
#define SMIMEENCRYPT (APPLICATION_SMIME | ENCRYPT)
#define SMIMESIGN (APPLICATION_SMIME | SIGN)
#define SMIMEGOODSIGN (APPLICATION_SMIME | GOODSIGN)
#define SMIMEBADSIGN (APPLICATION_SMIME | BADSIGN)
#define SMIMEOPAQUE (APPLICATION_SMIME | SIGNOPAQUE)
#define smime_valid_passphrase() crypt_valid_passphrase(APPLICATION_SMIME)
void smime_void_passphrase (void);
int mutt_is_application_smime (BODY *);
int smime_decrypt_mime (FILE *, FILE **, BODY *, BODY **);
void smime_application_smime_handler (BODY *, STATE *);
BODY* smime_sign_message (BODY *);
BODY* smime_build_smime_entity (BODY *, char *);
int smime_verify_one(BODY *, STATE *, const char *);
int smime_verify_sender(HEADER *);
char* smime_get_field_from_db (char *, char *, short, short);
void smime_getkeys (ENVELOPE *);
char* smime_ask_for_key (char *, char *, short);
void smime_invoke_import (char *, char *);
#endif

2
mail/mutt-devel/scripts/generate-plist
View File

@ -122,7 +122,7 @@ echo "share/doc/mutt/manual.ps" >> $tmp_first
fi
if [ "$MUTT_HTML" = "yes" ]; then
html=363
html=366
if [ "$MUTT_COMPRESSED_FOLDERS" = "yes" ]; then
html=$(($html + 5))
fi