From cf89ef84504d211e85dc6d059ede5f7d88cfe0ba Mon Sep 17 00:00:00 2001 From: =?utf8?q?Pawe=C5=82=20Go=C5=82aszewski?= Date: Mon, 3 Sep 2012 14:50:34 +0200 Subject: [PATCH] S/MIME broken reading signed-then-encrypted messages - ID: 3201704 --- alpine.spec | 6 +++- re-alpine-2.01.smime-signandencrypt.patch | 39 +++++++++++++++++++++++ 2 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 re-alpine-2.01.smime-signandencrypt.patch diff --git a/alpine.spec b/alpine.spec index 577132c..613975a 100644 --- a/alpine.spec +++ b/alpine.spec @@ -10,7 +10,7 @@ Summary: University of Washington Alpine mail user agent Summary(pl.UTF-8): Klient pocztowy Alpine z Uniwersytetu w Waszyngtonie Name: alpine Version: %{ver}.%{patchlevel} -Release: 6 +Release: 6.1 Epoch: 1 License: Apache v2.0 Group: Applications/Mail @@ -31,6 +31,8 @@ Patch5: %{name}-ssl.patch Patch6: %{name}-no_1777_warning.patch Patch7: %{name}-home_etc.patch Patch8: %{name}-RFC1522_MAXW.patch +Patch9: mimedesc.patch +Patch10: re-alpine-2.01.smime-signandencrypt.patch URL: http://www.washington.edu/alpine/ BuildRequires: autoconf BuildRequires: automake @@ -132,6 +134,8 @@ ajuda de acordo com o contexto está disponível. %patch6 -p1 %patch7 -p1 %patch8 -p1 +%patch9 -p1 +%patch10 -p1 %build rm -f libtool missing diff --git a/re-alpine-2.01.smime-signandencrypt.patch b/re-alpine-2.01.smime-signandencrypt.patch new file mode 100644 index 0000000..7e76b93 --- /dev/null +++ b/re-alpine-2.01.smime-signandencrypt.patch @@ -0,0 +1,39 @@ +diff -rup re-alpine-2.01.orig/pith/smime.c re-alpine-2.01.smime-patch/pith/smime.c +--- re-alpine-2.01.orig/pith/smime.c 2009-08-03 04:02:24.000000000 -0400 ++++ re-alpine-2.01.smime-patch/pith/smime.c 2011-03-06 22:41:08.894139317 -0500 +@@ -1736,7 +1736,6 @@ do_decoding(BODY *b, long msgno, const c + PERSONAL_CERT *pcert = NULL; + char *what_we_did = ""; + char null[1]; +- char newSec[100]; + + dprint((9, "do_decoding(msgno=%ld type=%d subtype=%s section=%s)", msgno, b->type, b->subtype ? b->subtype : "NULL", (section && *section) ? section : (section != NULL) ? "Top" : "NULL")); + null[0] = '\0'; +@@ -1751,8 +1750,25 @@ do_decoding(BODY *b, long msgno, const c + } + else{ + +- snprintf(newSec, sizeof(newSec), "%s%s1", section ? section : "", (section && *section) ? "." : ""); +- p7 = get_pkcs7_from_part(msgno, newSec); ++ /* ++ * Fix for signed-then-encrypted messages. ++ * ++ * If we're on the Top part (section == ""), then we need to bump it to "1". ++ * Otherwise, we already know we're in a pkcs7-mime subpart and called ++ * from do_fiddle_smime_message at the top, and the MULTIPART handline ++ * has already bumped the section per-part. ++ * ++ * This allows signed-then-encrypted emails to work. ++ * It *may* break signed or encrypted parts that are buried down in ++ * a multi-part message (untested). Those are, IMO, far less common, ++ * and I'd rather the signed+encrypted work. ++ * ++ * This used to do: ++ * snprintf(newSec, sizeof(newSec), "%s%s1", section ? section : "", (section && *section) ? "." : ""); ++ * and pass the newSec to get_pkcs7_from_part ++ * ++ */ ++ p7 = get_pkcs7_from_part(msgno, (section && *section) ? section : "1"); + if(!p7){ + q_status_message1(SM_ORDER, 2, 2, "Couldn't load PKCS7 object: %s", + (char*) openssl_error_string()); -- 2.43.0