Re: [Mutt] #3948: Please add a hook called just before sendmail invocation

2017-06-07 Thread Mutt 
#3948: Please add a hook called just before sendmail invocation
--+--
  Reporter:  tpikonen |  Owner:  mutt-dev
  Type:  enhancement  | Status:  new
  Priority:  minor|  Milestone:
 Component:  mutt |Version:
Resolution:   |   Keywords:
--+--

Comment (by kevin8t8):

 Sorry for the delay.  After some testing, it looks like we just need to
 call mutt_endwin() before launching $sendmail.  Mutt should the properly
 redraw itself afterwards (as least it does in my testing).  If this turns
 out not to be the case for you, please let me know.

--
Ticket URL: 
Mutt 
The Mutt mail user agent

Re: [Mutt] #3948: Please add a hook called just before sendmail invocation

2017-06-07 Thread Mutt 
#3948: Please add a hook called just before sendmail invocation
--+--
  Reporter:  tpikonen |  Owner:  mutt-dev
  Type:  enhancement  | Status:  closed
  Priority:  minor|  Milestone:
 Component:  mutt |Version:
Resolution:  fixed|   Keywords:
--+--

Comment (by vinc17):

 Without more information, I disagree with this change as it makes Mutt
 uselessly more complex and possibly insecure.

 First, {{{GPG_TTY}}} is set only in {{{mutt_init()}}} from {{{init.c}}},
 thus I don't see why the user wouldn't set it in his environment
 (interactive shell startup). This is the correct way to do, IMHO, as it
 would benefit to user programs running in the terminal. See the {{{gpg-
 agent(1)}}} man page, for instance.

 If the user doesn't do this, then this may be for a good reason
 (security/privacy?). Note that since {{{GPG_TTY}}} is set from Mutt, it is
 exported to all external programs Mutt starts, which may not be what the
 user wants. I wonder if this can yield leakage of information in
 particular setups.

--
Ticket URL: 
Mutt 
The Mutt mail user agent

Re: [Mutt] #3948: Please add a hook called just before sendmail invocation

2017-06-07 Thread Mutt 
#3948: Please add a hook called just before sendmail invocation
--+--
  Reporter:  tpikonen |  Owner:  mutt-dev
  Type:  enhancement  | Status:  closed
  Priority:  minor|  Milestone:
 Component:  mutt |Version:
Resolution:  fixed|   Keywords:
--+--

Comment (by vinc17):

 Note: If the user does not wish to set {{{GPG_TTY}}} in the environment,
 still for security reasons in particular setups, then he can still modify
 the {{{$sendmail}}} variable to call a wrapper that sets it at this place.

--
Ticket URL: 
Mutt 
The Mutt mail user agent

Re: [Mutt] #3948: Please add a hook called just before sendmail invocation

2017-06-07 Thread Mutt 
#3948: Please add a hook called just before sendmail invocation
--+--
  Reporter:  tpikonen |  Owner:  mutt-dev
  Type:  enhancement  | Status:  reopened
  Priority:  minor|  Milestone:
 Component:  mutt |Version:
Resolution:   |   Keywords:
--+--
Changes (by kevin8t8):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 If this truly is a security issue, I will be glad to revert 02ff4277259e.
 However, I need a better explanation why this is so.  The description
 "uselessly more complex" is hyperbole, since the changeset simply moved 5
 lines of code from pgp_use_gpg_agent() to mutt_init().

 Previously, the GPG_TTY environment variable was set in
 pgp_use_gpg_agent().  Once set, the environment variable was exported to
 '''all''' subsequent programs launched by mutt.  If there was a security
 issue, it seems mutt should have taken care to remove the environment
 variable after its use by pgp/gpg.

 The user can not set GPG_TTY inside the $sendmail script because STDIN is
 already remapped by mutt.

 As you say, they can put it in their interactive shell startup script.
 They could have done this too when using the ncurses pinentry with mutt
 for gpg operations.  I assume mutt set it for them to make things easier,
 and that was also the intent of this change.

--
Ticket URL: 
Mutt 
The Mutt mail user agent

Re: corrupted attachments

2017-06-07 Thread Andras Salamon 

Following up: a UTF-8 plain text checker.  Only lightly tested, and I'm
not yet clear how to integrate this cleanly with the sendlib.c routines.

-- Andras Salamon   and...@dns.net
/*
 * is_utf8_text(): check if buffer is valid UTF-8 text; exclude control chars
 * via RFC 3629
 */

#include 

#define O '\000'
#define I '\001'

/* allow control characters ESC BEL BS HT LF VT FF CR, 7-bit text, UTF-8 */
const char BADFIRST[] = {
I,I,I,I,I,I,I,O,O,O,O,O,O,O,I,I, /* 0x0_ */
I,I,I,I,I,I,I,I,I,I,I,O,I,I,I,I, /* 0x1_ */
O,O,O,O,O,O,O,O,O,O,O,O,O,O,O,O, /* 0x2_ */
O,O,O,O,O,O,O,O,O,O,O,O,O,O,O,O, /* 0x3_ */
O,O,O,O,O,O,O,O,O,O,O,O,O,O,O,O, /* 0x4_ */
O,O,O,O,O,O,O,O,O,O,O,O,O,O,O,O, /* 0x5_ */
O,O,O,O,O,O,O,O,O,O,O,O,O,O,O,O, /* 0x6_ */
O,O,O,O,O,O,O,O,O,O,O,O,O,O,O,I, /* 0x7_ */
I,I,I,I,I,I,I,I,I,I,I,I,I,I,I,I, /* 0x8_ */
I,I,I,I,I,I,I,I,I,I,I,I,I,I,I,I, /* 0x9_ */
I,I,I,I,I,I,I,I,I,I,I,I,I,I,I,I, /* 0xa_ */
I,I,I,I,I,I,I,I,I,I,I,I,I,I,I,I, /* 0xb_ */
I,I,O,O,O,O,O,O,O,O,O,O,O,O,O,O, /* 0xc_ */
O,O,O,O,O,O,O,O,O,O,O,O,O,O,O,O, /* 0xd_ */
O,O,O,O,O,O,O,O,O,O,O,O,O,O,O,O, /* 0xe_ */
O,O,O,O,O,I,I,I,I,I,I,I,I,I,I,I  /* 0xf_ */
};

/* allow 10xx */
const char BADCONT[] = {
I,I,I,I,I,I,I,I,I,I,I,I,I,I,I,I, /* 0x0_ */
I,I,I,I,I,I,I,I,I,I,I,I,I,I,I,I, /* 0x1_ */
I,I,I,I,I,I,I,I,I,I,I,I,I,I,I,I, /* 0x2_ */
I,I,I,I,I,I,I,I,I,I,I,I,I,I,I,I, /* 0x3_ */
I,I,I,I,I,I,I,I,I,I,I,I,I,I,I,I, /* 0x4_ */
I,I,I,I,I,I,I,I,I,I,I,I,I,I,I,I, /* 0x5_ */
I,I,I,I,I,I,I,I,I,I,I,I,I,I,I,I, /* 0x6_ */
I,I,I,I,I,I,I,I,I,I,I,I,I,I,I,I, /* 0x7_ */
O,O,O,O,O,O,O,O,O,O,O,O,O,O,O,O, /* 0x8_ */
O,O,O,O,O,O,O,O,O,O,O,O,O,O,O,O, /* 0x9_ */
O,O,O,O,O,O,O,O,O,O,O,O,O,O,O,O, /* 0xa_ */
O,O,O,O,O,O,O,O,O,O,O,O,O,O,O,O, /* 0xb_ */
I,I,I,I,I,I,I,I,I,I,I,I,I,I,I,I, /* 0xc_ */
I,I,I,I,I,I,I,I,I,I,I,I,I,I,I,I, /* 0xd_ */
I,I,I,I,I,I,I,I,I,I,I,I,I,I,I,I, /* 0xe_ */
I,I,I,I,I,I,I,I,I,I,I,I,I,I,I,I  /* 0xf_ */
};

/*
 * check if plain UTF-8 text
 * returns:
 *  0  uses unusual control characters, or is invalid UTF-8
 *  1  valid UTF-8
 */
int
is_utf8_text(const unsigned char *buf, size_t numbytes) {
size_t i;

/* overlong:
 * 4-byte  1000 0xf0 0x8.
 * 3-byte 1110 100. 0xe0 0x[8|9].
 * 2-byte 110x  0xc[01]
 * invalid:
 * 11101101 101.0xed 0x[ab].  U+D800 to   U+DFFF
 * 0100 10010xf4 0x9. U+11 to U+11
 * 0100 101.0xf4 0x[ab].  U+12 to U+13
 *  0xf[5-9a-f]   U+14 to U+1F
 */
for (i = 0; i < numbytes; i++) {
if (BADFIRST[buf[i]])
return 0;
/* the remainder can now assume first byte is reasonable */
if ((buf[i] & 0xc0) == 0xc0) {  /* UTF-8 byte1 11xx */
if ((buf[i] & 0x20) == 0) { /* 110x */
if (i+1 >= numbytes)
return 0;
if (BADCONT[buf[i+1]])
return 0;
i++;
} else if ((buf[i] & 0x10) == 0) {  /* 1110 */
if (i+2 >= numbytes)
return 0;
if (BADCONT[buf[i+1]])
return 0;
if (BADCONT[buf[i+2]])
return 0;
if ((buf[i] == 0xed) && ((buf[i+1] & 0x20) != 
0))
return 0;
i += 2;
} else {/* must be 0xxx */
if (i+3 >= numbytes)
return 0;
if (BADCONT[buf[i+1]])
return 0;
if (BADCONT[buf[i+2]])
return 0;
if (BADCONT[buf[i+3]])
return 0;
if ((buf[i] == 0xf4) && ((buf[i+1] & 0x30) != 
0))
return 0;
i += 3;
}
}
}
return 1;
}