~kevin8t8/mutt

Merge branch 'stable'
Fix exact-address recording of last value.

If the last address was also terminated by a comma (e.g: foo@local,
bar@local,) the exact-address was incorrectly overwriting the recorded
value.
Surround new and old debug functions with #ifdef DEBUG.

The new function directly references debugfile, so needs the ifdef.
The old function compiles fine, but since it's not used, put it inside
the ifdef too.

Thanks to Ian Allen for reporting the problem.
Fix exact-address handling when addr->personal is set.

The exact-address compile-time option takes an exact copy of an
address when it is parsed, and prints that out when outputting the
address.  The idea is to preserve older "user@host (Name)" syntax.

Unfortunately, when code tries to "update" the personal/name field, it
needs to clear the exact-address copy for it to have any effect.

An object-oriented design encapsulating the setting would help prevent
this problem.  It might be desirable to create a C function instead,
but callers would have to remember it, and such a thing isn't common
in the Mutt codebase.

Another patch (I'm still debating applying) changes the address parser
to discard the exact-address copy when it exactly matches the
mailbox.  However, that still won't fix every case (and it makes the
parser even more difficult to follow.)

So this commit (to stable) takes the straightforward approach.

It fixes bugs in:

* Alias creation.  The "personal name" prompt was ignored.

* Autocrypt initialization from address setting with $realname.

* $pgp_getkeys_command handling.

* Query menu results.

* "unset $reverse_realname" handling.

* $from handling of $realname.

* Bounce Resent-From handling of $realname.
a3011236 — David Champion 8 days ago
add dprintf(n, fmt, ...) debugging macro

dprintf(n, fmt, ...) is a more natural form of
dprint(n, (debugfile, fmt, ...)). It prints code location in the debug
file where possible.

I believe this approach, while common, was not previously used because
we were trying to be C90-compatible.  C90 doesn't provide variadic
macros.  Now we require C99, so it makes sense to add this pattern.
Add configure error if C compiler doesn't support C99.

We added the test, but did not check to ensure it was found.  Thanks
to Oswald Buddenhagen for pointing out the missing check.  He
suggested the AC_PROG_CC might be redundant, but the info page seems
to indicate AC_PROG_CC_C99 checks the properties of an already located
compiler, so I'm leaving AC_PROG_CC in.

Also, remove the $U check just below.  Commit 64b1460a removed the
call to AM_C_PROTOTYPES, but forgot to remove the $U check too.
Add <view-pager> function to attachment menu.

This uses a copiousoutput mailcap entry, or falls back to raw text.

The existing functions do not provide a way to use copiousoutput
mailcap entries exclusively.  The default <view-attach> will use one
for internally supported types if auto_view is configured, but there
is no way to do so for other mime types (such as application/pdf).
03803e67 — David Champion 9 days ago
Allow debugging without debug file rotation.

start_debug() takes a boolean indicating whether to rotate debug
files.

The -d option allows a negative number. If negative, debug files
are not rotated. The debug level is the absolute value.

This is useful for continuously watching (e.g. tail -f) the
.muttdebug0 file.
bb0cd944 — Cameron Simpson 7 days ago
mutt.man: -H: clarify that a From_ line in the draft file is silently discarded
Clean up labels in imap_open_connection().

Commit 04b06aaa was purposely kept minimal, to aid backporting the
fix.  It kept the err_close_conn label, but there is no need for the
label anymore.  Change all goto's to use the bail label.
Merge branch 'stable'
automatic post-release commit for mutt-2.0.2
Update UPDATING file for 2.0.2.
Ensure IMAP connection is closed after a connection error.

During connection, if the server provided an illegal initial response,
Mutt "bailed", but did not actually close the connection.  The calling
code unfortunately relied on the connection status to decide to
continue with authentication, instead of checking the "bail" return
value.

This could result in authentication credentials being sent over an
unencrypted connection, without $ssl_force_tls being consulted.

Fix this by strictly closing the connection on any invalid response
during connection.  The fix is intentionally small, to ease
backporting.  A better fix would include removing the 'err_close_conn'
label, and perhaps adding return value checking in the caller (though
this change obviates the need for that).

This addresses CVE-2020-28896.  Thanks to Gabriel Salles-Loustau for
reporting the problem, and providing test cases to reproduce.
Merge branch 'stable'
d4c97068 — Keld Simonsen 9 days ago
Updated Danish translation.
Remove buffer_normalize_fullpath().

This was supposed to normalize a path after relative path expansion.
However, as Oswald Buddenhagen pointed out just before the release,
its method of '..' expansion was incorrect with symlinks in play.
Furthermore, it turned out mutt_pretty_mailbox() deals with '.' and
'..'.

The function was turned into a noop before the release, and I'm now
pulling it out.
Merge branch 'stable'
automatic post-release commit for mutt-2.0.1
Update UPDATING file for 2.0.1.
Fix IMAP UTF-7 for code points >= U+10000.

The 20-year old utf7 conversion functions punted on those values,
which was understandable for when they were written.  We now have
emojis and increasing number of characters that might be used in a
mailbox.

Add encode/decode logic using UTF-16 surrogate pairs.

Thanks to Jeff Sipek for reporting this issue, and for giving pointers
about how the values should be handled.
Next