COMMAND
pine
SYSTEMS AFFECTED
Pine 4.05
PROBLEM
Seva Gluschenko posted following three patches related to
different topics. The 1st patch is about pine locking mode. At
the time of 3.96 version level some good guy already posted
lock-patch here, changing mode from 0666 to 0600, but distribution
of pine still has lock-mode 0666. Pine developer affirmed, that
0666 lock protection is strongly needed for an appropriate shared
mail-boxes access. Seva couldn't reproduce situation when 0600
lock mode could cause to DoS attack, but easily made two DoS
attacks for Pine using 0666 lock-mode. So, below you'll find
prepared the patch that allows you to select between lock-mode
0600 and 0666.
Second patch related to the charset, content-type and
content-transfer-encoding names. Pine sends them all in uppercase,
really confusing M$ Outlook and so. When M$ mail agents try to
read Pine-written mails, they display them fine, but refuse to
quote them, considering text/plain and TEXT/PLAIN the different
content-types. The right way would be to patch M$OE, but... So
second patch for Pine is to send these keywords in lowercase.
The third patch is for those who lives in eight-bit zone, but
their servers, even allowing to send ESMTP/8BITMIME, never reort
this capability. It is also prepared as selectable feature, for
those, who is stronhly sure in their ability for use it.
SOLUTION
First patch:
diff -u -r pine.orig/pine/init.c pine4.05/pine/init.c
--- pine.orig/pine/init.c Tue Nov 10 18:38:43 1998
+++ pine4.05/pine/init.c Wed Nov 11 15:24:29 1998
@@ -1474,6 +1475,7 @@
#endif
{"enable-bounce-cmd", F_ENABLE_BOUNCE},
{"enable-lame-list-mode", F_FIX_BROKEN_LIST},
+ {"enable-lock-world-writable", F_ENABLE_LOCK_0666},
{"enable-cruise-mode", F_ENABLE_SPACE_AS_TAB},
{"enable-cruise-mode-delete", F_ENABLE_TAB_DELETES},
{"enable-delivery-status-notification", F_DSN},
@@ -1622,6 +1624,12 @@
*/
if(F_ON(F_QUELL_LOCK_FAILURE_MSGS, ps))
mail_parameters(NULL, SET_LOCKEACCESERROR, (void *) 0);
+
+ /*
+ * Turn off pine lock world writability...
+ */
+ if(F_OFF(F_ENABLE_LOCK_0666, ps))
+ mail_parameters(NULL, SET_LOCKPROTECTION, (void *) 0600);
/*
* Turn on quelling of pseudo message.
diff -u -r pine.orig/pine/other.c pine4.05/pine/other.c
--- pine.orig/pine/other.c Tue Nov 10 18:38:47 1998
+++ pine4.05/pine/other.c Wed Nov 11 15:47:30 1998
@@ -5232,6 +5234,8 @@
return(h_config_quell_folder_internal_msg);
case F_QUELL_LOCK_FAILURE_MSGS:
return(h_config_quell_lock_failure_warnings);
+ case F_ENABLE_LOCK_0666:
+ return(h_config_lock_mode_0666);
case F_ENABLE_SPACE_AS_TAB :
return(h_config_cruise_mode);
case F_ENABLE_TAB_DELETES :
@@ -8420,6 +8424,10 @@
else if(f->value == F_QUELL_LOCK_FAILURE_MSGS)
mail_parameters(NULL, SET_LOCKEACCESERROR,
(void *)(F_ON(f->value,ps) ? 1 : 0));
+ else if(f->value == F_ENABLE_LOCK_0666) {
+ q_status_message(SM_ORDER | SM_DING, 3, 4,
+ "Lock mode changes will take effect your next pine session.");
+ }
else if(f->value == F_QUELL_INTERNAL_MSG)
mail_parameters(NULL,SET_USERHASNOLIFE,
(void *)(F_ON(f->value,ps) ? 1 : 0));
diff -u -r pine.orig/pine/pine.h pine4.05/pine/pine.h
--- pine.orig/pine/pine.h Tue Nov 10 18:39:37 1998
+++ pine4.05/pine/pine.h Wed Nov 11 12:04:02 1998
@@ -849,6 +850,7 @@
F_NEWS_CROSS_DELETE,
F_QUELL_INTERNAL_MSG,
F_QUELL_IMAP_ENV_CB,
+ F_ENABLE_LOCK_0666,
#ifdef ENABLE_LDAP
F_ADD_LDAP_TO_ABOOK,
#endif
diff -u -r pine.orig/pine/pine.hlp pine4.05/pine/pine.hlp
--- pine.orig/pine/pine.hlp Tue Nov 10 18:39:41 1998
+++ pine4.05/pine/pine.hlp Wed Nov 11 15:54:42 1998
@@ -566,6 +566,7 @@
<LI><A HREF="h_config_enable_lessthan_exit">enable-exit-via-lessthan-command</A>
<LI><A HREF="h_config_fast_recent">enable-fast-recent-test</A>
<LI><A HREF="h_config_lame_list_mode">enable-lame-list-mode</A>
+<LI><A HREF="h_config_lock_mode_0666">enable-lock-world-writable</A>
<LI><A HREF="h_config_enable_view_attach">enable-msg-view-attachments</A>
<LI><A HREF="h_config_enable_view_url">enable-msg-view-urls</A>
<LI><A HREF="h_config_enable_view_web_host">enable-msg-view-web-hostnames</A>
@@ -1296,7 +1297,9 @@
Pine?<BR>
No. Pine also creates lockfiles in the /tmp directory. For normal Unix
mailbox format folders, these are used to coordinate access between
-multiple Pine sessions. <P>
+multiple Pine sessions. Their protection mode by default is <B>0600</B>. You
+may change it to <B>0666</B> turning on the
+<A HREF="h_config_lock_mode_0666">enable-lock-world-writable</A> feature.<P>
<LI> What about the
<A HREF="h_config_quell_lock_failure_warnings">"quell-lock-failure-warnings"</A> feature added in Pine 4.01?<BR>
@@ -11092,6 +11118,35 @@
collection definition. This behavior will generally not be available
when this feature is enabled.
+<P>
+<End of help on this topic>
+</BODY>
+</HTML>
+===== h_config_lock_mode_0666 =====
+<HTML>
+<HEAD>
+<TITLE>FEATURE: enable-lock-world-writable</TITLE>
+</HEAD>
+<BODY>
+<H1>FEATURE: enable-lock-world-writable</H1>
+This feature may become necessary when you need in shared mailboxes.
+It's reasonable to turn it on only in friendly and trusted networking.
+It is strongly not recommended to enable it in super-user's profile.
+<P>
+The usual Pine's behaviour when it can't get lock from another process
+is to open the mailbox read-only, that more than enough in most cases.
+If somebody's Pine with lock mode 0600 locked the mailbox you need to
+modify and then had been killed with SIGKILL, it is reasonable to ask
+your system administrator to remove the stuck lock.
+<P>
+Note that turning this feature on you become to the potential risk of
+denial-of-service attacks of two kinds, when leaving it off allows only
+one kind of those - the stuck lock. Even when some badguy in your
+environment becomes kinda stupid to make the continuous locking of some
+mailbox, admins may simply catch him by owner of such locks, but world
+writable lock can be corrupted by anyone.
+<P>
+See also: <A HREF="h_info_on_locking">Notes about Pine file locking</A>
<P>
<End of help on this topic>
</BODY>
Second patch:
diff -u -r pine.orig/imap/src/c-client/rfc822.c pine4.05/imap/src/c-client/rfc822.c
--- pine.orig/imap/src/c-client/rfc822.c Mon Nov 9 18:23:42 1998
+++ pine4.05/imap/src/c-client/rfc822.c Mon Nov 9 18:18:06 1998
@@ -59,13 +59,13 @@
/* Body formats constant strings, must match definitions in mail.h */
char *body_types[TYPEMAX+1] = {
- "TEXT", "MULTIPART", "MESSAGE", "APPLICATION", "AUDIO", "IMAGE", "VIDEO",
- "MODEL", "X-UNKNOWN"
+ "text", "multipart", "message", "application", "audio", "image", "video",
+ "model", "x-unknown"
};
char *body_encodings[ENCMAX+1] = {
- "7BIT", "8BIT", "BINARY", "BASE64", "QUOTED-PRINTABLE", "X-UNKNOWN"
+ "7bit", "8bit", "binary", "base64", "quoted-printable", "x-unknown"
};
@@ -291,7 +291,7 @@
sprintf (*dst += strlen (*dst),"; %s=",param->attribute);
rfc822_cat (*dst,param->value,tspecials);
} while (param = param->next);
- else if (body->type == TYPETEXT) strcat (*dst,"; CHARSET=US-ASCII");
+ else if (body->type == TYPETEXT) strcat (*dst,"; charset=us-ascii");
strcpy (*dst += strlen (*dst),"\015\012");
if (body->encoding) /* note: encoding 7BIT never output! */
sprintf (*dst += strlen (*dst),"Content-Transfer-Encoding: %s\015\012",
@@ -333,17 +333,17 @@
{
switch (type) {
case TYPETEXT: /* default is TEXT/PLAIN */
- return "PLAIN";
+ return "plain";
case TYPEMULTIPART: /* default is MULTIPART/MIXED */
- return "MIXED";
+ return "mixed";
case TYPEMESSAGE: /* default is MESSAGE/RFC822 */
- return "RFC822";
+ return "rfc822";
case TYPEAPPLICATION: /* default is APPLICATION/OCTET-STREAM */
- return "OCTET-STREAM";
+ return "octet-stream";
case TYPEAUDIO: /* default is AUDIO/BASIC */
- return "BASIC";
+ return "basic";
default: /* others have no default subtype */
- return "UNKNOWN";
+ return "unknown";
}
}
�
@@ -531,8 +531,8 @@
case TYPETEXT: /* text content */
if (!body->parameter) { /* default parameters */
body->parameter = mail_newbody_parameter ();
- body->parameter->attribute = cpystr ("CHARSET");
- body->parameter->value = cpystr ("US-ASCII");
+ body->parameter->attribute = cpystr ("charset");
+ body->parameter->value = cpystr ("us-ascii");
}
/* count number of lines */
while (i--) if ((SNX (bs)) == '\n') body->size.lines++;
@@ -541,7 +541,7 @@
case TYPEMESSAGE: /* encapsulated message */
body->nested.msg = mail_newmsg ();
/* encapsulated RFC-822 message? */
- if (!strcmp (body->subtype,"RFC822")) {
+ if (!strucmp (body->subtype,"RFC822")) {
switch (body->encoding) { /* make sure valid encoding */
case ENC7BIT: /* these are valid nested encodings */
case ENC8BIT:
@@ -786,7 +786,7 @@
c = *name; /* remember delimiter */
*name = '\0'; /* tie off type */
ucase (s); /* search for body type */
- for (i=0; (i<=TYPEMAX) && body_types[i] && strcmp(s,body_types[i]); i++);
+ for (i=0; (i<=TYPEMAX) && body_types[i] && strucmp(s,body_types[i]); i++);
if (i > TYPEMAX) body->type = TYPEOTHER;
else { /* if empty slot, assign it to this type */
if (!body_types[i]) body_types[i] = cpystr (s);
@@ -816,7 +816,7 @@
if (t = strchr (ucase (s),' ')) *t = '\0';
/* search for body encoding */
for (i = 0; (i <= ENCMAX) && body_encodings[i] &&
- strcmp (s,body_encodings[i]); i++);
+ strucmp (s,body_encodings[i]); i++);
if (i > ENCMAX) body->type = ENCOTHER;
else { /* if empty slot, assign it to this type */
if (!body_encodings[i]) body_encodings[i] = cpystr (s);
diff -u -r pine.orig/pine/mailcmd.c pine4.05/pine/mailcmd.c
--- pine.orig/pine/mailcmd.c Mon Nov 9 01:41:38 1998
+++ pine4.05/pine/mailcmd.c Mon Nov 9 17:59:48 1998
@@ -6524,7 +6524,7 @@
break;
case 'a' :
- sval = "TEXT"; /* fall thru */
+ sval = "text"; /* fall thru */
ekey[0].ch = -1;
break;
diff -u -r pine.orig/pine/send.c pine4.05/pine/send.c
--- pine.orig/pine/send.c Mon Nov 9 18:21:42 1998
+++ pine4.05/pine/send.c Mon Nov 9 18:22:13 1998
@@ -6814,8 +6814,8 @@
char *cs;
{
char **excl;
- static char *us_ascii = "US-ASCII";
- static char *non_ascii[] = {"UNICODE-1-1-UTF-7", NULL};
+ static char *us_ascii = "us-ascii";
+ static char *non_ascii[] = {"unicode-1-1-utf-7", NULL};
int already_set = 0;
if(!pm || strucmp(pm->attribute, "charset") != 0)
@@ -7646,7 +7646,7 @@
return(pwbh_finish(0, so));
while (param = param->next);
}
- else if(!so_puts(so, "; CHARSET=US-ASCII"))
+ else if(!so_puts(so, "; charset=us-ascii"))
return(pwbh_finish(0, so));
if(!so_puts(so, "\015\012"))
Third patch:
diff -u -r pine.orig/pine/init.c pine4.05/pine/init.c
--- pine.orig/pine/init.c Tue Nov 10 18:38:43 1998
+++ pine4.05/pine/init.c Tue Nov 10 18:42:09 1998
@@ -1464,6 +1464,7 @@
{"disable-take-last-comma-first", F_DISABLE_TAKE_LASTFIRST},
{"disable-signature-edit-cmd", F_DISABLE_SIGEDIT_CMD},
{"enable-8bit-esmtp-negotiation", F_ENABLE_8BIT},
+ {"enable-8bit-blind-smtp", F_ENABLE_8BIT_BLIND},
{"enable-8bit-nntp-posting", F_ENABLE_8BIT_NNTP},
{"enable-aggregate-command-set", F_ENABLE_AGG_OPS},
{"enable-alternate-editor-cmd", F_ENABLE_ALT_ED},
diff -u -r pine.orig/pine/other.c pine4.05/pine/other.c
--- pine.orig/pine/other.c Tue Nov 10 18:38:47 1998
+++ pine4.05/pine/other.c Tue Nov 10 18:42:53 1998
@@ -5174,6 +5174,8 @@
return(h_config_suspend_spawns);
case F_ENABLE_8BIT:
return(h_config_8bit_smtp);
+ case F_ENABLE_8BIT_BLIND:
+ return(h_config_8bit_blind);
case F_ENABLE_8BIT_NNTP:
return(h_config_8bit_nntp);
case F_COMPOSE_MAPS_DEL:
diff -u -r pine.orig/pine/pine.h pine4.05/pine/pine.h
--- pine.orig/pine/pine.h Tue Nov 10 18:39:37 1998
+++ pine4.05/pine/pine.h Tue Nov 10 18:43:28 1998
@@ -793,6 +793,7 @@
F_FAKE_NEW_IN_NEWS,
F_SUSPEND_SPAWNS,
F_ENABLE_8BIT,
+ F_ENABLE_8BIT_BLIND,
F_COMPOSE_MAPS_DEL,
F_ENABLE_8BIT_NNTP,
F_ENABLE_MOUSE,
diff -u -r pine.orig/pine/pine.hlp pine4.05/pine/pine.hlp
--- pine.orig/pine/pine.hlp Tue Nov 10 18:39:41 1998
+++ pine4.05/pine/pine.hlp Tue Nov 10 18:48:40 1998
@@ -10746,6 +10746,29 @@
<P><End of help on this topic>
</BODY>
</HTML>
+====== h_config_8bit_blind =====
+<HTML>
+<HEAD>
+<TITLE>FEATURE: enable-8bit-blind-smtp</TITLE>
+</HEAD>
+<BODY>
+<H1>FEATURE: enable-8bit-blind-smtp</H1>
+This feature affects Pine's behavior when sending mail. Internet standards
+require that all electronic mail messages traversing the global Internet
+consist of 7bit ASCII characters unless a pair of cooperating mail
+transfer agents explicitly agree to allow 8bit messages. In general,
+then, exchanging messages in non-ASCII characters requires MIME encoding.
+<P>
+However, there are now Internet standards that allow for unencoded 8bit
+exchange of messages between cooperating systems. Setting this feature
+tells Pine to send unencoded 8bit text regardless of smtp-server or mail
+agent capabilities for ESMTP and 8BITMIME. Use this option carefully
+because you may fail this way to send readable messages to 7bit zone.
+Setting this option you override the previous one
+<A HREF="h_config_8bit_smtp">enable-8bit-to-smtp-server</A>.
+<P><End of help on this topic>
+</BODY>
+</HTML>
====== h_config_8bit_nntp =====
FEATURE: enable-8bit-nntp-posting
diff -u -r pine.orig/pine/send.c pine4.05/pine/send.c
--- pine.orig/pine/send.c Mon Nov 9 18:21:42 1998
+++ pine4.05/pine/send.c Tue Nov 10 19:09:14 1998
@@ -7573,7 +7573,8 @@
switch (body->encoding) { /* all else needs filtering */
case ENC8BIT: /* encode 8BIT into QUOTED-PRINTABLE */
- gf_link_filter(gf_8bit_qp, NULL);
+ if (F_OFF(F_ENABLE_8BIT_BLIND, ps_global))
+ gf_link_filter(gf_8bit_qp, NULL);
break;
case ENCBINARY: /* encode binary into BASE64 */
@@ -7657,7 +7658,8 @@
&& so_puts(so, body_encodings[(body->encoding==ENCBINARY)
? ENCBASE64
: (body->encoding == ENC8BIT)
- ? ENCQUOTEDPRINTABLE
+ ? ( ( F_ON( F_ENABLE_8BIT_BLIND, ps_global ) )
+ ? ENC8BIT : ENCQUOTEDPRINTABLE )
: (body->encoding <= ENCMAX)
? body->encoding
: ENCOTHER])