1. 13 Jun, 2020 1 commit
  2. 12 Jun, 2020 1 commit
    • georg's avatar
      specs: fix errors on IPv6-only machines · 6a114316
      georg authored
      Do not rely on '127.0.0.1', but on 'localhost'.
      
      dirmngr receives some extra care, so it's able to cope with it.
      
      gpgconf --kill might hang indefinitely, therefore, rely on pkill.
      
      Relax the expected output of gpg if refreshing keys without a keyserver
      being available, as gpg might report various errors in such a situation.
      
      The dependency on dirmngr will be dropped soon, anyway, so I deem this
      acceptable as a workaround, for now.
      
      Closes #472
      6a114316
  3. 09 Jun, 2020 2 commits
  4. 19 May, 2020 1 commit
  5. 04 May, 2020 1 commit
  6. 15 Apr, 2020 2 commits
  7. 13 Apr, 2020 1 commit
  8. 30 Mar, 2020 1 commit
  9. 25 Mar, 2020 1 commit
    • ng's avatar
      fix #457 - ensure proper encoding if no charset is set on a part · badad300
      ng authored
      If a part did not have a charset set, we falled back to US-ASCII
      and then tried to encode the string into that. However, this only
      worked if the part had actually only ascii charcters, but as soon
      it contains non-ascii characters we failed. With this change we
      are encoding such parts as utf-8, thus adopting the future.
      badad300
  10. 22 Mar, 2020 1 commit
    • ng's avatar
      fix #458 - more proper encoding handling · 39ca2227
      ng authored
      This revisits the fixes for #409 (merged in !301), as when
      trying to parse unencrypted, but signed utf-8 mails, they were
      failing to be parsed and thus generated another error. More
      in-depth later.
      
      With this fix we are changing the approach:
      
        1. We switch to UTF-8 as default input
        2. If this is not a valid encoding, we try to convert the
           input to UTF-8
        3. If we are failing to convert, we scrub the input, so that
           at least what is proper UTF-8 will be passed on.
      
      ASCII-8BIT is a BINARY encoding and the mail library will only
      force the mail to have CRLF if it only contains ASCII conent.
      While UTF-8 is not a BINARY encoding and thus will get CRLF if
      it is a valid encoding. Getting CRLF is important for mails such
      as the one in `signed_utf8.eml`, as otherwise the parts detection
      will fail and the whole body will end up in the prologue, with no
      parts.
      Enforcing UTF-8 will still make some of our charset mails failing,
      as they are - validly - not UTF-8. By using a new dependency
      'charlock_holmes', we are able to detect the actual encoding and
      thus try to convert it to UTF-8. If everything fails, we just
      drop the invalid characters.
      39ca2227
  11. 28 Jan, 2020 4 commits
  12. 23 Jan, 2020 1 commit
  13. 22 Jan, 2020 1 commit
  14. 20 Jan, 2020 1 commit
  15. 07 Jan, 2020 1 commit
  16. 05 Jan, 2020 3 commits
  17. 04 Jan, 2020 4 commits
  18. 16 Sep, 2019 1 commit
  19. 07 Sep, 2019 1 commit
  20. 22 Aug, 2019 2 commits
  21. 17 Jun, 2019 1 commit
    • ng's avatar
      fix #430 - do not fail on mutt protected headers · 0651daf5
      ng authored
      Although mutt now supports protected headers, the content of a
      message compiled by mutt is just a plain body, without wrapped
      into further mime parts (contrary to other mailers). Also the
      message does not contain a special marked protected headers
      mime part.
      0651daf5
  22. 14 Feb, 2019 2 commits
  23. 03 Feb, 2019 1 commit
    • paz's avatar
      Strip HTML-part if keywords are present to stop leaking them. · f6c4a2f7
      paz authored
      The HTML-part of multipart/alternative-messages also contain the
      keywords. We don't parse them because we don't touch any HTML. In order
      to prevent the keywords from being disclosed to third parties (e.g.
      through resent messages), we strip the HTML-part completely.
      f6c4a2f7
  24. 28 Oct, 2018 1 commit
  25. 07 Oct, 2018 1 commit
  26. 04 Sep, 2018 1 commit
  27. 19 Jul, 2018 2 commits
    • ng's avatar
      Introduce `UNSET-FINGERPRINT` keyword - Implements second part of #260 · 21ca3b3a
      ng authored
      Using the new introduced keyword an admin can now remove the linked
      fingerprint from a subscription. A subscription can only remove
      the fingerprint of themselves.
      
      To unset their own fingerprint admins must additionally pass the
      argument `force`.
      21ca3b3a
    • ng's avatar
      Fix #360 - do not allow setting an empty fingerprint through `SET-FINGERPRINT` · c52b970d
      ng authored
      Check for a valid fingerprint as argument and do not accept an empty
      fingerprint. This will not anymore allow to unset a fingerprint
      through the `SET-FINGERPRINT`. This functionality will be superseeded
      by another keyword.
      
      As part of that fix, wie centralize checking for a valid fingerpint
      and constrain the check to be either 32 (v3) or 40 (v4) characters
      long.
      c52b970d