- preallocate child struct, since the signal handler can be called before
wait_child, and we cannot allocate a child struct there. there is a signal
race still here if the program exits and the signal handler is called before
we allocate the struct.
across setjmp/longjmp.
Inspired by PR 41255 from Kurt Lidl, but this change makes "com" a
volatile pointer to const non-volatile data, whereas the PR made it a
non-volatile pointer to const volatile data.
- Remove all longjmp(3) calls from signal handlers. Instead, we post
to an internal signal queue and check that periodically. All signal
related code is now in sig.c, except for the SIGCHLD handler which
remains in popen.c as it is intimately tied to routines there.
- Handle SIGPIPE in type1() regardless of mime support, or else the
handler in execute() will prevent our error code from being returned
resulting in 'sawcom' not being set on the first command as it should.
This only affected the initial behavior of the "next" command without
mime support.
- Add the 'T' flag to many commands in cmdtab.c that should not look
like the first command. E.g., start mail on a mailbox with multiple
messages, run "set foo", then "next", and watch the second message get
displayed rather than the first as is the case without the first "set"
command.
- Add file descriptor and file handle leak detection. Enabled by
DEBUG_FILE_LEAK. This will likely disappear in the future.
- Fix a long standing (since import in 1993) longjmp() bug in
edstop(): the jmpbuf was invalid when quit() is called at the end of
main.
- Fix a long standing bug (since import in 1993) in snarf() where it
didn't strip whitespace correctly if the line consisted only of
whitespace.
- Lint cleanup.
- New Feature: "Header" command. This allows miscellaneous header
fields to be added to the header, e.g., "X-Organization:" or
"Reply-To:" fields.
- New Feature: "page-also" variable. This allows the specification of
additional commands to page. It is more flexible than "crt".
- Document the "pager-off" variable: if set, it disables paging
entirely.
display state, i.e., hidden/exposed tags or threads. This fixes at
least two problems:
- If the current message is a duplicate that is deleted by the "deldups"
command, then the dot was invalid making all messages appear to have
been deleted. It is now set to the surviving duplicate message.
- If the current message is tagged, the "hidetags" command would leave
the dot invalid and the dislay would reset it at the top of the
current screen. It is now set the the first untagged (and
not deleted) message after the previous (tagged) dot message.
From Anon Ymous
hfield() to be decoded as if they were "unstructured" regardless of
their type. This resulted from calling mime_decode_hfield() with the
body of the header line, i.e., the portion after the colon header
field name terminator, rather than the full header line.
From Anon Ymous
- Add a "forward" command as requested by garbled@.
From the manpage:
forward
Takes a list of messages and prompts for an address (or
addresses) to forward each message to. If no message list is
specified, the current message is used. The mail editor is run
for each message allowing the user to enter a message that will
precede the forward message. The message is sent as a multi-
part/mixed MIME encoded message.
- Add the ability to match messages that do (or do not) contain a
header field. E.g., the command "f ! /Subject:" will display the
list of messages that are missing a "Subject" field.
- Teach savemail() to prefix fake headlines so the mbox doesn't get
broken.
- Fixed a couple of "bugs" in the attachment editing routine.
- Add a "bounce" command as requested by garbled@.
From the manpage:
bounce Takes a list of messages and prompts for an address to bounce the
messages to. All the original header fields are preserved except
for the ``Delivered-To'', ``X-Original-To'' and ``Status''
fields. The new ``To'' field contains the bounce address(es)
plus any addresses in the old ``To'' field minus the user's local
address and any on the alternates list. (See the alternates com-
mand.)
- Introduce date_to_tm() and hl_date_to_tm() to parse the date and
headline date a bit more efficiently.
- If 'tm_isdst' is determined, let strftime(3) handle the '%Z' and
'%z' formats. Otherwise, output "-0000" and "???", respectively, to
help preserve with alignment; strftime(3) will output an empty
string in these case.
- Change fail() to use the '-d' flag (which sets the 'debug' variable)
rather than the "debug" _environment_ variable. This is more
consistent with other warnings.
- Don't use gcc C extensions, e.g., "case LOW ... HIGH:".
- Define is_WSP() in def.h to be an inline function that for checks
whitespace (WSP = ' ' or '\t'), as defined in RFC 2822. Use it
consistently in place of isblank().
- For consistency, rename skip_blank() to skip_WSP().
- Add inline skip_space() to complement skip_blank() (now skip_WSP).
- Check all ctype(3) calls for argument range issues.
- Whitespace and comment cleanup/changes.
FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
various string and memory copy and set functions (as well as a few system
calls and other miscellany) where known at function entry. RedHat has
evidently built all "core system packages" with this option for some time.
This option should be used at the top of Makefiles (or Makefile.inc where
this is used for subdirectories) but after any setting of LIB.
This is only useful for userland code, and cannot be used in libc or in
any code which includes the libc internals, because it overrides certain
libc functions with macros. Some effort has been made to make USE_FORT=yes
work correctly for a full-system build by having the bsd.sys.mk logic
disable the feature where it should not be used (libc, libssp iteself,
the kernel) but no attempt has been made to build the entire system with
USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.
Adjust the system build so that all programs and libraries that are setuid,
directly handle network data (including serial comm data), perform
authentication, or appear likely to have (or have a history of having)
data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,
with the exception of libc, which cannot use USE_FORT and thus uses
only USE_SSP by default. Tested on i386 with no ill results; USE_FORT=no
per-directory or in a system build will disable if desired.
2) When doing attachments set the "name=" parameter of the
Content-Type field, in addition to the (already) set "filename="
parameter of the Content-Disposition field. Some utilities (e.g.,
metamail) use this parameter for the filename even though (I believe)
the "filename=" parameter of the Content-Disposition field is
preferred by the standard (I can't find this explicitly except for
"application/octet-stream" types - see RFC1521 sec 7.4.1 and RFC2046
sec 4.5.1). My impression is that the "name=" parameter of the
Content-Types field is really intended for use when retrieving a file
not in the message, e.g., "message/external-body" Content-Types, and
not for the filename.
(Thanks to wiz@ for noticing this in his spam logs.)
3) Be more careful when determining the Content-Type of 1-byte
attachments. libmagic(3) isn't helpful on such small files.
christos