xref: /mutt/
NameDateSize

..16-Mar-201612 KiB

.hgignore03-Jul-2015916

.hgsigs02-Sep-20152.6 KiB

_regex.h07-Apr-201220.1 KiB

ABOUT-NLS07-Apr-201218.4 KiB

account.c26-Oct-20136 KiB

account.h26-Oct-20131.8 KiB

addrbook.c26-Oct-20135.8 KiB

alias.c30-Nov-201514.7 KiB

ascii.c26-Oct-20132.1 KiB

ascii.h26-Oct-20131.4 KiB

attach.c26-Oct-201324.4 KiB

attach.h07-Apr-20122.1 KiB

base64.c07-Apr-20123.3 KiB

bcache.c26-Oct-20136.3 KiB

bcache.h26-Oct-20133 KiB

BEWARE07-Apr-2012650

browser.c12-Oct-201530.4 KiB

browser.h26-Oct-20131.5 KiB

buffy.c07-Aug-201514.2 KiB

buffy.h26-Oct-20131.8 KiB

build-release03-Jul-20152 KiB

ChangeLog02-Sep-2015466.7 KiB

charset.c26-Oct-201316.6 KiB

charset.h26-Oct-20132.2 KiB

check_sec.sh26-Oct-20131.3 KiB

color.c02-Feb-201517.6 KiB

commands.c30-Nov-201524.4 KiB

complete.c26-Oct-20135 KiB

compose.c30-Nov-201533.6 KiB

configure.ac30-Nov-201544.6 KiB

contrib/01-Dec-20154 KiB

copy.c08-Sep-201423.5 KiB

copy.h26-Oct-20133.6 KiB

COPYRIGHT26-Oct-20131.6 KiB

crypt-gpgme.c15-Sep-2015125.6 KiB

crypt-gpgme.h07-Apr-20152.1 KiB

crypt-mod-pgp-classic.c07-Apr-20153.6 KiB

crypt-mod-pgp-gpgme.c07-Apr-20153.7 KiB

crypt-mod-smime-classic.c07-Apr-20153.1 KiB

crypt-mod-smime-gpgme.c07-Apr-20153.1 KiB

crypt-mod.c07-Apr-20121.7 KiB

crypt-mod.h07-Apr-20155.2 KiB

crypt.c09-Dec-201526.3 KiB

cryptglue.c07-Apr-201510.2 KiB

crypthash.h07-Apr-2012267

curs_lib.c16-Nov-201522.4 KiB

curs_main.c12-Oct-201553.5 KiB

date.c26-Oct-20134.3 KiB

doc/10-Sep-20154 KiB

dotlock.c26-Oct-201315 KiB

dotlock.h07-Apr-20121.4 KiB

edit.c30-Nov-201511.9 KiB

editmsg.c15-Sep-20155.1 KiB

enter.c20-Nov-201518.5 KiB

extlib.c07-Apr-20121.2 KiB

filter.c26-Oct-20133.2 KiB

flags.c26-Oct-20137.4 KiB

flymake.am13-Oct-2014554

from.c26-Oct-20134.5 KiB

functions.h26-Oct-201317.8 KiB

gen_defs07-Apr-2012537

getdomain.c26-Oct-20131.1 KiB

globals.h01-Dec-20157.7 KiB

gnupgparse.c19-Feb-20159.4 KiB

GPL07-Apr-201217.6 KiB

group.c26-Oct-20134.3 KiB

group.h26-Oct-20131.6 KiB

handler.c07-Aug-201543.2 KiB

hash.c26-Oct-20133.9 KiB

hash.h26-Oct-20131.7 KiB

hcache.c07-Aug-201525.7 KiB

hcache.h26-Oct-20132.2 KiB

hcachever.sh.in26-Oct-20131.4 KiB

hdrline.c28-Sep-201518.9 KiB

headers.c26-Oct-20135 KiB

help.c07-Aug-20157.9 KiB

hg-changelog-map07-Apr-2012215

hg-commit26-Oct-2013857

history.c02-Feb-20157.1 KiB

history.h02-Feb-20151.5 KiB

hook.c07-Aug-201512.8 KiB

imap/30-Nov-20154 KiB

init.c30-Nov-201574.6 KiB

init.h01-Dec-2015147.3 KiB

INSTALL02-Feb-201510.4 KiB

intl/03-Jul-20154 KiB

keymap.c12-Oct-201525.6 KiB

keymap.h26-Oct-20133.1 KiB

lib.c02-Feb-201521.1 KiB

lib.h16-Nov-20156.2 KiB

m4/03-Jul-20154 KiB

mailbox.h02-Feb-20152.8 KiB

main.c30-Nov-201522.8 KiB

Makefile.am30-Nov-20156.7 KiB

mapping.h26-Oct-20131.1 KiB

mbox.c26-Oct-201330.8 KiB

mbyte.c26-Oct-201312.2 KiB

mbyte.h26-Oct-20131 KiB

md5.c26-Oct-201314.3 KiB

md5.h26-Oct-20134.2 KiB

menu.c12-Oct-201523 KiB

mh.c09-Dec-201552.2 KiB

mime.h26-Oct-20132 KiB

mime.types07-Apr-20123.1 KiB

mkchangelog.sh08-Sep-2014123

mkdtemp.c26-Oct-20131 KiB

mutt.h30-Nov-201525.7 KiB

mutt_crypt.h07-Aug-20159.6 KiB

mutt_curses.h12-Oct-20155.9 KiB

mutt_idna.c30-Nov-20158.5 KiB

mutt_idna.h30-Nov-20151.9 KiB

mutt_menu.h26-Oct-20134 KiB

mutt_regex.h07-Apr-20121.6 KiB

mutt_sasl.c02-Feb-201517 KiB

mutt_sasl.h26-Oct-20131.7 KiB

mutt_socket.c26-Oct-201312.3 KiB

mutt_socket.h07-Apr-20122.7 KiB

mutt_ssl.c12-Oct-201527.3 KiB

mutt_ssl.h07-Apr-20121 KiB

mutt_ssl_gnutls.c12-Oct-201531.9 KiB

mutt_tunnel.c07-Apr-20124.5 KiB

mutt_tunnel.h07-Apr-2012923

muttbug07-Apr-201226

muttbug.sh.in26-Oct-20137.5 KiB

muttlib.c15-Sep-201542.4 KiB

mx.c10-Sep-201534.1 KiB

mx.h26-Oct-20132.6 KiB

NEWS07-Apr-20126.2 KiB

OPS26-Oct-20139.1 KiB

OPS.CRYPT07-Apr-2012189

OPS.MIX07-Apr-2012374

OPS.PGP07-Apr-2012244

OPS.SMIME07-Apr-201244

pager.c21-Sep-201566.8 KiB

pager.h26-Oct-20131.9 KiB

parse.c12-Oct-201539.8 KiB

PATCHES07-Apr-20120

patchlist.sh26-Oct-2013493

pattern.c16-Nov-201537.4 KiB

pgp.c15-Sep-201541.9 KiB

pgp.h17-Apr-20154 KiB

pgpewrap.c26-Oct-20131 KiB

pgpinvoke.c30-Dec-20149.1 KiB

pgpkey.c17-Apr-201522.6 KiB

pgplib.c19-Feb-20154.2 KiB

pgplib.h19-Feb-20152.1 KiB

pgpmicalg.c26-Oct-20134.3 KiB

pgppacket.c26-Oct-20133.8 KiB

pgppacket.h07-Apr-20121.7 KiB

pgppubring.c19-Feb-201518.4 KiB

po/09-Dec-20154 KiB

pop.c26-Oct-201321.3 KiB

pop.h07-Apr-20123.3 KiB

pop_auth.c26-Oct-20139.3 KiB

pop_lib.c07-Aug-201512.6 KiB

postpone.c07-Apr-201517.3 KiB

prepare26-Oct-2013355

protos.h18-Aug-201520.7 KiB

query.c30-Nov-201512.3 KiB

README26-Oct-2013984

README.SECURITY02-Feb-20152.4 KiB

README.SSL02-Feb-20154.6 KiB

recvattach.c07-Aug-201530.9 KiB

recvcmd.c30-Nov-201520 KiB

regex.c26-Oct-2013181 KiB

remailer.c26-Oct-201315.6 KiB

remailer.h07-Apr-20121.5 KiB

resize.c26-Oct-20132 KiB

rfc1524.c26-Oct-201314.2 KiB

rfc1524.h07-Apr-20121.7 KiB

rfc2047.c16-Nov-201521 KiB

rfc2047.h07-Apr-20121.2 KiB

rfc2231.c26-Oct-20138.4 KiB

rfc2231.h07-Apr-2012953

rfc3676.c26-Oct-20139.1 KiB

rfc3676.h26-Oct-20131.3 KiB

rfc822.c30-Nov-201519.1 KiB

rfc822.h30-Nov-20152.2 KiB

safe_asprintf.c26-Oct-20132.4 KiB

score.c26-Oct-20134.7 KiB

send.c30-Nov-201549.3 KiB

sendlib.c30-Nov-201567.8 KiB

setenv.c26-Oct-20131.7 KiB

sha1.c07-Apr-20126.3 KiB

sha1.h07-Apr-2012720

signal.c26-Oct-20136.3 KiB

smime.c01-Dec-201551 KiB

smime.h12-Jun-20151.8 KiB

smime_keys.pl12-Jun-201530 KiB

smtp.c30-Nov-201515 KiB

snprintf.c26-Oct-201318.7 KiB

sort.c26-Oct-20138.7 KiB

sort.h26-Oct-20132.1 KiB

stamp-h.in07-Apr-201210

status.c26-Oct-20138.1 KiB

strcasecmp.c07-Apr-2012801

strcasestr.c26-Oct-20131.3 KiB

strdup.c07-Apr-2012312

strsep.c26-Oct-20131.8 KiB

strtok_r.c26-Oct-20131.9 KiB

system.c26-Oct-20133.2 KiB

thread.c26-Oct-201333 KiB

TODO02-Feb-20152.3 KiB

txt2c.c26-Oct-2013564

txt2c.sh12-Aug-2015606

UPDATING28-Sep-20159.7 KiB

url.c26-Oct-20136.5 KiB

url.h26-Oct-2013682

utf8.c26-Oct-20131.5 KiB

VERSION02-Sep-20157

version.sh26-Oct-20131.6 KiB

wcscasecmp.c26-Oct-20131.2 KiB

wcwidth.c26-Oct-20137 KiB

README

1README for mutt-1.5
2===================
3
4When updating mutt from an earlier release or from Mercurial, please
5make sure to read the compatibility notes in ``UPDATING''. Older changes
6between mutt-1.2 and mutt-1.4 are listed in NEWS.
7
8If you got the mutt source code from the public Mercurial repository
9(http://dev.mutt.org/hg/mutt/), please read doc/devel-notes.txt to make
10sure that you have a complete development environment.
11
12Installation instructions are detailed in ``INSTALL''. The user manual
13is in doc/manual.txt. PGP users should read doc/PGP-Notes.txt.
14
15Before you start hacking on mutt, read doc/devel-notes.txt.  Before
16applying patches to mutt, read doc/applying-patches.txt.  Please,
17read these files, as they will save you from asking FAQs.
18
19For more information, see the Mutt home page:
20
21 http://www.mutt.org/
22
23The primary distribution points for Mutt is:
24
25 ftp://ftp.mutt.org/pub/mutt
26
27A list of mirror sites can be found under
28<http://www.mutt.org/download.html>.
29

README.SECURITY

1$Id$
2
3Recently, there have been reports on security problems induced by
4the interpretation of shell meta-characters embedded in MIME
5parameters.  These reports were referring to Pine, but the problem
6also applied when using mutt.
7
8More precisely, a mailcap entry like this one would lead to
9problems:
10
11> text/test-mailcap-bug; cat %s; copiousoutput; \
12>	test=test "`echo %{charset} | tr '[A-Z]' '[a-z]'`" != iso-8859-1
13
14When expanded with a charset parameter of ``touch${IFS}ME``, a file
15named "ME" would be created in the current directory.
16
17While we don't completely agree that this is an actual MUA problem
18(see below), we have implemented a couple of fixes for this:
19
20- Backticks are handled specially when preparing % expandos for
21  mailcap entries.  This fix will keep the current problem from
22  occurring, but we are sure there are other possible mailcap entries
23  where this doesn't help.
24
25- We have added a configuration variable named $mailcap_sanitize,
26  which is set by default.  If set, mutt will restrict possible
27  characters in mailcap % expandos to a well-defined set of safe
28  characters.  This is the safe setting, but we are not sure it
29  doesn't break some more advanced MIME stuff.
30
31>>>  DON'T UNSET THIS OPTION UNLESS YOU KNOW WHAT YOU ARE DOING.
32
33
34Anyway, this problem is not necessarily a problem which should be
35solved inside the MUA, as it's difficult (maybe impossible) to solve
36there.  Additionally, there is more than one program which parses
37mailcap.  So writing secure mailcap statements is generally a good
38idea.  We encourage you to do this.
39
40The most basic rule is this one:
41
42>>>	     KEEP THE %-EXPANDOS AWAY FROM SHELL QUOTING.
43
44Don't quote them with single or double quotes.  Mutt does this for
45you, the right way, as should any other program which interprets
46mailcap.  Don't put them into backtick expansions - as you have seen
47above, this is a recipe for disaster.  Be highly careful with eval
48statements, and avoid them if possible at all.
49
50If you have to use the %-expandos' values in context where you need
51quoting or backtick expansions, put that value into a shell variable
52and reference the shell variable where necessary (possibly with the
53proper quoting put around it, like in "$charset").
54
55For example, a safe version of the mailcap statement above could
56look like this:
57
58> text/test-mailcap-bug; cat %s; copiousoutput; test=charset=%{charset} \
59>         && test "`echo \"$charset\" | tr '[A-Z]' '[a-z]'`" != iso-8859-1
60
61

README.SSL

1IMAP/SSL in mutt 
2================
3
4Compilation
5-----------
6If you want to have SSL support in mutt, you need to install OpenSSL
7(http://www.openssl.org) libraries and headers before compiling.
8OpenSSL versions 0.9.3 through 0.9.6a have been tested.
9
10For SSL support to be enabled, you need to run the ``configure''
11script with ``--enable-imap --with-ssl[=PFX]'' parameters.  If the
12OpenSSL headers and libraries are not in the default system search
13paths (usually /usr/include and /usr/lib) you can use the optional PFX
14argument to define the root directory of your installation.  The
15libraries are then expected to be found in PFX/lib and headers in
16PFX/include/openssl.
17
18
19Usage
20-----
21IMAP/SSL folders can be accessed just like normal IMAP folders, but you
22will also have to add '/ssl' before the closing curly brace. Or you can
23use IMAP url notation, where the methods is called imaps.
24
25For example:
26	mailboxes {localhost/ssl}inbox
27	mailboxes {localhost:994/ssl}inbox
28or
29	mailboxes imaps://localhost/inbox
30	mailboxes imaps://localhost:994/inbox
31
32If you get errors about lack of entropy, it means that Mutt was unable
33to find a source of random data to initialize SSL library with. Should
34this happen, you need to generate the data yourself and save it in a
35file pointed by $entropy_file or $RANDFILE (environment) variables or
36in ~/.rnd.
37
38One way to generate random data would be to run a command which
39generates unpredictable output, for example 'ps aluxww' in Linux, and
40calculating the MD5-sum from the output and saving it in a file.
41
42** Note: The contents of the file pointed by $RANDFILE environment
43** variable (or ~/.rnd if unset) will be overwritten every time Mutt 
44** is run so don't put anything you can't afford to lose in that file.
45
46The files Mutt will try to use to initialize SSL library with are files
47pointed by $entropy_file and $RANDFILE (or ~/.rnd if unset.) If your
48OpenSSL is version 0.9.5 or later, the previous files can also be EGD
49sockets (see http://www.lothar.com/tech/crypto/ for more information
50about Entropy Gathering Daemon) and in addition sockets in the following
51places are tried: socket pointed by $EGDSOCKET environment variable,
52~/.entropy and /tmp/entropy.
53
54All the files and sockets mentioned above must be owned by the user and
55have permissions of 600.
56
57
58Certificates
59------------
60Each time a server is contacted, its certificate is checked against
61known valid certificates. When an unknown certificate is encountered,
62you are asked to verify it. If you reject the certificate, the
63connection will be terminated immediately. If you accept the
64certificate, the connection will be established. Accepted certificates
65can also be saved so that further connections to the server are
66automatically accepted. 
67
68If your organization has several equivalent IMAP-servers, each of them
69should have a unique certificate which is signed with a common
70certificate.  If you want to use all of those servers, you don't need to
71save each server certificate on the first connect.  Instead, you can get
72the signer certificate and save it instead.  That way, mutt will
73automatically accept all certificates signed with the saved certificate.
74
75System-wide certificates are by default considered trusted when checking
76certificates by signer.  This allows system administrators to setup
77trusted certificates for all users.  How to install certificates
78system-wide, depends on the OpenSSL installation.  Use of system-wide
79certificates can be disabled by unsetting $ssl_usesystemcerts variable.
80
81Certificates will be saved in the file specified by $certificate_file
82variable.  It is empty as default, so if you don't want to verify
83certificates each time you connect to a server, you have set this
84variable to some reasonable value.
85
86For example:
87	set certificate_file=~/.mutt/certificates
88
89
90Troubleshooting
91---------------
92If after doing the above, you are unable to successfully connect, it
93is likely that your IMAP server does not support one of the SSL protocols.
94There exist three different protocols, TLSv1, SSLv2, and SSLv3.  To check
95each of these, you use the following:
96    openssl s_client -host <imap server> -port <port> -verify -debug -no_tls1
97    openssl s_client -host <imap server> -port <port> -verify -debug -no_ssl2
98    openssl s_client -host <imap server> -port <port> -verify -debug -no_ssl3
99
100You can also combine the options until you get a successful connect.  Once
101you know which options do not work, you can set the variables for non-working
102protocols to know.  The variables for the protocols are ssl_use_tlsv1, 
103ssl_use_sslv2, and ssl_use_sslv3.
104
105-- 
106Tommi Komulainen
107Tommi.Komulainen@iki.fi
108
109Updated by Jeremy Katz
110katzj@linuxpower.org
111