Alejandro Colomar

Related to https://github.com/conan-io/hooks/issues/157

Protecting `To` and other address lists was easy. I'll have a take tomorrow on `In-Reply-To`. However, reading protected fields wasn't as easy (which is why I had to *cat*(1) the...

On Mon, Apr 01, 2024 at 02:42:05AM GMT, Richard Russon wrote: > > some functions I could use, or look at > > All the functions for dealing with `struct...

``` --xytmxyhmc47g5q3k Content-Type: text/plain; protected-headers=v1; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable From: Alejandro Colomar To: neomutt/neomutt Subject: Re: [neomutt/neomutt] Protect more header fields (PR #4227) MIME-Version: 1.0 In-Reply-To: On Mon, Apr...

To and Cc protected headers being read: ``` [-- Begin signature information --] Good signature from: Alejandro Colomar aka: Alejandro Colomar aka: Alejandro Colomar Andres created: Mon Apr 1 15:11:40...

Here's a test for it: ``` Date: Mon, 8 Apr 2024 14:48:43 +0200 From: Alejandro Colomar To: [email protected] Cc: [email protected] Subject: ... Bcc: [email protected] Message-ID: Reply-To: [email protected] [-- Begin signature...

> This behavior LGTM, and I think is both necessary and sufficient to fix the two security vulnerabilities that I reported recently. Hmm, now I remember some thoughts I had...

v2 changes: - Add draft of feature page - Change default of `$crypt_protected_headers_write` to `yes`. - Deprecate `$crypt_protected_headers_write`. ``` $ git range-diff main gh/protect protect 1: da56b5907 = 1: da56b5907...

v2b changes: - Fix spelling of X-Original-To ``` $ git range-diff main gh/protect protect 1: da56b5907 = 1: da56b5907 ncrypt/crypt.c: Don't weed protected headers 2: b3e2fc80b = 2: b3e2fc80b ncrypt/crypt.c:...

v2c changes: - Extend the feature page, and say the feature is always enabled (since we removed the variable that controlled it). - Reorder commits. ``` $ git range-diff main...