Hello community, here is the log from the commit of package enigmail for openSUSE:Factory checked in at 2017-12-22 12:20:52 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/enigmail (Old) and /work/SRC/openSUSE:Factory/.enigmail.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "enigmail" Fri Dec 22 12:20:52 2017 rev:19 rq:559105 version:1.9.9 Changes: -------- --- /work/SRC/openSUSE:Factory/enigmail/enigmail.changes 2017-10-05 12:07:05.246501668 +0200 +++ /work/SRC/openSUSE:Factory/.enigmail.new/enigmail.changes 2017-12-22 12:21:31.411941850 +0100 @@ -1,0 +2,12 @@ +Wed Dec 20 14:13:36 UTC 2017 - [email protected] + +- enigmail 1.9.9, fixing multiple vulnerabilities (boo#1073858): + * Enigmail could be coerced to use a malicious PGP public key + with a corresponding secret key controlled by an attacker + * Enigmail could have replayed encrypted content in partially + encrypted e-mails, allowing a plaintext leak + * Enigmail could be tricked into displaying incorrect signature + verification results + * Specially crafted content may cause denial of service + +------------------------------------------------------------------- Old: ---- enigmail-1.9.8.3.tar.gz enigmail-1.9.8.3.tar.gz.asc New: ---- enigmail-1.9.9.tar.gz enigmail-1.9.9.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ enigmail.spec ++++++ --- /var/tmp/diff_new_pack.Mkr1rV/_old 2017-12-22 12:21:32.623882757 +0100 +++ /var/tmp/diff_new_pack.Mkr1rV/_new 2017-12-22 12:21:32.627882562 +0100 @@ -18,7 +18,7 @@ Name: enigmail -Version: 1.9.8.3 +Version: 1.9.9 Release: 0 Summary: OpenPGP addon for Thunderbird and SeaMonkey License: MPL-2.0 ++++++ enigmail-1.9.8.3.tar.gz -> enigmail-1.9.9.tar.gz ++++++ ++++ 1662 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/Makefile new/enigmail/Makefile --- old/enigmail/Makefile 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/Makefile 2017-12-09 16:36:07.000000000 +0100 @@ -3,7 +3,7 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. XPI_MODULE = enigmail -XPI_MODULE_VERS = 1.9.8.3 +XPI_MODULE_VERS = 1.9.9 DEPTH = . diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/configure.ac new/enigmail/configure.ac --- old/enigmail/configure.ac 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/configure.ac 2017-12-09 16:36:07.000000000 +0100 @@ -2,7 +2,7 @@ AC_PREREQ(2.61) min_automake_version="1.10" -AC_INIT([enigmail],[1.9.8.3], [https://www.enigmail.net]) +AC_INIT([enigmail],[1.9.9], [https://www.enigmail.net]) AC_PATH_PROG(PYTHON, "python2") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/ar/enigmail.properties new/enigmail/lang/ar/enigmail.properties --- old/enigmail/lang/ar/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/ar/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -324,3 +324,5 @@ addUidDlg.nameMinLengthError=ينبغي أن يتألف الاسم من خمسة محارف على الأقل addUidDlg.invalidEmailError=ينبغي أن تضع عنوان بريد صحيح addUidDlg.commentError=غير مسموح بالأقواس المربعة في التعليق +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/bg/enigmail.properties new/enigmail/lang/bg/enigmail.properties --- old/enigmail/lang/bg/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/bg/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -346,3 +346,5 @@ addUidDlg.commentError=Скобите не са позволени в коментарите errorType.SecurityProtocol=Протоколът за сигурност, използван от уеб услугата е неизвестен. filter.decryptCopy.label=Създайте декриптирано копие (Enigmail) +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/ca/enigmail.properties new/enigmail/lang/ca/enigmail.properties --- old/enigmail/lang/ca/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/ca/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -338,3 +338,5 @@ addUidDlg.nameMinLengthError=El nom ha de tenir 5 caràcters com a mínim addUidDlg.invalidEmailError=Heu d'indicar una adreça de correu vàlida addUidDlg.commentError=No es permeten claudàtors en els comentaris +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/cs/enigmail.properties new/enigmail/lang/cs/enigmail.properties --- old/enigmail/lang/cs/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/cs/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -353,3 +353,5 @@ errorType.SecurityCertificate=Certifikát zabezpečení předložený webové službě není platný. errorType.SecurityProtocol=Bezpečnostní protokol používaný webovou službou není znám. errorType.Network=Došlo k chybě sítě. +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/de/enigmail.properties new/enigmail/lang/de/enigmail.properties --- old/enigmail/lang/de/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/de/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=Ihr Schlüssel %1$S läuft in weniger als %2$S Tagen ab.\n\nEs wird empfohlen, dass Sie ein neues Schlüsselpaar erzeugen und die entsprechenden E-Mail-Konten so einstellen, dass die neuen Schlüssel benutzt werden. expiry.keysExpireSoon=Die folgenden Ihrer Schlüssel laufen in weniger als %1$S Tagen ab: %2$S.\n\nEs wird empfohlen, dass Sie neue Schlüssel erzeugen und die entsprechenden E-Mail-Konten so einstellen, dass die neuen Schlüssel benutzt werden. +msgCompose.partiallyEncrypted.short=Vorsicht: teilweise verschlüsselte Email - Sie könnten sensitive Informationen preisgeben. +msgCompose.partiallyEncrypted.long=Die Nachricht welche Sie bearbeiten wurde teilweise verschlüsselt, d.h. sie enthält verschlüsselte und unverschlüsselte Teile. Einige verschlüsselte Teile der Nachricht können sogar unsichtbar sein.\n\nWenn der Absender der Nachricht nicht in der Lage war diese zu entschlüsseln, ist es wahrscheinlich, dass die Nachricht in einen harmlosen unverschlüsselten Text verpackt wurde, und Sie beim Antworten unbewusst die verschlüsselte Information preisgeben. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/el/enigmail.properties new/enigmail/lang/el/enigmail.properties --- old/enigmail/lang/el/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/el/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -353,3 +353,5 @@ errorType.SecurityCertificate=Το πιστοποιητικό ασφαλείας της υπηρεσίας web είναι άκυρο. errorType.SecurityProtocol=Το πρωτόκολλο ασφάλειας που χρησιμοποιείται από την υπηρεσία web είναι άγνωστο. errorType.Network=Προέκυψε πρόβλημα δικτύου. +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/es-ES/enigmail.properties new/enigmail/lang/es-ES/enigmail.properties --- old/enigmail/lang/es-ES/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/es-ES/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=Su clave %1$S caducará en menos de %2$S días.\n\nLe recomendamos que cree un nuevo par de claves y configure las cuentas correspondientes para que usen la nueva clave. expiry.keysExpireSoon=Las siguientes de sus claves caducarán en menos de %1$S días:\n%2$S. Le recomendamos que cree nuevas claves y configure sus cuentas para que usen las nuevas claves. +msgCompose.partiallyEncrypted.short=Tenga cuidado de no filtrar información sensible - correo parcialmente cifrado. +msgCompose.partiallyEncrypted.long=El mensaje que está editando fue cifrado parcialmente. Es decir, el mensaje contiene partes cifradas y no cifradas. Algunas partes cifradas del mensaje puede que incluso no sean visibles para usted.\n\nSi el remitente en un principio no pudo descifrar las partes del mensaje, es probable que haya recibido el correo acompañado con algún texto no cifrado sólo para provocar que revele la información cifrada. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/fi/enigmail.properties new/enigmail/lang/fi/enigmail.properties --- old/enigmail/lang/fi/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/fi/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -319,3 +319,5 @@ # Strings in enigmailSetupWizard passphrase.min8keys=Salasanan tulee olla ainakin 8-kirjainta pitkä. setupWizard.reallyCancel=Peruutetaanko Enigmail:n ohjattu asennus? +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/fr/enigmail.properties new/enigmail/lang/fr/enigmail.properties --- old/enigmail/lang/fr/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/fr/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=Votre clef %1$S expirera dans moins de %2$S jours.\n\nNous vous recommandons de créer une nouvelle paire de clefs et de configurer les comptes correspondants pour utiliser la nouvelle clef. expiry.keysExpireSoon=Vos clefs suivantes expireront dans moins de %1$S jours : %2$S\n\nNous vous recommandons de créer de nouvelles clefs et de configurer les comptes correspondants pour utiliser les nouvelles clefs. +msgCompose.partiallyEncrypted.short=Attention à la fuite d'informations sensibles - message chiffré partiellement. +msgCompose.partiallyEncrypted.long=Le message que vous êtes en train d'éditer n'a été que partiellement chiffré. Cela veut dire qu'il contient à la fois des parties chiffrées et non chiffrées. Ces dernières pourraient même être rendues invisibles pour vous.\n\nSi l'expéditeur n'a pas été en mesure de déchiffrer le message original, il y a fort à parier qu'il vous a renvoyé ce message dans le seul but de vous faire déchiffrer les parties restantes à votre insu, lui révélant des informations potentiellement sensibles. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/gd/enigmail.properties new/enigmail/lang/gd/enigmail.properties --- old/enigmail/lang/gd/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/gd/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=Falbhaidh an ùine air an iuchair %1$S agad ro %2$S là(ithean).\n\nMholamaid gun cruthaich thu càraid iuchrach ùr ’s gun rèitich thu na cunntasan a fhreagras rithe ach an cleachd iad an iuchair ùr. expiry.keysExpireSoon=Falbhaidh an ùine air na h-iuchraichean seo agad ro %1$S là(ithean):\n%2$S. Mholamaid gun cruthaich thu iuchraichean ùra ’s gun rèitich thu na cunntasan agad ach an cleachd iad na h-iuchraichean ùra. +msgCompose.partiallyEncrypted.short=Thoir an aire nach foillsich thu fiosrachadh dìomhair gun fhiosta – chan eil ach pàirt dhen phost-d seo crioptaichte. +msgCompose.partiallyEncrypted.long=Chaidh pàirt dhen theachdaireachd a tha thu a’ deasachadh a chrioptachadh. Is ciall dha seo gu bheil an dà chuid susbaint chrioptaichte is gun chrioptachadh ’na broinn. Dh’fhaoidte nach fhaic thu pàirt dhen t-susbaint chrioptaichte idir.\n\nMura deach leis an t-seòladair fhèin a h-uile pàirt dhen teachdaireachd a dhì-chrioptachadh, tha sinn an dùil nach d’ fhuair thu am post-d seo le teacsa gun chrioptachadh innte ach ag amas gum foillsich thu am fiosrachadh crioptaichte dhaibh-san. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/gl/enigmail.properties new/enigmail/lang/gl/enigmail.properties --- old/enigmail/lang/gl/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/gl/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=A súa chave %1$S caducará en menos de %2$S days.\n\nRecomendámoslle crear unha nova parella de chaves e configurar as correspondentes contas para usar esta nova chave. expiry.keysExpireSoon=As súas chaves seguintes caducarán en menos de %1$S días:\n%2$S. Recomendámoslle que cree novas chaves e configure as súas contas para usalas. +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/hr/enigmail.properties new/enigmail/lang/hr/enigmail.properties --- old/enigmail/lang/hr/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/hr/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=Vaš ključ %1$S ističe za manje od %2$S dana.\n\nPreporučamo da stvorite novi par ključeva i postavite račune tako da ih koriste. expiry.keysExpireSoon=Sljedeći Vaši ključevi ističu za manje od %1$S dana:\n%2$S. Preporučamo da stvorite nove ključeve i konfigurirate račune tako da ih koriste. +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/hu/enigmail.properties new/enigmail/lang/hu/enigmail.properties --- old/enigmail/lang/hu/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/hu/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=A következő kulcs lejár %1$S nap múlva:\n%2$S. Készítse el az új kulcsot és a postafiókját állítsa át az új kulcs használatára. expiry.keysExpireSoon=A következő kulcsok lejárnak %1$S nap múlva:\n%2$S. Készítse el az új kulcsokat és a postafiókját állítsa át az új kulcsok használatára. +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/it/enigmail.properties new/enigmail/lang/it/enigmail.properties --- old/enigmail/lang/it/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/it/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=La chiave %1$S scadrà in meno di %2$S giorni.\n\nTi consigliamo di creare una nuova coppia di chiavi e configurare gli account corrispondenti per usare la nuova chiave. expiry.keysExpireSoon=Le seguenti chiavi scadranno in meno di %1$S giorni:\n%2$S. Ti consigliamo di creare delle nuove chiavi e configurare i tuoi account per usare le nuove chiavi. +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/ja/enigmail.properties new/enigmail/lang/ja/enigmail.properties --- old/enigmail/lang/ja/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/ja/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=あなたの鍵 %1$S は %2$S 日以内に期限切れとなります\n\n新しい鍵ペアを作成し、アカウント設定を適切に更新することを推奨します expiry.keysExpireSoon=以下の鍵は %1$S 日以内に期限切れとなります:\n%2$S\n\n新しい鍵ペアを作成し、アカウント設定を適切に更新することを推奨します +msgCompose.partiallyEncrypted.short=機微情報の漏洩に注意してください - 部分的に暗号化されたメッセージです +msgCompose.partiallyEncrypted.long=あなたが編集しているメッセージは部分的にしか暗号化されていません。つまり、暗号化されていない部分と暗号化されている部分が混在しています。暗号化されている部分には、あなたにも復号できない部分が含まれているかもしれません\n\n送信者が当初のメッセージを復号できなかった場合、あなたが受信したメッセージには暗号化されていない部分が含まれることがあります。そこから、暗号化されている部分の内容を推測できてしまう可能性があります diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/ko/enigmail.dtd new/enigmail/lang/ko/enigmail.dtd --- old/enigmail/lang/ko/enigmail.dtd 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/ko/enigmail.dtd 2017-12-09 16:36:07.000000000 +0100 @@ -577,7 +577,7 @@ <!ENTITY enigmail.setupWiz.pgKeyCreate.descSec2 "여러분의 <html:b>비밀키(비밀열쇠)</html:b>는<html:b>여러분 자신이</html:b> 암호메일을 복호화할 때나 이메일에 서명할 때 사용합니다. 비밀열쇠를 다른 사람에게 보내지 마십시오. 비밀키를 안전하게 사용하기 위해 다음 대화상자에서 두번 암호문구을 입력해야 합니다."> -<!ENTITY enigmail.setupWiz.pgKeyCreate.descPass "여러분의 <html:b>암호문구/html:b>은 여러분의 비밀열쇠를 지키는 패스워드입니다. 여러분의 비밀열쇠를 다른 사람이 무단으로 사용하는 것을 방지 합니다."> +<!ENTITY enigmail.setupWiz.pgKeyCreate.descPass "여러분의 <html:b>암호문구</html:b>은 여러분의 비밀열쇠를 지키는 패스워드입니다. 여러분의 비밀열쇠를 다른 사람이 무단으로 사용하는 것을 방지 합니다."> <!ENTITY enigmail.setupWiz.pgKeyCreate.passContain "암호문구는 문자와 숫자, 구둣점을 포함하여 8자로 만들어야 합니다. 하지만 움라우트나 일부 언어에만 있는 독특한 문자를 사용해서는 <html:b>절대로 안</html:b>됩니다. "> <!ENTITY enigmail.setupWiz.pgKeyCreate.passRepeat "패스프레이즈를 한번더 입력해서 확인해주십시오"> <!ENTITY enigmail.setupWiz.pgKeyCreate.passQuality "암호문장의 품질:"> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/ko/enigmail.properties new/enigmail/lang/ko/enigmail.properties --- old/enigmail/lang/ko/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/ko/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon= 사용하는 열쇠 %1$S 의 유효기간이 %2$S 일 이내에 만료됩니다..\n\n열쇠 한쌍을 새로 생성한 다음 관련 계정에 새 열쇠를 이용하기를 권합니다. expiry.keysExpireSoon=%2$S열쇠 유효기간이 %1$S 일 이내에 만료됩니다. \n열쇠 한쌍을 새로 생성한 다음 관련 계정에 새 열쇠를 이용하기를 권합니다. +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/lt/enigmail.properties new/enigmail/lang/lt/enigmail.properties --- old/enigmail/lang/lt/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/lt/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -405,3 +405,5 @@ #strings in exportSettingsWizard.js cannotWriteToFile=Nepavyksta išsaugoti į failą "%S". Prašome pasirinkti kitą failą. dataExportError=Jūsų duomenų eksportavimo metu įvyko klaida. +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/nb-NO/enigmail.properties new/enigmail/lang/nb-NO/enigmail.properties --- old/enigmail/lang/nb-NO/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/nb-NO/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=Din nøkkel %1$S utløper om mindre enn %2$S dager. \n \nVi anbefaler at du lager et nytt nøkkelpar og konfigurerer de aktuelle kontoene til å benytte den nye nøkkelen. expiry.keysExpireSoon=De følgende nøklene dine utløper om mindre enn %1$S dager: %2$S. Vi anbefaler at du lager nye nøkler og konfigurerer kontoene dine til å bruke de nye nøklene. +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/nl/enigmail.properties new/enigmail/lang/nl/enigmail.properties --- old/enigmail/lang/nl/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/nl/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=Uw sleutel %1$S zal binnen %2$S dagen vervallen.\n\nHet wordt aanbevolen een nieuw sleutelpaar aan te maken en de overeenkomende accounts in te stellen om deze nieuwe sleutel te gebruiken. expiry.keysExpireSoon=De volgende sleutels zullen binnen %1$S dagen vervallen:\n%2$S. Het wordt aanbevolen nieuwe sleutels aan te maken en de overeenkomende accounts in te stellen om deze nieuwe sleutels te gebruiken. +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/pl/enigmail.properties new/enigmail/lang/pl/enigmail.properties --- old/enigmail/lang/pl/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/pl/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -433,3 +433,5 @@ filter.decryptMove.label=Odszyfrować stałe (Enigmail) filter.decryptCopy.label=Tworzenie kopii szyfrowanego (Enigmail) saveLogFile.title=Zapisz plik dziennika +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/pt-BR/enigmail.properties new/enigmail/lang/pt-BR/enigmail.properties --- old/enigmail/lang/pt-BR/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/pt-BR/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -397,3 +397,5 @@ filter.folderRequired=Você deve selecionar o diretório desejado filter.decryptCopy.label=Criar uma Copia decriptada (Enigmail) saveLogFile.title=Salvar Arquivo de Log +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/pt-PT/enigmail.properties new/enigmail/lang/pt-PT/enigmail.properties --- old/enigmail/lang/pt-PT/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/pt-PT/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=A sua chave %1$S expira em menos de %2$S dias.\n\nRecomenda-se que crie um novo par de chaves e configure as contas correspondentes para usarem a nova chave. expiry.keysExpireSoon=As suas chaves que se seguem expiram em menos de %1$S dias:\n%2$S. Recomenda-se que crie novas chaves e configure as suas contas para usarem as novas chaves. +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/ru/enigmail.properties new/enigmail/lang/ru/enigmail.properties --- old/enigmail/lang/ru/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/ru/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=Срок действия ключа «%1S» истекает менее чем через %2$S дней.\n\nРекомендуется создать новую пару ключей и настроить соответствующий аккаунт для их использования. expiry.keysExpireSoon=Срок действия следующих ключей истекает менее чем через %1$S дней:\n%2$S. Рекомендуется создать новые пары ключей и настроить аккаунты для их использования. +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/sk/enigmail.properties new/enigmail/lang/sk/enigmail.properties --- old/enigmail/lang/sk/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/sk/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -368,3 +368,5 @@ errorType.SecurityCertificate=Bezpečnostný certifikát webovej služby nie je platný. errorType.SecurityProtocol=Bezpečnostný protokol používaný webovou službou je neznámy. errorType.Network=Vyskytol sa problém so sieťovým pripojením. +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/sl/enigmail.properties new/enigmail/lang/sl/enigmail.properties --- old/enigmail/lang/sl/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/sl/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=Vaš ključ %1$S bo potekle čez %2$S dni.\n\nPriporočamo, da ustvarite nov par ključev in ustrezne račune nastavite za njihovo uporabo. expiry.keysExpireSoon=Naslednji ključi bodo v manj kot %1$S-ih dneh potekli:\n%2$S. Priporočamo, da ustvarite nove in svoje račune nastavite za njihovo uporabo. +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/sq/enigmail.properties new/enigmail/lang/sq/enigmail.properties --- old/enigmail/lang/sq/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/sq/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=Kyçi juaj %1$S do të skadojë në më pak se %2$S ditë.\n\nKëshillojmë që të krijoni një dyshe të re kyçesh dhe të formësoni llogaritë përkatëse për përdorim të kyçit të ri. expiry.keysExpireSoon=Kyçet tuaj vijues do të skadojnë në më pak se %1$S ditë:\n%2$S. Këshillojmë që të krijoni kyçe të rinj dhe të formësoni llogaritë tuaja për përdorim të kyçeve të rinj. +msgCompose.partiallyEncrypted.short=Kini mendjen te rrjedhje informacionesh konfidenciale - email i fshehtëzuar pjesërisht. +msgCompose.partiallyEncrypted.long=Mesazhi që po përpunoni qe pjesërisht i fshehtëzuar. Domethënë,, mesazhi përmban pjesë të fshehtëzuara dhe pjesë jo të fshehtëzuara. Disa pjesë të fshehtëzuara të mesazhit mund të jenë të padukshme madje edhe për ju.\n\nNëse dërguesi s’qe në gjendje të shfshehtëzonte pjesë të mesazhit fillimisht, ka gjasa që morët vetëm email-n me ca tekst të pafshehtëzuar rreth e qark, me qëllim që t’ju lejojë të zbuloni informacionin e fshehtëzuar. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/sv-SE/enigmail.properties new/enigmail/lang/sv-SE/enigmail.properties --- old/enigmail/lang/sv-SE/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/sv-SE/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=Din nyckel %1$S kommer att upphöra inom mindre än %2$S dagar.\n\nVi rekommenderar att du skapar ett nytt nyckelpar och konfigurerar motsvarande konton att använda den nya nyckeln. expiry.keysExpireSoon=Följande nycklar kommer att upphöra inom mindre än %1$S dagar: \n%2$S. Vi rekommenderar att du skapar nya nycklar och konfigurerar dina konton för att använda de nya nycklarna. +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/tr/enigmail.properties new/enigmail/lang/tr/enigmail.properties --- old/enigmail/lang/tr/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/tr/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -313,3 +313,5 @@ addUidDlg.nameMinLengthError=İsmin en az 5 karakter olması gerekiyor addUidDlg.invalidEmailError=Doğru bir mail adresi belirtmelisiniz addUidDlg.commentError=Yorumlarda köşeli ayraç kullanımına izin verilmiyor +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/vi/enigmail.properties new/enigmail/lang/vi/enigmail.properties --- old/enigmail/lang/vi/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/vi/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=Khoá %1$S của bạn sẽ hết hạn trong %2$S ngày.\n\nChúng tôi khuyên bạn tạo một cặp khoá mới và cấu hình tài khoản tương ứng để sử dụng chúng. expiry.keysExpireSoon=Những khoá sau của bạn sẽ hết hạn trong %1$S ngày:\n%2$S. Chúng tôi khuyên bạn tạo khoá mới và cấu hình các tài khoản tương ứng để sử dụng chúng. +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/zh-CN/enigmail.properties new/enigmail/lang/zh-CN/enigmail.properties --- old/enigmail/lang/zh-CN/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/zh-CN/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -512,3 +512,5 @@ #strings in expiry.jsm expiry.keyExpiresSoon=你的密钥%1$S将在%2$S内过期。\n\n推荐重新生成密钥并使用新密钥配置相应的账户。 expiry.keysExpireSoon=你的以下密钥将在%1$S天内过期:\n%2$S。推荐重新生成密钥并使用新密钥配置相应的账户。 +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/lang/zh-TW/enigmail.properties new/enigmail/lang/zh-TW/enigmail.properties --- old/enigmail/lang/zh-TW/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/lang/zh-TW/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -423,3 +423,5 @@ converter.decryptBody.failed=無法解密主旨為「%S」的訊息。\n\n您想要使用不同的密語再試一次,或是跳過該訊息? converter.decryptAtt.failed=無法解密主旨為「%2$S」訊息的附件「%1$S」。\n\n您想要使用不同的密語再試一次,或是跳過該訊息? saveLogFile.title=儲存紀錄檔 +# msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +# msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/package/Makefile new/enigmail/package/Makefile --- old/enigmail/package/Makefile 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/package/Makefile 2017-12-09 16:36:07.000000000 +0100 @@ -66,9 +66,10 @@ pipeConsole.jsm \ prefs.jsm \ promise.jsm \ + rng.jsm \ rules.jsm \ streams.jsm \ - system.jsm \ + system.jsm \ time.jsm \ timer.jsm \ trust.jsm \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/package/armor.jsm new/enigmail/package/armor.jsm --- old/enigmail/package/armor.jsm 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/package/armor.jsm 2017-12-09 16:36:07.000000000 +0100 @@ -103,7 +103,7 @@ var blockHeader = text.substr(beginIndex, offset - beginIndex + 1); var blockRegex = new RegExp("^" + indentStr + - "-----BEGIN PGP (.*)-----\\s*\\r?\\n"); + "-----BEGIN PGP (.{1,30})-----\\s*\\r?\\n"); var matches = blockHeader.match(blockRegex); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/package/decryptPermanently.jsm new/enigmail/package/decryptPermanently.jsm --- old/enigmail/package/decryptPermanently.jsm 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/package/decryptPermanently.jsm 2017-12-09 16:36:07.000000000 +0100 @@ -380,7 +380,7 @@ self.readAttachment(attachment, strippedName).then( function(o) { var attachmentHead = o.data.substr(0, 30); - if (attachmentHead.match(/\-\-\-\-\-BEGIN PGP \w+ KEY BLOCK\-\-\-\-\-/)) { + if (attachmentHead.match(/\-\-\-\-\-BEGIN PGP \w{5,10} KEY BLOCK\-\-\-\-\-/)) { // attachment appears to be a PGP key file, we just go-a-head resolve(o); return; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/package/decryption.jsm new/enigmail/package/decryption.jsm --- old/enigmail/package/decryption.jsm 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/package/decryption.jsm 2017-12-09 16:36:07.000000000 +0100 @@ -697,7 +697,7 @@ EnigmailLog.DEBUG("enigmail.js: Enigmail.decryptAttachment: parent=" + parent + ", outFileName=" + outFile.path + "\n"); var attachmentHead = byteData.substr(0, 200); - if (attachmentHead.match(/\-\-\-\-\-BEGIN PGP \w+ KEY BLOCK\-\-\-\-\-/)) { + if (attachmentHead.match(/\-\-\-\-\-BEGIN PGP \w{5,10} KEY BLOCK\-\-\-\-\-/)) { // attachment appears to be a PGP key file if (EnigmailDialog.confirmDlg(parent, EnigmailLocale.getString("attachmentPgpKey", [displayName]), diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/package/funcs.jsm new/enigmail/package/funcs.jsm --- old/enigmail/package/funcs.jsm 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/package/funcs.jsm 2017-12-09 16:36:07.000000000 +0100 @@ -26,45 +26,55 @@ var gTxtConverter = null; -const EnigmailFuncsRegexTwoAddr = new RegExp("<[^>,]*>[^,<]*<[^>,]*>"); -const EnigmailFuncsRegexExtractPureEmail = new RegExp("(^|,)[^,]*<([^>]+)>[^,]*", "g"); - const EnigmailFuncs = { /** * get a list of plain email addresses without name or surrounding <> - * @mailAddrs |string| - address-list as specified in RFC 2822, 3.4 - * separated by "," + * @param mailAddrs |string| - address-list encdoded in Unicode as specified in RFC 2822, 3.4 + * separated by , or ; * - * @return |string| - list of pure email addresses separated by "," + * @return |string| - list of pure email addresses separated by "," */ - stripEmail: function(mailAddrs) { - //EnigmailLog.DEBUG("funcs.jsm: stripEmail(): mailAddrs=" + mailAddrs + "\n"); + stripEmail: function(mailAddresses) { + // EnigmailLog.DEBUG("funcs.jsm: stripEmail(): mailAddresses=" + mailAddresses + "\n"); + + const SIMPLE = "[^<>,]+"; // RegExp for a simple email address (e.g. [email protected]) + const COMPLEX = "[^<>,]*<[^<>, ]+>"; // RegExp for an address containing <...> (e.g. Name <[email protected]>) + const MatchAddr = new RegExp("^(" + SIMPLE + "|" + COMPLEX + ")(," + SIMPLE + "|," + COMPLEX + ")*$"); - var qStart, qEnd; - while ((qStart = mailAddrs.indexOf('"')) != -1) { + let mailAddrs = mailAddresses; + + let qStart, qEnd; + while ((qStart = mailAddrs.indexOf('"')) >= 0) { qEnd = mailAddrs.indexOf('"', qStart + 1); - if (qEnd == -1) { - EnigmailLog.ERROR("funcs.jsm: stripEmail: Unmatched quote in mail address: " + mailAddrs + "\n"); + if (qEnd < 0) { + EnigmailLog.ERROR("funcs.jsm: stripEmail: Unmatched quote in mail address: '" + mailAddresses + "'\n"); throw Components.results.NS_ERROR_FAILURE; } mailAddrs = mailAddrs.substring(0, qStart) + mailAddrs.substring(qEnd + 1); } - // Eliminate all whitespace, just to be safe - mailAddrs = mailAddrs.replace(/\s+/g, ""); + // replace any ";" by ","; remove leading/trailing "," + mailAddrs = mailAddrs.replace(/[,;]+/g, ",").replace(/^,/, "").replace(/,$/, ""); + + if (mailAddrs.length === 0) return ""; - // having two <..> <..> in one email is an error - if (mailAddrs.match(EnigmailFuncsRegexTwoAddr)) { - EnigmailLog.ERROR("funcs.jsm: stripEmail: Two <..> entries in mail address: " + mailAddrs + "\n"); + // having two <..> <..> in one email, or things like <[email protected],><[email protected]> is an error + if (mailAddrs.search(MatchAddr) < 0) { + EnigmailLog.ERROR("funcs.jsm: stripEmail: Invalid <..> brackets in mail address: '" + mailAddresses + "'\n"); throw Components.results.NS_ERROR_FAILURE; } - // Extract pure e-mail address list (stripping out angle brackets) - mailAddrs = mailAddrs.replace(EnigmailFuncsRegexExtractPureEmail, "$1$2"); + // We know that the "," and the < > are at the right places, thus we can split by "," + let addrList = mailAddrs.split(/,/); - // remove empty email addresses (including removing all ';') - mailAddrs = mailAddrs.replace(/[,;]+/g, ",").replace(/^,/, "").replace(/,$/, ""); + for (let i in addrList) { + // Extract pure e-mail address list (strip out anything before angle brackets and any whitespace) + addrList[i] = addrList[i].replace(/^([^<>]*<)([^<>]+)(>)$/, "$2").replace(/\s/g, ""); + } + + // remove repeated, trailing and leading "," (again, as there may be empty addresses) + mailAddrs = addrList.join(",").replace(/,,/g, ",").replace(/^,/, "").replace(/,$/, ""); return mailAddrs; }, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/package/gpgAgent.jsm new/enigmail/package/gpgAgent.jsm --- old/enigmail/package/gpgAgent.jsm 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/package/gpgAgent.jsm 2017-12-09 16:36:07.000000000 +0100 @@ -467,14 +467,33 @@ if ((!agentPath) && EnigmailOS.isWin32) { // Look up in Windows Registry + const installDir = ["Software\\GNU\\GNUPG", "Software\\GNUPG"]; try { - let gpgPath = EnigmailOS.getWinRegistryString("Software\\GNU\\GNUPG", "Install Directory", nsIWindowsRegKey.ROOT_KEY_LOCAL_MACHINE); - agentPath = EnigmailFiles.resolvePath(agentName, gpgPath, EnigmailOS.isDosLike()); + for (let i = 0; i < installDir.length && !agentPath; i++) { + let gpgPath = EnigmailOS.getWinRegistryString(installDir[i], "Install Directory", nsIWindowsRegKey.ROOT_KEY_LOCAL_MACHINE); + + agentPath = EnigmailFiles.resolvePath(agentName, gpgPath, EnigmailOS.isDosLike()); + if (!agentPath) { + gpgPath += "\\bin"; + agentPath = EnigmailFiles.resolvePath(agentName, gpgPath, EnigmailOS.isDosLike()); + } + } } catch (ex) {} if (!agentPath) { - let gpgPath = "C:\\Program Files\\GnuPG\\pub"; + // try to determine the default PATH from the registry + // (that's how gpg4win sets up the path) + try { + let winPath = EnigmailOS.getWinRegistryString("SYSTEM\\CurrentControlSet\\Control\\Session Manager\\Environment", "Path", nsIWindowsRegKey.ROOT_KEY_LOCAL_MACHINE); + agentPath = EnigmailFiles.resolvePath(agentName, winPath, EnigmailOS.isDosLike()); + } + catch (ex) {} + } + + if (!agentPath) { + // default for gpg4win 3.0 + let gpgPath = "C:\\Program Files\\GnuPG\\bin;C:\\Program Files (x86)\\GnuPG\\bin"; agentPath = EnigmailFiles.resolvePath(agentName, gpgPath, EnigmailOS.isDosLike()); } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/package/install.rdf new/enigmail/package/install.rdf --- old/enigmail/package/install.rdf 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/package/install.rdf 2017-12-09 16:36:07.000000000 +0100 @@ -5,7 +5,7 @@ <Description about="urn:mozilla:install-manifest"> <em:id>{847b3a00-7ab1-11d4-8f02-006008948af5}</em:id> - <em:version>1.9.8.3</em:version> + <em:version>1.9.9</em:version> <em:type>2</em:type> <!-- type = extension --> <em:unpack>true</em:unpack> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/package/installGnuPG.jsm new/enigmail/package/installGnuPG.jsm --- old/enigmail/package/installGnuPG.jsm 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/package/installGnuPG.jsm 2017-12-09 16:36:07.000000000 +0100 @@ -50,8 +50,7 @@ const NS_LOCAL_FILE_CONTRACTID = "@mozilla.org/file/local;1"; const XPCOM_APPINFO = "@mozilla.org/xre/app-info;1"; -const queryUrl = "https://www.enigmail.net/service/getGnupdDownload.svc";; - +const queryUrl = "https://www.enigmail.net/service/getGnupgDownload.svc";; function toHexString(charCode) { return ("0" + charCode.toString(16)).slice(-2); @@ -382,7 +381,7 @@ var ch = Components.classes["@mozilla.org/security/hash;1"] .createInstance(Components.interfaces.nsICryptoHash); - ch.init(ch.SHA1); + ch.init(ch.SHA256); const PR_UINT32_MAX = 0xffffffff; // read entire file ch.updateFromStream(istream, PR_UINT32_MAX); var gotHash = ch.finish(false); @@ -411,18 +410,32 @@ // "this" is set by the calling XMLHttpRequest if (typeof(this.responseXML) == "object") { EnigmailLog.DEBUG("installGnuPG.jsm: getDownloadUrl.reqListener: got: " + this.responseText + "\n"); - if (!this.responseXML) { + if (!this.responseText) { onError({ type: "Network" }); return; } - let doc = this.responseXML.firstChild; - self.url = unescape(doc.getAttribute("url")); - self.hash = sanitizeHash(doc.getAttribute("hash")); - self.command = sanitizeFileName(doc.getAttribute("command")); - self.mount = sanitizeFileName(doc.getAttribute("mount")); - deferred.resolve(); + + if (typeof(this.responseText) == "string") { + EnigmailLog.DEBUG("installPep.jsm: getDownloadUrl.reqListener: got: " + this.responseText + "\n"); + + try { + let doc = JSON.parse(this.responseText); + self.url = doc.url; + self.hash = sanitizeHash(doc.hash); + self.command = doc.command; + self.mount = sanitizeFileName(doc.mountPath); + deferred.resolve(); + } + catch (ex) { + EnigmailLog.DEBUG("installPep.jsm: getDownloadUrl.reqListener: exception: " + ex.toString() + "\n"); + + onError({ + type: "Network" + }); + } + } } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/package/mime.jsm new/enigmail/package/mime.jsm --- old/enigmail/package/mime.jsm 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/package/mime.jsm 2017-12-09 16:36:07.000000000 +0100 @@ -15,6 +15,8 @@ Components.utils.import("resource://gre/modules/jsmime.jsm"); /*global jsmime: false*/ Components.utils.import("resource://enigmail/data.jsm"); /*global EnigmailData: false */ +Components.utils.import("resource://enigmail/rng.jsm"); /*global EnigmailRNG: false */ +Components.utils.import("resource://enigmail/streams.jsm"); /*global EnigmailStreams: false */ const EnigmailMime = { /*** @@ -24,13 +26,7 @@ * @return: string of 33 random characters and digits */ createBoundary: function() { - let b = ""; - let r = 0; - for (let i = 0; i < 33; i++) { - r = Math.floor(Math.random() * 58); - b += String.fromCharCode((r < 10 ? 48 : (r < 34 ? 55 : 63)) + r); - } - return b; + return EnigmailRNG.generateRandomString(33); }, /*** @@ -289,5 +285,153 @@ endPos: endPos, securityLevel: 0 }; - } + }, + + /** + * Get the part number from a URI spec (e.g. mailbox:///folder/xyz?part=1.2.3.5) + * + * @param spec: String - the URI spec to inspect + * + * @return String: the mime part number (or "" if none found) + */ + getMimePartNumber: function(spec) { + let m = spec.match(/([\?&]part=)(\d+(\.\d+)*)/); + + if (m && m.length >= 3) { + return m[2]; + } + + return ""; + }, + + /** + * Parse a MIME message and return a tree structur of TreeObject + * + * @param url: String - the URL to load and parse + * @param getBody: Boolean - if true, delivers the body text of each MIME part + * @param callbackFunc Function - the callback function that is called asynchronously + * when parsing is complete. + * Function signature: callBackFunc(TreeObject) + * + * @return undefined + */ + getMimeTreeFromUrl: function(url, getBody, callbackFunc) { + function onData(data) { + let tree = getMimeTree(data); + callbackFunc(tree); + } + + let chan = EnigmailStreams.createChannel(url); + let bufferListener = EnigmailStreams.newStringStreamListener(onData); + chan.asyncOpen(bufferListener, null); + }, + + getMimeTree: getMimeTree }; + + +/** + * Parse a MIME message and return a tree structure of TreeObject. + * + * TreeObject contains the following main parts: + * - partNum: String + * - headers: Map, containing all headers. + * Special headers for contentType and charset + * - body: String, if getBody == true + * - subParts: Array of TreeObject + * + * @param mimeStr: String - a MIME structure to parse + * @param getBody: Boolean - if true, delivers the body text of each MIME part + * + * @return TreeObject, or NULL in case of failure + */ +function getMimeTree(mimeStr, getBody = false) { + + let mimeTree = { + partNum: "", + headers: null, + body: "", + parent: null, + subParts: [] + }, + stack = [], + currentPart = "", + currPartNum = ""; + + const jsmimeEmitter = { + + createPartObj: function(partNum, headers, parent) { + let ct; + + if (headers.has("content-type")) { + ct = headers.contentType.type; + let it = headers.get("content-type").entries(); + for (let i of it) { + ct += '; ' + i[0] + '="' + i[1] + '"'; + } + } + + return { + partNum: partNum, + headers: headers, + fullContentType: ct, + body: "", + parent: parent, + subParts: [] + }; + }, + + /** JSMime API **/ + startMessage: function() { + currentPart = mimeTree; + }, + + endMessage: function() {}, + + startPart: function(partNum, headers) { + //dump("mime.jsm: jsmimeEmitter.startPart: partNum=" + partNum + "\n"); + partNum = "1" + (partNum !== "" ? "." : "") + partNum; + let newPart = this.createPartObj(partNum, headers, currentPart); + + if (partNum.indexOf(currPartNum) === 0) { + // found sub-part + currentPart.subParts.push(newPart); + } + else { + // found same or higher level + currentPart.subParts.push(newPart); + } + currPartNum = partNum; + currentPart = newPart; + }, + endPart: function(partNum) { + //dump("mime.jsm: jsmimeEmitter.startPart: partNum=" + partNum + "\n"); + currentPart = currentPart.parent; + }, + + deliverPartData: function(partNum, data) { + //dump("mime.jsm: jsmimeEmitter.deliverPartData: partNum=" + partNum + " / " + typeof data + "\n"); + if (typeof(data) === "string") { + currentPart.body += data; + } + else { + currentPart.body += EnigmailData.arrayBufferToString(data); + } + } + }; + + let opt = { + strformat: "unicode", + bodyformat: getBody ? "decode" : "none" + }; + + + try { + let p = new jsmime.MimeParser(jsmimeEmitter, opt); + p.deliverData(mimeStr); + return mimeTree.subParts[0]; + } + catch (ex) { + return null; + } +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/package/mimeEncrypt.js new/enigmail/package/mimeEncrypt.js --- old/enigmail/package/mimeEncrypt.js 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/package/mimeEncrypt.js 2017-12-09 16:36:07.000000000 +0100 @@ -281,7 +281,7 @@ if (this.cryptoMode == MIME_ENCRYPTED && this.enigSecurityInfo.sendFlags & Ci.nsIEnigmail.ENCRYPT_HEADERS) { w += 'Content-Type: text/rfc822-headers; protected-headers="v1"\r\n' + - 'Content-Disposition: inline\r\n' + + 'Content-Disposition: inline\r\n\r\n' + visibleHdr + "\r\n--" + this.encHeader + "\r\n"; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/package/prefs/enigmail.js new/enigmail/package/prefs/enigmail.js --- old/enigmail/package/prefs/enigmail.js 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/package/prefs/enigmail.js 2017-12-09 16:36:07.000000000 +0100 @@ -96,7 +96,7 @@ // list of keyservers to use -pref("extensions.enigmail.keyserver", "pool.sks-keyservers.net, keys.gnupg.net, pgp.mit.edu"); +pref("extensions.enigmail.keyserver", "hkps://hkps.pool.sks-keyservers.net, hkps://pgp.mit.edu"); // auto select the first keyserver in the key server list pref("extensions.enigmail.autoKeyServerSelection", true); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/package/rng.jsm new/enigmail/package/rng.jsm --- old/enigmail/package/rng.jsm 1970-01-01 01:00:00.000000000 +0100 +++ new/enigmail/package/rng.jsm 2017-12-09 16:36:07.000000000 +0100 @@ -0,0 +1,73 @@ +/*global Components: false */ +/* + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + +"use strict"; + +const EXPORTED_SYMBOLS = ["EnigmailRNG"]; + +const Cc = Components.classes; +const Ci = Components.interfaces; +const Cu = Components.utils; + +const SECURITY_RANDOM_GENERATOR = "@mozilla.org/security/random-generator;1"; + +var appShellSvc = Cc["@mozilla.org/appshell/appShellService;1"].getService(Ci.nsIAppShellService); + +var window = appShellSvc.hiddenDOMWindow; +var document = window.document; + +/** + * Create a string of random characters of the set A-Z a-z 0-9 with numChars length, + * using the browser crypto API that gets cryptographically strong random values + * + * @param numChar: Number - the length of the string to return + * + * @return String + */ +function generateRandomString(numChars) { + + // Map of characters that are allowed to be returned + const charMap = new Array("A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", + "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", + "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", + "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", + "0", "1", "2", "3", "4", "5", "6", "7", "8", "9"); + + const charMapLength = charMap.length; // 62 for the set A-Z a-z 0-9 + + let randNumArray = new Uint16Array(numChars); + window.crypto.getRandomValues(randNumArray); + + let randomString = ""; + + for (let i = 0; i < numChars; i++) { + // compute the modulo to get numbers between 0 and (charMapLength - 1) + // Uint16 range 65536 modulo 62 is only 2, this minimal statistical imbalance is acceptable + let modulo = randNumArray[i] % charMapLength; + + randomString += charMap[modulo]; + } + + return randomString; +} + + +/** + * Generates a random UInt32 for use in randomising key selection and wait times between refreshing keys. + * + * @return random UInt32 + */ +function generateRandomUint32() { + let randomNumber = new Uint32Array(1); + window.crypto.getRandomValues(randomNumber); + return randomNumber[0]; +} + +const EnigmailRNG = { + generateRandomUint32: generateRandomUint32, + generateRandomString: generateRandomString +}; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/package/streams.jsm new/enigmail/package/streams.jsm --- old/enigmail/package/streams.jsm 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/package/streams.jsm 2017-12-09 16:36:07.000000000 +0100 @@ -17,12 +17,37 @@ Cu.import("resource://gre/modules/XPCOMUtils.jsm"); /*global XPCOMUtils: false */ Cu.import("resource://enigmail/log.jsm"); /*global EnigmailLog: false */ Cu.import("resource://enigmail/timer.jsm"); /*global EnigmailTimer: false */ +Cu.import("resource://gre/modules/Services.jsm"); /* global Services: false */ const NS_STRING_INPUT_STREAM_CONTRACTID = "@mozilla.org/io/string-input-stream;1"; const NS_INPUT_STREAM_CHNL_CONTRACTID = "@mozilla.org/network/input-stream-channel;1"; +const IOSERVICE_CONTRACTID = "@mozilla.org/network/io-service;1"; const EnigmailStreams = { /** + * Create a new channel from a URL. + * + * @param url: String - URL specification + * + * @return: channel + */ + createChannel: function(url) { + let ioServ = Cc[IOSERVICE_CONTRACTID].getService(Ci.nsIIOService); + + let channel; + if ("newChannel2" in ioServ) { + // TB >= 48 + let loadingPrincipal = Services.scriptSecurityManager.getSystemPrincipal(); + channel = ioServ.newChannel2(url, null, null, null, loadingPrincipal, null, 0, Ci.nsIContentPolicy.TYPE_DOCUMENT); + } + else { + channel = ioServ.newChannel(url, null, null); + } + + return channel; + }, + + /** * create an nsIStreamListener object to read String data from an nsIInputStream * * @onStopCallback: Function - function(data) that is called when the stream has stopped diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/ui/content/enigmailMessengerOverlay.js new/enigmail/ui/content/enigmailMessengerOverlay.js --- old/enigmail/ui/content/enigmailMessengerOverlay.js 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/ui/content/enigmailMessengerOverlay.js 2017-12-09 16:36:07.000000000 +0100 @@ -10,15 +10,6 @@ Components.utils.import("resource://gre/modules/XPCOMUtils.jsm"); -try { - // TB with omnijar - Components.utils.import("resource:///modules/gloda/mimemsg.js"); /* global MsgHdrToMimeMessage: false */ -} -catch (ex) { - // "old style" TB - Components.utils.import("resource://app/modules/gloda/mimemsg.js"); -} - /* global EnigmailData: false, EnigmailApp: false, EnigmailDialog: false, EnigmailTimer: false, EnigmailWindows: false, EnigmailTime: false */ /* global EnigmailLocale: false, EnigmailLog: false, XPCOMUtils: false, EnigmailPrefs: false */ @@ -54,6 +45,7 @@ Components.utils.import("resource://enigmail/expiry.jsm"); /*global EnigmailExpiry: false */ Components.utils.import("resource://enigmail/uris.jsm"); /*global EnigmailURIs: false */ Components.utils.import("resource://enigmail/protocolHandler.jsm"); /*global EnigmailProtocolHandler: false */ +Components.utils.import("resource://enigmail/mime.jsm"); /*global EnigmailMime: false */ if (!Enigmail) var Enigmail = {}; @@ -75,7 +67,7 @@ savedHeaders: null, removeListener: false, enableExperiments: false, - headersList: ["content-type", "content-transfer-encoding", + headersList: ["content-transfer-encoding", "x-enigmail-version", "x-pgp-encoding-format" ], buggyExchangeEmailContent: null, // for HACK for MS-EXCHANGE-Server Problem @@ -506,6 +498,8 @@ messageDecrypt: function(event, isAuto) { EnigmailLog.DEBUG("enigmailMessengerOverlay.js: messageDecrypt: " + event + "\n"); + this.mimeParts = null; + var cbObj = { event: event, isAuto: isAuto @@ -527,11 +521,10 @@ } try { - if (gFolderDisplay.selectedMessageIsNews) throw "dummy"; // workaround for broken NNTP support in Gloda - MsgHdrToMimeMessage(gFolderDisplay.selectedMessage, cbObj, Enigmail.msg.msgDecryptMimeCb, true, { - examineEncryptedParts: true, - partsOnDemand: false - }); + EnigmailMime.getMimeTreeFromUrl(this.getCurrentMsgUrl().spec, false, + function _cb(mimeMsg) { + Enigmail.msg.messageDecryptCb(event, isAuto, mimeMsg); + }); } catch (ex) { EnigmailLog.DEBUG("enigmailMessengerOverlay.js: enigMessageDecrypt: cannot use MsgHdrToMimeMessage\n"); @@ -539,63 +532,28 @@ } }, - - msgDecryptMimeCb: function(msg, mimeMsg) { - // MsgHdrToMimeMessage is not on the main thread which may lead to problems with - // accessing DOM and debugging - - let event = this.event; - let isAuto = this.isAuto; - - EnigmailTimer.setTimeout( - function _f() { - let enigmailSvc = Enigmail.getEnigmailSvc(); - if (!enigmailSvc) return; - - Enigmail.msg.messageDecryptCb(event, isAuto, mimeMsg); - }, 0); - }, - /*** * walk through the (sub-) mime tree and determine PGP/MIME encrypted and signed message parts * - * @mimePart: parent object to walk through - * @resultObj: object containing two arrays. The resultObj must be pre-initialized by the caller - * - encrypted - * - signed + * @param mimePart: parent object to walk through + * @param resultObj: object containing two arrays. The resultObj must be pre-initialized by the caller + * - encrypted + * - signed */ enumerateMimeParts: function(mimePart, resultObj) { - EnigmailLog.DEBUG("enumerateMimeParts: partName=\"" + mimePart.partName + "\"\n"); - EnigmailLog.DEBUG(" " + mimePart.headers["content-type"] + "\n"); - EnigmailLog.DEBUG(" " + mimePart + "\n"); - if (mimePart.parts) { - EnigmailLog.DEBUG(" " + mimePart.parts.length + " subparts\n"); - } - else { - EnigmailLog.DEBUG(" 0 subparts\n"); - } + EnigmailLog.DEBUG("enumerateMimeParts: partNum=\"" + mimePart.partNum + "\"\n"); + EnigmailLog.DEBUG(" " + mimePart.fullContentType + "\n"); + EnigmailLog.DEBUG(" " + mimePart.subParts.length + " subparts\n"); try { - if (typeof(mimePart.contentType) == "string" && - mimePart.contentType == "multipart/fake-container") { - // workaround for wrong content type of signed message - let signedPart = mimePart.parts[1]; - if (typeof(signedPart.headers["content-type"][0]) == "string") { - if (signedPart.headers["content-type"][0].search(/application\/pgp-signature/i) >= 0) { - resultObj.signed.push(signedPart.partName.replace(/\.[0-9]+$/, "")); - EnigmailLog.DEBUG("enumerateMimeParts: found signed subpart " + resultObj.signed + "\n"); - } - } - } - - var ct = mimePart.headers["content-type"][0]; + var ct = mimePart.fullContentType; if (typeof(ct) == "string") { ct = ct.replace(/[\r\n]/g, " "); if (ct.search(/multipart\/signed.*application\/pgp-signature/i) >= 0) { - resultObj.signed.push(mimePart.partName); + resultObj.signed.push(mimePart.partNum); } else if (ct.search(/application\/pgp-encrypted/i) >= 0) - resultObj.encrypted.push(mimePart.partName); + resultObj.encrypted.push(mimePart.partNum); } } catch (ex) { @@ -603,8 +561,8 @@ } var i; - for (i in mimePart.parts) { - this.enumerateMimeParts(mimePart.parts[i], resultObj); + for (i in mimePart.subParts) { + this.enumerateMimeParts(mimePart.subParts[i], resultObj); } }, @@ -613,11 +571,10 @@ this.buggyExchangeEmailContent = null; // reinit HACK for MS-EXCHANGE-Server Problem - var enigmailSvc; - try { - var showHeaders = 0; - var contentType = ""; + let enigmailSvc; + let contentType = ""; + try { if (!mimeMsg) { EnigmailLog.DEBUG("enigmailMessengerOverlay.js: messageDecryptCb: mimeMsg is null\n"); try { @@ -627,28 +584,48 @@ contentType = "text/plain"; } mimeMsg = { + partNum: "1", headers: { - 'content-type': [contentType] + has: function() { + return false; + }, + contentType: { + type: contentType, + mediatype: "", + subtype: "" + } }, - contentType: contentType, - partName: "1", - parts: [] + fullContentType: contentType, + body: "", + parent: null, + subParts: [] }; } // Copy selected headers Enigmail.msg.savedHeaders = {}; + if (!mimeMsg.fullContentType) { + mimeMsg.fullContentType = "text/plain"; + } + this.mimeParts = mimeMsg; + + Enigmail.msg.savedHeaders["content-type"] = mimeMsg.fullContentType; + for (var index = 0; index < Enigmail.msg.headersList.length; index++) { var headerName = Enigmail.msg.headersList[index]; var headerValue = ""; - if (mimeMsg.headers[headerName]) { - headerValue = mimeMsg.headers[headerName].toString(); + if (mimeMsg.headers.has(headerName)) { + let h = mimeMsg.headers.get(headerName); + if (Array.isArray(h)) { + headerValue = h.join(""); + } + else + headerValue = h; } - Enigmail.msg.savedHeaders[headerName] = headerValue; - EnigmailLog.DEBUG("enigmailMessengerOverlay.js: header " + headerName + ": " + headerValue + "\n"); + EnigmailLog.DEBUG("enigmailMessengerOverlay.js: header " + headerName + ": '" + headerValue + "'\n"); } var msgSigned = null; @@ -658,7 +635,7 @@ signed: [] }; - if (mimeMsg.parts) { + if (mimeMsg.subParts.length > 0) { this.enumerateMimeParts(mimeMsg, resultObj); EnigmailLog.DEBUG("enigmailMessengerOverlay.js: embedded objects: " + resultObj.encrypted.join(", ") + " / " + resultObj.signed.join(", ") + "\n"); @@ -671,15 +648,15 @@ try { - if (mimeMsg.parts && mimeMsg.parts.length && mimeMsg.parts.length == 1 && - mimeMsg.headers["x-mailer"][0].indexOf("ZimbraWebClient") >= 0 && - mimeMsg.parts[0].parts[0].headers["content-type"][0].indexOf("text/plain") >= 0 && - mimeMsg.parts[0].headers["content-type"][0].indexOf("multipart/mixed") >= 0 && - mimeMsg.parts[0].parts[0].body.indexOf("Version: OpenPGP.js") >= 0 && - mimeMsg.parts[0].parts[1].headers["content-type"][0].indexOf("application/pgp-encrypted") >= 0) { - this.messageParse(!event, false, Enigmail.msg.savedHeaders["content-transfer-encoding"], this.getCurrentMsgUriSpec()); + if (mimeMsg.subParts.length > 1 && + mimeMsg.headers.has("x-mailer") && mimeMsg.headers.get("x-mailer")[0].indexOf("ZimbraWebClient") >= 0 && + mimeMsg.subParts[0].fullContentType.indexOf("text/plain") >= 0 && + mimeMsg.fullContentType.indexOf("multipart/mixed") >= 0 && + mimeMsg.subParts[1].fullContentType.indexOf("application/pgp-encrypted") >= 0) { + this.messageParse(event, false, Enigmail.msg.savedHeaders["content-transfer-encoding"], this.getCurrentMsgUriSpec()); return; } + } catch (ex) {} @@ -696,16 +673,15 @@ // iPGMail produces a similar broken structure, see here: // - https://sourceforge.net/p/enigmail/forum/support/thread/afc9c246/#5de7 - if (mimeMsg.parts && mimeMsg.parts.length && mimeMsg.parts.length == 1 && - mimeMsg.parts[0].parts && mimeMsg.parts[0].parts.length && mimeMsg.parts[0].parts.length == 3 && - mimeMsg.parts[0].headers["content-type"][0].indexOf("multipart/mixed") >= 0 && - mimeMsg.parts[0].parts[0].headers["content-type"][0].search(/multipart\/encrypted/i) < 0 && - mimeMsg.parts[0].parts[0].headers["content-type"][0].search(/text\/(plain|html)/i) >= 0 && - mimeMsg.parts[0].parts[1].headers["content-type"][0].indexOf("application/pgp-encrypted") >= 0) { - if (mimeMsg.parts[0].parts[1].headers["content-type"][0].search(/multipart\/encrypted/i) < 0 && - mimeMsg.parts[0].parts[1].headers["content-type"][0].search(/PGP\/?MIME Versions? Identification/i) >= 0 && - mimeMsg.parts[0].parts[2].headers["content-type"][0].indexOf("application/octet-stream") >= 0 && - mimeMsg.parts[0].parts[2].headers["content-type"][0].indexOf("encrypted.asc") >= 0) { + if (mimeMsg.subParts.length == 3 && + mimeMsg.fullContentType.search(/multipart\/mixed/i) >= 0 && + mimeMsg.subParts[0].fullContentType.search(/multipart\/encrypted/i) < 0 && + mimeMsg.subParts[0].fullContentType.search(/text\/(plain|html)/i) >= 0 && + mimeMsg.subParts[1].fullContentType.search(/application\/pgp-encrypted/i) >= 0) { + if (mimeMsg.subParts[1].fullContentType.search(/multipart\/encrypted/i) < 0 && + mimeMsg.subParts[1].fullContentType.search(/PGP\/?MIME Versions? Identification/i) >= 0 && + mimeMsg.subParts[2].fullContentType.search(/application\/octet-stream/i) >= 0 && + mimeMsg.subParts[2].fullContentType.search(/encrypted.asc/i) >= 0) { this.buggyMailType = "exchange"; } else { @@ -1443,8 +1419,8 @@ if (!hyperlink) return text; - // Hyperlink email addresses - var addrs = text.match(/\b[A-Za-z0-9_+\-\.]+@[A-Za-z0-9\-\.]+\b/g); + // Hyperlink email addresses (we accept at most 1024 characters before and after the @) + var addrs = text.match(/\b[A-Za-z0-9_+.-]{1,1024}@[A-Za-z0-9.-]{1,1024}\b/g); var newText, offset, loc; if (addrs && addrs.length) { @@ -1477,8 +1453,8 @@ text = newText; } - // Hyperlink URLs - var urls = text.match(/\b(http|https|ftp):\S+\s/g); + // Hyperlink URLs (we don't accept URLS or more than 1024 characters length) + var urls = text.match(/\b(http|https|ftp):\S{1,1024}\s/g); if (urls && urls.length) { newText = ""; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/ui/content/enigmailMsgComposeOverlay.js new/enigmail/ui/content/enigmailMsgComposeOverlay.js --- old/enigmail/ui/content/enigmailMsgComposeOverlay.js 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/ui/content/enigmailMsgComposeOverlay.js 2017-12-09 16:36:07.000000000 +0100 @@ -13,7 +13,7 @@ /*global msgHdrToMimeMessage: false, MimeMessage: false, MimeContainer: false, UpdateAttachmentBucket: false, gContentChanged: true */ /*global AddAttachments: false, AddAttachment: false, ChangeAttachmentBucketVisibility: false, GetResourceFromUri: false */ /*global Recipients2CompFields: false, Attachments2CompFields: false, DetermineConvertibility: false, gWindowLocked: false */ -/*global CommandUpdate_MsgCompose: false, gSMFields: false */ +/*global CommandUpdate_MsgCompose: false, gSMFields: false, Sendlater3Composing: false*/ Components.utils.import("resource://enigmail/glodaMime.jsm"); Components.utils.import("resource://enigmail/core.jsm"); /*global EnigmailCore: false */ @@ -35,6 +35,7 @@ Components.utils.import("resource://enigmail/constants.jsm"); /*global EnigmailConstants: false */ Components.utils.import("resource://enigmail/passwords.jsm"); /*global EnigmailPassword: false */ Components.utils.import("resource://enigmail/rules.jsm"); /*global EnigmailRules: false */ +Components.utils.import("resource://enigmail/mime.jsm"); /*global EnigmailMime: false */ Components.utils.import("resource://enigmail/clipboard.jsm"); /*global EnigmailClipboard: false */ try { @@ -309,26 +310,87 @@ this.finalSignDependsOnEncrypt = (this.getAccDefault("signIfEnc") || this.getAccDefault("signIfNotEnc")); }, + /** + * Get a mail URL from a uriSpec + * + * @param uriSpec: String - URI of the desired message + * + * @return Object: nsIURL or nsIMsgMailNewsUrl object + */ + getUrlFromUriSpec: function(uriSpec) { + try { + if (!uriSpec) + return null; + + let messenger = Components.classes["@mozilla.org/messenger;1"].getService(Components.interfaces.nsIMessenger); + let msgService = messenger.messageServiceFromURI(uriSpec); + + let urlObj = {}; + msgService.GetUrlForUri(uriSpec, urlObj, null); + + let url = urlObj.value; + + if (url.scheme == "file") { + return url; + } + else { + return url.QueryInterface(Components.interfaces.nsIMsgMailNewsUrl); + } + + } + catch (ex) { + return null; + } + }, + + getOriginalMsgUri: function() { + let draftId = gMsgCompose.compFields.draftId; + let msgUri = null; + + if (typeof(draftId) == "string" && draftId.length > 0) { + // original message is draft + msgUri = draftId.replace(/\?.*$/, ""); + } + else if (typeof(gMsgCompose.originalMsgURI) == "string" && gMsgCompose.originalMsgURI.length > 0) { + // original message is a "true" mail + msgUri = gMsgCompose.originalMsgURI; + } + + return msgUri; + }, + + getMsgHdr: function(msgUri) { + if (!msgUri) { + msgUri = this.getOriginalMsgUri(); + } + let messenger = Components.classes["@mozilla.org/messenger;1"].getService(Components.interfaces.nsIMessenger); + return messenger.messageServiceFromURI(msgUri).messageURIToMsgHdr(msgUri); + }, getMsgProperties: function(msgUri, draft) { EnigmailLog.DEBUG("enigmailMessengerOverlay.js: Enigmail.msg.getMsgProperties:\n"); const nsIEnigmail = Components.interfaces.nsIEnigmail; - var properties = 0; + let properties = 0; + let self = this; + try { - var messenger = Components.classes["@mozilla.org/messenger;1"].getService(Components.interfaces.nsIMessenger); - var msgHdr = messenger.messageServiceFromURI(msgUri).messageURIToMsgHdr(msgUri); + let msgHdr = this.getMsgHdr(msgUri); if (msgHdr) { + let msgUrl = this.getUrlFromUriSpec(msgUri); properties = msgHdr.getUint32Property("enigmail"); - if (draft) { - try { - msgHdrToMimeMessage(msgHdr, null, this.getMsgPropertiesCb, true, { - examineEncryptedParts: true - }); - } - catch (ex) { - EnigmailLog.DEBUG("enigmailMessengerOverlay.js: Enigmail.msg.getMsgProperties: cannot use msgHdrToMimeMessage\n"); - } + try { + EnigmailMime.getMimeTreeFromUrl(msgUrl.spec, false, function _cb(mimeMsg) { + if (draft) { + self.setDraftOptions(mimeMsg); + } + else { + self.checkMimeStructure(mimeMsg); + } + }); + } + catch (ex) { + EnigmailLog.DEBUG("enigmailMessengerOverlay.js: Enigmail.msg.getMsgProperties: excetion in getMimeTreeFromUrl\n"); } } } @@ -343,8 +405,41 @@ return properties; }, - getMsgPropertiesCb: function(msg, mimeMsg) { - EnigmailLog.DEBUG("enigmailMsgComposeOverlay.js: Enigmail.msg.getMsgPropertiesCb\n"); + checkMimeStructure: function(mimeMsg) { + EnigmailLog.DEBUG("enigmailMsgComposeOverlay.js: Enigmail.msg.checkMimeStructure\n"); + + if (mimeMsg.fullContentType.search(/^multipart\/encrypted.*protocol="?application\/pgp-encrypted?"/i) === 0) return; + + function getEncryptedSubPart(mimeMsg) { + if (mimeMsg.fullContentType.search(/^multipart\/encrypted.*protocol="?application\/pgp-encrypted?"/i) === 0) return true; + if (mimeMsg.fullContentType.search(/^message\/rfc822/i) === 0) return false; + + for (let i in mimeMsg.subParts) { + if (getEncryptedSubPart(mimeMsg.subParts[i])) return true; + } + + return false; + } + + for (let i in mimeMsg.subParts) { + if (getEncryptedSubPart(mimeMsg.subParts[i])) { + this.displayPartialEncryptedWarning(); + return; + } + } + }, + + /** + * Display a warning message if we are replying to or forwarding + * a partially decrypted email + */ + displayPartialEncryptedWarning: function() { + + this.notifyUser(1, EnigmailLocale.getString("msgCompose.partiallyEncrypted.short"), "notifyPartialDecrypt", EnigmailLocale.getString("msgCompose.partiallyEncrypted.long")); + }, + + setDraftOptions: function(msg, mimeMsg) { + EnigmailLog.DEBUG("enigmailMsgComposeOverlay.js: Enigmail.msg.setDraftOptions\n"); const nsIEnigmail = Components.interfaces.nsIEnigmail; @@ -356,7 +451,7 @@ return; } - EnigmailLog.DEBUG("enigmailMsgComposeOverlay.js: Enigmail.msg.getMsgPropertiesCb: draftStatus: " + stat + "\n"); + EnigmailLog.DEBUG("enigmailMsgComposeOverlay.js: Enigmail.msg.setDraftOptions: draftStatus: " + stat + "\n"); if (stat.substr(0, 1) == "N") { // new style drafts (Enigmail 1.7) @@ -1078,7 +1173,6 @@ case 'final-pgpmimeDefault': case 'final-pgpmimeYes': case 'final-pgpmimeNo': - // status bar buttons: case 'toggle-final-sign': case 'toggle-final-encrypt': case 'toggle-final-mime': @@ -3966,6 +4060,7 @@ decryptQuote: function(interactive) { EnigmailLog.DEBUG("enigmailMsgComposeOverlay.js: Enigmail.msg.decryptQuote: " + interactive + "\n"); const nsIEnigmail = Components.interfaces.nsIEnigmail; + const CT = Components.interfaces.nsIMsgCompType; if (gWindowLocked || this.processed) return; @@ -4165,6 +4260,36 @@ if (tail) this.editorInsertText(tail); + if (statusFlagsObj.value & nsIEnigmail.DECRYPTION_OKAY) { + let hLines = (head.search(/[^\s>]/) < 0 ? 0 : 1); + + if (hLines > 0) { + switch (gMsgCompose.type) { + case CT.Reply: + case CT.ReplyAll: + case CT.ReplyToSender: + case CT.ReplyToGroup: + case CT.ReplyToSenderAndGroup: + case CT.ReplyToList: + { + // if head contains at most 1 line of text, we assume it's the + // header above the quote (e.g. XYZ wrote:) + + let h = head.split(/\r?\n/); + hLines = -1; + + for (let i = 0; i < h.length; i++) { + if (h[i].search(/[^\s>]/) >= 0) hLines++; + } + } + } + } + if (hLines > 0 || tail.search(/[^\s>]/) >= 0) { + this.displayPartialEncryptedWarning(); + } + } + + if (clipBoard.supportsSelectionClipboard()) { // restore the clipboard contents for selected text (X11) EnigmailClipboard.setClipboardContent(data, clipBoard.kSelectionClipboard); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/ui/content/enigmailMsgHdrViewOverlay.js new/enigmail/ui/content/enigmailMsgHdrViewOverlay.js --- old/enigmail/ui/content/enigmailMsgHdrViewOverlay.js 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/ui/content/enigmailMsgHdrViewOverlay.js 2017-12-09 16:36:07.000000000 +0100 @@ -30,6 +30,7 @@ Components.utils.import("resource://enigmail/constants.jsm"); /*global EnigmailConstants: false */ Components.utils.import("resource://enigmail/data.jsm"); /*global EnigmailData: false */ Components.utils.import("resource://enigmail/clipboard.jsm"); /*global EnigmailClipboard: false */ +Components.utils.import("resource://enigmail/mime.jsm"); /*global EnigmailMime: false */ if (!Enigmail) var Enigmail = {}; @@ -648,6 +649,7 @@ try { Enigmail.hdrView.statusBarHide(); + Enigmail.msg.mimeParts = null; EnigmailVerify.setMsgWindow(msgWindow, Enigmail.msg.getCurrentMsgUriSpec()); @@ -1077,29 +1079,52 @@ }, /** + * Determine if a given MIME part number is a multipart/related message or a child thereof + * + * @param mimePart: Object - The MIME Part object to evaluate from the MIME tree + * @param searchPartNum: String - The part number to determine + */ + isMultipartRelated: function(mimePart, searchPartNum) { + if (searchPartNum.indexOf(mimePart.partNum) == 0 && mimePart.partNum.length <= searchPartNum.length) { + if (mimePart.fullContentType.search(/^multipart\/related/i) === 0) return true; + + for (let i in mimePart.subParts) { + if (this.isMultipartRelated(mimePart.subParts[i], searchPartNum)) return true; + } + } + return false; + }, + + /** * Determine if a given mime part number should be displayed. * Returns true if one of these conditions is true: - * - this is the 1st crypto-mime part - * - the mime part is earlier in the mime tree - * - the mime part is the 1st child of an already displayed mime part + * - this is the 1st displayed block of the message + * - the message part displayed corresonds to the decrypted part + * + * @param mimePartNumber: String - the MIME part number that was decrypted/verified + * @param uriSpec: String - the URI spec that is being displayed */ - displaySubPart: function(mimePartNumber) { + displaySubPart: function(mimePartNumber, uriSpec) { if (!mimePartNumber) return true; + let part = EnigmailMime.getMimePartNumber(uriSpec); + + if (part.length === 0) { + // only display header if 1st message part + if (mimePartNumber.search(/^1(\.1)*$/) < 0) return false; + } + else { + let r = EnigmailFuncs.compareMimePartLevel(mimePartNumber, part); - let securityInfo = Enigmail.msg.securityInfo; - if (mimePartNumber.length > 0 && securityInfo && securityInfo.encryptedMimePart && securityInfo.encryptedMimePart.length > 0) { - let c = EnigmailFuncs.compareMimePartLevel(securityInfo.encryptedMimePart, mimePartNumber); - - if (c === -1) { - EnigmailLog.DEBUG("enigmailMsgHdrViewOverlay.js: displaySubPart: MIME part after already processed part\n"); - return false; + // analyzed mime part is contained in viewed message part + if (r === 2) { + if (mimePartNumber.substr(part.length).search(/^\.1(\.1)*$/) < 0) return false; } - if (c === -2 && mimePartNumber !== securityInfo.encryptedMimePart + ".1") { - EnigmailLog.DEBUG("enigmailMsgHdrViewOverlay.js: displaySubPart: MIME part not 1st child of parent\n"); - return false; + else if (r !== 0) return false; + + if (Enigmail.msg.mimeParts) { + if (this.isMultipartRelated(Enigmail.msg.mimeParts, mimePartNumber)) return false; } } - return true; }, @@ -1112,7 +1137,11 @@ if (this.isCurrentMessage(uri)) { - if (!this.displaySubPart(mimePartNumber)) return; + if (!this.displaySubPart(mimePartNumber, uriSpec)) return; + if (this.hasUnauthenticatedParts(mimePartNumber)) { + EnigmailLog.DEBUG("enigmailMsgHdrViewOverlay.js: updateSecurityStatus: found unauthenticated part\n"); + statusFlags |= Components.interfaces.nsIEnigmail.PARTIALLY_PGP; + } Enigmail.hdrView.updateHdrIcons(exitCode, statusFlags, keyId, userId, sigDetails, errorMsg, blockSeparation, encToDetails, @@ -1128,6 +1157,37 @@ return; }, + /** + * Determine if there are message parts that are not signed/encrypted + * + * @param mimePartNumber String - the MIME part number that was authenticated + * + * @return Boolean: true: there are siblings / false: no siblings + */ + hasUnauthenticatedParts: function(mimePartNumber) { + function hasSiblings(mimePart, searchPartNum, parent) { + if (mimePart.partNum.indexOf(parent) == 0 && mimePart.partNum !== searchPartNum) return true; + + for (let i in mimePart.subParts) { + if (hasSiblings(mimePart.subParts[i], searchPartNum, parent)) return true; + } + + return false; + } + + let parent = mimePartNumber.replace(/\.\d+$/, ""); + if (mimePartNumber.search(/\./) < 0) { + parent = ""; + } + + if (mimePartNumber && Enigmail.msg.mimeParts) { + if (hasSiblings(Enigmail.msg.mimeParts, mimePartNumber, parent)) return true; + } + + return false; + }, + + modifyMessageHeaders: function(uri, headerData, mimePartNumber) { EnigmailLog.DEBUG("enigmailMsgHdrViewOverlay.js: EnigMimeHeaderSink.modifyMessageHeaders:\n"); EnigmailLog.DEBUG("enigmailMsgHdrViewOverlay.js: headerData= " + headerData + ", mimePart=" + mimePartNumber + "\n"); @@ -1139,6 +1199,7 @@ } } + let uriSpec = (uri ? uri.spec : null); let hdr; try { hdr = JSON.parse(headerData); @@ -1155,7 +1216,7 @@ if (typeof(hdr) !== "object") return; if (!this.isCurrentMessage(uri) || gFolderDisplay.selectedMessages.length !== 1) return; - if (!this.displaySubPart(mimePartNumber)) return; + if (!this.displaySubPart(mimePartNumber, uriSpec)) return; if ("subject" in hdr) { msg.subject = EnigmailData.convertFromUnicode(hdr.subject, "utf-8"); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/ui/locale/en-US/enigmail.properties new/enigmail/ui/locale/en-US/enigmail.properties --- old/enigmail/ui/locale/en-US/enigmail.properties 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/ui/locale/en-US/enigmail.properties 2017-12-09 16:36:07.000000000 +0100 @@ -143,6 +143,8 @@ errorKeyUnusable=The email address or key ID '%S' cannot be matched to a valid, not expired OpenPGP key.\nPlease ensure that you have a valid OpenPGP key, and that your account settings point to that key. errorOwnKeyUnusable=The key ID '%S' configured for the current identity does not yield a usable OpenPGP key.\n\nPlease ensure that you have a valid, not expired OpenPGP key and that your account settings point to that key.\nIf your key is not expired, then check if you did set Owner trust to full or ultimate. msgCompose.cannotSaveDraft=Error while saving draft +msgCompose.partiallyEncrypted.short=Beware of leaking sensitive information - partially encrypted email. +msgCompose.partiallyEncrypted.long=The message you are editing was partially encrypted. That is, the message contains unencrypted and encrypted parts. Some encrypted message parts may even be invisible to you.\n\nIf the sender was not able to decrpyt the message parts originally, it is likely that you only got the email with some surrounding unencrypted text in order to make you reveal the encrypted information. msgCompose.internalEncryptionError=Internal Error: promised encryption disabled msgCompose.internalError=An internal error has occurred. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/enigmail/util/genxpi new/enigmail/util/genxpi --- old/enigmail/util/genxpi 2017-10-01 16:38:39.000000000 +0200 +++ new/enigmail/util/genxpi 2017-12-09 16:36:07.000000000 +0100 @@ -114,6 +114,7 @@ modules/pipeConsole.jsm \ modules/prefs.jsm \ modules/promise.jsm \ + modules/rng.jsm \ modules/rules.jsm \ modules/streams.jsm \ modules/subprocess.jsm \
