sup 0.20.0 → 0.21.0

data/lib/sup/search.rb

@@ -12,7 +12,7 @@ class SearchManager
   def initialize fn
     @fn = fn
     @searches = {}
-    if File.exists? fn
+    if File.exist? fn
       IO.foreach(fn) do |l|
         l =~ /^([^:]*): (.*)$/ or raise "can't parse #{fn} line #{l.inspect}"
         @searches[$1] = $2

data/lib/sup/sent.rb

@@ -40,7 +40,7 @@ class SentLoader < MBox
 
   def initialize
     @filename = Redwood::SENT_FN
-    File.open(@filename, "w") { } unless File.exists? @filename
+    File.open(@filename, "w") { } unless File.exist? @filename
     super "mbox://" + @filename, true, $config[:archive_sent]
   end
 

data/lib/sup/util/locale_fiddler.rb

@@ -0,0 +1,24 @@
+## the following magic enables wide characters when used with a ruby
+## ncurses.so that's been compiled against libncursesw. (note the w.) why
+## this works, i have no idea. much like pretty much every aspect of
+## dealing with curses.  cargo cult programming at its best.
+require 'fiddle'
+require 'fiddle/import'
+
+module LocaleFiddler
+  extend Fiddle::Importer
+
+  SETLOCALE_LIB = case RbConfig::CONFIG['arch']
+                  when /darwin/; "libc.dylib"
+                  when /cygwin/; "cygwin1.dll"
+                  when /freebsd/; "libc.so.7"
+                  else; "libc.so.6"
+                  end
+
+  dlload SETLOCALE_LIB
+  extern "char *setlocale(int, char const *)"
+
+  def setlocale(type, string)
+    LocaleFiddler.setlocale(type, string)
+  end
+end

data/lib/sup/version.rb

@@ -1,3 +1,3 @@
 module Redwood
-  VERSION = "0.20.0"
+  VERSION = "0.21.0"
 end

data/sup.gemspec

@@ -38,7 +38,7 @@ SUP: please note that our old mailing lists have been shut down,
   s.require_paths = ["lib"]
   s.extra_rdoc_files = Dir.glob("man/*")
 
-  s.required_ruby_version = '>= 1.9.3'
+  s.required_ruby_version = '>= 2.0.0'
 
   # this is here to support skipping the xapian-ruby installation on OpenBSD
   # because the xapian-ruby gem doesn't install on OpenBSD, you must install
@@ -62,8 +62,9 @@ SUP: please note that our old mailing lists have been shut down,
 
   s.add_development_dependency "bundler", "~> 1.3"
   s.add_development_dependency "rake"
-  s.add_development_dependency "minitest", "~> 4.7"
-  s.add_development_dependency "rr", "~> 1.0.5"
+  s.add_development_dependency 'minitest', '~> 5.5.1'
+  s.add_development_dependency "rr", "~> 1.1"
   s.add_development_dependency "gpgme", ">= 2.0.2"
+  s.add_development_dependency "pry"
 
 end

data/test/integration/test_maildir.rb

@@ -1,6 +1,6 @@
 require "test_helper"
 
-class TestMaildir < MiniTest::Unit::TestCase
+class TestMaildir < Minitest::Test
 
   def setup
     @path = Dir.mktmpdir

data/test/integration/test_mbox.rb

@@ -1,6 +1,6 @@
 require "test_helper"
 
-class TestMbox < MiniTest::Unit::TestCase
+class TestMbox < MiniTest::Test
 
   def setup
     @path = Dir.mktmpdir

data/test/test_crypto.rb

@@ -25,7 +25,7 @@ require 'tmpdir'
 
 module Redwood
 
-class TestCryptoManager < ::Minitest::Unit::TestCase
+class TestCryptoManager < Minitest::Test
 
     def setup
         @from_email = 'sup-test-1@foo.bar'

data/test/test_header_parsing.rb

@@ -6,7 +6,7 @@ require 'stringio'
 
 include Redwood
 
-class TestMBoxParsing < Minitest::Unit::TestCase
+class TestMBoxParsing < Minitest::Test
 
   def setup
     @path = Dir.mktmpdir

data/test/test_message.rb

@@ -6,27 +6,9 @@ require 'stringio'
 
 require 'dummy_source'
 
-# override File.exists? to make it work with StringIO for testing.
-# FIXME: do aliasing to avoid breaking this when sup moves from
-# File.exists? to File.exist?
-
-class File
-
-  def File.exists? file
-    # puts "fake File::exists?"
-
-    if file.is_a?(StringIO)
-      return false
-    end
-    # use the different function
-    File.exist?(file)
-  end
-
-end
-
 module Redwood
 
-class TestMessage < ::Minitest::Unit::TestCase
+class TestMessage < Minitest::Test
 
   def setup
     @path = Dir.mktmpdir
@@ -520,6 +502,82 @@ EOS
 
   end
 
+  def test_malicious_attachment_names
+
+
+    message = <<EOS
+From: Matthieu Rakotojaona <matthieu.rakotojaona@gmail.com>
+To: reply+0007a7cb7174d1d188fcd420fce83e0f68fe03fc7416cdae92cf0000000110ce4efd92a169ce033d18e1 <reply+0007a7cb7174d1d188fcd420fce83e0f68fe03fc7416cdae92cf0000000110ce4efd92a169ce033d18e1@reply.github.com>
+Subject: Re: [sup] Attachment saving and special characters in filenames (#378)
+In-reply-to: <sup-heliotrope/sup/issues/378@github.com>
+References: <sup-heliotrope/sup/issues/378@github.com>
+X-pgp-key: http://otokar.looc2011.eu/static/matthieu.rakotojaona.asc
+Date: Wed, 14 Jan 2015 22:13:37 +0100
+Message-Id: <1421269972-sup-5245@kpad>
+User-Agent: Sup/git
+Content-Transfer-Encoding: 8bit
+MIME-Version: 1.0
+Content-Type: multipart/mixed; boundary="=-1421270017-526778-1064-1628-1-="
+
+
+--=-1421270017-526778-1064-1628-1-=
+Content-Type: text/plain; charset=UTF-8
+Content-Disposition: inline
+
+Excerpts from Felix Kaiser's message of 2015-01-14 16:36:29 +0100:
+> When saving attachments, sup should replace special characters when suggesting a filename to save the attachment to.
+> 
+> I just got an attachment with a name like "foo/2.pdf". sup suggests saving it to /home/fxkr/foo/2.pdf (and fails to save it, of course, if /home/fxkr/foo isn't a directory).
+> 
+> I haven't tested the "Save All" feature, but I hope nothing bad happens when there's an attachment called "../../../../../../../home/fxkr/.bashrc" ;-)
+> 
+> ---
+> Reply to this email directly or view it on GitHub:
+> https://github.com/sup-heliotrope/sup/issues/378
+
+For tests, here's an email with an attachment filename set to
+sup/.travis.yml (really, this time)
+
+-- 
+Matthieu Rakotojaona
+
+--=-1421270017-526778-1064-1628-1-=
+Content-Disposition: attachment; filename="sup/.travis.yml"
+Content-Type: text/x-yaml; name="sup/.travis.yml"
+Content-Transfer-Encoding: 8bit
+
+language: ruby
+
+rvm:
+  - 2.1.1
+  - 2.0.0
+  - 1.9.3
+
+before_install:
+  - sudo apt-get update -qq
+  - sudo apt-get install -qq uuid-dev uuid libncursesw5-dev libncursesw5 gnupg2 pandoc
+  - git submodule update --init --recursive
+
+script: bundle exec rake travis
+
+--=-1421270017-526778-1064-1628-1-=--
+EOS
+
+    source = DummySource.new("sup-test://test_blank_header_lines")
+    source.messages = [ message ]
+    source_info = 0
+
+    sup_message = Message.build_from_source(source, source_info)
+    chunks = sup_message.load_from_source!
+
+    # See if attachment filenames can be safely used for saving.
+    # We do that by verifying that any folder-related character (/ or \)
+    # are not interpreted: the filename must not be interpreted into a
+    # path.
+    fn = chunks[3].safe_filename
+    assert_equal(fn, File.basename(fn))
+
+  end
   # TODO: test different error cases, malformed messages etc.
 
   # TODO: test different quoting styles, see that they are all divided

data/test/test_messages_dir.rb

@@ -6,27 +6,9 @@ require 'stringio'
 
 require 'dummy_source'
 
-# override File.exists? to make it work with StringIO for testing.
-# FIXME: do aliasing to avoid breaking this when sup moves from
-# File.exists? to File.exist?
-
-class File
-
-  def File.exists? file
-    # puts "fake File::exists?"
-
-    if file.is_a?(StringIO)
-      return false
-    end
-    # use the different function
-    File.exist?(file)
-  end
-
-end
-
 module Redwood
 
-class TestMessagesDir < ::Minitest::Unit::TestCase
+class TestMessagesDir < ::Minitest::Test
 
   def setup
     @path = Dir.mktmpdir

data/test/test_yaml_regressions.rb

@@ -6,7 +6,7 @@ require 'yaml'
 require 'sup'
 
 module Redwood
-  class TestYamlRegressions < ::Minitest::Unit::TestCase
+  class TestYamlRegressions < ::Minitest::Test
     def test_yamling_hash
       hsh = {:foo => 42}
       reloaded = YAML.load(hsh.to_yaml)

data/test/unit/fixtures/contacts.txt

@@ -0,0 +1 @@
+RC: Random Contact <random_dude@gmail.com>

data/test/unit/test_contact.rb

@@ -0,0 +1,33 @@
+require 'test_helper'
+require 'sup/contact'
+
+module Redwood
+
+class TestContact < Minitest::Test
+  def setup
+    @contact = ContactManager.init(File.expand_path("../fixtures/contacts.txt", __FILE__))
+    @person  = Person.new "Terrible Name", "terrible@name.com"
+  end
+
+  def teardown
+    runner = Redwood.const_get "ContactManager".to_sym
+    runner.deinstantiate!
+  end
+
+  def test_contact_manager
+    assert @contact
+    ## 1 contact is imported from the fixture file.
+    assert_equal 1, @contact.contacts.count
+    assert_equal @contact.contact_for("RC").name, "Random Contact"
+
+    assert_nil @contact.contact_for "TN"
+    @contact.update_alias @person, "TN"
+
+    assert @contact.is_aliased_contact?(@person)
+    assert_equal @person, @contact.contact_for("TN")
+
+    assert_equal "TN", @contact.alias_for(@person)
+  end
+end
+
+end

data/test/unit/test_locale_fiddler.rb

@@ -0,0 +1,15 @@
+require 'test_helper'
+require 'sup/util/locale_fiddler'
+
+class TestFiddle < ::Minitest::Unit::TestCase
+  # TODO this is a silly test
+  def test_fiddle_set_locale
+    before = LocaleDummy.setlocale(6, nil).to_s
+    after = LocaleDummy.setlocale(6, "").to_s
+    assert(before != after, "Expected locale to be fiddled with")
+  end
+end
+
+class LocaleDummy
+  extend LocaleFiddler
+end

data/test/unit/test_person.rb

@@ -0,0 +1,37 @@
+require 'test_helper'
+require 'sup'
+
+module Redwood
+
+class TestPerson < Minitest::Test
+  def setup
+    @person = Person.new("Thomassen, Bob", "bob@thomassen.com")
+    @no_name = Person.new(nil, "alice@alice.com")
+  end
+
+  def test_email_must_be_supplied
+    assert_raises (ArgumentError) { Person.new("Alice", nil) }
+  end
+
+  def test_to_string
+    assert_equal "Thomassen, Bob <bob@thomassen.com>", "#{@person}"
+    assert_equal "alice@alice.com", "#{@no_name}"
+  end
+
+  def test_shortname
+    assert_equal "Bob", @person.shortname
+    assert_equal "alice@alice.com", @no_name.shortname
+  end
+
+  def test_mediumname
+    assert_equal "Thomassen, Bob", @person.mediumname
+    assert_equal "alice@alice.com", @no_name.mediumname
+  end
+
+  def test_fullname
+    assert_equal "\"Thomassen, Bob\" <bob@thomassen.com>", @person.full_address
+    assert_equal "alice@alice.com", @no_name.full_address
+  end
+end
+
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sup
 version: !ruby/object:Gem::Version
-  version: 0.20.0
+  version: 0.21.0
 platform: ruby
 authors:
 - William Morgan
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-10-06 00:00:00.000000000 Z
+date: 2015-02-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ncursesw
@@ -173,28 +173,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.7'
+        version: 5.5.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.7'
+        version: 5.5.1
 - !ruby/object:Gem::Dependency
   name: rr
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.0.5
+        version: '1.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.0.5
+        version: '1.1'
 - !ruby/object:Gem::Dependency
   name: gpgme
   requirement: !ruby/object:Gem::Requirement
@@ -209,6 +209,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 2.0.2
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: |2
       Sup is a console-based email client for people with a lot of email.
 
@@ -266,6 +280,7 @@ files:
 - bin/sup-sync-back-maildir
 - bin/sup-tweak-labels
 - contrib/colorpicker.rb
+- contrib/completion/_sup.bash
 - contrib/completion/_sup.zsh
 - devel/console.sh
 - devel/count-loc.sh
@@ -336,6 +351,7 @@ files:
 - lib/sup/undo.rb
 - lib/sup/update.rb
 - lib/sup/util.rb
+- lib/sup/util/locale_fiddler.rb
 - lib/sup/util/ncurses.rb
 - lib/sup/util/path.rb
 - lib/sup/util/query.rb
@@ -375,8 +391,12 @@ files:
 - test/test_messages_dir.rb
 - test/test_yaml_migration.rb
 - test/test_yaml_regressions.rb
+- test/unit/fixtures/contacts.txt
 - test/unit/service/test_label_service.rb
+- test/unit/test_contact.rb
 - test/unit/test_horizontal_selector.rb
+- test/unit/test_locale_fiddler.rb
+- test/unit/test_person.rb
 - test/unit/util/test_query.rb
 - test/unit/util/test_string.rb
 - test/unit/util/test_uri.rb
@@ -400,7 +420,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 1.9.3
+      version: 2.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -436,8 +456,12 @@ test_files:
 - test/test_messages_dir.rb
 - test/test_yaml_migration.rb
 - test/test_yaml_regressions.rb
+- test/unit/fixtures/contacts.txt
 - test/unit/service/test_label_service.rb
+- test/unit/test_contact.rb
 - test/unit/test_horizontal_selector.rb
+- test/unit/test_locale_fiddler.rb
+- test/unit/test_person.rb
 - test/unit/util/test_query.rb
 - test/unit/util/test_string.rb
 - test/unit/util/test_uri.rb