Changes

0.7.4.7

Fixes

  • Certificate dates are compared non-naively if Python ≥ v3.11 and cryptography ≥ v43.0 are available.

0.7.4.6

Fixes

  • The error message for a server failing SCRAM verification now displays the host name properly.

0.7.4.5

Fixes

  • If a password manager exits with a non-zero exit status < 127 (i.e., has been found and did not exit because of a signal), the password is prompted for.

  • Tab-completion now works for patterns (e.g., f* now expands to foo, not f*foo).

  • Patterns can now be escaped.

Changes

  • Removed documentation for the ocsp configuration variable.

0.7.4.4

Fixes

  • Giving passwords on the command line using “user:password@host” works again.

  • Files given in configuration variables are found again.

  • SRV records are looked up again.

0.7.4.3

Changes

  • SieveManager now parses server messages more strictly.

Fixes

  • SRV records that are longer than 253 characters will now be rejected. This mitigates CVE-2024-3651, which affects idna < v3.7. SieveManager depends on dnspython, which depends on idna. That said, CVE-2024-3651 is ‘only’ a denial-of-service vulnerability and highly unlikely to affect SieveManager.

0.7.4.2

Fixes

  • Usernames given on the command line override account sections again.

  • -o overrides account sections again.

  • -c accepts filenames in the current working directory again.

0.7.4.1

Fixes

  • Tab-completion no longer repeats the last completions when an argument cannot be auto-completed.

  • Tab-completion for directories works again.

0.7.4

Changes

  • Configuration variables are no longer expanded in filename variables.

  • Removed more’s -p option.

  • A BEL is printed when Tab is pressed, but there are no completions. This may result in an audible, visual, or no notification, depending on your setup.

Features

  • “EXTERNAL” and password-based authentication mechanisms can now be mixed.

  • Tab-completion now also works in python.

Fixes

  • put works again.

  • -c works again.

  • ls now displays filenames that are longer than the terminal is wide correctly.

  • An error is raised if password is set, but sieve.cf is group- or world-readable.

  • An error is raised if sieve.cf is group- or world-writable.

  • Tab-completion now also works for filenames that contain whitespace or patterns.

  • Made ManageSieve-parser more robust.

  • Made YAML-escaping more robust.

0.7.3

Changes

  • The backup configuration variable has been replaced by backups.

  • The getpass configuration variable has been renamed to getpassword.

  • The getkeypass configuration variable has been renamed to getpassphrase.

  • The confdir configuration variable has been removed.

Features

  • The number of backups to make can, and must, now be limited.

  • Relative filenames in configuration files are now interpreted as relative to the directory the configuration file is in.

  • Configuration settings can now be read from multiple files.

  • -o now also accepts key and nokey.

  • -c can now be given multiple times.

  • Duplicate alias-es now raise an error.

  • New configuration variable password, which should not be used.

Fixes

  • Usernames containing “,” or “=” are now handled correctly by SCRAMs.

  • String preparation of usernames and passwords now handles bidirectional strings, display property-changing characters, and unassigned code points correctly.

  • Multiple account sections for the same account are now merged, instead of later sections overriding earlier ones.

  • Bash and ZSh completion scripts work again.

  • Errors and ommissions in the documentation.

0.7.2

Changes

  • cryptography and dnspython are now installed as dependencies. SieveManager also runs without them, however.

  • authmechs has been renamed to saslmechs.

  • Passwords are no longer prompted for on the GUI if there is no controlling terminal.

  • Sieve scripts are now assumed to be encoded in UTF-8 (as mandated by RFC 5228).

Features

  • ed and vi now offer to re-edit scripts with syntax errors, instead of throwing them away.

  • New command about.

Fixes

  • Prompting for passwords and confirmation works under Linux again.

  • Obsolete mechanisms can be selected with saslmechs again.

  • Configuration sections without login names and aliases are now recognised.

  • OCSP lookup errors are now handled more gracefully.

0.7.1

Features

  • New option -s.

  • New option -e.

  • -C can no longer be given to shell commands.

  • -i now only triggers an error if confirmation is required and no terminal is available.

  • ‘#’ now starts comments in the SieveManager shell.

  • SieveManager now comes with a ZSh completion script.

Configuration

Configuration files have been renamed.

Fixes

Confirmations and passwords are always prompted for on /dev/tty, regardless of I/O redirection.

Changes

  • caps, cert, diff, ls, and help no longer pipe output that doesn’t fit on the screen through a pager.

  • Scripted mode is now entered only if standard input is not a terminal.

0.7

Features

  • New command echo.

  • New command xargs.

  • New flag -C.

  • New flag -i.

  • cmp now also prints output if files are equal.

  • caps, cert, diff, ls, and help now pipe output that doesn’t fit on the screen through a pager if standard input and output are a terminal.

  • More options for cmp, cp, diff, ls, get, more, mv, put, and rm.

  • Tab-completion for local files now also selects directories.

  • ‘/’ is automatically appended to tab-completed directory names.

Changes

  • mget has been removed.

  • mput has been removed.

Configuration

  • stacktrace has been removed.

Fixes

  • -f no longer raises an error.

  • Scripts stop immediately if any error occurs.

  • YAML output is now prefixed with --- and postfixed with ....

  • Scalars in YAML output are now properly quoted if necessary.

  • EDITOR, PAGER, and VISUAL are now treated as commands, not as filenames.

  • Repaired tab-completion for get and put.

  • Tab-completion now automatically adds the terminating space.

0.6.1

Features

  • Connection timeout can now be set.

Configuration

  • debugauth has been replaced by the logging level “AUTH”.

  • The authentication exchange can no longer be logged at the SASL level.

Fixes

  • The revocation status of the server’s certificate is now checked, provided the non-standard cryptography Python module is available.

  • Output of cert is now in YAML.

  • ed and vi can create files again.

0.6

Features

  • The authentication exchange can now be logged at the SASL level, too.

  • TLS can now be disabled. Only do this is if you are a system administrator and want to test your server configuration.

  • SieveManager now ships with a Bash completion script.

  • Added the cmp command.

  • Output of cert is now YAML.

  • ls now has a -a option.

  • more now has a -a option.

  • edactive has been replaced with ed -a.

  • viactive has been replaced with vi -a.

Configuration

  • Credentials are no longer looked up for a host’s domain if they cannot be found for the host.

  • requiretls has been replaced by tls.

  • The logins value of saslprep has been renamed to usernames.

  • showauth has been replaced by debugauth.

Fixes

  • TLS certification validity checks are now stricter.

  • netrc fails to parse .netrc files without a password token in Python up to version 3.9. To mitigate this, .netrc parse errors are now downgraded to warnings when SieveManager is executed by Python version 3.9 or earlier.

  • Fixed SCRAM-SHA3-512 authentication.

0.5.1

“CRAM-MD5” and “LOGIN” are no longer enabled by default.

This is because both of them are, de facto, obsolete (“LOGIN” is non-standard and superseded by “PLAIN”, “CRAM-MD5” was close to being declared “historic” and is superseded by “SCRAM-*”) and because RFC 5804 (sec. 2.1) does not mandate that they must be used over TLS.

They can be enabled by -o authmechs=scram-*,cram-md5,plain,login.

0.5

First release.