pine with s/mime, patches for pine4.61 and pine4.60 (produced by myself, based on the ``original'' pine4.58 produced by Jonathan Paisley and Martin Kouril)

  1. # the following steps prepare the pine configuration files so that you can validate signatures from smiming people using a Belgian eID card :))
     mkdir -p ~/.pine-smime/ca ~/.pine-smime/public ~/.pine-smime/private
     cd ~/.pine-smime/ca
     wget http://certs.eid.belgium.be/belgiumrs.crt
     for certificateInDerFormat in *crt
     do
            openssl x509 -in $certificateInDerFormat -inform der -outform pem -out `basename $certificateInDerFormat`.pem
            ln -sf `basename $certificateInDerFormat`.pem `openssl x509 -noout -hash -in $certificateInDerFormat -inform der`.0
            rm $certificateInDerFormat
            done
    
    Make sure to enable signature verification in pine's configuration file (<M>ain menu, <S>etup, <C>onfig, smime-options: verify-on).
    You should also put your trusted root certificates in ~/.pine-smime/ca: place the DER-formatted files in ~/.pine-smime/ca (make sure they are called *.crt), and re-run the for-loop.
    If the certificates are already in pem-format (and have the *.pem extension), you can prepare them to use with pine with:
     cd ~/.pine-smime/ca
     for certificateInPemFormat in *.pem
     do
            ln -sf $certificateInPemFormat `openssl x509 -noout -hash -in $certificateInPemFormat`.0
            done
    
  2. # after the configuration files have been set up, you have to prepare pine itself to make it support smime and time stamping. The patch for pine4.61 is the result of Jonathan Paisley, Martin Kouril, Henrik Edlund and Danny De Cock. It is wise to copy and paste the following commands ``step by step''. If your self-compiled pine binary crashes for one reason or another, this problem might be solved rebuilding everything using gcc-2.95:
    • # if you have sudo, you might wish to first activate your root privileges (of course after having analyzed and tested the stuff appropriately):
       sudo ls
      
    • # initial preparation of the installation directories (the stuff works correctly for me on linux (debian and redhat), osf and cygwin):
       UNAME=`uname`
       PINEFILES=~/pine.downloads
       PINEDIR=~/smime.pine.for.$UNAME
       mkdir -p $PINEDIR $PINEFILES
       cd $PINEDIR
       COMPILER=""
       if [ :$UNAME: == :OSF1: ]
       then
              SYSTEM=osf
       fi
       if [ :$UNAME: == :Linux: ]
       then
              SYSTEM=slx
              COMPILER="gcc-2.95"
       fi
       if [ :$UNAME: == :CYGWIN_NT-5.1: ]
       then
              SYSTEM=cyg
              COMPILER="gcc-2.95"
       fi
       if $COMPILER --version &> /dev/null
       then
              COMPILER="CC=$COMPILER"
       else
              COMPILER=""
       fi
       echo using compiler option :$COMPILER: for this :$UNAME: system
       if time ls &> /dev/null
       then
              TIME=time
       else
              TIME=""
       fi
       if sudo ls
       then
         echo assuming sudo is allowed
         SUDO="sudo"
         SSLDIR=/usr/local/ssl
         OPENSSLPREFIX="--prefix=$SSLDIR"
         if [ :$UNAME: == :CYGWIN_NT-5.1: ]
         then
              BUILDPOSTFIX="cyg SSLDIR=$SSLDIR"
              EXTENSION=.exe
         else
              BUILDPOSTFIX=" SSLDIR=$SSLDIR"
              EXTENSION=""
         fi
       else
         echo assuming sudo is not allowed
         SUDO=""
         if [ :$UNAME: == :CYGWIN_NT-5.1: ]
         then
              SSLDIR=/usr/local/ssl;          
              OPENSSLPREFIX="--prefix=$SSLDIR"
              BUILDPOSTFIX="cyg SSLINCLUDE=$SSLDIR/include SSLLIB=$SSLDIR/lib"
              EXTENSION=.exe
         else
              SSLDIR=~/openssl                        
              OPENSSLPREFIX="--prefix=$SSLDIR"
              BUILDPOSTFIX=" SSLDIR=$SSLDIR SSLCERTS=$SSLDIR/ssl/certs"
              EXTENSION=""
         fi
       fi
      
    • # download the source code of the most recent version of pine, openssl, the time stamping patch for openssl (comes from http://www.opentsa.org/ts/ts-20040320-0_9_7d-patch.gz), etc...
       cd $PINEFILES
       $TIME wget -N --retr-symlinks ts-20040320-0_9_7d-patch.gz
      
       $TIME wget -N --retr-symlinks ftp://ftp.cac.washington.edu/pine/pine.tar.gz
       $TIME wget -N --retr-symlinks http://www.openssl.org/source/openssl-0.9.7d.tar.gz
      
    • # apply the time stamping patches to openssl:
       cd $PINEDIR
       rm -rf openssl-0.9.7d
       $TIME tar -xzf $PINEFILES/openssl-0.9.7d.tar.gz
       cd $PINEDIR/openssl-0.9.7d
       gzip -dc $PINEFILES/ts-20040320-0_9_7d-patch.gz | $TIME patch -p1
       $TIME ./config $OPENSSLPREFIX
       $SUDO $TIME make install
      
    • # apply the s/mime patch to pine and compile it:
       cd $PINEDIR
       rm -rf pine4.61
       $TIME tar -xzf $PINEFILES/pine.tar.gz
       $TIME wget -N --retr-symlinks smime.patch.for.pine4.61
      
       cd $PINEDIR/pine4.61
       cat ../smime.patch.for.pine4.61 | $TIME patch -p2
       $TIME ./build$BUILDPOSTFIX $COMPILER $SYSTEM
      
    • # you can now execute the smime-enabled pine:
       $PINEDIR/pine4.61/bin/pine$EXTENSION
      
    • # if it works, you can ``install'' it and include it in your default path:
       mkdir -p ~/bin.$UNAME
       cp $PINEDIR/pine4.61/bin/pine$EXTENSION ~/bin.$UNAME
       echo export PATH=~/bin.$UNAME:\$PATH >> ~/.bash_profile
      
      # if it does not work, you might try to compile the stuff again with a different compiler (remember that I got it all working using version 2.95 of gcc), e.g.:
       COMPILER="CC=gcc-3.3"
       $TIME ./build$BUILDPOSTFIX $COMPILER $SYSTEM
      
      # you can get a list of the compilers with:
       find /usr/bin -type f -iname gcc\*
       find /usr/local/bin -type f -iname gcc\*