--- configure.ac.orig	2009-06-09 08:50:33.000000000 +0200

+++ configure.ac	2010-01-27 18:15:31.000000000 +0100

@@ -976,7 +976,7 @@

                 bdbpfx="$bdbpfx $d/$v"

             done

         done

-        BDB_VERSIONS="db-4 db4 db-4.6 db4.6 db46 db-4.5 db4.5 db45 db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db ''"

+        BDB_VERSIONS="db-4 db4 db-5 db5 db-5.2 db5.2 db52 db-5.1 db5.1 db51 db-5.0 db5.0 db50 db-4.8 db4.8 db48 db-4.7 db4.7 db47 db-4.6 db4.6 db46 db-4.5 db4.5 db45 db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db ''"

         AC_MSG_CHECKING([for BerkeleyDB > 4.0])

         for d in $bdbpfx; do

             BDB_INCLUDE_DIR=""

--- mutt.h.orig	Fri Jun  4 13:35:59 2004

+++ mutt.h	Fri Jun  4 13:49:26 2004

@@ -350,6 +350,7 @@

   OPTBEEPNEW,

   OPTBOUNCEDELIVERED,

   OPTCHECKNEW,

+  OPTCOLORAFTEREOL,

   OPTCOLLAPSEUNREAD,

   OPTCONFIRMAPPEND,

   OPTCONFIRMCREATE,

--- init.h.orig	Fri Jun  4 13:35:56 2004

+++ init.h	Fri Jun  4 13:45:43 2004

@@ -315,6 +315,12 @@

   ** \fIcheck_new\fP is \fIunset\fP, no check for new mail is performed

   ** while the mailbox is open.

   */

+  { "color_after_eol",	DT_BOOL, R_NONE, OPTCOLORAFTEREOL, 1 },

+  /*

+  ** .pp

+  ** When \fIset\fP, Mutt will color a line after the last character extending

+  ** to the end of the window.

+  */

   { "collapse_unread",	DT_BOOL, R_NONE, OPTCOLLAPSEUNREAD, 1 },

   /*

   ** .pp

--- pager.c.orig	Sat Jun  5 09:13:33 2004

+++ pager.c	Sat Jun  5 09:12:31 2004

@@ -1392,7 +1392,7 @@

    * ncurses does an implicit clrtoeol() when you do addch('\n') so we have

    * to make sure to reset the color *after* that

    */

-  if (flags & M_SHOWCOLOR)

+  if (option (OPTCOLORAFTEREOL) && (flags & M_SHOWCOLOR))

   {

     m = ((*lineInfo)[n].continuation) ? ((*lineInfo)[n].syntax)[0].first : n;

     if ((*lineInfo)[m].type == MT_COLOR_HEADER)

@@ -1406,6 +1406,16 @@

 #endif

   }

+  /*

+   * reset the color back to normal.  This *must* come before the

+   * addch('\n') for the color not to be filled to the right margin.

+   */

+  if (!option (OPTCOLORAFTEREOL) && (flags & M_SHOWCOLOR))

+  {

+    SETCOLOR(MT_COLOR_NORMAL);

+    BKGDSET(MT_COLOR_NORMAL);

+  }

+

   /* ncurses always wraps lines when you get to the right side of the

    * screen, but S-Lang seems to only wrap if the next character is *not*

    * a newline (grr!).

@@ -1420,7 +1430,7 @@

    * addch('\n'), otherwise the color for this line will not be

    * filled to the right margin.

    */

-  if (flags & M_SHOWCOLOR)

+  if (option (OPTCOLORAFTEREOL) && (flags & M_SHOWCOLOR))

   {

     SETCOLOR(MT_COLOR_NORMAL);

     BKGDSET(MT_COLOR_NORMAL);

--- configure.ac.orig	2010-08-24 09:34:21.000000000 -0700

+++ configure.ac	2012-05-03 18:14:34.000000000 -0700

@@ -29,6 +29,2 @@

 AC_ISC_POSIX

-AM_C_PROTOTYPES

-if test "x$U" != "x"; then

-  AC_MSG_ERROR(Compiler not ANSI compliant)

-fi

 AC_PROG_CPP

--- ./crypt-gpgme.c.orig	2009-07-01 21:28:51.000000000 -0400

+++ ./crypt-gpgme.c	2009-07-01 21:31:52.000000000 -0400

@@ -342,6 +342,7 @@

   gpgme_error_t err;

   gpgme_ctx_t ctx;

+  gpgme_check_version (NULL);

   if (!GpgmeLocaleSet)

   {

     gpgme_set_locale (NULL, LC_CTYPE, setlocale (LC_CTYPE, NULL));

--- mutt_ssl_gnutls.c.orig

+++ mutt_ssl_gnutls.c

@@ -999,6 +999,7 @@

   unsigned int cert_list_size = 0;

   gnutls_certificate_status certstat;

   int certerr, i, preauthrc, savedcert, rc = 0;

+  int rcpeer;

   if (gnutls_auth_get_type (state) != GNUTLS_CRD_CERTIFICATE)

   {

@@ -1024,6 +1025,9 @@

   for (i = 0; i < cert_list_size; i++) {

     rc = tls_check_preauth(&cert_list[i], certstat, conn->account.host, i,

                            &certerr, &savedcert);

+    if (i == 0)

+      rcpeer = rc;

+

     preauthrc += rc;

     if (savedcert)

@@ -1049,7 +1053,7 @@

         dprint (1, (debugfile, "error trusting certificate %d: %d\n", i, rc));

       certstat = tls_verify_peers (state);

-      if (!certstat)

+      if (!certstat && !rcpeer)

         return 1;

     }

   }

--- init.c.orig	Wed Jul 24 10:41:29 2002

+++ init.c	Sat May  3 08:46:29 2003

@@ -1707,7 +1707,11 @@

 void mutt_init (int skip_sys_rc, LIST *commands)

 {

   struct passwd *pw;

+#if __FreeBSD_version < 500000

+  char nodename[STRING];

+#else

   struct utsname utsname;

+#endif

   char *p, buffer[STRING], error[STRING];

   int i, default_rc = 0, need_pause = 0;

   BUFFER err;

@@ -1765,16 +1769,21 @@

 #endif

   /* And about the host... */

+#if __FreeBSD_version < 500000

+  gethostname(nodename, sizeof (nodename));

+#else

   uname (&utsname);

+  strfcpy (nodename, utsname.nodename, sizeof (nodename));

+#endif

   /* some systems report the FQDN instead of just the hostname */

-  if ((p = strchr (utsname.nodename, '.')))

+  if ((p = strchr (nodename, '.')))

   {

-    Hostname = mutt_substrdup (utsname.nodename, p);

+    Hostname = mutt_substrdup (nodename, p);

     p++;

     strfcpy (buffer, p, sizeof (buffer)); /* save the domain for below */

   }

   else

-    Hostname = safe_strdup (utsname.nodename);

+    Hostname = safe_strdup (nodename);

 #ifndef DOMAIN

 #define DOMAIN buffer

diff --git a/pager.c b/pager.c

--- pager.c

+++ pager.c

@@ -1187,10 +1187,17 @@

       last_special = special;

     }

-    if (IsWPrint (wc))

+    if (IsWPrint (wc) || (Charset_is_utf8 && wc == 0x00A0))

     {

       if (wc == ' ')

 	space = ch;

+      else if (Charset_is_utf8 && wc == 0x00A0)

+      {

+	/* Convert non-breaking space to normal space. The local variable

+	 * `space' is not set here so that the caller of this function won't

+	 * attempt to wrap at this character. */

+	wc = ' ';

+      }

       t = wcwidth (wc);

       if (col + t > wrap_cols)

 	break;

--- crypt-gpgme.c~	2010-09-10 07:41:33.584316201 +1000

+++ crypt-gpgme.c	2010-09-10 08:22:32.948976728 +1000

@@ -2003,12 +2003,14 @@

   {

     if (!mutt_strncmp ("-----BEGIN PGP ", buf, 15))

     {

-      if (!mutt_strcmp ("MESSAGE-----\n", buf + 15))

+      if (!mutt_strcmp ("MESSAGE-----\n", buf + 15) ||

+	  !mutt_strcmp ("MESSAGE-----\r\n", buf + 15))

       {

 	enc = 1;

 	break;

       }

-      else if (!mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15))

+      else if (!mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) ||

+	       !mutt_strcmp ("SIGNED MESSAGE-----\r\n", buf + 15))

       {

 	sgn = 1;

 	break;

@@ -2128,7 +2130,8 @@

       continue;

     }

-    if (!mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\n"))

+    if (!mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\n") ||

+	!mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\r\n"))

       break;

     if (armor_header)

@@ -2196,14 +2199,17 @@

           clearsign = 0;

           start_pos = last_pos;

-          if (!mutt_strcmp ("MESSAGE-----\n", buf + 15))

+          if (!mutt_strcmp ("MESSAGE-----\n", buf + 15) ||

+	      !mutt_strcmp ("MESSAGE-----\r\n", buf + 15))

             needpass = 1;

-          else if (!mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15))

+          else if (!mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) ||

+		   !mutt_strcmp ("SIGNED MESSAGE-----\r\n", buf + 15))

             {

               clearsign = 1;

               needpass = 0;

             }

-          else if (!mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15))

+          else if (!mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15) ||

+		   !mutt_strcmp ("PUBLIC KEY BLOCK-----\r\n", buf + 15))

           {

             needpass = 0;

             pgp_keyblock = 1;

--- pgp.c~	2009-05-31 03:20:08.000000000 +1000

+++ pgp.c	2010-09-10 08:27:40.317064142 +1000

@@ -219,7 +219,8 @@

       continue;

     }

-    if (mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\n") == 0)

+    if (mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\n") == 0 ||

+	mutt_strcmp (buf, "-----BEGIN PGP SIGNATURE-----\r\n") == 0)

       break;

     if (armor_header)

@@ -287,14 +288,17 @@

       clearsign = 0;

       start_pos = last_pos;

-      if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0)

+      if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0 ||

+	  mutt_strcmp ("MESSAGE-----\r\n", buf + 15) == 0)

         needpass = 1;

-      else if (mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) == 0)

+      else if (mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) == 0 ||

+	       mutt_strcmp ("SIGNED MESSAGE-----\r\n", buf + 15) == 0)

       {

 	clearsign = 1;

         needpass = 0;

       }

-      else if (!mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15))

+      else if (!mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15) ||

+	       !mutt_strcmp ("PUBLIC KEY BLOCK-----\r\n", buf + 15))

       {

         needpass = 0;

         pgp_keyblock = 1;

@@ -327,10 +331,14 @@

 	fputs (buf, tmpfp);

-	if ((needpass && mutt_strcmp ("-----END PGP MESSAGE-----\n", buf) == 0) ||

-	    (!needpass 

-             && (mutt_strcmp ("-----END PGP SIGNATURE-----\n", buf) == 0

-                 || mutt_strcmp ("-----END PGP PUBLIC KEY BLOCK-----\n",buf) == 0)))

+	if ((needpass &&

+	     (mutt_strcmp ("-----END PGP MESSAGE-----\n", buf) == 0 ||

+	      mutt_strcmp ("-----END PGP MESSAGE-----\r\n", buf) == 0)) ||

+	    (!needpass &&

+	     (mutt_strcmp ("-----END PGP SIGNATURE-----\n", buf) == 0 ||

+	      mutt_strcmp ("-----END PGP SIGNATURE-----\r\n", buf) == 0 ||

+	      mutt_strcmp ("-----END PGP PUBLIC KEY BLOCK-----\n",buf) == 0 ||

+	      mutt_strcmp ("-----END PGP PUBLIC KEY BLOCK-----\r\n",buf) == 0)))

 	  break;

 	/* remember optional Charset: armor header as defined by RfC4880 */

 	if (mutt_strncmp ("Charset: ", buf, 9) == 0)

@@ -554,11 +562,14 @@

   {

     if (mutt_strncmp ("-----BEGIN PGP ", buf, 15) == 0)

     {

-      if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0)

+      if (mutt_strcmp ("MESSAGE-----\n", buf + 15) == 0 ||

+	  mutt_strcmp ("MESSAGE-----\r\n", buf + 15) == 0)

 	enc = 1;

-      else if (mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) == 0)

+      else if (mutt_strcmp ("SIGNED MESSAGE-----\n", buf + 15) == 0 ||

+	       mutt_strcmp ("SIGNED MESSAGE-----\r\n", buf + 15) == 0)

 	sgn = 1;

-      else if (mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15) == 0)

+      else if (mutt_strcmp ("PUBLIC KEY BLOCK-----\n", buf + 15) == 0 ||

+	       mutt_strcmp ("PUBLIC KEY BLOCK-----\r\n", buf + 15) == 0)

 	key = 1;

     }

   }

@@ -1067,9 +1078,11 @@

    */

   while (fgets (buffer, sizeof (buffer) - 1, pgpout) != NULL)

   {

-    if (mutt_strcmp ("-----BEGIN PGP MESSAGE-----\n", buffer) == 0)

+    if (mutt_strcmp ("-----BEGIN PGP MESSAGE-----\n", buffer) == 0 ||

+	mutt_strcmp ("-----BEGIN PGP MESSAGE-----\r\n", buffer) == 0)

       fputs ("-----BEGIN PGP SIGNATURE-----\n", fp);

-    else if (mutt_strcmp("-----END PGP MESSAGE-----\n", buffer) == 0)

+    else if (mutt_strcmp("-----END PGP MESSAGE-----\n", buffer) == 0 ||

+	     mutt_strcmp("-----END PGP MESSAGE-----\r\n", buffer) == 0)

       fputs ("-----END PGP SIGNATURE-----\n", fp);

     else

       fputs (buffer, fp);

--- init.h.orig	2010-09-15 08:39:31.000000000 -0700

+++ init.h	2012-03-28 10:58:42.870572835 -0700

@@ -2972,6 +2972,18 @@ struct option_t MuttVars[] = {

   ** SSL authentication process.

   */

 #ifdef USE_SSL_OPENSSL

+  { "ssl_use_tlsv1_1", DT_BOOL, R_NONE, OPTTLSV1_1, 1 },

+  /*

+  ** .pp

+  ** This variable specifies whether to attempt to use TLSv1.1 in the

+  ** SSL authentication process.

+  */

+  { "ssl_use_tlsv1_2", DT_BOOL, R_NONE, OPTTLSV1_2, 1 },

+  /*

+  ** .pp

+  ** This variable specifies whether to attempt to use TLSv1.2 in the

+  ** SSL authentication process.

+  */

   { "ssl_usesystemcerts", DT_BOOL, R_NONE, OPTSSLSYSTEMCERTS, 1 },

   /*

   ** .pp

--- mutt.h	2010-09-13 10:19:55.000000000 -0700

+++ mutt.h	2012-03-28 10:59:24.437237530 -0700

@@ -376,6 +376,8 @@ enum

 # endif /* USE_SSL_GNUTLS */

   OPTSSLV3,

   OPTTLSV1,

+  OPTTLSV1_1,

+  OPTTLSV1_2,

   OPTSSLFORCETLS,

   OPTSSLVERIFYDATES,

   OPTSSLVERIFYHOST,

--- mutt_ssl.c.orig	2010-08-25 18:31:40.000000000 +0200

+++ mutt_ssl.c	2013-08-20 13:51:14.000000000 +0200

@@ -100,12 +100,33 @@

     goto bail;

   ssldata = (sslsockdata*) safe_calloc (1, sizeof (sslsockdata));

-  /* the ssl_use_xxx protocol options don't apply. We must use TLS in TLS. */

-  if (! (ssldata->ctx = SSL_CTX_new (TLSv1_client_method ())))

+  /* the ssl_use_xxx protocol options don't apply. We must use TLS in TLS.

+   * TLSv1.2 support was added in OpenSSL 1.0.1.  RHEL6 shipped with 1.0.0 so

+   * our configure script checks for TLSv1.2 availability.

+   */

+  if (! (ssldata->ctx = SSL_CTX_new (

+#ifdef HAVE_TLSV1_2_CLIENT_METHOD

+				  TLSv1_2_client_method ()

+#else

+				  TLSv1_client_method ()

+#endif

+				  )))

   {

     dprint (1, (debugfile, "mutt_ssl_starttls: Error allocating SSL_CTX\n"));

     goto bail_ssldata;

   }

+#ifdef SSL_OP_NO_TLSv1_1

+  if (!option(OPTTLSV1_1))

+  {

+    SSL_CTX_set_options(ssldata->ctx, SSL_OP_NO_TLSv1_1);

+  }

+#endif

+#ifdef SSL_OP_NO_TLSv1_2

+  if (!option(OPTTLSV1_2))

+  {

+    SSL_CTX_set_options(ssldata->ctx, SSL_OP_NO_TLSv1_2);

+  }

+#endif

   ssl_get_client_cert(ssldata, conn);

@@ -303,6 +324,21 @@

   {

     SSL_CTX_set_options(data->ctx, SSL_OP_NO_TLSv1);

   }

+  /* TLSv1.1/1.2 support was added in OpenSSL 1.0.1, but some OS distros such

+   * as Fedora 17 are on OpenSSL 1.0.0.

+   */

+#ifdef SSL_OP_NO_TLSv1_1

+  if (!option(OPTTLSV1_1))

+  {

+    SSL_CTX_set_options(data->ctx, SSL_OP_NO_TLSv1_1);

+  }

+#endif

+#ifdef SSL_OP_NO_TLSv1_2

+  if (!option(OPTTLSV1_2))

+  {

+    SSL_CTX_set_options(data->ctx, SSL_OP_NO_TLSv1_2);

+  }

+#endif

   if (!option(OPTSSLV2))

   {

     SSL_CTX_set_options(data->ctx, SSL_OP_NO_SSLv2);

@@ -375,8 +411,8 @@

   if (!ssl_check_certificate (conn, ssldata))

     return -1;

-  mutt_message (_("SSL connection using %s (%s)"),

-    SSL_get_cipher_version (ssldata->ssl), SSL_get_cipher_name (ssldata->ssl));

+  mutt_message (_("%s connection using %s (%s)"),

+    SSL_get_version(ssldata->ssl), SSL_get_cipher_version (ssldata->ssl), SSL_get_cipher_name (ssldata->ssl));

   mutt_sleep (0);

   return 0;

@@ -911,7 +947,7 @@

 static int interactive_check_cert (X509 *cert, int idx, int len)

 {

-  char *part[] =

+  static const char * const part[] =

     {"/CN=", "/Email=", "/O=", "/OU=", "/L=", "/ST=", "/C="};

   char helpstr[LONG_STRING];

   char buf[STRING];