Project

General

Profile

Feature #11204

Feature #5663: Return to Icedove

Feature #6148: Torbirdy in Debian

Feature #6154: Secure the Icedove autoconfig wizard

Make sure we get all the benefits from TorBirdy's own account wizard

Added by anonym over 2 years ago. Updated over 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
03/09/2016
Due date:
% Done:

100%

QA Check:
Pass
Feature Branch:
feature/6154-secure-autoconfig-in-icedove
Type of work:
Code
Blueprint:
Starter:
Affected tool:
Email Client

Description

Once we enable the automatic configuration wizard, we will lose out from some of the features of TorBirdy's wizard:

  • Disables check_new_mail so mail is not fetched at some regular interval (every 10 minutes by default).
  • Make sure that drafts are saved to Local Folders if it is an IMAP account. This is extremely important! When Enigmail is used, drafts will be encrypted with user's own key, but only from the point where the user makes it clear that the email should be encrypted. If the user decides this late, the plaintext would leak through any drafts.
  • Do not check for new messages at startup.
  • Do not automatically download new messages for POP, which I'm not entirely sure what it does (see download_on_biff here).

While I believe some of these can be fixed with prefs, some (e.g. the drafts thing) might require some fixes in TorBirdy,

Associated revisions

Revision 3622a24a (diff)
Added by anonym over 2 years ago

Add temporary patch for TorBirdy.

Note: These changes are to be upstreamed and this patch to be dropped.

It compounds two fixed:

  • #10464: Disable remote email account creation in Icedove
  • #11204: Make sure we get all the benefits from TorBirdy's own
    account wizard (when using Icedove's automatic configuration)

Will-fix: #10464, #11204

History

#1 Updated by anonym over 2 years ago

anonym wrote:

  • Disables check_new_mail so mail is not fetched at some regular interval (every 10 minutes by default).

Note to self: or is this about IMAP's auto-sync thing? I don't think so, but that feature (which I believe is enabled by default) is also worth looking at even if TorBirdy doesn't do anything about it.

#2 Updated by anonym over 2 years ago

  • Subject changed from Make sure we get the benefits from TorBirdy's own account wizard to Make sure we get all the benefits from TorBirdy's own account wizard

#4 Updated by anonym over 2 years ago

  • Status changed from Confirmed to In Progress
  • % Done changed from 0 to 30
  • Feature Branch set to feature/6154-secure-autoconfig-in-icedove
  • Type of work changed from Research to Code

I've addded a patch on the installed TorBirdy (3622a24) in the feature branch that fixes this. Upstreaming next!

#5 Updated by anonym over 2 years ago

  • % Done changed from 30 to 20

Hrm. It seems that one simple thing does not work: when the automatic configuration is used, mail.server.%server_id%.login_at_startup is not set to false, so the newly added account will immediately fetch mail. That will also happen on Icedove startup. This does not happen (as intended) when TorBirdy's account creation wizard is used.

I've tried every trick I know, but it remains set to true. I mean, at one point it is set like we want it, but something in the crazy callback stack when the automatic configuration is used must set this at some point. Argh.

#6 Updated by anonym over 2 years ago

  • Assignee changed from anonym to u
  • % Done changed from 20 to 40

So I managed to figure out the issue I was having problems with, yay! :) The current state of the post-secure-autoconfig branch in your repo is now ready for to be sent as a pull request.

Also, the Tails branch feature/6154-secure-autoconfig-in-icedove patches Torbirdy to the state of that, and you can test it, if you like, from an autobuild ISO here: http://nightly.tails.boum.org/build_Tails_ISO_feature-6154-secure-autoconfig-in-icedove/builds/lastSuccessfulBuild/archive/build-artifacts/

#7 Updated by u over 2 years ago

  • % Done changed from 40 to 50

Thanks! Created a pull request at https://github.com/ioerror/torbirdy/pull/30 and pinged the maintainers in private.

#8 Updated by u over 2 years ago

I've received a privaty reply that the review will be done soon.

#9 Updated by anonym over 2 years ago

  • Target version changed from Tails_2.3 to Tails_2.4

#10 Updated by u over 2 years ago

  • Assignee changed from u to anonym

This has been merged upstream!

As said, I'll package that for Debian as soon as a new upstream version has been released with this code.

Or, if we think it's urgent, I can prepare Debian specific patches and drop them as soon as upstream releases a new version, what do you think?

#11 Updated by u over 2 years ago

  • QA Check set to Info Needed

#12 Updated by anonym over 2 years ago

  • Status changed from In Progress to Fix committed
  • Assignee deleted (anonym)
  • % Done changed from 50 to 100
  • QA Check changed from Info Needed to Pass

u wrote:

This has been merged upstream!

Thanks a bunch for helping that happen! \o/

As said, I'll package that for Debian as soon as a new upstream version has been released with this code.

I can see that quite a few other things happened recently in torbirdy, so if a 0.1.5 is released, I'd like you to abuse your power as a package maintainer to make sure it's not backported until after Tails 2.4 is released. I'd rather not have to deal with potential issues due to this late in the release process. :)

Or, if we think it's urgent, I can prepare Debian specific patches and drop them as soon as upstream releases a new version, what do you think?

I don't care much -- if you package a bump 0.1.4-1~bpo8+1 + my patches we'd get the exact same thing as we have now, so let's not bother.

So I'm closing this ticket now since it's upstreamed. If that's a mistake, please re-open and clarify.

#13 Updated by anonym over 2 years ago

  • Status changed from Fix committed to Resolved

Also available in: Atom PDF