Feature #6154

Secure the Icedove autoconfig wizard

Added by Tails 2013-07-18 11:47:35 . Updated 2016-06-08 01:22:45 .

Status:
Resolved
Priority:
Elevated
Assignee:
Category:
Target version:
Start date:
2013-10-16
Due date:
% Done:

100%

Feature Branch:
feature/6154-secure-autoconfig-in-icedove
Type of work:
Code
Blueprint:

Starter:
0
Affected tool:
Email Client
Deliverable for:
268

Description


Subtasks

Feature #6157: Fix re-test in secure Icedove autoconfig wizard Resolved

100

Feature #6158: Fix secure Icedove autoconfig wizard in Tails Resolved

100

Feature #6367: Rebase our patches on top of Icedove 24 Resolved

100

Feature #6368: Test our rebased patches on Icedove 38 Resolved

100

Feature #6369: Build Debian packages of Icedove 38 with our patches / create proper branch situation Resolved

100

Feature #7064: Update our plans for securing Icedove's autoconfig wizard wrt. recent developments Resolved

100

Feature #7746: Rebase our patches on top of Icedove 38 Resolved

100

Feature #9492: Adapt the patchset to work on current Icedove Duplicate

100

Feature #11204: Make sure we get all the benefits from TorBirdy's own account wizard Resolved

100

Feature #11215: Update Icedove design documentation wrt. the autoconfig wizard Resolved

100

Feature #11503: Update our doc to the Icedove autoconfig wizard Resolved

100


Related issues

Related to Tails - Bug #11486: Icedove autoconfig wizard gets stalled on some domains Resolved 2016-05-24
Blocks Tails - Feature #10464: Disable remote email account creation in Icedove Resolved 2015-11-01
Blocks Tails - Bug #10906: Enigmail is configured to use a cleartext hkp:// keyserver Resolved 2016-01-12

History

#1 Updated by Tails 2013-07-18 11:48:29

#2 Updated by intrigeri 2013-07-19 01:04:07

  • Type of work set to Code

Type of work: Code

#3 Updated by intrigeri 2014-04-11 12:36:59

  • Subject changed from secure Icedove autoconfig wizard to Secure the Icedove autoconfig wizard
  • Starter set to No

#4 Updated by intrigeri 2014-08-12 13:44:43

  • Category set to 212

#5 Updated by intrigeri 2015-05-29 12:35:22

  • blocks #8668 added

#6 Updated by intrigeri 2015-05-29 12:35:35

  • Assignee deleted (None)
  • Target version set to 246

#7 Updated by kytv 2015-09-28 10:53:29

  • blocks Feature #10009: Decide whether to disable remote email account creation in Icedove added

#8 Updated by sajolida 2015-11-01 05:55:37

  • related to Feature #10464: Disable remote email account creation in Icedove added

#9 Updated by sajolida 2015-11-01 05:55:41

  • related to deleted (Feature #10464: Disable remote email account creation in Icedove)

#10 Updated by sajolida 2015-11-01 05:55:48

  • blocks Feature #10464: Disable remote email account creation in Icedove added

#11 Updated by sajolida 2015-11-01 05:55:57

  • blocked by deleted (Feature #10009: Decide whether to disable remote email account creation in Icedove)

#12 Updated by sajolida 2015-11-27 04:45:29

  • Target version changed from 246 to Tails_2.0

#13 Updated by Anonymous 2015-12-22 06:29:14

  • Target version changed from Tails_2.0 to Tails_2.2

#14 Updated by anonym 2016-03-09 03:28:47

  • Feature Branch set to feature/6154-secure-autoconfig-in-icedove

#15 Updated by Anonymous 2016-03-10 14:56:55

  • Target version changed from Tails_2.2 to Tails_2.3

#16 Updated by anonym 2016-05-08 05:10:22

  • Target version changed from Tails_2.3 to Tails_2.4

#17 Updated by intrigeri 2016-05-10 04:38:26

  • blocks Bug #10906: Enigmail is configured to use a cleartext hkp:// keyserver added

#18 Updated by anonym 2016-05-16 05:34:30

  • blocked by deleted (Feature #6156: Upstream secure Thunderbird autoconfig wizard)

#19 Updated by anonym 2016-05-24 20:18:45

  • Status changed from Confirmed to In Progress
  • Assignee set to intrigeri
  • QA Check set to Ready for QA

#20 Updated by intrigeri 2016-05-24 21:27:33

Code review (in tails.git) passes. I’ve not looked at the Icedove patches though.

I’ve pushed a few minor improvements on top:

  • Fixed typos in commit:6843fc2.
  • Improved design doc a bit in commit:5d4db02, commit:c955f7a and commit:16ba418.

And two more comments:

  • config/chroot_local-patches/torbirdy-0001-secure-autoconfig-compat.diff says “This patch will be upstreamed in TorBirdy” but I’ve found no ticket about it ⇒ created Feature #11484
  • In config/chroot_local-patches/torbirdy-0002-secure-autoconfig-POP-defaults.diff the monkeypatched functions have no explicit return value. Shall we perhaps return whatever the wrapped function has returned? Ignore me if this doesn’t make sense, I don’t need to understand all this, I just want to ensure that you’ve thought about how this can potentially break stuff in the future (in case the return value starts mattering some day).

Now I’m going to test the thing and check that it behaves as planned (I’ll also check the subtasks that were already marked as resolved, to make sure I’m not missing anything, if I have time).

#21 Updated by anonym 2016-05-24 22:50:38

intrigeri wrote:
> Code review (in tails.git) passes. I’ve not looked at the Icedove patches though.

Yay!

> I’ve pushed a few minor improvements on top:
>
> * Fixed typos in commit:6843fc2.
> * Improved design doc a bit in commit:5d4db02, commit:c955f7a and commit:16ba418.
>
> And two more comments:
>
> * config/chroot_local-patches/torbirdy-0001-secure-autoconfig-compat.diff says “This patch will be upstreamed in TorBirdy” but I’ve found no ticket about it ⇒ created Feature #11484

This is the old patch, that already has been upstreamed => rejecting.

> * In config/chroot_local-patches/torbirdy-0002-secure-autoconfig-POP-defaults.diff

This is the new patch that is gonna be upstreamed, and we already have a PR so I think we don’t need to track it in our Redmine.

> the monkeypatched functions have no explicit return value. Shall we perhaps return whatever the wrapped function has returned? Ignore me if this doesn’t make sense, I don’t need to understand all this, I just want to ensure that you’ve thought about how this can potentially break stuff in the future (in case the return value starts mattering some day).

I won’t bother with this — the nature of these two methods is to show/hide/fill in info, e.g. side-effects. Ok?

#22 Updated by intrigeri 2016-05-24 23:12:08

  • related to Bug #11486: Icedove autoconfig wizard gets stalled on some domains added

#23 Updated by intrigeri 2016-05-24 23:16:38

Works fine, except Bug #11486.

#24 Updated by intrigeri 2016-05-24 23:31:46

>> * In config/chroot_local-patches/torbirdy-0002-secure-autoconfig-POP-defaults.diff

> This is the new patch that is gonna be upstreamed, and we already have a PR so I think we don’t need to track it in our Redmine.

Fair enough. We’ll revisit if this takes too much time and hits us later (unlikely :)

> I won’t bother with this — the nature of these two methods is to show/hide/fill in info, e.g. side-effects. Ok?

OK.

#25 Updated by intrigeri 2016-05-24 23:38:47

  • blocked by deleted (#8668)

#26 Updated by intrigeri 2016-05-24 23:39:06

  • Status changed from In Progress to Fix committed
  • Assignee deleted (intrigeri)
  • QA Check changed from Ready for QA to Pass

Merged, congrats!

#27 Updated by anonym 2016-06-08 01:22:45

  • Status changed from Fix committed to Resolved