Feature #6158

Fix secure Icedove autoconfig wizard in Tails

Added by Tails about 12 years ago. Updated about 9 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
Due date:
% Done:

100%

Feature Branch:
feature/6154-secure-autoconfig-in-icedove
Type of work:
Code
Blueprint:

Starter:
0
Affected tool:
Email Client
Deliverable for:
268

Description

research why the account creation wizard fails on our custom packages built with this patchset (in feature/icedove), in Tails. Lack of MX query support, perhaps? Keeping in mind that the idea of securing that wizard is to stop trusting DNS, if Feature #6070 is needed to fix this problem, then it’s part of this deliverable.


Subtasks


Related issues

Related to Tails - Feature #6070: Support arbitrary DNS queries Confirmed
Related to Tails - Feature #6369: Build Debian packages of Icedove 38 with our patches / create proper branch situation Resolved 2013-10-16

History

#1 Updated by intrigeri about 12 years ago

  • Priority changed from Normal to High

#2 Updated by BitingBird about 11 years ago

  • Subject changed from fix secure Icedove autoconfig wizard in Tails to Fix secure Icedove autoconfig wizard in Tails
  • Starter set to No

#3 Updated by sajolida about 11 years ago

  • Priority changed from High to Normal

#4 Updated by intrigeri about 11 years ago

This might be a duplicate of Feature #6157, actually.

#5 Updated by intrigeri about 11 years ago

  • Category set to 212

#6 Updated by BitingBird about 11 years ago

  • related to Feature #6157: Fix re-test in secure Icedove autoconfig wizard added

#7 Updated by intrigeri about 11 years ago

  • related to deleted (Feature #6157: Fix re-test in secure Icedove autoconfig wizard)

#8 Updated by intrigeri about 10 years ago

  • Assignee set to kytv
  • Target version set to 246

#9 Updated by intrigeri about 10 years ago

  • blocks #8668 added

#10 Updated by intrigeri about 10 years ago

  • Description updated

#11 Updated by sajolida about 10 years ago

  • Target version changed from 246 to Tails_2.0

#12 Updated by Anonymous about 10 years ago

  • Target version changed from Tails_2.0 to Tails_2.2

#13 Updated by Anonymous about 10 years ago

  • Target version changed from Tails_2.2 to Tails_2.0

This should actually be done for the release of 2.0 (without the need to be merged into 2.0) so that we can have a working PoC for 2.2.

#14 Updated by intrigeri about 10 years ago

> This should actually be done for the release of 2.0 (without the need to be merged into 2.0) so that we can have a working PoC for 2.2.

I guess you meant “so that we can have a working PoC for 2.0”, since the goal is to have something good enough to ship in 2.2, while the PoC should be done during the 2.0 cycle.

#15 Updated by kytv about 10 years ago

Are packages (or git repositories) with the Secure Autoconfig Wizard available? As I see it (perhaps wrongly) that there’s nothing for me to fix until vendor.name being set to Tails gives us the Secure Wizard.

I don’t think I can do anything with this until that time…or am I sadly mistaken?

#16 Updated by Anonymous about 10 years ago

The patchset is now in icedove:secure_account_creation-38.0_b2-1. However, keep in mind that these are the patches applied directly to the upstream source. So if you make any modification, please tell me about it, so that I can apply this to the debian/patches I am currently working on.

#17 Updated by Anonymous about 10 years ago

  • related to Feature #6369: Build Debian packages of Icedove 38 with our patches / create proper branch situation added

#18 Updated by kytv about 10 years ago

  • Target version changed from Tails_2.0 to Tails_2.2

#19 Updated by intrigeri about 10 years ago

  • Target version changed from Tails_2.2 to Tails_2.0

Same here, I think I’ve mislead you somewhat early today, when I asked you to update your Icedove tickets. Sorry about that!

According to the timeline proposed on https://mailman.boum.org/pipermail/tails-icedove/2015-December/000108.html, we want a working PoC of the wizard ready during the 2.0 release cycle, so I think this ticket needs to stay on the 2.0 board for now.

Another option, which is rather what I was implicitly suggesting, would be to make it explicit (by creating new tickets) that the PoC is for 2.0, and that the goal is to have it merged for 2.2.

#20 Updated by Anonymous about 9 years ago

  • Target version changed from Tails_2.0 to Tails_2.2

#21 Updated by Anonymous about 9 years ago

  • Target version changed from Tails_2.2 to Tails_2.3

#22 Updated by anonym about 9 years ago

  • Status changed from Confirmed to In Progress
  • Assignee changed from kytv to anonym
  • % Done changed from 0 to 30
  • Feature Branch set to feature/6154-secure-autoconfig-in-icedove

I’ve built packages with the patches applied and done some minimal integration work (mostly fighting with the strange way TorBirdy reads “seeded” prefs) and it actually seems to work. Out of the four methods we allow, I’ve verified that fetching the config from disk and guessing works. In the Onion Circuits view I could wee that the other two methods (fetch from the service provider, and Mozilla’s database) were tried, so I guess they work as well.

#23 Updated by anonym about 9 years ago

  • Type of work changed from Research to Code

Tails wrote:
> research why the account creation wizard fails on our custom packages built with this patchset (in feature/icedove), in Tails. Lack of MX query support, perhaps? Keeping in mind that the idea of securing that wizard is to stop trusting DNS, if Feature #6070 is needed to fix this problem, then it’s part of this deliverable.

It’s unclear to me which parts of the automatic configuration the above refers to, but let’s look at the different cases:

  • If it was only the guessing-part, then it is fixed since we added the patch that enables SOCKS support for it.
  • If it also referred to the service provider and Mozilla database lookups, then I have no clue, but they seemingly work now (see previous comment).
  • Regarding MX queries, our patches disables that.

I believe this concludes the research part of this, so => Code.

#24 Updated by anonym about 9 years ago

  • Target version changed from Tails_2.3 to Tails_2.4

#25 Updated by anonym about 9 years ago

  • Status changed from In Progress to Resolved
  • Assignee deleted (anonym)
  • % Done changed from 30 to 100