Bug #9382
Adjust manual Thunderbird EHLO test for StartTLS
0%
Description
Currently, test instructions reads:
* Also check that the EHLO/HELO SMTP message is not leaking anything
at the application level:
1. Start Claws using the panel icon.
2. Disable SSL/TLS for SMTP in Claws (so take precautions for not
leaking your password in plaintext by either changing it
temporarily or using a disposable account). I don't find a provider that allows that...
3. Run `sudo tcpdump -n -i lo -w dump` to capture the packets before
Tor encrypts it, then close tcpdump
4. Check the dump for the HELO/EHLO message and
verify that it only contains `localhost`: `tcpdump -A -r dump`
But we have no test infrastructure to acces an SMTP server which allows unencrypted login. It seems last testers thus looked at the 1st EHLO, before the STARTTLS command.
However, the RFC reads (https://www.ietf.org/rfc/rfc2487.txt):
5.2 Result of the STARTTLS Command
Upon completion of the TLS handshake, the SMTP protocol is reset to
the initial state (the state in SMTP after a server issues a 220
service ready greeting). The server MUST discard any knowledge
obtained from the client, such as the argument to the EHLO command,
which was not obtained from the TLS negotiation itself. The client
MUST discard any knowledge obtained from the server, such as the list
of SMTP service extensions, which was not obtained from the TLS
negotiation itself. The client SHOULD send an EHLO command as the
first command after a successful TLS negotiation.
We are thus not checking the right EHLO.
Subtasks
History
#1 Updated by BitingBird 2015-05-12 17:57:01
- Affected tool set to Email Client
#2 Updated by intrigeri 2015-05-25 09:42:32
- Subject changed from We should test the 2nd EHLO command when checking for claws leaks to Adjust manual Claws Mail EHLO test for StartTLS
- Category set to Test suite
- Status changed from New to Confirmed
- Type of work changed from Test to Contributors documentation
Let’s consider the current phrasing (cleartext SMTP auth.) as a workaround, and adapt this manual test to focus on StartTLS, which is more common these days. One way to do it is to look at Claws Mail network trace dialog. Of course it’s not blackbox testing, but it would be better than not checking at all. Another way out would be to check in Claws Mail’s source code if there are any chances that a different EHLO is sent after StartTLS than before.
#3 Updated by Anonymous 2016-01-03 19:22:56
- Assignee set to kytv
- Deliverable for set to 268
Check if this needs to be done for Icedove, instead of Claws
#4 Updated by Anonymous 2016-01-03 19:25:34
- Subject changed from Adjust manual Claws Mail EHLO test for StartTLS to Adjust manual Icedove EHLO test for StartTLS
#5 Updated by Anonymous 2016-01-03 19:27:10
- Assignee deleted (
kytv) - Target version set to Tails_2.0
#6 Updated by Anonymous 2016-01-27 12:01:22
- blocks
Feature #10737: Update our design documentation to the return of Icedove added
#7 Updated by Anonymous 2016-01-27 17:50:00
- Status changed from Confirmed to In Progress
I’ve tried this for Icedove/Torbirdy.
The EHLO command appears as EHLO[127.0.0.1] just after connecting to the SMTP server when using STARTTLS and also when using no encryption. That’s indeed the first EHLO.
#8 Updated by Anonymous 2016-01-27 18:05:25
- Assignee set to anonym
- Feature Branch set to 451f:tails/feature/9493+Icedove_manual_tests
I have adjusted the documentation to match this with Icedove. However I would need more technical insight on the raised issue (RFC second EHLO command when using STARTTLS). For me, the second command is encrypted, so, why should I be able to see this?
#9 Updated by Anonymous 2016-01-27 18:07:49
oops, i tentatively assigned this to anonym, because i thought that he might have an idea.
#10 Updated by Anonymous 2016-01-27 18:22:31
- Status changed from In Progress to Resolved
Anonym says:
presumably they (the tow EHLOs) are the same though
we already make the assumption that the EHLO:s we see when testing with plaintext (and the first one for StartTLS) are the same as when SSL/TLS is enabled
I’ve checked the Icedove code too: in mailnews/compose/src/nsSmtpProtocol.cpp we have:
348 // is a FQDN known for this system?
349 char hostName[256];
350 PR_GetSystemInfo(PR_SI_HOSTNAME_UNTRUNCATED, hostName, sizeof hostName);
351 if ((hostName[0] != '\0') && (strchr(hostName, '.') != NULL))
352 {
353 nsDependentCString cleanedHostName(hostName);
354 // avoid problems with hostnames containing newlines/whitespace
355 cleanedHostName.StripWhitespace();
356 aResult += cleanedHostName;
357 }
358 else
359 {
360 nsCOMPtr<nsINetAddr> iaddr; // IP address for this connection
361 // our transport is always a nsISocketTransport
362 nsCOMPtr<nsISocketTransport> socketTransport = do_QueryInterface(m_transport);
363 // should return the interface ip of the SMTP connection
364 // minimum case - see bug 68877 and RFC 2821, chapter 4.1.1.1
365 rv = socketTransport->GetScriptableSelfAddr(getter_AddRefs(iaddr));
I suppose that Torbirdy sets the IP address to 127.0.0.1.
And there do not seem to be different EHLOs in the code.
I believe thus that this ticket can be closed.
#11 Updated by intrigeri 2016-01-29 15:23:45
- Status changed from Resolved to Confirmed
It looks like there’s been a few misunderstandings.
The whole point of this ticket is to have a test (manual or automated) to ensure that the property we are interested in (nothing but “localhost” or “127.0.0.1” leaked via EHLO) is always verified.
AFAICT, a one time check was done, that relied on code review; this is great! But the way it’s done, it’s not something that we can do every time we do a Tails release, so the quality assurance / regression testing part of this ticket is left unadressed. So I don’t think that this ticket can be considered as resolved as-is, and I’m reopening it.
However, as I see it, the only part of the ticket that was a blocker for SponsorS_M4 was the one-time check that was done by u, so that on Feature #10737 we can report about it. Which implies that we’re good on this side, and there’s no emergency to work on the remaining bits of this ticket, and nobody formally has to put it on their plate due to existing commitments.
#12 Updated by intrigeri 2016-01-29 15:26:15
- Assignee deleted (
anonym) - Target version deleted (
Tails_2.0) - Feature Branch deleted (
451f:tails/feature/9493+Icedove_manual_tests) - Deliverable for deleted (
268)
#13 Updated by anonym 2016-03-08 19:06:16
- blocked by deleted (
)Feature #10737: Update our design documentation to the return of Icedove
#14 Updated by anonym 2016-03-08 19:06:19
I’m removing the blocker in Feature #10737 because its branch was merged and the ticket closed. If there is something in the docs that needs to be adapted, let’s open a new ticket.
#15 Updated by Anonymous 2018-08-18 12:06:27
- Subject changed from Adjust manual Icedove EHLO test for StartTLS to Adjust manual Thunderbird EHLO test for StartTLS