If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Multiple requests for master password when GMail OAuth2 is enabled

REOPENED
Assigned to

Status

MailNews Core
Networking
--
major
REOPENED
2 years ago
5 days ago

People

(Reporter: Leopoldo Saggin, Assigned: Fallen)

Tracking

(Blocks: 3 bugs)

Thunderbird 55.0
Dependency tree / graph

Thunderbird Tracking Flags

(thunderbird50 wontfix, thunderbird_esr38 wontfix, thunderbird_esr45 wontfix, thunderbird_esr52 affected, thunderbird51 wontfix, thunderbird53 wontfix, thunderbird54 fixed, thunderbird55 affected, thunderbird56 affected)

Details

(Whiteboard: [oauth2])

Attachments

(1 attachment, 4 obsolete attachments)

(Reporter)

Description

2 years ago
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0
Build ID: 20150605094246

Steps to reproduce:

I really do not know if the component is correct but I cannot find atopic/component where to insert my report.
I have 8-10 different accounts (depending on the PC I'm using).
So I need to save my passwords and protect them by activating a "Main (meta) password" by using:
Menu -> Options -> Security -> Password -> Use Main password.
This was ok until version 31.7 even if I have been using my 6 Google calendars (embedded by CalDEV method) into Lightning and even if I have been using GoogleTaskSync 0.5.2 which requires an OAuth2 authentication.


Actual results:

With version 38.0.1 I took the opportunity to activate the OAuth2 authentication also for my GMail account in TB v. 38.0.1.
Unfortunately, in this condition, TB asks me the Main Password 3 times (!) before I can access TB!



Expected results:

IMHO it should have asked the main password only once.
So I decided to deactivated the main password of TB and I installed the old extension "Profile Password v.0.7.17" extension by Paolo Kaosmos
https://nic-nac-project.org/~kaosmos/profilepassword-en.html
By using it, I had to insert my "meta/main" password only once.
Leopoldo Saggin aka Topoldo

Comment 1

2 years ago
I assume that you are talking about subsequent restarts of Thunderbird with OAuth2, and not the initial configuration.
tracking-thunderbird_esr38: --- → +
Component: Preferences → Networking
Product: Thunderbird → MailNews Core
Summary: password → Multiple requests for master password when GMail OAuth2 is enabled
Whiteboard: [oauth2]
(Reporter)

Comment 2

2 years ago
Yes, of course!
In the occasion of the release of the "new" Thunderbird 38.0.1 I decided to reinstall it from scratch. During this new installation I re-created my accounts (which I populated in a second time with my old data) and, while recreating my GMail account I accepted to use OAuth2 as the auth method.
At the end of the process of reinstallation of extensions, data etc... I also added a master password to protect all my saved pasword.
From then on, when every time I open TB, it asks me 3 times for the master password before letting me to operate.

BUT yesterday night I had to reinstall everything again from the beginning because I missed some configuration and some data. So I decided to test one more the problem of master password.
In this case I noticed that TB asks me only TWICE for the master password.

Comment 3

2 years ago
Asbjørn, is this something you can test for us?
status-thunderbird_esr38: --- → affected
Flags: needinfo?(lordcrc)

Comment 4

2 years ago
(In reply to Wayne Mery (:wsmwk, use Needinfo for questions) from comment #3)
> Asbjørn, is this something you can test for us?

Sorry for the late reply, I was on vacation. I can confirm that I get the same behavior on Thunderbird 38.0.1 (Windows). With OAuth and one GMail account, I get asked twice upon starting Thunderbird. When switching off OAuth I only get asked once (as expected).

I'd be happy to test other builds, just let me know which one as I've never installed test/nightly builds of Thunderbird so not sure which one(s) to get.
Flags: needinfo?(lordcrc)

Comment 5

2 years ago
I have what I believe is the same issue, except that I get 5 "Password Required" pop-ups.  This started happening after I downloaded TBird v38.1.0 and connecting to Google for my calendars for the first time(never had the Lightning add-on previously).  If I just enter my password in the last pop-up and cancel the other 4 then both mail and calendar seem to work.

I 'unsubscribed' a couple of my google calendars and now I get 2 pop-ups on start, and a third pops up after I enter my p/w once.  I can still cancel the 2 extra ones after I enter my p/w once and mail and calendar both seem to function properly.

Not sure what authentication is used but I had also added "Provider for Google Calendar 1.04" per the online instructions I was following to set up Lightning.

Comment 6

2 years ago
Confirming from multiple reports.
Status: UNCONFIRMED → NEW
Ever confirmed: true
(Assignee)

Comment 7

2 years ago
A workaround for this is to install the "Startupmaster" extension.

I believe I've mentioned this before in another bug, but the problem is that our nsIMsgAsyncPrompter is not asynchronous enough :-) It is assumed that multiple asynchronous requests can be made, but the actual password prompt must be synchronous. This is not the case for OAuth, because a window needs to be opened and such.

I'd love for this to be fixed by extending nsIMsgAsyncPrompter to allow for asynchronous password requests, preferably in a backwards compatible way. This would also allow me to fix the issue for the Provider for Google Calendar.
(Reporter)

Comment 8

2 years ago
(In reply to Philipp Kewisch [:Fallen] from comment #7)

> A workaround for this is to install the "Startupmaster" extension.

As I reported in my first message of this thread, my workaround (still in use) was to deactivate the Thunderbird main (meta) password and the installation of the old (but still valid) extension "Profile Password" v.0.7.17 by Paolo Kaosmos you can get at:
https://nic-nac-project.org/~kaosmos/profilepassword-en.html
By using it, I had to insert my "meta/main" password only once. Besides, this extension gives a little bit more security to TB application.
Topoldo

Updated

2 years ago
Duplicate of this bug: 1198675

Comment 10

2 years ago
I can confirm this bug.

Instead of disabling the master password request, it would be a better workaround, to disable receiving mails at program start (in account options for OAuth accounts).

Comment 11

2 years ago
Hello/ Bonjour

@AlexIhrig@thunderbird-mail 

Disable receiving mails at program start does not change the problem,  or start TB offline either.

If you disable Gmail OAuth (TB38) is ok
The solution with the Startup Master extension also works well;-)
https://addons.mozilla.org/fr/thunderbird/addon/startupmaster/

(sorry for the translation :-(  )

/------------------------------------\
@AlexIhrig@thunderbird-mail 
Désactiver la relève  ne change rien au problème, ni démarrer TB en hors connexion non plus.

Si on désactive OAUTH  de Gmail (TB38) c'est ok 
La solution avec l'extension Startup Master fonctionne aussi très bien ;-)
https://addons.mozilla.org/fr/thunderbird/addon/startupmaster/

Comment 12

a year ago
(In reply to Philipp Kewisch [:Fallen] from comment #7)
> ...the problem is that
> our nsIMsgAsyncPrompter is not asynchronous enough :-) It is assumed that
> multiple asynchronous requests can be made, but the actual password prompt
> must be synchronous. 

Thanks Philip, et.al.  Seems to me that the master password dialog needs to simply happen and complete before letting anyone use it's results, either because one happens before the other, or because one must wait until the other is done.  

I looked at the workaround, but there is a stiff warning that it's not very secure right at the start of the info about it.  And yes, this having to put a pw in 3 times is a pain, and is the sort of thing that will drive people away from TB.  Hope you can fix this.  It's been around for quite awhile broken like this!

Updated

a year ago
Duplicate of this bug: 1284500

Updated

a year ago
Duplicate of this bug: 1288027

Comment 15

a year ago
I was getting duplicate prompts until a week or two ago with Firefox Nightly, but the behavior has changed in the past week or so. I may still get duplicate prompts if I wait long enough but I haven't seen it for a few days.

There also appears to have been a change in when the password prompts appears (it shows up later), but I can't tell whether that is a Nightly change or a change in the behavior in the web sites in my pinned tabs.

There are three bugs on this issue. I'll let someone else decide which should be marked as duplicate.

Bug 794736: Firefox/Security: Two master password popup windows come up
Bug 981579: Toolkit/Password Manager: Asked for master password twice
Bug 1176399: MainNews Core/Networking: Multiple requests for master password when GMail OAuth2 is enabled
(Reporter)

Comment 16

a year ago
On Thunderbird, I solved all my problems concerning master password duplicate requests due to Google mail account + Google Calendar (mapped into Lightning) requests by installing the following extension:
https://addons.mozilla.org/it/thunderbird/addon/startupmaster/
Regards,
Topoldo/Leopoldo
Does it happen with nightly build?  (without the addon of course)
see https://archive.mozilla.org/pub/thunderbird/nightly/latest-comm-central/

If you go back to one of the version 31.x series, does the problem go away?
see https://www.mozilla.org/en-US/thunderbird/releases/
Flags: needinfo?(lordcrc)
Flags: needinfo?(leopoldo.saggin)
Wrong link above for 31.x.  Use https://releases.mozilla.org/pub/thunderbird/releases/31.7.0/win32/en-US/ (for windows)

Comment 19

11 months ago
(In reply to Philipp Kewisch [:Fallen] from comment #7)
> A workaround for this is to install the "Startupmaster" extension.
> 
> I believe I've mentioned this before in another bug, but the problem is that
> our nsIMsgAsyncPrompter is not asynchronous enough :-) It is assumed that
> multiple asynchronous requests can be made, but the actual password prompt
> must be synchronous. This is not the case for OAuth, because a window needs
> to be opened and such.

looks like that would be bug 349641 comment 84


> I'd love for this to be fixed by extending nsIMsgAsyncPrompter to allow for
> asynchronous password requests, preferably in a backwards compatible way.
> This would also allow me to fix the issue for the Provider for Google
> Calendar.

No mention nsIMsgAsyncPrompter in bug 643265 and bug 584014, the key "master password" bugs in Thunderbird.  And nowhere else in the *entire* history of bugzilla do I find mention of nsIMsgAsyncPrompter (except an unrelated bug 647000)

It's pretty clear no patch is coming from the respective module owners and peers via bug 177175 (which is quite the cesspool). So what is our path forward?  Can we do it ourselves, or ply them with beer?
Depends on: 643265
Flags: needinfo?(philipp)
Flags: needinfo?(lordcrc)
Flags: needinfo?(leopoldo.saggin)
Flags: needinfo?(jorgk)
See Also: → bug 849540

Comment 20

11 months ago
Sorry, I know nothing about this. But bug 177175 was reviewed by Honza, so perhaps ask him.
Flags: needinfo?(jorgk)

Comment 21

11 months ago
OTOH, there is bug 1271851 where dolske recently says "We've also been doing _nothing_ for long enough that we really need to make some incremental progress towards improving things so that future improvements don't also get stuck in this hopeless logjam".

Mattn is also active in triage of password manager bug reports
(Assignee)

Comment 22

11 months ago
nsIMsgAsyncPrompter is our code at https://dxr.mozilla.org/comm-central/source/mailnews/base/public/nsIMsgAsyncPrompter.idl

I don't think we need to ask anyone, we just need to change the interface to be able to handle asynchronous password prompts.
Flags: needinfo?(philipp)
(Assignee)

Comment 23

11 months ago
Created attachment 8813917 [details] [diff] [review]
Fix - v1

I was thinking about something like this.
Assignee: nobody → philipp
Status: NEW → ASSIGNED
Attachment #8813917 - Flags: review?(mkmelin+mozilla)
(Assignee)

Updated

11 months ago
Blocks: 682474

Updated

10 months ago
Blocks: 1257058
(Assignee)

Comment 24

10 months ago
Review ping for this bug? I think we should get this into 52.

Comment 25

10 months ago
(In reply to Philipp Kewisch [:Fallen] from comment #24)
>  I think we should get this into 52.

And even 45 if it's deemed not too risky - because, beyond just the mere prompting, it has the potential to help some other issues like crashes.
Severity: normal → major
status-thunderbird50: --- → wontfix
status-thunderbird51: --- → affected
status-thunderbird52: --- → affected
status-thunderbird53: --- → affected
status-thunderbird_esr38: affected → wontfix
status-thunderbird_esr45: --- → affected
tracking-thunderbird51: --- → ?
tracking-thunderbird_esr45: --- → ?

Comment 26

10 months ago
I'll try to get to it this week.

Comment 27

10 months ago
Comment on attachment 8813917 [details] [diff] [review]
Fix - v1

Review of attachment 8813917 [details] [diff] [review]:
-----------------------------------------------------------------

I set up two gmail accounts, and set the master password. 

With this patch applied, I get only one master password prompt (OK!), but only one of the accounts is showing any folders (just shows the account name, no folders to expand). Presumably the "second" one is not really authenticated. Nothing of interest in the error console. I can see the problem account folders briefly if using trunk with the profile earlier. But the folders and subfolders disappear once logins would be done.
Attachment #8813917 - Flags: review?(mkmelin+mozilla) → review-

Comment 28

10 months ago
Progress!  Back to Philipp.

Can you put up a try build with the next patch?
Flags: needinfo?(philipp)
(Assignee)

Comment 29

9 months ago
Created attachment 8827172 [details] [diff] [review]
Fix - v2

I was not able to reproduce this directly, but I can imagine what is happening: the _loginUrl is actually just oauth://accounts.google.com so this will be the same for both accounts, which will consolidate the prompts. I've added the username in the mix now. It does not have to be a valid url, just a unique token.

I am still slightly concerned that in the case where prompts are correctly consolidated (i.e. one account, possibly master password, two different sources try to trigger an oauth login). If I am right to assume that in this case the same instance of msgOAuth2Module will be used it is ok, but if there are two instances then consolidating requests will cause one of them to be missing a token.

Anyway, I've started a try run with my latest patches:

https://treeherder.mozilla.org/#/jobs?repo=try-comm-central&revision=28d2d61cb151fdbb400fad592fddca6c81a7dd58
Attachment #8813917 - Attachment is obsolete: true
Flags: needinfo?(philipp)
Attachment #8827172 - Flags: review?(mkmelin+mozilla)

Comment 30

9 months ago
Try builds available at https://archive.mozilla.org/pub/thunderbird/try-builds/mozilla@kewis.ch-28d2d61cb151fdbb400fad592fddca6c81a7dd58/
tracking-thunderbird51: ? → ---
tracking-thunderbird52: --- → ?

Comment 31

9 months ago
This could be a MAJOR step forward. I  did not test calendar. Only email accounts.  I hope others report similar success for calendar.

Try build results:
- happily only one master password prompt (normally I get one per google account)
- 2 oauth gmail accounts, all accounts logged in
- 2 normal login gmail accounts, all logged in OK 
- no new ill effects and no other changes that I could determine 

Only the normal crashes if you try to shut down THunderbird with a login prompt open...

try build:  xul.dll@0x17c7cf8 | nss3.dll@0x79584 | nss3.dll@0x6eb37 | _o__CIpow bp-cddb2b23-94f0-4cf2-9b70-6b03b2170121

45.6.0:  shutdownhang | _PR_MD_WAIT_CV | _PR_WaitCondVar | mozilla::CondVar::Wait | nsEventQueue::GetEvent | nsThread::ProcessNextEvent | NS_ProcessNextEvent | nsThread::Shutdown | nsThreadManager::Shutdown More Reports Search
bb26b697-34a6-4d84-bde6-c86452170121 bug 1307963

Comment 32

9 months ago
Comment on attachment 8827172 [details] [diff] [review]
Fix - v2

Review of attachment 8827172 [details] [diff] [review]:
-----------------------------------------------------------------

Sorry for the review delay!
This version works for me, when I enter the password. 

If I cancel the master password prompt I get left in a dead state, where I can't do anything in the affected accounts. 
Without the patch, when I do the same thing, the master password dialog would pop back up again if I try to view a folder.

In the error console I get
"NS_ERROR_ABORT: User canceled master password entry"
Attachment #8827172 - Flags: review?(mkmelin+mozilla) → review-

Comment 33

9 months ago
> In the error console I get
> "NS_ERROR_ABORT: User canceled master password entry"

I reproduce this also on Windows
Flags: needinfo?(philipp)

Comment 34

9 months ago
(amending) after cancelling the master password prompt appears after some period of time (1-2 minutes).  But the affected accounts are still dead - no prompt for password

Updated

8 months ago
status-thunderbird51: affected → wontfix
status-thunderbird54: --- → affected
status-thunderbird_esr45: affected → wontfix
tracking-thunderbird52: ? → ---
tracking-thunderbird_esr45: ? → ---
tracking-thunderbird_esr52: --- → ?
(Assignee)

Comment 35

8 months ago
Created attachment 8841218 [details] [diff] [review]
Fix - v3

Thanks for the extensive testing and sorry for the delay. Not sure this is still in time given potential regression risks, but I've found the issues in the previous patch.

I've tested successful login, cancelled login, successfull login after initially cancelling, saving passwords using master passwords. It all seems to work.
Attachment #8827172 - Attachment is obsolete: true
Flags: needinfo?(philipp)
Attachment #8841218 - Flags: review?(mkmelin+mozilla)

Updated

8 months ago
status-thunderbird_esr52: --- → affected

Comment 36

7 months ago
Comment on attachment 8841218 [details] [diff] [review]
Fix - v3

Review of attachment 8841218 [details] [diff] [review]:
-----------------------------------------------------------------

Sorry for the review lag here. Anyway, there still appears to be problems after cancelling. 

My setup is I have two gmail accounts. After starting I get the master password prompt and press cancel. Now if I decide I want to see an inbox I select the inbox, but get no prompt. However, some other folders seem to trigger the prompt. I think it's only the first time a folder is selected the prompt will show itself. After that nothing if I cancel.

::: mailnews/base/src/msgAsyncPrompter.js
@@ +59,3 @@
>            consumer.onPromptCanceled();
> +        }
> +      } catch (ex) {

Apparently we end up here

runnablePrompter:run: [Exception... "User canceled master password entry"  nsresult: "0x80004004 (NS_ERROR_ABORT)"  location: "JS frame :: file:///opt/comm-central/src/obj-x86_64-pc-linux-gnu/dist/bin/components/crypto-SDR.js :: decrypt :: line 134"  data: no]
Attachment #8841218 - Flags: review?(mkmelin+mozilla) → review-
(Assignee)

Comment 37

7 months ago
Thanks for the thorough review, I'm surprised this issue didn't show for me. I'll look into this asap.
Flags: needinfo?(philipp)

Updated

7 months ago
Duplicate of this bug: 1348674
(Assignee)

Comment 39

7 months ago
Created attachment 8849555 [details] [diff] [review]
Fix - v4

There we go. The first prompter is not canceled in case of an exception, and I also found that we are trying to create empty login manager entries if the refresh token is null (e.g. cancelling the master password prompt after logging in)
Attachment #8841218 - Attachment is obsolete: true
Flags: needinfo?(philipp)
Attachment #8849555 - Flags: review?(mkmelin+mozilla)

Comment 40

6 months ago
Comment on attachment 8849555 [details] [diff] [review]
Fix - v4

Review of attachment 8849555 [details] [diff] [review]:
-----------------------------------------------------------------

Everything works now, yay!

Just please fix the indention to use 2 spaces, not 4

::: mailnews/base/src/msgOAuth2Module.js
@@ +139,5 @@
>  
>    connect(aWithUI, aListener) {
> +    let oauth = this._oauth;
> +    let promptlistener = {
> +        onPromptStartAsync: function(callback) {

two space indents please :)

::: mailnews/imap/src/nsImapProtocol.cpp
@@ +8334,5 @@
> +NS_IMETHODIMP nsImapProtocol::OnPromptStartAsync(nsIMsgAsyncPromptCallback *aCallback)
> +{
> +    bool result = false;
> +    OnPromptStart(&result);
> +    return aCallback->OnAuthResult(result);

here too

::: mailnews/local/src/nsPop3Protocol.cpp
@@ +779,5 @@
> +NS_IMETHODIMP nsPop3Protocol::OnPromptStartAsync(nsIMsgAsyncPromptCallback *aCallback)
> +{
> +    bool result = false;
> +    OnPromptStart(&result);
> +    return aCallback->OnAuthResult(result);

and here

::: mailnews/news/src/nsNNTPProtocol.cpp
@@ +2497,5 @@
> +NS_IMETHODIMP nsNNTPProtocol::OnPromptStartAsync(nsIMsgAsyncPromptCallback *aCallback)
> +{
> +    bool result = false;
> +    OnPromptStart(&result);
> +    return aCallback->OnAuthResult(result);

and here
Attachment #8849555 - Flags: review?(mkmelin+mozilla) → review+

Comment 41

6 months ago
Created attachment 8855936 [details] [diff] [review]
Fix - v4 (spaces fixed).

Ready to land, right?
Attachment #8849555 - Attachment is obsolete: true
Attachment #8855936 - Flags: review+
Is bug 177175 related in any way? Could parts of this fix be used for FF?
(Assignee)

Comment 43

6 months ago
(In reply to Jorg K (GMT+2) from comment #41)
> Created attachment 8855936 [details] [diff] [review]
> Fix - v4 (spaces fixed).
> 
> Ready to land, right?

Looks good, yes. Thanks for taking care. We may want to test this a bit before we uplift, but it would definitely be a candidate for the next minor version.

(In reply to Albert Scheiner [:alberts] from comment #42)
> Is bug 177175 related in any way? Could parts of this fix be used for FF?

I'm sure Firefox could fix it in a similar way, but since they have the power to fix it in toolkit they may want to do that instead. Thunderbird uses a services that queues all auth prompts, this specific bugs only extends that service to handle async auth prompts.
Keywords: checkin-needed

Comment 44

6 months ago
https://hg.mozilla.org/comm-central/rev/c553f7084ca92a5a93b66c5d0a82b78e385d356b
Status: ASSIGNED → RESOLVED
Last Resolved: 6 months ago
status-thunderbird55: --- → fixed
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → Thunderbird 55.0

Comment 45

6 months ago
perha(In reply to Philipp Kewisch [:Fallen] from comment #43)
> (In reply to Jorg K (GMT+2) from comment #41)
> > Created attachment 8855936 [details] [diff] [review]
> > Fix - v4 (spaces fixed).
> > 
> > Ready to land, right?
> 
> Looks good, yes. Thanks for taking care. We may want to test this a bit
> before we uplift, but it would definitely be a candidate for the next minor
> version.

I'd like to see us take this and bug 1176399 for the first 54 beta - if I had to put a date on it, I'd say building Monday 4/24. So by then it would have been on nightly for 2 weeks.

Comment 46

6 months ago
Well, no uplift was ever requested. And since bug 682474 (*not* bug 1176399 which is this bug here) is in Calendar, I don't have the authority to just uplift it since I want to :-(

Updated

6 months ago
Attachment #8855936 - Flags: approval-comm-beta+
Attachment #8855936 - Flags: approval-comm-aurora+

Comment 47

6 months ago
Aurora (TB 54):
https://hg.mozilla.org/releases/comm-aurora/rev/05d563fd17e9f1ef436ea1c1664439f317b91e98

Beta (TB 53):
https://hg.mozilla.org/releases/comm-beta/rev/cc88f45a033fce62ee6764b1cb3595bdfbaf130d
(Putting WONTFIX, since it won't get into TB 53 beta).
status-thunderbird52: affected → ---
status-thunderbird53: affected → wontfix
status-thunderbird54: affected → fixed
Duplicate of this bug: 833272

Updated

6 months ago
Attachment #8855936 - Flags: approval-comm-esr52?

Updated

5 months ago
Duplicate of this bug: 1362855

Updated

5 months ago
See Also: → bug 177175

Comment 50

5 months ago
One small wrinkle in this action (asking for the Master password twice) is that the Master Password dialogue actually appears (pops up) 3 times. On the first dialogue, it appears and disappears in a flash. Then the other 2 dialogues open one after the other to request the Master password twice. I would suspect that the first dialogue isn't doing anything and could be removed.

Comment 51

5 months ago
I know it's on the tracking list, and now we have enough testing, so time to get this and it's friend bug 682474 on the next esr52.

Comment 52

5 months ago
> status-thunderbird54: affected → fixed

This applies to TB 54.0b1 32-bit on both, Linux and Win7. TB started in safe mode.
For me this isn't fixed, I still get multiple Master passwords prompts.
I do have multiple email accounts (among them one Gmail IMAP with OAuth2) and a Gmail calendar also with OAuth2.
On Linux I do get 2 Master Password prompts, on Win7 I do get 6 prompts. The accounts are the same for both installations.
The Startup Master add-on still takes care of the problem.

Comment 53

5 months ago
(In reply to Christian Riechers from comment #52)

> On Linux I do get 2 Master Password prompts, on Win7 I do get 6 prompts.

Correction:
There are 6 prompts on both, Linux and Windows.
(Assignee)

Comment 54

5 months ago
Are you using any other extensions aside from Lightning?

Comment 55

5 months ago
Yes, I do. However, I thought that starting Thunderbird in safe mode would eliminate interference from other extensions.

Updated

5 months ago
Attachment #8855936 - Flags: approval-comm-esr52? → approval-comm-esr52+

Comment 56

5 months ago
TB 52 ESR:
https://hg.mozilla.org/releases/comm-esr52/rev/fdb3acad393d

Note that there were changes to an IDL file here. I guess they were OK to uplift since we don't support binary extensions any more. To get this landed, I had to add ba= and IGNORE IDL to the commit message.
status-thunderbird_esr52: affected → fixed
tracking-thunderbird_esr38: + → ---
tracking-thunderbird_esr52: ? → 54+

Updated

4 months ago
Depends on: 1373161

Comment 57

4 months ago
TB 52 ESR - Backout:
https://hg.mozilla.org/releases/comm-esr52/rev/3876b639b13dde1c842182a32cb37cd1e68a0e63
status-thunderbird_esr52: fixed → affected
tracking-thunderbird_esr52: 54+ → ---

Comment 58

4 months ago
Fixed now with latest 52.2.0. If you enter the master password right away, then you are only asked once to enter it.

However, there is maybe? a related bug. If you do not enter the master password right away but wait, say about 10 minutes, then the same problem of multiple password requests comes back again - depends on how long you wait, but you get 3-4 requests to enter the master password over and over. Is there another bug for that?

Comment 59

4 months ago
I just backed this out from TB 52.2 since it was causing issues with Gmail. When we fix those issues, we'll keep your report in mind.

Comment 60

3 months ago
(In reply to Jorg K (GMT+2) from comment #59)
> I just backed this out from TB 52.2 since it was causing issues with Gmail.
> When we fix those issues, we'll keep your report in mind.

I was hoping to avoid this, but I believe we must also back this out for beta.  ref bug 1380040
Flags: needinfo?(jorgk)

Comment 61

3 months ago
TB 52.2.1 still has the bug. Not sure why it worked right after it was "fixed" but now always asking 2 times for Master password. Sorry if this is the "expected" result after backing out, but just in case it wasn't actually backed out.

Comment 62

3 months ago
Yes, this was backed out from TB 52.2.1 to fix some Gmail problems, so the multiple master password prompts are back.

Wayne, yes, I will back the "combo" (this bug plus two related calendar bugs) out from TB 55 beta.
Flags: needinfo?(jorgk)

Comment 63

3 months ago
Beta (TB 55) backout:
https://hg.mozilla.org/releases/comm-beta/rev/02b96a0d4852b9ba95ff590e2a98c0ec1e68d80b
status-thunderbird55: fixed → affected

Comment 64

3 months ago
Backout from trunk:
https://hg.mozilla.org/comm-central/rev/8f404af70ca26af39dd3f1472d8fd357508a1ce6

Sorry, I had to back this out since the next merge date is coming and I can't continue to back it out from all the betas we ship.

Further references: Gijs' comments from bug 1374244 comment #4.
status-thunderbird56: --- → affected

Updated

3 months ago
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Blocks: 275547

Comment 65

a month ago
I'm running 56b3 and i'm having this problem, maybe since 56b1. Mac, 10.12.6. One IMAP and two gmail accounts. I know that this was fixed maybe a year or two ago, so it seems like it's come back. Damned if I can't find the bugs in question from back then.
You need to log in before you can comment on or make changes to this bug.