Closed Bug 1315662 Opened 8 years ago Closed 5 years ago

deleting of SMTP-Account does not delete corresponding entry in password-manager

Categories

(MailNews Core :: Account Manager, defect)

Product:
MailNews Core
Component:
Account Manager
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(thunderbird68 fixed, thunderbird69 fixed)

Status:
RESOLVED FIXED
Milestone:
Thunderbird 69.0
Tracking Flags:
Tracking Status
thunderbird68 --- fixed
thunderbird69 --- fixed

People

(Reporter: hubertus, Assigned: aceman)

References

Details

(Keywords: privacy, Whiteboard: SMTP password visible after deletion)

Attachments

(1 file, 1 obsolete file)

1315662.patch
6.37 KB, patch
mkmelin
: review+
jorgk-bmo
: approval-comm-beta+
Details | Diff | Splinter Review 
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0
Build ID: 20161028133011

Steps to reproduce:

- Delete mail-account IMAP
- Delete corresponding SMTP-entry


Actual results:

- Entry for deleted SMTP in Password-Manager still listed
- Password data for deleted accounts remain visible!?



Expected results:

- Like after deleting IMAP mail-account, the corresponding entry in Password-Manager should have been deleted.
Severity: normal → major
OS: Unspecified → Linux
Hardware: Unspecified → x86_64
Whiteboard: SMTP password visible after deletion
This seems to a duplicate, I think I saw something similar the other day but can't find it now.
We attempt to do this for incoming servers (POP/IMAP) but I do not see code for it for SMTP. I'll look at this.
Assignee: nobody → acelists
Let's confirm it then.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Severity: major → normal
Status: NEW → ASSIGNED
OS: Linux → All
Product: Thunderbird → MailNews Core
Hardware: x86_64 → All
Version: 45 Branch → Trunk
Attached patch WIP patch (obsolete) — Splinter Review 
Theoretically, this should do it. However, this only removes the password for the current smtp hostname+username combo. But a SMTP server could store more passwords if its hostname or username has changed in the past. The incoming servers specifically work against this and remove the password if hostname or username changes. So there is always only one password for the incoming server. Can I copy this logic to SMTP too?
Attachment #8812919 - Flags: feedback?(mkmelin+mozilla)
(In reply to :aceman from comment #4)
> hostname or username changes. So there is always only one password for the
> incoming server. Can I copy this logic to SMTP too?

Huh? So what about when you have multiple accounts for one server? That is probably not even uncommon.
(In reply to Magnus Melin from comment #5)
> Huh? So what about when you have multiple accounts for one server? That is
> probably not even uncommon.

We are talking SMTP server here. Anyway, if you have multiple accounts on the same SMTP server, you have to create multiple SMTP servers in TB (nsSmtpServer). Each server can only hold one username and one password. However, if you change the username, you just get asked for new password and another hostname+username+password entry is stored in password manager. The entry for old username is not removed even though it is useless since now, you will never login with that username into the server (the object does not reference the old username anymore). This is in contrast to the incoming server objects, which just wipe the old username+password entry from PM whenever username (or hostname changes). See bug 302388 comment 11. I ask if I can implement the logic also in the SMTP server object to not leave stray passwords in the PM when no longer needed.
Yes, leaving the old password sounds like a bug to me.
Attachment #8812919 - Flags: feedback?(mkmelin+mozilla) → feedback+

aceman, you got your feedback :)

Flags: needinfo?(acelists)
See Also: → 1308767
Blocks: 365238
Attached patch 1315662.patchSplinter Review

This should do it, removes password also on username or hostname change, similar to the incoming servers.

Attachment #8812919 - Attachment is obsolete: true
Flags: needinfo?(acelists)
Attachment #9072380 - Flags: review?(mkmelin+mozilla)
Comment on attachment 9072380 [details] [diff] [review]
1315662.patch

Review of attachment 9072380 [details] [diff] [review]:
-----------------------------------------------------------------

Looks good to me, r=mkmelin
Attachment #9072380 - Flags: review?(mkmelin+mozilla) → review+
Comment on attachment 9072380 [details] [diff] [review]
1315662.patch

Review of attachment 9072380 [details] [diff] [review]:
-----------------------------------------------------------------

::: mailnews/compose/src/nsSmtpServer.cpp
@@ +553,5 @@
>        do_GetService(NS_LOGINMANAGER_CONTRACTID, &rv);
>    NS_ENSURE_SUCCESS(rv, rv);
>  
>    // Get the current server URI without the username
> +  NS_ConvertASCIItoUTF16 serverUri(GetServerURIInternal(false));

The original code had `NS_ConvertUTF8toUTF16 currServer(serverUri);` so why switch this to ASCII now?

@@ -521,5 @@
>        do_GetService(NS_LOGINMANAGER_CONTRACTID, &rv);
>    NS_ENSURE_SUCCESS(rv, rv);
>  
>    // Get the current server URI without the username
> -  nsAutoCString serverUri(NS_LITERAL_CSTRING("smtp://"));

Interesting clean-up, how did you find this duplicated code?

(In reply to Jorg K (GMT+2) from comment #11)

// Get the current server URI without the username

  • NS_ConvertASCIItoUTF16 serverUri(GetServerURIInternal(false));

The original code had NS_ConvertUTF8toUTF16 currServer(serverUri); so why
switch this to ASCII now?

All occurrences of GetServerURIInternal() do it like this when they need UTF16.
Especially the one at https://searchfox.org/comm-central/rev/9f64b3c10baf73678700dbb7b82020ce0f54ae34/mailnews/compose/src/nsSmtpServer.cpp#391 which is fetching the password too.

@@ -521,5 @@

   do_GetService(NS_LOGINMANAGER_CONTRACTID, &rv);

NS_ENSURE_SUCCESS(rv, rv);

// Get the current server URI without the username

  • nsAutoCString serverUri(NS_LITERAL_CSTRING("smtp://"));
    Interesting clean-up, how did you find this duplicated code?

I don't remember, I did this a long time ago but probably forgot to upload the patch.
Maybe it is from https://searchfox.org/comm-central/rev/9f64b3c10baf73678700dbb7b82020ce0f54ae34/mailnews/compose/src/nsSmtpServer.cpp#391 which does what we need here.

Keywords: checkin-needed, privacy

Pushed by mozilla@jorgk.com:
https://hg.mozilla.org/comm-central/rev/166aaa29faa1
delete SMTP server login credentials when deleting the account or if hostname/username changes. r=mkmelin

Status: ASSIGNED → RESOLVED
Closed: 5 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → Thunderbird 69.0
Attachment #9072380 - Flags: approval-comm-beta+
Pushed by mozilla@jorgk.com:
https://hg.mozilla.org/comm-central/rev/0e2572d4a88f
Follow-up: reformat. rs=reformat DONTBUILD
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: