Sending an email from a local smtp server (e.g., protonmail) doesn't prompt to add a security exception
Categories
(Thunderbird :: Account Manager, defect)
Tracking
(thunderbird_esr78 unaffected)
| Tracking | Status | |
|---|---|---|
| thunderbird_esr78 | --- | unaffected |
People
(Reporter: emilio, Assigned: emilio)
Details
Attachments
(4 files, 1 obsolete file)
I was trying to set up a protonmail.com account, because I want to migrate email providers and I was trying to test out multiple alternatives.
In order to set up protonmail with Thunderbird, you need to set up a bridge which effectively runs a local imap / smtp server with a self-signed certificate, I think.
When setting up the account following the instructions everything seems to work. But when you get to send the email, stuff fails with a generic "Sending of the message failed."
The error console says:
mailnews.smtp:
error
bubbles: false
cancelBubble: false
cancelable: false
composed: false
composedTarget: TCPSocket { host: "127.0.0.1", port: 1025, ssl: true, … }
currentTarget: null
defaultPrevented: false
defaultPreventedByChrome: false
defaultPreventedByContent: false
eventPhase: 0
explicitOriginalTarget: TCPSocket { host: "127.0.0.1", port: 1025, ssl: true, … }
isReplyEventFromRemoteContent: false
isSynthesized: false
isTrusted: true
isWaitingReplyFromRemoteContent: false
message: "SecurityCertificate"
multipleActionsPrevented: false
name: "SecurityError"
originalTarget: TCPSocket { host: "127.0.0.1", port: 1025, ssl: true, … }
returnValue: true
srcElement: TCPSocket { host: "127.0.0.1", port: 1025, ssl: true, … }
target: TCPSocket { host: "127.0.0.1", port: 1025, ssl: true, … }
timeStamp: 0
type: "error"
<get isTrusted()>: function isTrusted()
<prototype>: TCPSocketErrorEventPrototype { name: Getter, message: Getter, … }
SmtpClient.jsm:436:17
mailnews.send: Sending failed: Sending of the message failed., exitCode=2147500037, originalMsgURI= MessageSend.jsm:304:27
fail resource:///modules/MessageSend.jsm:304
_deliveryExitProcessing resource:///modules/MessageSend.jsm:587
sendDeliveryCallback resource:///modules/MessageSend.jsm:652
OnStopRunningUrl resource:///modules/MessageSend.jsm:1229
onerror resource:///modules/SmtpService.jsm:137
_onError resource:///modules/SmtpClient.jsm:457
Prompter: internal dialogs not available in this context. Falling back to window prompt. Prompter.jsm:1033
set modalType resource://gre/modules/Prompter.jsm:1033
ModalPrompter resource://gre/modules/Prompter.jsm:989
getPrompt resource://gre/modules/Prompter.jsm:65
getDefaultPrompt resource:///modules/MessageSend.jsm:285
fail resource:///modules/MessageSend.jsm:302
_deliveryExitProcessing resource:///modules/MessageSend.jsm:587
sendDeliveryCallback resource:///modules/MessageSend.jsm:652
OnStopRunningUrl resource:///modules/MessageSend.jsm:1229
onerror resource:///modules/SmtpService.jsm:137
_onError resource:///modules/SmtpClient.jsm:457
_onError self-hosted:1173
That seems somewhat expected, but there's no way for me to add a security exception from the UI. If I go to preferences and try to manually add an exception for smtp:///127.0.0.1:1025 it seems to wait forever on the UI while "Attempting to identify this site..."
|
Assignee | |
Comment 1•3 years ago
|
||
Ah, if I try to manually get messages etc I get: Uncaught (in promise) DOMException: The URI is malformed.
|
|
Assignee | |
Comment 2•3 years ago
|
||
(and that comes from exceptionDialog.js so it looks relevant. I'll try to debug a bit more)
|
|
Assignee | |
Comment 3•3 years ago
|
||
Thunderbird cares about it and it's hackily trying to reverse-infer it
from the name:
|
||
Updated•3 years ago
|
|
|
Assignee | |
Comment 4•3 years ago
|
||
|
|
Assignee | |
Comment 5•3 years ago
|
||
Same deal, Thunderbird could really use this.
|
|
Assignee | |
Comment 6•3 years ago
|
||
This actually fixes the dialog that we manage to get showing up with the previous patch so that it has the right cert.
|
|
Assignee | |
Comment 7•3 years ago
|
||
I'd appreciate if some of the people paid to work on Thunderbird could add some tests for this. I have zero idea of what existing test infrastructure we have for this stuff.
|
|
Assignee | |
Updated•3 years ago
|
|
|
Assignee | |
Updated•3 years ago
|
|
||
Comment 8•3 years ago
|
||
Comment on attachment 9207277 [details] [diff] [review] Bug 1696776 - Properly map from TCPErrorEvent to nsresult error code in SmtpClient.jsm. r=mkmelin Review of attachment 9207277 [details] [diff] [review]: ----------------------------------------------------------------- Thanks Emilio!
|
|
||
Comment 9•3 years ago
|
||
Comment on attachment 9207280 [details] [diff] [review] Bug 1696776 - Plumb failed security info around from the smtp service, so that the dialog actually has the right cert. r=mkmelin Review of attachment 9207280 [details] [diff] [review]: ----------------------------------------------------------------- ::: mailnews/base/public/nsIMsgMailNewsUrl.idl @@ +38,5 @@ > > [noscript,notxpcom,nostdcall] > nsresult setUsernameInternal(in ACString aUsername); > > + void SetFailedSecInfo(in nsITransportSecurityInfo secInfo); I think we should use lowercase s in set ::: mailnews/compose/src/SmtpService.jsm @@ +135,5 @@ > }; > + client.onerror = (nsError, secInfo) => { > + if (secInfo) { > + // TODO(emilio): Passing the failed security info as part of the URI is > + // quite a smell, but monkey see monkey do... Yes, but we were unable to come up with something better that we could use to propagate the data back to the UI layer for handling... Let me know if you have any suggestions.
|
|
Assignee | |
Updated•3 years ago
|
|
||
Comment 10•3 years ago
|
||
Pushed by ealvarez@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/a9ff2096f727 Expose error code in TCPSocketErrorEvent. r=valentin
|
|
||
Comment 11•3 years ago
|
||
Pushed by ealvarez@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/02f63faa74a1 Expose socket transport in TCPSocket. r=valentin
|
|
Assignee | |
Comment 12•3 years ago
|
||
Yep, used a setter instead.
|
|
Assignee | |
Comment 13•3 years ago
|
||
(In reply to Magnus Melin [:mkmelin] from comment #9)
Yes, but we were unable to come up with something better that we could use
to propagate the data back to the UI layer for handling... Let me know if
you have any suggestions.
Passing the sec info as an extra argument to OnStopRunningUrl seems possible from most callers, afaict.
|
||
Comment 14•3 years ago
|
||
| bugherder | ||
|
||
Updated•3 years ago
|
|
|
||
Comment 15•3 years ago
|
||
Comment on attachment 9207277 [details] [diff] [review]
Bug 1696776 - Properly map from TCPErrorEvent to nsresult error code in SmtpClient.jsm. r=mkmelin
Looks good, thanks.
|
|
||
Comment 16•3 years ago
|
||
Comment on attachment 9207322 [details] [diff] [review]
Bug 1696776 - Plumb failed security info around from the smtp service, so that the dialog actually has the right cert.
Looks good, thanks.
|
|
||
Updated•3 years ago
|
|
|
||
Comment 17•3 years ago
|
||
Pushed by geoff@darktrojan.net:
https://hg.mozilla.org/comm-central/rev/6cfd18c0b4a8
Properly map from TCPErrorEvent to nsresult error code in SmtpClient.jsm. r=rnons
https://hg.mozilla.org/comm-central/rev/698fd1ac1f68
Plumb failed security info around from the smtp service, so that the dialog actually has the right cert. r=rnons
| Comment hidden (obsolete) |
|
|
||
Updated•3 years ago
|
Description
•