Closed Bug 1842629 Opened 1 year ago Closed 10 months ago

No longer attempt to repair/re-init the OpenPGP secret storage if the automatic passphrase doesn't work

Categories

(MailNews Core :: Security: OpenPGP, enhancement, P2)

enhancement

Tracking

(thunderbird_esr115 affected, thunderbird118 fixed)

RESOLVED FIXED
119 Branch
Tracking Status
thunderbird_esr115 --- affected
thunderbird118 --- fixed

People

(Reporter: KaiE, Assigned: KaiE, NeedInfo)

References

Details

Attachments

(1 file)

If the feature to use individual OpenPGP secret key passphrases (bug 1679278) has been enabled, then we should never automatically attempt to re-initialize the secret key storage.

If mail.openpgp.passphrases.enable is set to true, the user might no longer be using that automatic passphrase anyway.

(We had introduced the re-init of the automatic passphrase because of bug 1790610 and the related broken profile import feature.)

See Also: → 1790610, 1835786

Actually, I think that TB 115 and later should never re-init (move away) the secring.gpg file,
even if the pref is false.

Because the user might have had the pref enabled previously, set passphrases, then disabled the pref again.
Our code won't show the UI for managing the passphrase, but it would still correctly handle prompting for that passphrase.

Given that 115 doesn't suffer from the original bug (described in bug 1790605), it should be unnecessry to recreate secring.gpg

I'll wait until the work on bug 1835786 has completed.
Afterwards I'll request review on this cleanup.

Depends on: 1835786
See Also: 1835786
Summary: Don't attempt to repair/re-init the OpenPGP secret storage if the user has enabled separate passphrases → No longer attempt to repair/re-init the OpenPGP secret storage if the automatic passphrase doesn't work
Assignee: nobody → kaie
Priority: -- → P2

Finally bug 1835786 was shipped on all stable branches, we're ready to make this change.

Attachment #9343109 - Attachment description: WIP: Bug 1842629 - In 115 and later, never re-init secring.gpg. → Bug 1842629 - In 115 and later, never re-init secring.gpg. r=mkmelin
Status: NEW → ASSIGNED
Target Milestone: --- → 119 Branch

Pushed by mkmelin@iki.fi:
https://hg.mozilla.org/comm-central/rev/491a82e6e9d8
In 115 and later, never re-init secring.gpg. r=mkmelin

Status: ASSIGNED → RESOLVED
Closed: 10 months ago
Resolution: --- → FIXED
Pushed by geoff@darktrojan.net:
https://hg.mozilla.org/comm-central/rev/f7c526ce913d
follow-up - Remove unused import. rs=linting

Comment on attachment 9343109 [details]
Bug 1842629 - In 115 and later, never re-init secring.gpg. r=mkmelin

[Triage Comment]
Approved for beta

Attachment #9343109 - Flags: approval-comm-beta+

Is this still wanted for 115?

Flags: needinfo?(kaie)

Comment on attachment 9343109 [details]
Bug 1842629 - In 115 and later, never re-init secring.gpg. r=mkmelin

[Approval Request Comment]
Regression caused by (bug #): 1790610
User impact if declined: Potential, theoretical dataloss
Testing completed (on c-c, etc.): yes
Risk to taking this patch (and alternatives if risky): low; lower risk for problems with this code removal

Flags: needinfo?(kaie)
Attachment #9343109 - Flags: approval-comm-esr115?

(In reply to Wayne Mery (:wsmwk) from comment #9)

Is this still wanted for 115?

yes please.

Comment on attachment 9343109 [details]
Bug 1842629 - In 115 and later, never re-init secring.gpg. r=mkmelin

Actually, I'm temporarily withdrawing my approval request.

Looking at the patch just raised some uncertainty.

I want to go back and doublecheck one more scencario.

Attachment #9343109 - Flags: approval-comm-esr115?

Do you want to reopen this bug?

Flags: needinfo?(kaie)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: