No longer attempt to repair/re-init the OpenPGP secret storage if the automatic passphrase doesn't work
Categories
(MailNews Core :: Security: OpenPGP, enhancement, P2)
Tracking
(thunderbird_esr115 affected, thunderbird118 fixed)
People
(Reporter: KaiE, Assigned: KaiE, NeedInfo)
References
Details
Attachments
(1 file)
48 bytes,
text/x-phabricator-request
|
wsmwk
:
approval-comm-beta+
|
Details | Review |
If the feature to use individual OpenPGP secret key passphrases (bug 1679278) has been enabled, then we should never automatically attempt to re-initialize the secret key storage.
If mail.openpgp.passphrases.enable is set to true, the user might no longer be using that automatic passphrase anyway.
(We had introduced the re-init of the automatic passphrase because of bug 1790610 and the related broken profile import feature.)
Assignee | ||
Updated•2 years ago
|
Assignee | ||
Updated•2 years ago
|
Assignee | ||
Comment 1•2 years ago
|
||
Actually, I think that TB 115 and later should never re-init (move away) the secring.gpg file,
even if the pref is false.
Because the user might have had the pref enabled previously, set passphrases, then disabled the pref again.
Our code won't show the UI for managing the passphrase, but it would still correctly handle prompting for that passphrase.
Given that 115 doesn't suffer from the original bug (described in bug 1790605), it should be unnecessry to recreate secring.gpg
Assignee | ||
Comment 2•2 years ago
|
||
I'll wait until the work on bug 1835786 has completed.
Afterwards I'll request review on this cleanup.
Assignee | ||
Comment 3•2 years ago
|
||
Depends on D183178
Assignee | ||
Updated•1 years ago
|
Assignee | ||
Updated•1 years ago
|
Assignee | ||
Comment 4•1 year ago
|
||
Finally bug 1835786 was shipped on all stable branches, we're ready to make this change.
Updated•1 year ago
|
Updated•1 year ago
|
Pushed by mkmelin@iki.fi:
https://hg.mozilla.org/comm-central/rev/491a82e6e9d8
In 115 and later, never re-init secring.gpg. r=mkmelin
Comment 7•1 year ago
|
||
Comment on attachment 9343109 [details]
Bug 1842629 - In 115 and later, never re-init secring.gpg. r=mkmelin
[Triage Comment]
Approved for beta
Comment 8•1 year ago
|
||
bugherder uplift |
Assignee | ||
Comment 10•1 year ago
|
||
Comment on attachment 9343109 [details]
Bug 1842629 - In 115 and later, never re-init secring.gpg. r=mkmelin
[Approval Request Comment]
Regression caused by (bug #): 1790610
User impact if declined: Potential, theoretical dataloss
Testing completed (on c-c, etc.): yes
Risk to taking this patch (and alternatives if risky): low; lower risk for problems with this code removal
Assignee | ||
Comment 11•1 year ago
|
||
Assignee | ||
Comment 12•1 year ago
|
||
Comment on attachment 9343109 [details]
Bug 1842629 - In 115 and later, never re-init secring.gpg. r=mkmelin
Actually, I'm temporarily withdrawing my approval request.
Looking at the patch just raised some uncertainty.
I want to go back and doublecheck one more scencario.
Description
•