Closed Bug 1915339 Opened 1 year ago Closed 7 months ago

[ews] Message Security information not displayed for received S/Mime emails in O365 EWS configured accounts

Categories

(MailNews Core :: Security: S/MIME, defect)

Product:
MailNews Core
Component:
Security: S/MIME
Version:
Thunderbird 131
Platform:
Desktop
All
Type:
defect

Tracking

(thunderbird_esr115 affected, thunderbird_esr128 affected, thunderbird129 affected, thunderbird130 affected, thunderbird131 affected)

Status:
RESOLVED DUPLICATE of bug 1976396
Tracking Flags:
Tracking Status
thunderbird_esr115 --- affected
thunderbird_esr128 --- affected
thunderbird129 --- affected
thunderbird130 --- affected
thunderbird131 --- affected

People

(Reporter: vlucaci, Unassigned)

References

(Blocks 1 open bug)

Details

Attachments

(2 files)

message from gmail sent folder.eml
25.32 KB, message/rfc822
Details
Screenshot 2024-08-29 at 10.59.29.png
520.45 KB, image/png
Details

Found in

  • 131.0a1(20240827104616)

Affected versions

  • 128.1.1esr(20240820161839)
  • 130.0b3(20240826151843)
  • 115.14(20240801155430)

Tested platforms

  • Affected platforms: Windows 11, Ubuntu 24, macOS 14

Preconditions

  • Have a gmail account with a S/Mime certificate (configured in IMAP in TB)
  • Have an O365 account with a S/Mime certificate (configured in EWS in TB)

Steps to reproduce

  1. Click on "new message" button.
  2. Select the Gmail account as the Sender.
  3. Select the O365(EWS) account as the recipient
  4. Select S/Mime as method of encryption
  5. Select the "Encrypt" button.
  6. Select an subject (optional)
  7. Write a body of text and Send

Expected result

  • The email is received in the inbox of the O365(EWS) account alongside the message security button (thus signalling the S/Mime encryption method and the signature certificate)

Actual result

  • The email is received in the inbox of the O365(EWS) account without the message security button

Regression range

  • I do not think this is a regression (at least not a recent one) because I have went as far back as 2021-08-24 and the issue reproduces with the same repro steps.

Additional notes

  • Sending an Encrypted S/Mime email from the O365(EWS) account to the Gmail(IMAP) properly displays the message security button , alongside the signature certificate.
  • Screen Recording attachment

When Thunderbird sends a message, it stores a copy in the sent folder.
I would like to see what exactly Thunderbird send out, and what EWS received.

Step 1:

Please look in the Sent folder of your gmail account, and click the encrypted message you have sent.
Does Thunderbird say it's encrypted/signed?

Click CTRL-S to save that sent message to a file, and attach it here to bugzilla, this will allow me understand what exactly Thunderbird sent out. In Bugzilla, please give the file a description like "message from gmail sent folder".

Step 2:

Go to the received email in EWS, the one that doesn't show encryption.
Click CTRL-S and save to a file.
Attach here in bugzilla, use a description like "message from ews inbox".

Thanks

Flags: needinfo?(vlucaci)

Hello,

Step 1:

I can confirm that Thunderbird states that the sent email is indeed encrypted/signed.
Attached sent email as requested.

Step 2:

It seems that whatever method of saving I am choosing (be it by CTRL+S or via context menu), I cannot save this email.
I get the following error message: "Unable to save the message. Please check your file name and try again later."

In Error Console I get the following errors:

  1. An error occurred executing the cmd_saveAsFile command: [Exception... "Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIMessenger.saveAs]" nsresult: "0x80004001 (NS_ERROR_NOT_IMPLEMENTED)" location: "JS frame :: chrome://messenger/content/mailCommands.js :: SaveAsFile :: line 506" data: no] globalOverlay.js:102:13 goDoCommand chrome://messenger/content/globalOverlay.js:102 oncommand chrome://messenger/content/messenger.xhtml:1

  2. Uncaught NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIMessenger.saveAs] SaveAsFile chrome://messenger/content/mailCommands.js:506 cmd_saveAsFile chrome://messenger/content/mailCommon.js:347 doCommand chrome://messenger/content/mailCommon.js:736 onMailContextMenuCommand chrome://messenger/content/mailContext.js:529 onCommand chrome://messenger/content/mailContext.js:158 handleEvent chrome://messenger/content/mailContext.js:140

I also tried to copy/move said email and try to save it from another folder, but nothing happens (copy/move seem to not work for this specific email) with the following error:

  1. Uncaught NS_ERROR_NOT_IMPLEMENTED: Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIMsgDBView.doCommandWithFolder] cmd_copyMessage chrome://messenger/content/mailCommon.js:244 doCommand chrome://messenger/content/mailCommon.js:736 onMailContextMenuCommand chrome://messenger/content/mailContext.js:689 onCommand chrome://messenger/content/mailContext.js:158 handleEvent chrome://messenger/content/mailContext.js:140

If there is any other way that I can try to save this email, please let me know!

Flags: needinfo?(vlucaci)

(In reply to Vlad Lucaci, Thunderbird QA (:vlucaci) from comment #2)

It seems that whatever method of saving I am choosing (be it by CTRL+S or via context menu), I cannot save this email.
I get the following error message: "Unable to save the message. Please check your file name and try again later."

Are you able to use the "view source" command?
CTRL+U

It seems not to be working for any other email , except this one that we need.

(In reply to Vlad Lucaci, Thunderbird QA (:vlucaci) from comment #2)

I can confirm that Thunderbird states that the sent email is indeed encrypted/signed.

I conclude that Thunderbird's internal S/MIME component is working correctly, at least on the sending side.

It needs to be investigated at which step of the message flow things go wrong.

I think it is very unlikely that the Gmail servers convert the message to non-S/MIME.
(If you want to ensure this isn't happening, just sent an equivalent message from gmail to gmail (yourself), and confirm the received message is encrypted/signed as expected.)

I suspect that the message is transported correctly to the destination (EWS) server.

If the message is known to have been encrypted by the sender, then mail servers aren't able to decrypt it.

I think it's very likely that the message stored on the EWS server is the encrypted message, and when clicking/reading the message in Thunderbird, I suspect that Thunderbird correctly decrypts the message.

After decrypting, the Thunderbird code must process the S/MIME encryption/signature status information and show the appropriate status icons and details.
I think it's likely that this is the part that isn't yet working with Thunderbird's EWS implementation.

(In reply to Vlad Lucaci, Thunderbird QA (:vlucaci) from comment #5)

It seems not to be working for any other email , except this one that we need.

Can you please double check your sentence, I have trouble understanding it.
Is there maybe an extra "not" in your sentence?

Yes, you are correct. There was an extra "not" in my sentence. Sorry about that!

Toby, based on comment 2, it seems that various standard actions aren't working with EWS messages yet.
The error code NS_ERROR_NOT_IMPLEMENTED indicates that there are remaining interfaces that haven't been hooked up yet.

(In reply to Vlad Lucaci, Thunderbird QA (:vlucaci) from comment #8)

Yes, you are correct. There was an extra "not" in my sentence. Sorry about that!

Thanks for the clarification.

You say, you can use "view source" for most messages on your EWS account, but it fails for the encrypted message.

I think someone working on the EWS implementation needs to work on this bug.

My understanding is, usually, all processing of stored messages uses the same code for displaying, e.g. both local folders and imap code.

It needs to be investigated why messages loaded from an EWS account aren't going through the same message processing, or why the usual code is failing.

Summary: Message Security information not displayed for received S/Mime emails in O365 EWS configured accounts → [ews] Message Security information not displayed for received S/Mime emails in O365 EWS configured accounts

Vlad, you have marked the bug as "affects 115".
Is that wrong? I think we don't yet support EWS in 115?

See Also: → 1976396

Brendan, could you or someone working on EWS please have a look?

Also, it has been almost a year, maybe Vlad could check if things have improved?

See also more recent bug 1976396.

Thanks

(In reply to Kai Engert [:KaiE:] from comment #12)

Brendan, could you or someone working on EWS please have a look?

Also, it has been almost a year, maybe Vlad could check if things have improved?

See also more recent bug 1976396.

Thanks

I think this should be fixed by the patch from bug 1976396, although I haven't had time to test S/MIME specifically just yet.

Could you possibly test this when you get chance?

Flags: needinfo?(vlucaci)
Flags: needinfo?(ramona)

Hello,

Can confirm that I no longer reproduce this issue with the latest 143.0a1(20250812105744) on Windows 11/10 and macOS 15/26

Flags: needinfo?(vlucaci)
Flags: needinfo?(ramona)

Thanks Vlad! I'll close this as a duplicate of bug 1976396 which fixed this.

Status: NEW → RESOLVED
Closed: 7 months ago
Duplicate of bug: 1976396
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: