Last Comment Bug 349929 - APOP information is reset after stepping up a TLS connection
: APOP information is reset after stepping up a TLS connection
Status: RESOLVED FIXED
: fixed1.8.0.7, fixed1.8.1
Product: MailNews Core
Classification: Components
Component: Networking: POP (show other bugs)
: Trunk
: x86 Windows XP
: -- normal (vote)
: ---
Assigned To: Scott MacGregor
:
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-08-23 13:33 PDT by Scott MacGregor
Modified: 2009-01-22 10:17 PST (History)
2 users (show)
mscott: blocking‑thunderbird2+
dveditz: blocking1.8.0.7+
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
possible fix (1.12 KB, patch)
2006-08-23 13:51 PDT, Scott MacGregor
no flags Details | Diff | Splinter Review
improved fix per bienvenu (1.11 KB, patch)
2006-08-23 14:10 PDT, Scott MacGregor
mozilla: superreview+
dveditz: approval1.8.0.7+
Details | Diff | Splinter Review

Description User image Scott MacGregor 2006-08-23 13:33:39 PDT
This came from Kazu Yamamoto:

Outline: Thunderbird cannot use APOP if TLS is used.

Reason: Thunderbird resets APOP information after a TLS connection is
        created. Yes, information provided by the CAPA command must be
        reset. And new information must be obtained with the second
        CAPA command. However, APOP information is provided by
        greeting and it MUST NOT be reset.

Fix: See the following code. Since Thunderbird is too larget, I have not
     compiled it. (I'm not a C++ programmer, so the syntax may be awkward
     but I hope you can understand my intention.)

mailnews/local/src/nsPop3Protocol.c: 

+     boolean has_apop = TestCapFlag(POP3_HAS_AUTH_APOP);
      m_pop3ConData->capability_flags =     // resetting the flags
        POP3_AUTH_MECH_UNDEFINED |
        POP3_HAS_AUTH_USER |                // should be always there
        POP3_GURL_UNDEFINED |
        POP3_UIDL_UNDEFINED |
        POP3_TOP_UNDEFINED |
        POP3_XTND_XLST_UNDEFINED;
+    if (has_apop) SetCapFlag(POP3_HAS_AUTH_APOP);
Comment 1 User image Scott MacGregor 2006-08-23 13:51:39 PDT
Created attachment 235134 [details] [diff] [review]
possible fix

I don't have a POP3 / APOP server I can test this against, but it should do the trick.

I could also have written the patch as:

      m_pop3ConData->capability_flags =     // resetting the flags
        POP3_AUTH_MECH_UNDEFINED |
        POP3_HAS_AUTH_USER |                // should be always there
        POP3_GURL_UNDEFINED |
        POP3_UIDL_UNDEFINED |
        POP3_TOP_UNDEFINED |
        POP3_XTND_XLST_UNDEFINED | 
        (TestCapFlag(POP3_HAS_AUTH_APOP) ? POP3_HAS_AUTH_APOP : 0); // preserve the APOP flag with the new connection

I'm not sure which way is the easier on the eyes.
Comment 2 User image David :Bienvenu 2006-08-23 13:59:07 PDT
how about this?

PRUint32 preservedFlags = m_pop3ConData->capability_flags & POP3_HAS_AUTH_APOP;

and then the rest of your patch. That makes it easier to add flags that need preserving, if any.
Comment 3 User image Scott MacGregor 2006-08-23 14:10:48 PDT
Created attachment 235139 [details] [diff] [review]
improved fix per bienvenu

great idea David.
Comment 4 User image Scott MacGregor 2006-08-25 15:29:51 PDT
fixed branch and trunk.
Comment 5 User image Kohei Yoshino [:kohei] 2006-08-29 10:33:28 PDT
I've tested the latest-mozilla1.8 en-US Mac build and confirmed the bug fix.
APOP + TLS works for me. No error message is shown now.

Can you also check-in the patch to the 1.8.0 branch if it has no risk?
We would appreciate if you can fix this bug for the upcoming Thunderbird 1.5.0.7.

Thank you very much for your work!
Comment 6 User image David :Bienvenu 2006-08-29 11:14:18 PDT
sorry, I think it's too late for 1.5.0.7 but we can try to get it into 1.5.0.8
Comment 7 User image Daniel Veditz [:dveditz] 2006-08-29 14:18:34 PDT
Comment on attachment 235139 [details] [diff] [review]
improved fix per bienvenu

approved for 1.8.0 branch, a=dveditz for drivers
Comment 8 User image David :Bienvenu 2006-08-29 14:47:45 PDT
fixed for 1.5.0.7 as well. 

Note You need to log in before you can comment on or make changes to this bug.