Last Comment Bug 349929 - APOP information is reset after stepping up a TLS connection
: APOP information is reset after stepping up a TLS connection
Status: RESOLVED FIXED
: fixed1.8.0.7, fixed1.8.1
Product: MailNews Core
Classification: Components
Component: Networking: POP (show other bugs)
: Trunk
: x86 Windows XP
: -- normal (vote)
: ---
Assigned To: Scott MacGregor
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-08-23 13:33 PDT by Scott MacGregor
Modified: 2009-01-22 10:17 PST (History)
2 users (show)
mscott: blocking‑thunderbird2+
dveditz: blocking1.8.0.7+
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
possible fix (1.12 KB, patch)
2006-08-23 13:51 PDT, Scott MacGregor
no flags Details | Diff | Splinter Review
improved fix per bienvenu (1.11 KB, patch)
2006-08-23 14:10 PDT, Scott MacGregor
mozilla: superreview+
dveditz: approval1.8.0.7+
Details | Diff | Splinter Review

Description Scott MacGregor 2006-08-23 13:33:39 PDT
This came from Kazu Yamamoto:

Outline: Thunderbird cannot use APOP if TLS is used.

Reason: Thunderbird resets APOP information after a TLS connection is
        created. Yes, information provided by the CAPA command must be
        reset. And new information must be obtained with the second
        CAPA command. However, APOP information is provided by
        greeting and it MUST NOT be reset.

Fix: See the following code. Since Thunderbird is too larget, I have not
     compiled it. (I'm not a C++ programmer, so the syntax may be awkward
     but I hope you can understand my intention.)

mailnews/local/src/nsPop3Protocol.c: 

+     boolean has_apop = TestCapFlag(POP3_HAS_AUTH_APOP);
      m_pop3ConData->capability_flags =     // resetting the flags
        POP3_AUTH_MECH_UNDEFINED |
        POP3_HAS_AUTH_USER |                // should be always there
        POP3_GURL_UNDEFINED |
        POP3_UIDL_UNDEFINED |
        POP3_TOP_UNDEFINED |
        POP3_XTND_XLST_UNDEFINED;
+    if (has_apop) SetCapFlag(POP3_HAS_AUTH_APOP);
Comment 1 Scott MacGregor 2006-08-23 13:51:39 PDT
Created attachment 235134 [details] [diff] [review]
possible fix

I don't have a POP3 / APOP server I can test this against, but it should do the trick.

I could also have written the patch as:

      m_pop3ConData->capability_flags =     // resetting the flags
        POP3_AUTH_MECH_UNDEFINED |
        POP3_HAS_AUTH_USER |                // should be always there
        POP3_GURL_UNDEFINED |
        POP3_UIDL_UNDEFINED |
        POP3_TOP_UNDEFINED |
        POP3_XTND_XLST_UNDEFINED | 
        (TestCapFlag(POP3_HAS_AUTH_APOP) ? POP3_HAS_AUTH_APOP : 0); // preserve the APOP flag with the new connection

I'm not sure which way is the easier on the eyes.
Comment 2 David :Bienvenu 2006-08-23 13:59:07 PDT
how about this?

PRUint32 preservedFlags = m_pop3ConData->capability_flags & POP3_HAS_AUTH_APOP;

and then the rest of your patch. That makes it easier to add flags that need preserving, if any.
Comment 3 Scott MacGregor 2006-08-23 14:10:48 PDT
Created attachment 235139 [details] [diff] [review]
improved fix per bienvenu

great idea David.
Comment 4 Scott MacGregor 2006-08-25 15:29:51 PDT
fixed branch and trunk.
Comment 5 Kohei Yoshino [:kohei] 2006-08-29 10:33:28 PDT
I've tested the latest-mozilla1.8 en-US Mac build and confirmed the bug fix.
APOP + TLS works for me. No error message is shown now.

Can you also check-in the patch to the 1.8.0 branch if it has no risk?
We would appreciate if you can fix this bug for the upcoming Thunderbird 1.5.0.7.

Thank you very much for your work!
Comment 6 David :Bienvenu 2006-08-29 11:14:18 PDT
sorry, I think it's too late for 1.5.0.7 but we can try to get it into 1.5.0.8
Comment 7 Daniel Veditz [:dveditz] 2006-08-29 14:18:34 PDT
Comment on attachment 235139 [details] [diff] [review]
improved fix per bienvenu

approved for 1.8.0 branch, a=dveditz for drivers
Comment 8 David :Bienvenu 2006-08-29 14:47:45 PDT
fixed for 1.5.0.7 as well. 

Note You need to log in before you can comment on or make changes to this bug.