Closed
Bug 930878
Opened 11 years ago
Closed 9 years ago
IMAP with SSL/TLS,normal password fails to retrieve mail after v22.0
Categories
(Thunderbird :: Security, defect)
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: sherringham, Unassigned)
Details
(Keywords: regression)
Attachments
(7 files)
TB account setup details
Something has gone wrong with TB's IMAP mail for me. I have been using TB with IMAP for a long time but this has stopped working about a week ago - my suspicions obviously on the 24.0.1 update to 24.0. Connection does not seem to happen and no mail is downloaded. No password or certificate prompt. My setup (considering receiving only) : Domain sherringham.net IMAP server (dovecot), port 993 Using self-signed cert (for domain sherringham.org) TB 24.0.1 Linux x64 (Debian Testing) I could receive mail for sherringham.net fine until about a week ago. The break /seems/ to coincide with the 24.0 to 24.0.1 update but I am not 100% sure. IMAP - port 993 server : mail.sherringham.net security - SSL/TLS auth - normal password Now, any connect to the IMAP server fails (ignoring send for now) - and the server logs : 2013-10-24 07:43:04 imap-login: Info: Disconnected (no auth attempts): rip=62.3.225.196, lip=85.119.82.212, TLS: SSL_read() failed: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown NOTE - "no auth attempts", no username etc. Trying a fresh TB install of 24.0 - I cannot complete the server setup at the start - it fails on the test. Error on server as above. TB does not seem to give any cert errors, or prompt for any cert exception or import etc. Tracing backwards and trying older (and newer) versions - each with a completely fresh install (empty ~/.thunderbird profile folder) : 1) 17.0b1 OK 2) 20.0b1 OK 3) 21.0b1 OK 4) 22.0b1 OK 5) 23.0b1 <-- FAIL 6) 26.0a2 <-- FAIL (plus have IMAP debug logs attached) IMAP debug logging in (6) as per https://wiki.mozilla.org/MailNews:Logging. For a normal working version (up to 22.0) I am prompted about an error in the cert : a) self-signed b) wrong domain (for sherringham.org not sherringham.net) I "confirm exception" and can read mail. The failing versions do not show this prompt at all. I attach some files that nay help. The logs of FAILING v26.0a2 - local client and from dovecot server : a) thunderbird-imap-26.0a2.en-US.linux-x86_64.log b) thunderbird-imap-26.0a2.en-US.linux-x86_64-dovecot.log Logs for an OK v22.0 : c) thunderbird-imap-22.0b1.log d) thunderbird-imap-22.0b1-dovecot.log The v26.0 error dialog I see : e) thunderbird-account-setup-26.0-error.png The account setup dialog : f) thunderbird-account-setup.png The certificate error dialog I get for v22.0 (but not 26.0) : g) thunderbird-imap-22.0b1-cert-dialog.png
|
Reporter | |
Comment 1•11 years ago
|
||
|
|
Reporter | |
Comment 2•11 years ago
|
||
|
|
Reporter | |
Comment 3•11 years ago
|
||
|
|
Reporter | |
Comment 4•11 years ago
|
||
|
|
Reporter | |
Comment 5•11 years ago
|
||
|
|
Reporter | |
Comment 6•11 years ago
|
||
|
||
Comment 7•11 years ago
|
||
from the nightly builds please find when it regressed
Flags: needinfo?(sherringham)
|
|
Reporter | |
Comment 8•11 years ago
|
||
(In reply to Wayne Mery (:wsmwk) from comment #7) > from the nightly builds please find when it regressed Can I ask for some guidance before I waste lots of time doing the wrong thing please? Looking at all the folders here? https://ftp.mozilla.org/pub/mozilla.org/thunderbird/nightly/2013/ Months 01 - 10. Folders contain "comm-aurora" and "comm-central". Lots of files called (e.g.) : 05/2013-05-20-00-40-04-comm-aurora/ thunderbird-23.0a2.en-US.linux-x86_64.tar.bz2 My break is between 22.0 and 23.0 - so I assume I'm looking for files like 23.0a1 23.0a2 etc. and there are multiple 23.0a2 archives in different folders/dates. Are all 23.0a2 archives the same code I assume? Only test 23.0a1, 23.0a2 etc.? Sorry - but there's a lot of folders and files. Thanks for your help.
|
|
Reporter | |
Comment 9•11 years ago
|
||
OK - I have been using mozregression : http://mozilla.github.io/mozregression/ which seems like a great way to help/automate the testing. Running as : mozregression --app=thunderbird --good=XXX --bad=YYY Unfortunately I have not found any daily build that works so far. So I am digging a bit more to try and figure out what's going on and how to proceed. I will try and find a build that is "equivalent" to what I am using that works ("22.0") and check it works. Then look from there.
|
|
Reporter | |
Comment 10•11 years ago
|
||
I've done some manual tests and think I have the regression point. From : https://ftp.mozilla.org/pub/mozilla.org/thunderbird/nightly/2013/05/ 2013-05-14-00-40-02-comm-aurora/ ----- BAD 2013-05-13-00-40-21-comm-aurora/ ----- OK Using "thunderbird-XXXXX.en-US.linux-x86_64.tar.bz2". So the 2013-05-14 build is the first bad one for me. 2013-05-13 lets me set up the account and it prompts me to accept (and add exception for) the certificate. Versions after this never do this and fail as described above. Thanks for your attention.
Flags: needinfo?(sherringham)
|
|
||
Comment 11•11 years ago
|
||
(In reply to Alastair Sherringham from comment #10) > 2013-05-14-00-40-02-comm-aurora/ ----- BAD > 2013-05-13-00-40-21-comm-aurora/ ----- OK
Component: Untriaged → Security
Keywords: regression
|
||
Comment 12•11 years ago
|
||
Hi. Just posting to confirm that all of Alastair's information matches my experience exactly (server logs included). I can only add my slightly different nightly test results: 2013-05-13-03-06-17-comm-central/ ----- BAD 2013-05-13-00-40-21-comm-aurora/ ----- OK Everything including and after 23.0a1 is not working.
|
||
Comment 13•11 years ago
|
||
My Gmail is configured IMAP SSL/TLS normal password and that works. It's probably a problem with the self signed certificate, but I didn't see any changes on http://hg.mozilla.org/comm-central/pushloghtml?startdate=2013-05-13+00%3A40%3A21&enddate=2013-05-14+00%3A40%3A02 that can be related. I expanded the timeslot and also looked in mozilla-central
|
||
Comment 14•11 years ago
|
||
Bug 931034 that similar to this bug. I think "dovecot" mail server is only not working with thunderbird 22 or above? I used Apple Xserver, which use dovecot mail server.
|
|
||
Comment 15•10 years ago
|
||
(In reply to FRusso from comment #14) > Bug 931034 that similar to this bug. > > I think "dovecot" mail server is only not working with thunderbird 22 or > above? I used Apple Xserver, which use dovecot mail server. However, if comment 12 means the first bad build for this bug is 2013-05-13 then we don't have a match in bug 931034 comment 5 (2013-04-30 to 05-01)
|
|
||
Comment 16•9 years ago
|
||
still see this problem when usig version 31 or 38? (In reply to Onno Ekker [:nONoNonO UTC+1] from comment #13) > My Gmail is configured IMAP SSL/TLS normal password and that works. It's > probably a problem with the self signed certificate, but I didn't see any > changes on > http://hg.mozilla.org/comm-central/pushloghtml?startdate=2013-05- > 13+00%3A40%3A21&enddate=2013-05-14+00%3A40%3A02 that can be related. I > expanded the timeslot and also looked in mozilla-central nor in http://hg.mozilla.org/mozilla-central/pushloghtml?startdate=2013-05-13%2003:05:00&enddate=2013-05-14%2003:05:00
Flags: needinfo?(sherringham)
Flags: needinfo?(aragon)
|
|
Reporter | |
Comment 17•9 years ago
|
||
FYI - I can no longer test this issue because I stopped running my own mail server. I still use Thunderbird, but now use Fastmail. Sorry.
Flags: needinfo?(sherringham)
|
||
Comment 19•9 years ago
|
||
Resolved per whiteboard
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Flags: needinfo?(aragon)
Resolution: --- → INCOMPLETE
Whiteboard: [closeme 2015-07-05]
You need to log in
before you can comment on or make changes to this bug.
Description
•