Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
T
tails
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 947
    • Issues 947
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 13
    • Merge Requests 13
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • tails
  • tails
  • Issues
  • #6156

Closed
Open
Opened Jul 18, 2013 by import-from-Redmine@import-from-Redmine8 of 9 tasks completed8/9 tasks

Upstream secure Thunderbird autoconfig wizard

Originally created by Tails on #6156 (Redmine)

Get these patches merged in Thunderbird upstream.

Upstream tickets and merge requests:

  • https://bugzilla.mozilla.org/show_bug.cgi?id=971347 (done)
  • https://bugzilla.mozilla.org/show_bug.cgi?id=669238 (done)
  • https://bugzilla.mozilla.org/show_bug.cgi?id=1561542 (needs work)

Status of current patches in Tails

As of 66bd9dc5 our patches are as follows:

  • Add-pref-for-whether-to-accept-plaintext-protocols-d.patch: we can drop this patch; when plaintext is selected by autoconfig, a scary warning is shown which is good enough → removing via #17808 (closed)
  • Add-pref-for-whether-we-accept-OAuth2-during-autocon.patch: this should be reworked into "enable javascript while doing OAuth2".
  • Fix-buggy-pref-for-disabling-MS-Exchange-autoconfig-.patch: this is a brand new patch we should upstream; the reason for this patch is that work that happened upstream broke our previous contribution.
  • Make-use-of-non-SSL-Exchange-AutoDiscover-methods-op.patch: we can drop this patch; upstream wasn't interested, but we already managed to upstream a pref to completely disable Exchange AutoDiscover, so we are happy just doing that → removing via #17808 (closed)
  • Prefer-fetched-configurations-using-SSL-over-plainte.patch:
    • Upstream is outright hostile towards this change so there is no point trying to upstream it unless there is a change of maintainer.
    • We keep this patch as long as there are other reasons for us to custom patch Thunderbird. But we can drop it next time it has to be refreshed and no one has the energy.
    • When plaintext is selected by autoconfig, a scary warning is shown which is good enough, so dropping it won't be a huge deal.
    • Past discussion with upstream:
      1. https://bugzilla.mozilla.org/show_bug.cgi?id=971347#c152
      2. https://bugzilla.mozilla.org/show_bug.cgi?id=971347#c169
      3. https://bugzilla.mozilla.org/show_bug.cgi?id=971347#c213

These are already upstreamed:

  • Avoid-local-timestamp-disclosure-in-Date-header.patch
  • Avoid-spellchecking-language-disclosure-in-Content-Language-header.patch

Attachments

  • secure-account-creation.tar.gz

Subtasks

  • #11450 (closed)
  • #15788 (closed)
  • #15790 (closed)
  • #16147 (closed)

Related issues

  • Related to #6150 (closed)
  • Related to #7064 (closed)
  • Related to #15387 (closed)
  • Related to #16771 (closed)
  • Related to #16856 (closed)
  • Related to #17277 (closed)
  • Blocked by #11536 (closed)
  • Blocked by #12151 (closed)
Edited Dec 17, 2020 by anonym
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information
Assignee
Assign to
2020
Milestone
2020 (Past due)
Assign milestone
Time tracking
None
Due date
None
Reference: tails/tails#6156