Commit bef716a6 authored by intrigeri's avatar intrigeri
Browse files

Rebase our patches on top of 91.5.0

Origin of these rebased patches:
https://gitlab.tails.boum.org/tails/thunderbird/-/commits/secure_account_creation-91

refs tails#18069
parent d8c8cb9e
From c03c3cce700017b11528c7dc6d06ecbb82d20314 Mon Sep 17 00:00:00 2001
From 775c95edf30e4deb77165a29dbcabe3b1255f8fc Mon Sep 17 00:00:00 2001
From: anonym <anonym@riseup.net>
Date: Wed, 27 Feb 2019 09:45:04 +0100
Subject: [PATCH] Prefer fetched configurations using SSL over plaintext.
Subject: [PATCH 1/3] Prefer fetched configurations using SSL over plaintext.
---
.../components/accountcreation/content/readFromXML.js | 10 ++++++++--
comm/mail/components/accountcreation/readFromXML.jsm | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/comm/mail/components/accountcreation/content/readFromXML.js b/comm/mail/components/accountcreation/content/readFromXML.js
index 95019f97d45..d0fa70846c9 100644
--- a/comm/mail/components/accountcreation/content/readFromXML.js
+++ b/comm/mail/components/accountcreation/content/readFromXML.js
@@ -102,7 +102,10 @@ function readFromXML(clientConfigXML, subSource) {
diff --git a/comm/mail/components/accountcreation/readFromXML.jsm b/comm/mail/components/accountcreation/readFromXML.jsm
index cc49e7ccc81..061a5b64842 100644
--- a/comm/mail/components/accountcreation/readFromXML.jsm
+++ b/comm/mail/components/accountcreation/readFromXML.jsm
@@ -110,7 +110,10 @@ function readFromXML(clientConfigXML, subSource) {
SSL: 2,
STARTTLS: 3,
});
......@@ -23,7 +23,7 @@ index 95019f97d45..d0fa70846c9 100644
} catch (e) {
exception = e;
}
@@ -235,7 +238,10 @@ function readFromXML(clientConfigXML, subSource) {
@@ -243,7 +246,10 @@ function readFromXML(clientConfigXML, subSource) {
SSL: 2,
STARTTLS: 3,
});
......@@ -36,5 +36,5 @@ index 95019f97d45..d0fa70846c9 100644
exception = e;
}
--
2.31.0
2.34.1
From 84d2d608aa46588034d2012d43ee283f66b0d8b8 Mon Sep 17 00:00:00 2001
From 4bc07f7e02aa199168f814cee72ee4ecef1e4f84 Mon Sep 17 00:00:00 2001
From: anonym <anonym@riseup.net>
Date: Wed, 7 Oct 2020 15:50:23 +0200
Subject: [PATCH] Add pref for whether we accept OAuth2 during
Subject: [PATCH 2/3] Add pref for whether we accept OAuth2 during
autoconfiguration.
For many providers JavaScript is required for OAuth2 to work; with it
disabled autoconfiguration then result in a terrible UX (e.g. the web
login fails, has to manually alter the authentication method). Let's
provide a pref that discards OAuth2 configurations so e.g. extensions
that disables JavaScript (like TorBirdy) can provide a workaround.
provide a pref that discards OAuth2 configurations so organizations
that disable JavaScript can provide a workaround.
---
.../accountcreation/content/emailWizard.js | 72 ++++++++++---------
.../accountcreation/content/readFromXML.js | 13 ++++
.../accountcreation/content/accountSetup.js | 60 ++++++++++---------
.../accountcreation/readFromXML.jsm | 13 ++++
comm/mailnews/mailnews.js | 2 +
3 files changed, 53 insertions(+), 34 deletions(-)
3 files changed, 47 insertions(+), 28 deletions(-)
diff --git a/comm/mail/components/accountcreation/content/emailWizard.js b/comm/mail/components/accountcreation/content/emailWizard.js
index 18c2b514894..487f9aefae0 100644
--- a/comm/mail/components/accountcreation/content/emailWizard.js
+++ b/comm/mail/components/accountcreation/content/emailWizard.js
@@ -1467,23 +1467,25 @@ EmailConfigWizard.prototype = {
diff --git a/comm/mail/components/accountcreation/content/accountSetup.js b/comm/mail/components/accountcreation/content/accountSetup.js
index 301d079b6c8..d5e1b4d1280 100644
--- a/comm/mail/components/accountcreation/content/accountSetup.js
+++ b/comm/mail/components/accountcreation/content/accountSetup.js
@@ -1565,20 +1565,22 @@ var gAccountSetup = {
this.adjustIncomingPortToSSLAndProtocol(config);
}
this.fillPortDropdown(config.incoming.type);
- // If the incoming server hostname supports OAuth2, enable OAuth2 for it.
- // If the incoming server hostname supports OAuth2, enable it.
- let iDetails = OAuth2Providers.getHostnameDetails(config.incoming.hostname);
- e("in-authMethod-oauth2").hidden = !iDetails;
- document.getElementById("in-authMethod-oauth2").hidden = !iDetails;
- if (iDetails) {
- gEmailWizardLogger.info(
- "OAuth2 details for incoming server " +
- config.incoming.hostname +
- " is " +
- iDetails
- gAccountSetupLogger.debug(
- `OAuth2 details for incoming server ${config.incoming.hostname} is ${iDetails}`
- );
- config.incoming.oauthSettings = {};
- [
......@@ -41,15 +38,12 @@ index 18c2b514894..487f9aefae0 100644
- this._currentConfig.incoming.oauthSettings =
- config.incoming.oauthSettings;
+ if (Services.prefs.getBoolPref("mailnews.auto_config.account_constraints.allow_oauth2")) {
+ // If the incoming server hostname supports OAuth2, enable OAuth2 for it.
+ // If the incoming server hostname supports OAuth2, enable it.
+ let iDetails = OAuth2Providers.getHostnameDetails(config.incoming.hostname);
+ e("in-authMethod-oauth2").hidden = !iDetails;
+ document.getElementById("in-authMethod-oauth2").hidden = !iDetails;
+ if (iDetails) {
+ gEmailWizardLogger.info(
+ "OAuth2 details for incoming server " +
+ config.incoming.hostname +
+ " is " +
+ iDetails
+ gAccountSetupLogger.debug(
+ `OAuth2 details for incoming server ${config.incoming.hostname} is ${iDetails}`
+ );
+ config.incoming.oauthSettings = {};
+ [
......@@ -61,20 +55,17 @@ index 18c2b514894..487f9aefae0 100644
+ }
}
// outgoing server
@@ -1508,23 +1510,25 @@ EmailConfigWizard.prototype = {
// Outgoing server.
@@ -1609,20 +1611,22 @@ var gAccountSetup = {
this.adjustOutgoingPortToSSLAndProtocol(config);
}
- // If the smtp hostname supports OAuth2, enable OAuth2 for it.
- // If the smtp hostname supports OAuth2, enable it.
- let oDetails = OAuth2Providers.getHostnameDetails(config.outgoing.hostname);
- e("out-authMethod-oauth2").hidden = !oDetails;
- document.getElementById("out-authMethod-oauth2").hidden = !oDetails;
- if (oDetails) {
- gEmailWizardLogger.info(
- "OAuth2 details for outgoing server " +
- config.outgoing.hostname +
- " is " +
- oDetails
- gAccountSetupLogger.debug(
- `OAuth2 details for outgoing server ${config.outgoing.hostname} is ${oDetails}`
- );
- config.outgoing.oauthSettings = {};
- [
......@@ -84,15 +75,12 @@ index 18c2b514894..487f9aefae0 100644
- this._currentConfig.outgoing.oauthSettings =
- config.outgoing.oauthSettings;
+ if (Services.prefs.getBoolPref("mailnews.auto_config.account_constraints.allow_oauth2")) {
+ // If the smtp hostname supports OAuth2, enable OAuth2 for it.
+ // If the smtp hostname supports OAuth2, enable it.
+ let oDetails = OAuth2Providers.getHostnameDetails(config.outgoing.hostname);
+ e("out-authMethod-oauth2").hidden = !oDetails;
+ document.getElementById("out-authMethod-oauth2").hidden = !oDetails;
+ if (oDetails) {
+ gEmailWizardLogger.info(
+ "OAuth2 details for outgoing server " +
+ config.outgoing.hostname +
+ " is " +
+ oDetails
+ gAccountSetupLogger.debug(
+ `OAuth2 details for outgoing server ${config.outgoing.hostname} is ${oDetails}`
+ );
+ config.outgoing.oauthSettings = {};
+ [
......@@ -103,13 +91,13 @@ index 18c2b514894..487f9aefae0 100644
+ config.outgoing.oauthSettings;
+ }
}
},
// populate fields even if existingServerKey, in case user changes back
diff --git a/comm/mail/components/accountcreation/content/readFromXML.js b/comm/mail/components/accountcreation/content/readFromXML.js
index d0fa70846c9..3c3991ddb7a 100644
--- a/comm/mail/components/accountcreation/content/readFromXML.js
+++ b/comm/mail/components/accountcreation/content/readFromXML.js
@@ -33,6 +33,8 @@ function readFromXML(clientConfigXML, subSource) {
diff --git a/comm/mail/components/accountcreation/readFromXML.jsm b/comm/mail/components/accountcreation/readFromXML.jsm
index 061a5b64842..057e8cb3453 100644
--- a/comm/mail/components/accountcreation/readFromXML.jsm
+++ b/comm/mail/components/accountcreation/readFromXML.jsm
@@ -41,6 +41,8 @@ function readFromXML(clientConfigXML, subSource) {
function array_or_undef(value) {
return value === undefined ? [] : value;
}
......@@ -118,7 +106,7 @@ index d0fa70846c9..3c3991ddb7a 100644
var exception;
if (
typeof clientConfigXML != "object" ||
@@ -128,6 +130,12 @@ function readFromXML(clientConfigXML, subSource) {
@@ -136,6 +138,12 @@ function readFromXML(clientConfigXML, subSource) {
NTLM: Ci.nsMsgAuthMethod.NTLM,
OAuth2: Ci.nsMsgAuthMethod.OAuth2,
});
......@@ -131,7 +119,7 @@ index d0fa70846c9..3c3991ddb7a 100644
break; // take first that we support
} catch (e) {
exception = e;
@@ -271,6 +279,11 @@ function readFromXML(clientConfigXML, subSource) {
@@ -279,6 +287,11 @@ function readFromXML(clientConfigXML, subSource) {
OAuth2: Ci.nsMsgAuthMethod.OAuth2,
});
......@@ -144,10 +132,10 @@ index d0fa70846c9..3c3991ddb7a 100644
} catch (e) {
exception = e;
diff --git a/comm/mailnews/mailnews.js b/comm/mailnews/mailnews.js
index ddebe393a33..ff2ddf5284e 100644
index c47a97f7fee..f6ca8ce46f4 100644
--- a/comm/mailnews/mailnews.js
+++ b/comm/mailnews/mailnews.js
@@ -977,6 +977,8 @@ pref("mailnews.auto_config.guess.enabled", true);
@@ -1079,6 +1079,8 @@ pref("mailnews.auto_config.guess.enabled", true);
pref("mailnews.auto_config.guess.sslOnly", false);
// The timeout (in seconds) for each guess
pref("mailnews.auto_config.guess.timeout", 10);
......@@ -157,5 +145,5 @@ index ddebe393a33..ff2ddf5284e 100644
pref("dom.xhr.standard_content_type_normalization", false);
--
2.31.0
2.34.1
From 27470b650c59ab70580a93c5a69f54e7761764c6 Mon Sep 17 00:00:00 2001
From dd268cb370a2051c75c08192b9f190ea36eb05b4 Mon Sep 17 00:00:00 2001
From: anonym <anonym@riseup.net>
Date: Tue, 3 Nov 2020 12:13:10 +0100
Subject: [PATCH] Don't reset encryption choice when disabling encryption
Subject: [PATCH 3/3] Don't reset encryption choice when disabling encryption
controls.
Without this, the mail.identity.default.encryptionpolicy pref does not
work: adding a key to an account always set its encryptionpolicy to 0
work: adding a key to an account always sets its encryptionpolicy to 0,
no matter the desired default.
While we're at it, also kill two lines of code before a call to
enableEncryptionControl() that exactly replicates it.
https://bugzilla.mozilla.org/show_bug.cgi?id=1674995
---
comm/mail/extensions/am-e2e/am-e2e.js | 3 ---
1 file changed, 3 deletions(-)
diff --git a/comm/mail/extensions/am-e2e/am-e2e.js b/comm/mail/extensions/am-e2e/am-e2e.js
index d70bd5d415b..d01d05c9b96 100644
index 4e350a1136e..56ba623770f 100644
--- a/comm/mail/extensions/am-e2e/am-e2e.js
+++ b/comm/mail/extensions/am-e2e/am-e2e.js
@@ -442,9 +442,6 @@ function smimeSelectCert(smime_cert) {
@@ -451,9 +451,6 @@ function smimeSelectCert(smime_cert) {
function enableEncryptionControls(do_enable) {
gRequireEncrypt.disabled = !do_enable;
gDoNotEncrypt.disabled = !do_enable;
- if (!do_enable) {
- gEncryptionChoices.value = 0;
- }
}
function enableSigningControls(do_enable) {
// If we have a certificate or key configured that allows encryption,
// then we are able to encrypt drafts, too.
gEncryptDrafts.disabled = !do_enable;
--
2.31.0
2.34.1
......@@ -28,6 +28,6 @@ porting-armhf/Don-t-use-LLVM-internal-assembler-on-armhf.patch
debian-hacks/Make-Thunderbird-build-reproducible.patch
debian-hacks/Decrease-Cargo-minimal-version-to-1.46.0.patch
debian-hacks/Fix-Floating-Point-Normalization-breakage-on-32bit-Linux.patch
secure-account-creation/Prefer-fetched-configurations-using-SSL-over-plainte.patch
secure-account-creation/Add-pref-for-whether-we-accept-OAuth2-during-autocon.patch
secure-account-creation/Don-t-reset-encryption-choice-when-disabling-encrypt.patch
secure-account-creation/0001-Prefer-fetched-configurations-using-SSL-over-plainte.patch
secure-account-creation/0002-Add-pref-for-whether-we-accept-OAuth2-during-autocon.patch
secure-account-creation/0003-Don-t-reset-encryption-choice-when-disabling-encrypt.patch
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment