Closed
Bug 436869
Opened 17 years ago
Closed 15 years ago
non-standard MIME types, application/x-pkcs7-mime and application/x-pkcs7-signature - don't need the x- prefix
Categories
(Thunderbird :: Security, defect)
Thunderbird
Security
Tracking
(Not tracked)
RESOLVED
FIXED
Thunderbird 3.0b4
People
(Reporter: allan, Assigned: mkmelin)
References
()
Details
Attachments
(2 files, 1 obsolete file)
(deleted),
patch
|
Details | Diff | Splinter Review | |
(deleted),
patch
|
Bienvenu
:
review+
Bienvenu
:
superreview+
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_2; en-us) AppleWebKit/525.18 (KHTML, like Gecko) Version/3.1.1 Safari/525.18
Build Identifier: 2.0.0.12 (20080213)
RFC 2633 @ <http://www.faqs.org/rfcs/rfc2633.html> describes S/MIME parts using a mime type of application/pkcs7-mime, while Thunderbird 3.0.0.6 is using application/x-pkcs7-mime, a non-standard MIME type. In the specific case of security, strictness to standards and MIME types is required for other mailers to correctly recognize the message's security.
Reproducible: Always
Steps to Reproduce:
1. Send an encrypted or signed message using TB
2. Examine the mime type of the s/mime parts
3. Note the incorrect mime type
Actual Results:
A message with the wrong mime type is sent.
Expected Results:
The software should use the correct mime type as described in the RFC <http://www.faqs.org/rfcs/rfc2633.html>
Comment 1•17 years ago
|
||
Spotted via grep on trunk base, confirming and changing status fields.
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Mac OS X → All
Hardware: Macintosh → All
Version: unspecified → Trunk
Assignee | ||
Updated•16 years ago
|
Summary: non-standard MIME type, application/x-pkcs7-mime → non-standard MIME types, application/x-pkcs7-mime and application/x-pkcs7-signature - don't need the x- prefix
Assignee | ||
Comment 2•16 years ago
|
||
Drops the x-prefixes for what we send out.
Assignee: nobody → mkmelin+mozilla
Status: NEW → ASSIGNED
Attachment #327436 -
Flags: superreview?(bienvenu)
Attachment #327436 -
Flags: review?(bugzilla)
Comment 3•16 years ago
|
||
Comment on attachment 327436 [details] [diff] [review]
proposed fix
thx, Magnus.
Attachment #327436 -
Flags: superreview?(bienvenu) → superreview+
Comment 4•16 years ago
|
||
Comment on attachment 327436 [details] [diff] [review]
proposed fix
var contentType = currentHeaderData["content-type"].headerValue;
- canDetach = contentType.indexOf("application/x-pkcs7-mime") < 0 &&
- contentType.indexOf("application/x-pkcs7-signature") < 0;
+ canDetach = !ContentTypeIsSMIME(contentType);
You can drop the intermediate contentType variable now, here and in the other place in the js file.
r=me with that fixed.
Attachment #327436 -
Flags: review?(bugzilla) → review+
Assignee | ||
Comment 5•16 years ago
|
||
Checking in mail/base/content/msgHdrViewOverlay.js;
/cvsroot/mozilla/mail/base/content/msgHdrViewOverlay.js,v <-- msgHdrViewOverlay.js
new revision: 1.108; previous revision: 1.107
done
Checking in mailnews/extensions/smime/src/nsMsgComposeSecure.cpp;
/cvsroot/mozilla/mailnews/extensions/smime/src/nsMsgComposeSecure.cpp,v <-- nsMsgComposeSecure.cpp
new revision: 1.44; previous revision: 1.43
done
Checking in mailnews/mime/cthandlers/smimestub/nsSMIMEStub.h;
/cvsroot/mozilla/mailnews/mime/cthandlers/smimestub/nsSMIMEStub.h,v <-- nsSMIMEStub.h
new revision: 1.4; previous revision: 1.3
done
Assignee | ||
Comment 6•16 years ago
|
||
->FIXED
Status: ASSIGNED → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
Target Milestone: --- → Thunderbird 3
Updated•16 years ago
|
Comment 7•15 years ago
|
||
What happens when signed or encrypted email is sent using Thunderbird 3 to a Thunderbird 2 recipient?
Is Thunderbird 2 still able to read the message from Thunderbird 3?
Comment 8•15 years ago
|
||
What about this code, I'm not sure when exactly it's used, but I guess it should be updated to work with both mime types?
mailnews/mime/emitters/src/nsMimeHtmlEmitter.cpp
nsresult
nsMimeHtmlDisplayEmitter::StartAttachmentInBody(const nsACString &name,
const char *contentType,
const char *url)
{
mSkipAttachment = PR_FALSE;
if ( (contentType) &&
((!strcmp(contentType, APPLICATION_XPKCS7_MIME)) ||
(!strcmp(contentType, APPLICATION_XPKCS7_SIGNATURE)) ||
(!strcmp(contentType, TEXT_VCARD)))
) {
mSkipAttachment = PR_TRUE;
return NS_OK;
}
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Comment 9•15 years ago
|
||
Attachment #395279 -
Flags: review?
Updated•15 years ago
|
Attachment #395279 -
Flags: review? → review?(bienvenu)
Updated•15 years ago
|
Attachment #395279 -
Flags: superreview+
Attachment #395279 -
Flags: review?(bienvenu)
Attachment #395279 -
Flags: review+
Comment 10•15 years ago
|
||
Comment on attachment 395279 [details] [diff] [review]
additional patch for mime/emitters
[Checkin: Comment 11]
looks good, marking r/sr
Updated•15 years ago
|
Keywords: checkin-needed
Updated•15 years ago
|
Attachment #327436 -
Attachment is obsolete: true
Comment 11•15 years ago
|
||
Comment on attachment 395279 [details] [diff] [review]
additional patch for mime/emitters
[Checkin: Comment 11]
http://hg.mozilla.org/comm-central/rev/a23c5d7a0766
Attachment #395279 -
Attachment description: additional patch for mime/emitters → additional patch for mime/emitters
[Checkin: Comment 11]
Updated•15 years ago
|
Status: REOPENED → RESOLVED
Closed: 16 years ago → 15 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: Thunderbird 3 → Thunderbird 3.0b4
You need to log in
before you can comment on or make changes to this bug.
Description
•