Backed out changeset 18d58b4ea283 (bug 1613623) to sort out potential regression. r=backout DONTBUILD
authorMagnus Melin <mkmelin+mozilla@iki.fi>
Mon, 04 May 2020 16:43:52 +0300
changeset 38127 003fb53e3b8868c171dba06e07de0850360e5762
parent 38126 6e0dee99d40aa027e131e989bf99e2fef91d4725
child 38128 25976ad89803adb497a03e6204ba7128ec3e3394
push id2595
push userclokep@gmail.com
push dateMon, 04 May 2020 19:02:04 +0000
treeherdercomm-beta@f53913797371 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbackout
bugs1613623
backs out18d58b4ea283513be7051e5b0ab9e16b42e94c80
Backed out changeset 18d58b4ea283 (bug 1613623) to sort out potential regression. r=backout DONTBUILD
mailnews/imap/src/nsImapProtocol.cpp
--- a/mailnews/imap/src/nsImapProtocol.cpp
+++ b/mailnews/imap/src/nsImapProtocol.cpp
@@ -1520,54 +1520,35 @@ void nsImapProtocol::EstablishServerConn
                            ESC_CAPABILITY_STAR_LEN] = '\0';
         // Tell the response parser that we just issued a "CAPABILITY" and
         // got the following back.
         GetServerStateParser().ParseIMAPServerResponse("1 CAPABILITY", true,
                                                        fakeServerResponse);
       }
     }
   } else if (!PL_strncasecmp(serverResponse, ESC_PREAUTH, ESC_PREAUTH_LEN)) {
-    // PREAUTH greeting received. We've been pre-authenticated by the server.
-    // We can skip sending a password and transition right into the
-    // kAuthenticated state; but we won't if the user has configured STARTTLS.
-    // (STARTTLS can only occur with the server in non-authenticated state.)
-    if (!(m_socketType == nsMsgSocketType::alwaysSTARTTLS ||
-          m_socketType == nsMsgSocketType::trySTARTTLS)) {
-      GetServerStateParser().PreauthSetAuthenticatedState();
-
-      if (GetServerStateParser().GetCapabilityFlag() == kCapabilityUndefined)
-        Capability();
-
-      if (!(GetServerStateParser().GetCapabilityFlag() &
-            (kIMAP4Capability | kIMAP4rev1Capability | kIMAP4other))) {
-        // AlertUserEventUsingId(MK_MSG_IMAP_SERVER_NOT_IMAP4);
-        SetConnectionStatus(NS_ERROR_FAILURE);  // stop netlib
-      } else {
-        // let's record the user as authenticated.
-        m_imapServerSink->SetUserAuthenticated(true);
-
-        ProcessAfterAuthenticated();
-        // the connection was a success
-        SetConnectionStatus(NS_OK);
-      }
+    // we've been pre-authenticated.
+    // we can skip the whole password step, right into the
+    // kAuthenticated state
+    GetServerStateParser().PreauthSetAuthenticatedState();
+
+    if (GetServerStateParser().GetCapabilityFlag() == kCapabilityUndefined)
+      Capability();
+
+    if (!(GetServerStateParser().GetCapabilityFlag() &
+          (kIMAP4Capability | kIMAP4rev1Capability | kIMAP4other))) {
+      // AlertUserEvent_UsingId(MK_MSG_IMAP_SERVER_NOT_IMAP4);
+      SetConnectionStatus(NS_ERROR_FAILURE);  // stop netlib
     } else {
-      // STARTTLS is configured so don't transition to authenticated state. Just
-      // alert the user, log the error and drop the connection. This may
-      // indicate a man-in-the middle attack if the user is not expecting
-      // PREAUTH. The user must change the connection security setting to other
-      // than STARTTLS to allow PREAUTH to be accepted on subsequent IMAP
-      // connections.
-      AlertUserEventUsingName("imapServerDisconnected");
-      const nsCString &hostName = GetImapHostName();
-      MOZ_LOG(
-          IMAP, LogLevel::Error,
-          ("PREAUTH received from IMAP server %s because STARTTLS selected. "
-           "Connection dropped",
-           hostName.get()));
-      SetConnectionStatus(NS_ERROR_FAILURE);  // stop netlib
+      // let's record the user as authenticated.
+      m_imapServerSink->SetUserAuthenticated(true);
+
+      ProcessAfterAuthenticated();
+      // the connection was a success
+      SetConnectionStatus(NS_OK);
     }
   }
 
   PR_Free(serverResponse);  // we don't care about the greeting yet...
 
 #undef ESC_LENGTH
 #undef ESC_OK
 #undef ESC_OK_LEN