Bug 1516229 - [autoconfig] Beautify the account config debug output and avoid logging the password. r=Neil
authorBen Bucksch <ben.bucksch@beonex.com>
Fri, 04 Jan 2019 06:58:00 +0100
changeset 34116 1cb168d17d1b89b99e2549d633e3db084362e56c
parent 34115 fc3f22843429e674e2271d5a6381def607e44afb
child 34117 150da20417f348570344f8f59c816bf0a09a9ecc
push id389
push userclokep@gmail.com
push dateMon, 18 Mar 2019 19:01:53 +0000
reviewersNeil
bugs1516229
Bug 1516229 - [autoconfig] Beautify the account config debug output and avoid logging the password. r=Neil
mail/components/accountcreation/content/accountConfig.js
mail/components/accountcreation/content/emailWizard.js
mail/components/accountcreation/content/guessConfig.js
mail/components/accountcreation/content/util.js
mail/components/accountcreation/content/verifyConfig.js
--- a/mail/components/accountcreation/content/accountConfig.js
+++ b/mail/components/accountcreation/content/accountConfig.js
@@ -209,16 +209,95 @@ AccountConfig.prototype =
          !!this.incoming.socketType && !!this.incoming.auth &&
          !!this.incoming.username &&
          (!!this.outgoing.existingServerKey ||
           this.outgoing.useGlobalPreferredServer ||
           (!!this.outgoing.hostname && !!this.outgoing.port &&
            !!this.outgoing.socketType && !!this.outgoing.auth &&
            !!this.outgoing.username)));
   },
+
+  toString() {
+    function sslToString(socketType) {
+      switch (socketType) {
+        case 0:
+          return "undefined";
+        case 1:
+          return "no SSL";
+        case 2:
+          return "SSL";
+        case 3:
+          return "STARTTLS";
+        default:
+          return "invalid";
+      }
+    }
+    function authToString(authMethod) {
+      switch (authMethod) {
+        case 0:
+          return "undefined";
+        case 1:
+          return "none";
+        case 2:
+          return "old plain";
+        case 3:
+          return "plain";
+        case 4:
+          return "encrypted";
+        case 5:
+          return "Kerberos";
+        case 6:
+          return "NTLM";
+        case 7:
+          return "external/SSL";
+        case 8:
+          return "any secure";
+        case 10:
+          return "OAuth2";
+        default:
+          return "invalid";
+      }
+    }
+    function usernameToString(username) {
+      if (!username) {
+        return "undefined";
+      }
+      var domain = username.split("@")[1];
+      return domain ? "(redacted)@" + domain : "(redacted)";
+    }
+    function passwordToString(password) {
+      return password ? "set" : "not set";
+    }
+    function configToString(config) {
+      return config.type +
+      ", " + config.hostname + ":" + config.port +
+      ", " + sslToString(config.socketType) +
+      ", auth: " + authToString(config.auth) +
+       ", username: "+ usernameToString(config.username) +
+      ", password: "+ passwordToString(config.password);
+    }
+
+    var result =
+      "Incoming: " + configToString(this.incoming) +
+      "\nOutgoing: ";
+    if (this.outgoing.useGlobalPreferredServer) {
+      result += "Use global server";
+    } else if (this.outgoing.existingServerKey) {
+      result += "Use existing server " + this.outgoing.existingServerKey;
+    } else {
+      result += configToString(this.outgoing);
+    }
+    for (var config of this.incomingAlternatives) {
+      result += "\nIncoming alt: " + configToString(config);
+    }
+    for (var config of this.outgoingAlternatives) {
+      result += "\nOutgoing alt: " + configToString(config);
+    }
+    return result;
+  },
 };
 
 
 // enum consts
 
 // .source
 AccountConfig.kSourceUser = 1; // user manually entered the config
 AccountConfig.kSourceXML = 2; // config from XML from ISP or Mozilla DB
--- a/mail/components/accountcreation/content/emailWizard.js
+++ b/mail/components/accountcreation/content/emailWizard.js
@@ -34,17 +34,17 @@ ChromeUtils.import("resource:///modules/
 // from http://xyfer.blogspot.com/2005/01/javascript-regexp-email-validator.html
 var emailRE = /^[-_a-z0-9\'+*$^&%=~!?{}]+(?:\.[-_a-z0-9\'+*$^&%=~!?{}]+)*@(?:[-a-z0-9.]+\.[a-z]{2,20}|\d{1,3}(?:\.\d{1,3}){3})(?::\d+)?$/i;
 
 if (typeof gEmailWizardLogger == "undefined") {
   ChromeUtils.import("resource:///modules/gloda/log4moz.js");
   var gEmailWizardLogger = Log4Moz.getConfiguredLogger("mail.setup");
   gEmailWizardLogger.level = Log4Moz.Level.Info;
   gEmailWizardLogger.addAppender(new Log4Moz.ConsoleAppender(new Log4Moz.BasicFormatter())); // browser console
-  gEmailWizardLogger.addAppender(new Log4Moz.DumpAppender(new Log4Moz.BasicFormatter())); // stdout
+  //gEmailWizardLogger.addAppender(new Log4Moz.DumpAppender(new Log4Moz.BasicFormatter())); // stdout
 }
 
 var gStringsBundle;
 var gMessengerBundle;
 var gBrandShortName;
 
 /**
 TODO for bug 549045:
@@ -648,18 +648,17 @@ EmailConfigWizard.prototype =
       initialConfig, "both");
   },
 
   /**
    * When findConfig() was successful, it calls this.
    * This displays the config to the user.
    */
   foundConfig(config) {
-    gEmailWizardLogger.info("foundConfig()");
-    gEmailWizardLogger.info(debugObject(config, "foundConfig"));
+    gEmailWizardLogger.info("found config:\n" + config);
     assert(config instanceof AccountConfig,
         "BUG: Arg 'config' needs to be an AccountConfig object");
 
     this._haveValidConfigForDomain = this._email.split("@")[1];
 
     if (!this._realname || !this._email) {
       return;
     }
@@ -1161,18 +1160,20 @@ EmailConfigWizard.prototype =
       e("incoming_port").value = config.incoming.port;
     } else {
       this.adjustIncomingPortToSSLAndProtocol(config);
     }
     this.fillPortDropdown(config.incoming.type);
 
     // If the hostname supports OAuth2 and imap is enabled, enable OAuth2.
     let iDetails = OAuth2Providers.getHostnameDetails(config.incoming.hostname);
-    gEmailWizardLogger.info("OAuth2 details for incoming hostname " +
-                            config.incoming.hostname + " is " + iDetails);
+    if (iDetails) {
+      gEmailWizardLogger.info("OAuth2 details for incoming server " +
+        config.incoming.hostname + " is " + iDetails);
+    }
     e("in-authMethod-oauth2").hidden = !(iDetails && e("incoming_protocol").value == 1);
     if (!e("in-authMethod-oauth2").hidden) {
       config.oauthSettings = {};
       [config.oauthSettings.issuer, config.oauthSettings.scope] = iDetails;
       // oauthsettings are not stored nor changeable in the user interface, so just
       // store them in the base configuration.
       this._currentConfig.oauthSettings = config.oauthSettings;
     }
@@ -1190,18 +1191,20 @@ EmailConfigWizard.prototype =
     if (config.outgoing.port) {
       e("outgoing_port").value = config.outgoing.port;
     } else {
       this.adjustOutgoingPortToSSLAndProtocol(config);
     }
 
     // If the hostname supports OAuth2 and imap is enabled, enable OAuth2.
     let oDetails = OAuth2Providers.getHostnameDetails(config.outgoing.hostname);
-    gEmailWizardLogger.info("OAuth2 details for outgoing hostname " +
-                            config.outgoing.hostname + " is " + oDetails);
+    if (oDetails) {
+      gEmailWizardLogger.info("OAuth2 details for outgoing server " +
+        config.outgoing.hostname + " is " + oDetails);
+    }
     e("out-authMethod-oauth2").hidden = !oDetails;
     if (!e("out-authMethod-oauth2").hidden) {
       config.oauthSettings = {};
       [config.oauthSettings.issuer, config.oauthSettings.scope] = oDetails;
       // oauthsettings are not stored nor changeable in the user interface, so just
       // store them in the base configuration.
       this._currentConfig.oauthSettings = config.oauthSettings;
     }
@@ -1546,17 +1549,17 @@ EmailConfigWizard.prototype =
    * It's called "half-manual", because we take the user-entered values
    * as given and will not second-guess them, to respect the user wishes.
    * (Yes, Sir! Will do as told!)
    * The values that the user left empty or on "Auto" will be guessed/probed
    * here. We will also check that the user-provided values work.
    */
   onHalfManualTest() {
     var newConfig = this.getUserConfig();
-    gEmailWizardLogger.info(debugObject(newConfig, "manualConfigToTest"));
+    gEmailWizardLogger.info("manual config to test:\n" + newConfig);
     this.startSpinner("looking_up_settings_halfmanual");
     this.switchToMode("manual-edit-testing");
     // if (this._userPickedOutgoingServer) TODO
     var self = this;
     this._abortable = guessConfig(this._domain,
       function(type, hostname, port, ssl, done, config) { // progress
         gEmailWizardLogger.info("progress callback host " + hostname +
                                 " port " + port + " type " + type);
--- a/mail/components/accountcreation/content/guessConfig.js
+++ b/mail/components/accountcreation/content/guessConfig.js
@@ -161,18 +161,19 @@ function guessConfig(domain, progressCal
     server.auth = chooseBestAuthMethod(thisTry.authMethods);
     server.authAlternatives = thisTry.authMethods;
     // TODO
     // cert is also bad when targetSite is set. (Same below for incoming.)
     // Fix SSLErrorHandler and security warning dialog in emailWizard.js.
     server.badCert = thisTry.selfSignedCert;
     server.targetSite = thisTry.targetSite;
     logger.info("CHOOSING " + server.type + " " + server.hostname + ":" +
-          server.port + ", auth method " + server.auth + " " +
-          server.authAlternatives.join(",") + ", SSL " + server.socketType +
+          server.port + ", auth method " + server.auth +
+          (server.authAlternatives.length ? " " + server.authAlternatives.join(",") : "") +
+          ", SSL " + server.socketType +
           (server.badCert ? " (bad cert!)" : ""));
   };
 
   var outgoingSuccess = function(thisTry, alternativeTries) {
     assert(thisTry.protocol == SMTP, "I only know SMTP for outgoing");
     // Ensure there are no previously saved outgoing errors, if we've got
     // success here.
     outgoingEx = null;
--- a/mail/components/accountcreation/content/util.js
+++ b/mail/components/accountcreation/content/util.js
@@ -575,17 +575,17 @@ function deepCopy(org) {
   return result;
 }
 
 if (typeof gEmailWizardLogger == "undefined") {
   ChromeUtils.import("resource:///modules/gloda/log4moz.js");
   var gEmailWizardLogger = Log4Moz.getConfiguredLogger("mail.setup");
   gEmailWizardLogger.level = Log4Moz.Level.Info;
   gEmailWizardLogger.addAppender(new Log4Moz.ConsoleAppender(new Log4Moz.BasicFormatter())); // browser console
-  gEmailWizardLogger.addAppender(new Log4Moz.DumpAppender(new Log4Moz.BasicFormatter())); // stdout
+  //gEmailWizardLogger.addAppender(new Log4Moz.DumpAppender(new Log4Moz.BasicFormatter())); // stdout
 }
 
 function ddump(text) {
   gEmailWizardLogger.info(text);
 }
 
 function debugObject(obj, name, maxDepth, curDepth) {
   if (curDepth == undefined)
--- a/mail/components/accountcreation/content/verifyConfig.js
+++ b/mail/components/accountcreation/content/verifyConfig.js
@@ -32,17 +32,17 @@ if (typeof gEmailWizardLogger == "undefi
  *   For accountConfig, see below.
  * @param errorCallback function(ex)
  *   Called when we could guess not the config, either
  *   because we have not found anything or
  *   because there was an error (e.g. no network connection).
  *   The ex.message will contain a user-presentable message.
  */
 function verifyConfig(config, alter, msgWindow, successCallback, errorCallback) {
-  ddump(debugObject(config, "config", 3));
+  ddump("verify config:\n" + config);
   assert(config instanceof AccountConfig,
          "BUG: Arg 'config' needs to be an AccountConfig object");
   assert(typeof(alter) == "boolean");
   assert(typeof(successCallback) == "function");
   assert(typeof(errorCallback) == "function");
 
   if (MailServices.accounts.findRealServer(config.incoming.username,
                                            config.incoming.hostname,