search

jfitzell / mozilla-keychain

Store your Firefox website usernames and passwords in Apple's Keychain Services, just like Safari and other browsers do on OS X.
55 stars 9 forks source link

Problem using IMAP keychain entry created by Apple Mail #52

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Create a duplicate for Issue 21, to remove email of reporter included in 
plaintext.

===================================
Reported by project member jfitzell , May 27, 2010
Move from a comment in Issue 12:

Comment 14  by marco@..., Today (3 hours ago)

I think I've found a bug.

If you already have Apple Mail configured for an IMAP account (and its
login info is already stored into the OS 
X keychain), Thunderbird with your extension will fail to authenticate to
the same IMAP account without any 
errors presented to the user and you won't be able to get any new email.

Looking at the TB error console, there are a bunch of the following errors:

Error: [Exception... "'Invalid URI' when calling method:
[nsILoginManagerStorage::findLogins]"  nsresult: 
"0x8057001e (NS_ERROR_XPC_JS_THREW_STRING)"  location: "JS frame :: 
file:///Applications/Thunderbird.app/Contents/MacOS/components/nsLoginManager.js
:: anonymous :: line 
535"  data: no]
Source File:
file:///Applications/Thunderbird.app/Contents/MacOS/components/nsLoginManager.js
Line: 535

The issue appears to affect only the IMAP account to download email and
it's probably due to some 
differences in how Apple Mail and your extension store the IMAP login info
in OS X keychain.

Having Apple Mail also configured with the SMTP account to send email, TB
is able to correctly reuse its 
keychain info (I got prompted by OS X if to permanently/temporarily allow
TB to use the existing keychain 
login info when sending an email).

I'm on Snow Leopard 10.6.3 and TB 3.0.4 and I think you should be able to
easily reproduce the above issue 
by removing your IMAP login info from your keychain, configuring the
account in Apple Mail and then trying to 
access it with TB, but please let me know if you need more info.

Thanks for your work.

----------------------------
Comment 1 by project member jfitzell , May 27, 2010
As a possible workaround, what happens if you delete the keychain entry and 
create it
again with TB? Does Apple Mail use TB's entry ok?

I'll definitely try to take a look at this, but as I said in the other issue, 
it may
not be until next month. Sorry about that.

--------------------------
Comment 2 by marco... , May 27, 2010
I deleted the Apple Mail IMAP account keychain entry and I restarted TB and let 
him create the keychain entry, 
it worked fine.

Then I restarted Apple Mail and it asked me for my IMAP account login info, so 
it appears it couldn't reuse the 
entry created by TB.

So I let Apple Mail create its keychain entry and the only difference with the 
entry created by TB seems to be 
the name of the entry:

TB: imap.gmail.com (myname@mydomain.com)
Apple Mail: imap.gmail.com

It wouldn't bother me to keep those "duplicate" entries if both Apple Mail and 
TB worked fine, but after the 
Apple Mail created its keychain entry, TB cannot connect to my IMAP account 
anymore: same problem as 
before with just the Apple Mail entry, it looks like TB will pick up that entry 
than its and stop there with that 
error.

-------------------------------------
Comment 3 by project member jfitzell , May 27, 2010
Nice of Apple to be inconsistent between Mail and Safari. :S Ok, thanks... I'll 
take
a look when I can.
=====================================

Original issue reported on code.google.com by jfitz...@gmail.com on 12 Aug 2012 at 9:32

GoogleCodeExporter commented 9 years ago 
I think the issue is that Mozilla doesn't seem to parse IMAP URLs with port 
numbers in them (https://bugzilla.mozilla.org/show_bug.cgi?id=902688)

Not sure they'll fix that though, so I'm working on a workaround...

Original comment by jfitz...@gmail.com on 8 Aug 2013 at 12:02

GoogleCodeExporter commented 9 years ago 
Ok, I think I have this working. Feel free to give the attached version a try, 
though please backup your keychains first as I haven't tested it very 
thoroughly.

Original comment by jfitz...@gmail.com on 9 Aug 2013 at 10:58

Attachments:

GoogleCodeExporter commented 9 years ago

Original comment by jfitz...@gmail.com on 5 Aug 2014 at 5:44

GoogleCodeExporter commented 9 years ago 
Just adding a note of some test code I was using while working on this:

// Look up an IMAP password knowing the username:
Components.utils.import('resource://macos-keychain/KeychainServices.jsm');Compon
ents.utils.import('resource://macos-keychain/frameworks/Security.jsm');KeychainS
ervices.findInternetPasswords('the_username', null, null, null, 
Security.kSecAuthenticationTypeDefault, null).length;

// Try parsing with the IOService:
Components.classes['@mozilla.org/network/io-service;1'].getService(Components.in
terfaces.nsIIOService).newURI('imap://imap.gmail.com:143',null,null).host

// Try parsing with a StandardURL:
Components.classes["@mozilla.org/network/standard-url;1"].createInstance(Compone
nts.interfaces.nsIStandardURL).init(1, 143, 'imap://imap.gmail.com/',null,null)

Original comment by jfitz...@gmail.com on 5 Aug 2014 at 7:46