Closed haarp closed 5 months ago
Ok, I just observed the auth stalling problem with password auth too.
Thunderbird log:
console.debug: mailnews.pop3.3: "Connecting to pop://pop.gmx.net:995"
console.debug: mailnews.pop3.3: "Connected"
console.debug: mailnews.pop3.3: "S: +OK POP server ready H migmx107 1N2SL1-1rHBt41CNr-013ggT\r\n"
console.debug: mailnews.pop3.3: "C: CAPA"
console.debug: mailnews.pop3.3: "S: +OK Capability list follows\r\nTOP\r\nUIDL\r\nUSER\r\nSASL PLAIN\r\nIMPLEMENTATION trinity\r\n.\r\n"
console.debug: mailnews.pop3.3: "Possible auth methods: USERPASS,PLAIN"
console.debug: mailnews.pop3.3: "Current auth method: USERPASS"
console.debug: mailnews.pop3.3: "C: USER a@b.c"
console.debug: mailnews.pop3.3: "S: +OK password required for user \"a@b.c\"\r\n"
... nothing happening for a while ...
console.error: mailnews.pop3.3: "NetworkTimeoutError: a Network error occurred"
console.debug: mailnews.pop3.3: "Connection closed."
console.debug: mailnews.pop3.3: "Connecting to pop://pop.gmx.net:995"
console.error: mailnews.pop3.3: "SecurityError info: "
console.debug: mailnews.pop3.3: "Done with status=2152398862"
console.debug: mailnews.pop3.3: "Connected"
console.debug: mailnews.pop3.3: "Connection closed."
Addon log (that's all):
2023-11-30 15:28:20.785: got credential request:
Object { host: "pop3://pop.gmx.net", login: "a@b.c", loginChangeable: false, openChoiceDialog: true }
main.js:26:11
Hmm, I seem to be getting closer to a reproduction.
I disabled all automatic mail fetching, restarted Thunderbird, and test the accounts one-by-one.
Thunderbird log:
console.debug: mailnews.pop3.6: "Connecting to pop://outlook.office365.com:995"
console.debug: mailnews.pop3.6: "Connected"
console.debug: mailnews.pop3.6: "S: +OK The Microsoft Exchange POP3 service is ready. [...]\r\n"
console.debug: mailnews.pop3.6: "C: CAPA"
console.debug: mailnews.pop3.6: "S: +OK\r\nTOP\r\nUIDL\r\nSASL PLAIN XOAUTH2\r\nUSER\r\n.\r\n"
console.debug: mailnews.pop3.6: "Possible auth methods: XOAUTH2"
console.debug: mailnews.pop3.6: "Current auth method: XOAUTH2"
console.debug: mailnews.pop3.6: "C: AUTH XOAUTH2"
console.debug: mailnews.pop3.6: "S: + \r\n"
... nothing happens for 60 seconds ...
console.debug: mailnews.pop3.6: "S: -ERR Connection is closed. 12\r\n"
console.debug: mailnews.pop3.6: "Connection closed."
console.debug: mailnews.pop3.6: "Done with status=0"
KXC-Mail Log:
2023-11-30 20:04:40.401: Use saved native application de.kkapsner.keepassxc_mail main.js:26:11
KeePassXC-Mail: Connecting to native messaging host de.kkapsner.keepassxc_mail client.js:317:13
KeePassXC-Mail: Server public key: ...
2023-11-30 20:05:57.759: got credential request: Object { login: "a@b.c", host: "oauth://login.microsoftonline.com", openChoiceDialog: true } main.js:26:11
2023-11-30 20:05:57.896: keepassXC provided 1 logins main.js:26:11
2023-11-30 20:05:57.900: Use last selected entry for a@b.c@oauth://login.microsoftonline.com main.js:26:11
2023-11-30 20:05:58.483: Got new password for a@b.c at oauth://login.microsoftonline.com main.js:26:11
2023-11-30 20:05:58.626: Use last store at entry for a@b.c@oauth://login.microsoftonline.com main.js:26:11
2023-11-30 20:05:58.628: Get or create password group main.js:26:11
2023-11-30 20:05:58.819: Saving password to database for a@b.c at oauth://login.microsoftonline.com main.js:26:11
2023-11-30 20:05:58.820: Using uuid: faead8b364354cb1a3293ee1332b0932
edit:
I reset the mapping with Clear storage of selected entries
. Now KXC-Mail asks me "Do you want to save the entered password for a@b.c on oauth://login.microsoftonline.com to the KeePass database?", despite the entry already existing.
I probably ticked "Do not ask again" at some point in the past, hence why it consistently failed. In any case, it's clear that whatever bug causes it to detect "new" credentials also causes the auth stall bug.
Sorry for the late answer... was very busy in December.
I think I see the problem... Please check if you have a confirmation dialog in KeePassXC to overwrite the existing password entry. I do not see "Saving done" in the output of your log. So the new token is sent to KeePassXC but this communication fails at some point.
Office 365 really updates the token every time - so we have to update it very often. I would recommend to have a look at the KeePassXC advanced browser integration setting "Never ask before updating credentials" (https://keepassxc.org/docs/KeePassXC_UserGuide#_advanced_usage)
Also sorry for the delay, just got around to testing this.
You're right! At least in this instance, the extension blocks because it cannot save the credentials. KeepassXC is not showing me any confirmation prompt, but enabling Never ask before updating credentials
seems to solve it! 💪 Now I'm getting Saving done
and auth succeeds.
Thunderbird needs to be restarted if it ran into an auth stall once, as it doesn't seem to recover on its own.
It's probably a good idea to add some kind of timeout here, and gracefully handle credentials not being able to be saved. It's also odd that KeepassXC does not show any dialog.
On top of the Never ask before updating credentials, is there a way to select a default database? I keep getting a request to select on which Keepassxc database I should save the credentials?
I did not find a setting for that. Maybe open a ticket in the keepassXC repository to request it.
Description
Hello!
I've been using this extension for a few months now. I eventually got it working reasonably well using POP3 mailboxes, some of which used OAuth. I was pretty happy with it, so thanks a lot for making this! :)
Since then I have upgraded Thunderbird to 115. This addon kept working, until MS Office 365 invalidated my refresh token (which is BS because it was actively being used, to fetch mail!):
Of course Thunderbird being Thunderbird, it never notified me. So I deleted the entry from KeepassXC and Thunderbird opened up the website to fetch a new one. That's when bugs started piling up. To name a few:
signon.rememberSignons=false
could prevent thatyes
would notSo I pressed
Clear storage of selected entries
in this addon's settings. This "storage" seems to be a mapping between KeePass entries and mail accounts, correct? That's when all my mail accounts started breaking randomly and irreparably.mailnews.pop3.loglevel=All
:and just sit there until the connection is closed, then log:
which definitely was not a network timeout! Worse, Thunderbird typically will not notify the user when it can't fetch mail.
Expected Behaviour
Current Behaviour
See above
Possible Solution
Kick Thunderbird in the butt :)
Steps to Reproduce (for bugs)
mailnews.pop3.loglevel=All
to get usable logsContext
I'm unable to use Thunderbird with this extension at the moment. Every time TB starts, bugs and prompts keep popping up. I eventually created a new Thunderbird profile, hoping it would fix things. It didn't. For now, I've given up on this extension, but I'll be happy to help and test in any way I can!
I couldn't find how to get the extension's own console log, but will Show some logs from it once I know how.
Your Environment