Bug 851089

Summary: SSL protocol errros in Thunderbird 17 should give feedback to the user
Product: Red Hat Enterprise Linux 6 Reporter: Kai Engert (:kaie) (inactive account) <kengert>
Component: thunderbirdAssignee: Martin Stransky <stransky>
Status: CLOSED WONTFIX QA Contact: Desktop QE <desktop-qa-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.4CC: eparis, jhorak, kengert, rrelyea, stransky
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: [new summary comment 6]
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-10-20 11:23:17 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
patch v4 (same as attached upstream)
none
test addon
none
patch v9 for Mozilla 17 none

Description Kai Engert (:kaie) (inactive account) 2012-08-23 08:41:32 UTC 
Upstream Thunderbird 17 ESR will (most likely) not contain any kind of user feedback for SSL protocol errors, leaving the user with the impression that Thunderbird is broken.

Upstream was unwilling to accept any of my reasonable compromises to get such error reporting enabled.

As a minimal solution, to minimize the burden of our support teams, I propose that we add error console logging to our RHEL builds.

I've attached a patch to 
https://bugzilla.mozilla.org/show_bug.cgi?id=783974

The final patch might have to be slightly different, depending on whether upstream accepts the localizable string or not.

I think this patch should be added (at least) to Thunderbird, but no harm will be caused if we apply it to Firefox and XulRunner, too.

I propose this patch for all branches that ship TB/FF 17 ESR.
Comment 2 Kai Engert (:kaie) (inactive account) 2012-08-23 10:50:02 UTC 
Created attachment 606511 [details]
patch v4 (same as attached upstream)

Let's just use a patch that doesn't require further discussions upstream. I've made a patch that uses an embedded, non-localizable english string. That should be sufficient for error logging purposes.

Bob, could you please review?

I'm proposing this patch for Thunderbird; hwoever it's fine to add it to XulRunner/Firefox, too, if package maintainers want it.
Comment 3 Kai Engert (:kaie) (inactive account) 2012-08-23 10:51:05 UTC 
FYI, Martin said he is interested to have this patch, and he will manage the patch, once the patch has r+
Comment 4 Martin Stransky 2012-08-23 10:55:54 UTC 
Yes, we'd like to use this patch for Thunderbird 17 ESR. The r+ would be great.
Comment 5 Kai Engert (:kaie) (inactive account) 2012-08-23 10:59:07 UTC 
Created attachment 606512 [details]
test addon

This addon can be used for testing purpose.

It will start by loading several documents in the background (invisible).
Have a look at the error console.

With upstream Mozilla, nothing happens.
With patch applied, you should see console messages.

(Set the filter to "messages", not errors, not warnings).


The following is only relevant if addon gets installed into a browser (Firefox):

After 30 seconds, the addon will open several tabs and load pages that will result in errors. This is just for sanity purposes, to ensure our patching doesn't break the messages shown in the error pages. I've already performed the testing on my own, and things look good.
Comment 6 Kai Engert (:kaie) (inactive account) 2012-09-24 12:12:20 UTC 
Since I had filed this bug, the situation has changed.

Upstream Mozilla added the error console logging to the shared Mozilla 17 code, it will be effective in both Thunderbird 17 and Firefox 17.

However, since errors are not discoverable by users (unless they know to search in the error console), the situation is still unsatisfying, and I don't expect a solution for upstream version 17.

Because of that, I propose to add a patch to Thunderbird 17 in RHEL that will bring back the error reporting prompts (the patch was rejected upstream).

The code to be patched lives in the code that is usually common to both Firefox and Xulrunner. This means, the suggested approach works, only, if Thunderbird builds its own private binary of Gecko. But that appears to be the situation, already.

I'm changing the bug description accordingly.

The patch v9 was taken from upstream 785426.

I propose this approach for any RHEL branch that ships Thunderbird 17.
(Should we clone this bug for RHEL 5.x ?)
Comment 7 Kai Engert (:kaie) (inactive account) 2012-09-24 12:15:01 UTC 
Created attachment 616533 [details]
patch v9 for Mozilla 17
Comment 8 RHEL Program Management 2012-12-14 08:27:24 UTC 
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Comment 9 Martin Stransky 2014-10-20 10:58:06 UTC 
Kai, do you know if we still need this one in Thunderbird, to provide user info about broken certificate?
Comment 10 Kai Engert (:kaie) (inactive account) 2014-10-20 11:23:17 UTC 
Given that nobody paid attention to this during the previous 2 years, and given that the world has continued to rotate, maybe we can close the bug...