firemail

标题: 登录相关问题(安全例外等) [打印本页]

---

作者: hechengjin    时间: 2016-3-27 22:29
标题: 登录相关问题(安全例外等)


通过添加例外的方式解决：

imap.firemail.com.cn:993
smtp.firemail.com.cn:465
192.168.9.31


imap.firemail.com.cn:443 使用了无效的安全证书。

该证书因为未提供证书颁发链而不被信任。
The certificate is only valid for *.firemail.com

（错误码： sec_error_unknown_issuer）

ssl安装连接证书问题: https://support.mozilla.org/zh-CN/kb/configuring-certificates 证书类似于身份证，被用来加密或解密两站点之间传输的信息。配置如下： 个人证书可能包含个人标志信息，如你的名字和地址等。选择 自动选择，将不能控制谁有权访问你的证书。 https://support.mozilla.org/zh-CN/kb/add-security-exception 加密传输过程 采用SSL (Secure Sockets Layer)or  TLS (Transport Layer Security) 协议 如果程序不能确认证书的合法性，则会弹出 "Add Security Exception"对话框。 明文传输 不使用上面的传输协议时, 程序和邮件服务器之间的通信是不加密的消息，并因此可以被第三方截获和读取。 exceptionDialog.xul certViewer.xul

---

作者: hechengjin    时间: 2016-3-27 22:29

1. //针对私有协议的配置思路：
   
2. 1.继续时，直接调用接口，获取到账号所对应的imap地址、端口、加密方式的设置，然后直接在界面上显示设置，就不用再做猜测式匹配。
   
3. 2.上面配置完成后，直接进行登录验证（不安全的证书提示一下）。
   
4. 
   
5. 
   
6. 3.控制安全例外的触发和弹出活动
   
7. 触发：进行用户名和密码验证时，imap可通过verifyConfig函数触发，而smtp的js调用没有调通，只有发邮件时才触发。参考
   
8. //this.validate4badCert_IN();          //this.validate4badCert_OUT();
   
9. 弹出窗口的控制：
   
10. 
    
11. verifyConfig.js
    
12. notifyCertProblem: function(socketInfo, status, targetSite) {
    
13. me.informUserOfCertError(socketInfo, targetSite);
    
14. }
    
15. informUserOfCertError : function(socketInfo, targetSite) {
    
16. window.openDialog("chrome://pippki/content/exceptionDialog.xul",
    
17.                       "","chrome,centerscreen,modal", params);
    
18. }
    
19. 
    
20. 
    
21. // called by onHalfManualTest()
    
22.   validate4badCert_IN : function()
    
23.   {
    
24.     var configFilledIn = this.getConcreteConfig();
    
25. 
    
26. 
    
27.     var self = this;
    
28.     // logic function defined in verifyConfig.js
    
29.     verifyConfig(
    
30.       configFilledIn,
    
31.       // guess login config?
    
32.       configFilledIn.source != AccountConfig.kSourceXML,
    
33.       // TODO Instead, the following line would be correct, but I cannot use it,
    
34.       // because some other code doesn't adhere to the expectations/specs.
    
35.       // Find out what it was and fix it.
    
36.       //concreteConfig.source == AccountConfig.kSourceGuess,
    
37.       this._parentMsgWindow,
    
38.       function(successfulConfig) // success
    
39.       {
    
40.                  setTimeout(self.onHalfManualTest2(), 5000);
    
41.               
    
42.        /* self.stopSpinner(successfulConfig.incoming.password ?
    
43.                          "password_ok" : null);
    
44. 
    
45.         // the auth might have changed, so we
    
46.         // should back-port it to the current config.
    
47.         self._currentConfig.incoming.auth = successfulConfig.incoming.auth;
    
48.         self._currentConfig.outgoing.auth = successfulConfig.outgoing.auth;
    
49.         self._currentConfig.incoming.username = successfulConfig.incoming.username;
    
50.         self._currentConfig.outgoing.username = successfulConfig.outgoing.username;
    
51.         self.finish();*/
    
52.       },
    
53.       function(e) // failed
    
54.       {
    
55.               /*
    
56.         self.showErrorStatus("config_unverifiable");
    
57.         // TODO bug 555448: wrong error msg, there may be a 1000 other
    
58.         // reasons why this failed, and this is misleading users.
    
59.        // self.setError("passworderror", "user_pass_invalid");
    
60.         // TODO use switchToMode(), see above
    
61.         // give user something to proceed after fixing
    
62.         _enable("create_button");
    
63.         // hidden in non-manual mode, so it's fine to enable
    
64.         _enable("half-manual-test_button");
    
65.         _enable("advanced-setup_button");
    
66.         */
    
67.       });
    
68.   },
    
69. 
    
70.   validate4badCert_OUT : function()
    
71.   {
    
72.    // var configFilledIn = this.getConcreteConfig();
    
73. var configFilledIn = this.getUserConfig();
    
74.     var self = this;
    
75.     // logic function defined in verifyConfig.js
    
76.     verifyConfig_smtp(
    
77.       configFilledIn,
    
78.       // guess login config?
    
79.       configFilledIn.source != AccountConfig.kSourceXML,
    
80.       // TODO Instead, the following line would be correct, but I cannot use it,
    
81.       // because some other code doesn't adhere to the expectations/specs.
    
82.       // Find out what it was and fix it.
    
83.       //concreteConfig.source == AccountConfig.kSourceGuess,
    
84.       this._parentMsgWindow,
    
85.       function(successfulConfig) // success
    
86.       {
    
87.               alert("success");
    
88.                  //setTimeout(self.onHalfManualTest2(), 5000);
    
89.               
    
90.        /* self.stopSpinner(successfulConfig.incoming.password ?
    
91.                          "password_ok" : null);
    
92. 
    
93.         // the auth might have changed, so we
    
94.         // should back-port it to the current config.
    
95.         self._currentConfig.incoming.auth = successfulConfig.incoming.auth;
    
96.         self._currentConfig.outgoing.auth = successfulConfig.outgoing.auth;
    
97.         self._currentConfig.incoming.username = successfulConfig.incoming.username;
    
98.         self._currentConfig.outgoing.username = successfulConfig.outgoing.username;
    
99.         self.finish();*/
    
100.       },
     
101.       function(e) // failed
     
102.       {
     
103.               /*
     
104.         self.showErrorStatus("config_unverifiable");
     
105.         // TODO bug 555448: wrong error msg, there may be a 1000 other
     
106.         // reasons why this failed, and this is misleading users.
     
107.        // self.setError("passworderror", "user_pass_invalid");
     
108.         // TODO use switchToMode(), see above
     
109.         // give user something to proceed after fixing
     
110.         _enable("create_button");
     
111.         // hidden in non-manual mode, so it's fine to enable
     
112.         _enable("half-manual-test_button");
     
113.         _enable("advanced-setup_button");
     
114.         */
     
115.       });
     
116.   },
     
117. 
     
118. 
     
119. function verifyConfig_smtp(config, alter, msgWindow, successCallback, errorCallback)
     
120. {
     
121.   //config.outgoing.auth = 3;
     
122.   alert("verifyConfig_smtp");
     
123.   ddump(debugObject(config, "config", 3));
     
124.   assert(config instanceof AccountConfig,
     
125.          "BUG: Arg 'config' needs to be an AccountConfig object");
     
126.   assert(typeof(alter) == "boolean");
     
127.   assert(typeof(successCallback) == "function");
     
128.   assert(typeof(errorCallback) == "function");
     
129. 
     
130.   var smtpManager = Cc["@mozilla.org/messengercompose/smtp;1"].getService(Ci.nsISmtpService);
     
131.   //let username = config.outgoing.auth > 1 ? config.outgoing.username : null;
     
132.   let username = config.outgoing.username ;
     
133.    let outServer = smtpManager.findServer(username, config.outgoing.hostname);
     
134.    if (outServer)
     
135.    {
     
136.     errorCallback("outServer  exists");
     
137.     alert("outServer  exists");
     
138.     return;
     
139.   }
     
140.   outServer = smtpManager.createSmtpServer();
     
141.    outServer.hostname = config.outgoing.hostname;
     
142.   outServer.port = config.outgoing.port;
     
143.   outServer.authMethod = config.outgoing.auth;
     
144.    //if (config.outgoing.auth > 1)
     
145.   // {
     
146.   //  alert(222222);
     
147.      outServer.username = username;
     
148.      outServer.password = config.incoming.password;
     
149.      if (config.rememberPassword && config.incoming.password.length)
     
150.        rememberPassword(outServer, config.incoming.password);
     
151. //  }
     
152. 
     
153.    if (config.outgoing.socketType == 1) // no SSL
     
154.      outServer.socketType = Ci.nsMsgSocketType.plain;
     
155.    else if (config.outgoing.socketType == 2) // SSL / TLS
     
156.      outServer.socketType = Ci.nsMsgSocketType.SSL;
     
157.    else if (config.outgoing.socketType == 3) // STARTTLS
     
158.      outServer.socketType = Ci.nsMsgSocketType.alwaysSTARTTLS;
     
159. 
     
160.    // API problem: <http://mxr.mozilla.org/seamonkey ... tpServer.idl#93>
     
161.    outServer.description = config.displayName;
     
162.    if (config.password)
     
163.      outServer.password = config.outgoing.password;
     
164.   // hack - save away the old callbacks.
     
165.   let saveCallbacks = msgWindow.notificationCallbacks;
     
166.   // set our own callbacks - this works because verifyLogon will
     
167.   // synchronously create the transport and use the notification callbacks.
     
168.   let listener = new urlListener(config, outServer, alter, msgWindow,
     
169.                                  successCallback, errorCallback);
     
170. 
     
171.   // our listener listens both for the url and cert errors.
     
172.   msgWindow.notificationCallbacks = listener;
     
173.   // try to work around bug where backend is clearing password.
     
174.   try {
     
175.     outServer.password = config.outgoing.password;
     
176.     let uri = outServer.verifyLogon(listener, msgWindow);
     
177.     //smtpManager.verifyLogon(outServer, listener, msgWindow);
     
178.     // clear msgWindow so url won't prompt for passwords.
     
179.     //uri.QueryInterface(Ci.nsIMsgMailNewsUrl).msgWindow = null;
     
180.   }
     
181.   finally {
     
182.     // restore them
     
183.     msgWindow.notificationCallbacks = saveCallbacks;
     
184.   }
     
185. 
     
186. };
     

复制代码

---

欢迎光临 firemail (http://firemail.wang:8088/)

Powered by Discuz! X3