Closed Bug 1052102 Opened 10 years ago Closed 10 years ago

Thunderbird 31.0 seems to be unable to read any Mail via SSH Tunnel.

Categories

(Thunderbird :: Untriaged, defect)

Product:
Thunderbird
Component:
Untriaged
Version:
31 Branch
Platform:
x86_64
Windows 7
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1036338

People

(Reporter: t318671, Unassigned)

Details

(Keywords: regression) 

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0 (Beta/Release)
Build ID: 20140716183446

Steps to reproduce:

For some years I connect my Thunderbird with the IMAP Server of my employer via a SSH Tunnel created and held by plink.exe from the putty package. I can provide the tunnel data if needed.


Actual results:

Since I installed TB 31.0 it can't read any mail from that server. The bottom status line shows "<my mail account name>: Connected to localhost..." (translated from German) and the progress bar right bottom is fully green (both permanently). But the mail text window remains completely empty. No error message appearing.


Expected results:

The status line should get empty, the progress bar should disappear, and the mail text should appear in the window.
If you can read German, see my threat at the thunderbird forum on this problem:

http://www.thunderbird-mail.de/forum/viewtopic.php?f=31&t=67344
Does the IMAP server use a self signed cert perhaps? 
If so, try setting security.use_mozillapkix_verification false
Keywords: regression
(In reply to Magnus Melin from comment #2)
> Does the IMAP server use a self signed cert perhaps? 
Yes, it does.

> If so, try setting security.use_mozillapkix_verification false
And yes, this was it.

But now I have some more questions: What does security.use_mozillapkix_verification mean?
Is it new in TB 31?
Why is it established?
And what do I risk setting it to false?

Thanks for your help
t318671
What's new is that as of 31 firefox (and thunderbird) by default use a new certificate verification library. Setting that pref to false means you use the library used ealier - so there is no real practical risk to setting it. See https://wiki.mozilla.org/SecurityEngineering/Certificate_Verification

That it silently fails is a bug though, and that should be fixed. As of version 33 the pref is no longer available...
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → DUPLICATE
(In reply to Magnus Melin from comment #4)
> What's new is that as of 31 firefox (and thunderbird) by default use a new
> certificate verification library. Setting that pref to false means you use
> the library used ealier - so there is no real practical risk to setting it.
> See https://wiki.mozilla.org/SecurityEngineering/Certificate_Verification
> 
> That it silently fails is a bug though, and that should be fixed. As of
> version 33 the pref is no longer available...
And then with TB 33 I and all others will have the same problem again? And what must be done then?

> 
> *** This bug has been marked as a duplicate of bug 1036338 ***
I read this. But I don't understand most of that. Seems the problem isn't resolved yet really.
Yes that bug is still open, but the next general release of thunderbird (thunderbird 38) is far off so hopefully the bug gets fixed by then.
Ah, you mean, TB 31 will not update to TB 33 automatically?
Correct.
You need to log in before you can comment on or make changes to this bug.