Open Bug 1204689 Opened 10 years ago Updated 3 years ago

Unable to add SSL exception during SSL connect to special (banned for HTTP) targets like IMAP, POP3 or SMTP

Categories

(Core :: Networking, defect, P5)

Product:
Core
Component:
Networking
Type:
defect

Tracking

()

Status:
UNCONFIRMED

People

(Reporter: dan+bugzilla.mozilla.org, Unassigned)

Details

(Whiteboard: [necko-would-take])

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0 SeaMonkey/2.35 Build ID: 20150827182544 Steps to reproduce: 1. IMAP POP3 or SMTP server with SSL running on standard port (those ports are banned for HTTPS access by default) with certificate issued by an untrusted CA 2. Configure Seamonkey to use such SSL IMAP/POP3/SMTP server. Try to connect to configured mailbox or SMTP server. Try to add security exception. Actual results: "Add Security Exception" dialog is fired because of certificate issued by unknown CA. Unfortunately, it's not possible to get certificate thus approve exception. It's because the target ports is banned for casual HTTPS access. "Add Security Exception" dialog honor such ban regardless it has been invoked in the context of special connection like SSL connection to IMAP/POP3/SMTP server (list of banned ports doesn't apply to such kind of connection). Workaround: Target port needs to be added to network.security.ports.banned.override. It can be removed once exception become approved. Expected results: "Add Security Exception" dialog should follow the same restriction as connection that raised it. If has been raised during setup of SSL connection to port X then such dialog should be allowed to connect to port X as well.
OS: Unspecified → All
Hardware: Unspecified → All
Whiteboard: [necko-would-take]
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P5
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.