Closed Bug 294457 Opened 17 years ago Closed 16 years ago
Download of S/MIME certificates via LDAP uses anonymous bind although LDAP configured with credentials
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4 Build Identifier: version 1.0.2 (20050317) I have an LDAP server configured for addressing in TB 1.0.2 and address expansion correctly works against this server; credentials (bind DN and bind Password) are sent to the directory server. When composing a message, if I choose to encrypt the message and then press on the SECURITY button, TB announces the certificate status as "Not found". The reason for this is that at this moment, TB performs an anonymous bind to the LDAP directory. Reproducible: Always Steps to Reproduce: 1. Configure address auto-completion with an LDAP directory server 2. Use an account which requires a Bind DN 3. Compose a new message and select an entry returned from the LDAP server 4. Choose "encrypt this message" 5. Press the Security icon Actual Results: no certificates are returned. Expected Results: The LDAP search is performed with an empty bind-DN and should have used the configured credentials. Logs of the OpenLDAP slapd: slapd: conn=11 op=0 BIND dn="" method=128 slapd: conn=11 op=0 RESULT tag=97 err=0 text= slapd: conn=11 op=1 SRCH base="ou=People,dc=example,dc=com" scope=2 deref=0 filter="(firstname.lastname@example.org))" slapd: conn=11 op=1 SRCH attr=usercertificate;binary slapd: conn=11 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= slapd: conn=11 op=2 UNBIND
Bug still exists in Thunderbird 1.5beta1
Confirm for version 1.5 (20051201)
confirmed with Thunderbird version 184.108.40.206 (20060308) 1. made test with ADS (needs authenication/credentials) -> address resolving works, but not certificate can be fetched 2. LDAP with anonymous bind -> address matching works, certificate fetching works the same user and certificate is used in both directories.
This should be fixed latest development versions with a check in for bug 332483. Could you attempt a nightly development build of Thunderbird from the 1.8 branch?
*** This bug has been marked as a duplicate of 332483 ***
Status: UNCONFIRMED → RESOLVED
Closed: 16 years ago
Resolution: --- → DUPLICATE
tried nightly build TB version 220.127.116.11 (20061107). Still not working.... Its now not working with anonymous AND with credential (ADS) bind. Tried anonymous LDAP Server on port 4812 (Netscape Directory) and normal Windows Active Directory (Windows 2k3 Domain). address matching worked, no certificates found at all.
Re Comment 6: Bug 332483 was fixed on the 1.8 Branch, which means the fix will be included in Thunderbird 2 at earliest (as the next release).
You need to log in before you can comment on or make changes to this bug.