Closed Bug 303952 Opened 15 years ago Closed 15 years ago
Security Error domain name mismatch is NOT an error if it's localhost
. (SSH tunnel)
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050322 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050322 I just got this error message: "Security error: Domain Name mismatch: You have attempted to establish a connection with localhost. However the security certificate presented belongs to "smtp.mymailserver.com". It is possible that someone may be trying to intercept your communication with this website...." Fair enough, except that this is only occurring because I am using SSH port forwarding via an untrusted WIFI network - thus I have told mozilla to talk to localhost, and my SSH tunnel is connecting to the mailserver. (And so Mozilla sees localhost with my mailserver's certificate - and complains). Unfortunately, there's no way to work around it, and I get this message every time I send mail, or when Moz checks for mail. And if it happens in a background window, Moz just freezes until I find and dismiss it. Reproducible: Always Steps to Reproduce: Set Mozilla up to send mail to: localhost:8025 Then, set up an ssh tunnel: ssh -L8025:smtp.mymailserver.com:25 firstname.lastname@example.org Can send mail, but Moz *always* complains. Expected Results: I'd like an option to ignore security errors that result from localhost. Or alternatively, a "don't ask me again" option for certain server/certificate mis-matches.
An ignore function is wontfix according to bug 205677 but Mozilla should only complain once per session. Do you get this every time or once per session ?
Assignee: dveditz → kaie.bugs
Component: Security → Security: UI
Product: Mozilla Application Suite → Core
QA Contact: seamonkey
Version: unspecified → 1.7 Branch
Unfortunately, I get this every time - every time I send messages, and worse, every time (ever 5 mins) when moz checks for mail, which causes the web-browser to inexplicably hang until I find - and dismiss - the warning in a different window. I can see the point about wontfixing the ignore, but presumably localhost could be an exception? There is no way that anyone could create a man-in-the-middle attack via localhost unless the localhost machine itself is compromised (in which case you have bigger problems). Furthermore, anyone who is checking mail on localhost probably knows what they are doing...
If we gave a free pass to localhost then you'd be vulnerable to someone redirecting smtp.mailserver.com traffic to fakemail.com. A workaround on your end would be to put smtp.mailserver.com in your hosts file as an alias for localhost and then leave your mail settings pointed at smtp.mailserver.com. If your mailserver already uses SSL (otherwise you wouldn't get the cert mismatch warning) then why do you need to tunnel over ssh?
Thank you for your reply. (#3). Your workaround (editing /etc/hosts) is a good suggestion. As for why I need to tunnel the connections: a)Not all mailservers (I have several accounts) are using SSL [b)From a privacy perspective, it's desirable not to leak any information, including the address of the mailserver itself. This way, I only need to identify a single machine.] > If we gave a free pass to localhost then you'd be vulnerable to someone > redirecting smtp.mailserver.com traffic to fakemail.com. I'm not sure I understand this. Surely, in order to be vulnerable to this, I'd already have to have a compromised localhost? And at that point, anything could happen (eg keystroke logging, TCP/IP redirection,copying etc)
IMHO we should not treat localhost different than other mismatches. However, you might be interested in the discussion in bug 228684 which asks for a mechanism to permanently remember allowed mismatches.
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.