Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch
diff options
context:
space:
mode:
Diffstat (limited to 'kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch')
-rw-r--r--kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch51
1 files changed, 51 insertions, 0 deletions
diff --git a/kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch b/kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch
new file mode 100644
index 000000000000..90d216b0b846
--- /dev/null
+++ b/kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch
@@ -0,0 +1,51 @@
+From 5aed4138567934c3be20cddb60fe6d7d4a10da0f Mon Sep 17 00:00:00 2001
+From: Volker Krause <vkrause@kde.org>
+Date: Mon, 15 Nov 2021 18:18:28 +0100
+Subject: [PATCH] Treat SSL handshake errors as fatal also when using STARTTLS
+
+This fixes the infinite SSL error dialog loop also when using
+STARTTLS, the previous fix was only effective for direct TLS
+connections.
+
+CCBUG: 423424
+(cherry picked from commit cbd3a03bc1d2cec48bb97570633940bbf94c34fa)
+---
+ src/loginjob.cpp | 22 +++++++++-------------
+ 1 file changed, 9 insertions(+), 13 deletions(-)
+
+diff --git a/src/loginjob.cpp b/src/loginjob.cpp
+index 7d53187..b5fbede 100644
+--- a/src/loginjob.cpp
++++ b/src/loginjob.cpp
+@@ -552,19 +552,15 @@ void LoginJob::connectionLost()
+ {
+ Q_D(LoginJob);
+
+- // don't emit the result if the connection was lost before getting the tls result, as it can mean
+- // the TLS handshake failed and the socket was reconnected in normal mode
+- if (d->authState != LoginJobPrivate::StartTls) {
+- qCWarning(KIMAP_LOG) << "Connection to server lost " << d->m_socketError;
+- if (d->m_socketError == QAbstractSocket::SslHandshakeFailedError) {
+- setError(KJob::UserDefinedError);
+- setErrorText(i18n("SSL handshake failed."));
+- emitResult();
+- } else {
+- setError(ERR_COULD_NOT_CONNECT);
+- setErrorText(i18n("Connection to server lost."));
+- emitResult();
+- }
++ qCWarning(KIMAP_LOG) << "Connection to server lost " << d->m_socketError;
++ if (d->m_socketError == QAbstractSocket::SslHandshakeFailedError) {
++ setError(KJob::UserDefinedError);
++ setErrorText(i18n("SSL handshake failed."));
++ emitResult();
++ } else {
++ setError(ERR_COULD_NOT_CONNECT);
++ setErrorText(i18n("Connection to server lost."));
++ emitResult();
+ }
+ }
+
+--
+2.34.0
+