diff options
Diffstat (limited to 'kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch')
-rw-r--r-- | kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch b/kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch new file mode 100644 index 000000000000..90d216b0b846 --- /dev/null +++ b/kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch @@ -0,0 +1,51 @@ +From 5aed4138567934c3be20cddb60fe6d7d4a10da0f Mon Sep 17 00:00:00 2001 +From: Volker Krause <vkrause@kde.org> +Date: Mon, 15 Nov 2021 18:18:28 +0100 +Subject: [PATCH] Treat SSL handshake errors as fatal also when using STARTTLS + +This fixes the infinite SSL error dialog loop also when using +STARTTLS, the previous fix was only effective for direct TLS +connections. + +CCBUG: 423424 +(cherry picked from commit cbd3a03bc1d2cec48bb97570633940bbf94c34fa) +--- + src/loginjob.cpp | 22 +++++++++------------- + 1 file changed, 9 insertions(+), 13 deletions(-) + +diff --git a/src/loginjob.cpp b/src/loginjob.cpp +index 7d53187..b5fbede 100644 +--- a/src/loginjob.cpp ++++ b/src/loginjob.cpp +@@ -552,19 +552,15 @@ void LoginJob::connectionLost() + { + Q_D(LoginJob); + +- // don't emit the result if the connection was lost before getting the tls result, as it can mean +- // the TLS handshake failed and the socket was reconnected in normal mode +- if (d->authState != LoginJobPrivate::StartTls) { +- qCWarning(KIMAP_LOG) << "Connection to server lost " << d->m_socketError; +- if (d->m_socketError == QAbstractSocket::SslHandshakeFailedError) { +- setError(KJob::UserDefinedError); +- setErrorText(i18n("SSL handshake failed.")); +- emitResult(); +- } else { +- setError(ERR_COULD_NOT_CONNECT); +- setErrorText(i18n("Connection to server lost.")); +- emitResult(); +- } ++ qCWarning(KIMAP_LOG) << "Connection to server lost " << d->m_socketError; ++ if (d->m_socketError == QAbstractSocket::SslHandshakeFailedError) { ++ setError(KJob::UserDefinedError); ++ setErrorText(i18n("SSL handshake failed.")); ++ emitResult(); ++ } else { ++ setError(ERR_COULD_NOT_CONNECT); ++ setErrorText(i18n("Connection to server lost.")); ++ emitResult(); + } + } + +-- +2.34.0 + |