From: Stefan Eissing <stefan@eissing.org>
Date: Mon, 15 Jul 2024 09:33:58 +0000 (+0200)
Subject: smtp: for starttls, do full upgrade
X-Git-Tag: curl-8_9_0~45
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f4b8b976b4e8b56050fab353f2ac61e77bbc12b6;p=thirdparty%2Fcurl.git

smtp: for starttls, do full upgrade

- make sure the TLS handshake after a successful STARTTLS command is
  fully done before further sending/receiving on the connection.

Reported-by: tomy2105 on github
Fixes #14166
Closes #14190
---

diff --git a/lib/smtp.c b/lib/smtp.c
index ec75998245..5ee1b5ea37 100644
--- a/lib/smtp.c
+++ b/lib/smtp.c
@@ -1202,6 +1202,7 @@ static CURLcode smtp_statemachine(struct Curl_easy *data,
   size_t nread = 0;
 
   /* Busy upgrading the connection; right now all I/O is SSL/TLS, not SMTP */
+upgrade_tls:
   if(smtpc->state == SMTP_UPGRADETLS)
     return smtp_perform_upgrade_tls(data);
 
@@ -1238,6 +1239,10 @@ static CURLcode smtp_statemachine(struct Curl_easy *data,
 
     case SMTP_STARTTLS:
       result = smtp_state_starttls_resp(data, smtpcode, smtpc->state);
+      /* During UPGRADETLS, leave the read loop as we need to connect
+       * (e.g. TLS handshake) before we continue sending/receiving. */
+      if(!result && (smtpc->state == SMTP_UPGRADETLS))
+        goto upgrade_tls;
       break;
 
     case SMTP_AUTH: