smtp: for starttls, do full upgrade

- make sure the TLS handshake after a successful STARTTLS command is fully done before further sending/receiving on the connection. Reported-by: tomy2105 on github Fixes #14166 Closes #14190
2024-07-15 11:33:58 +02:00 · 2024-07-15 11:33:58 +02:00 · f4b8b976b4
commit f4b8b976b4
parent 50a7602b78
1 changed files with 5 additions and 0 deletions
--- a/lib/smtp.c
+++ b/lib/smtp.c
@ -1202,6 +1202,7 @@ static CURLcode smtp_statemachine(struct Curl_easy *data,
  size_t nread = 0;

  /* Busy upgrading the connection; right now all I/O is SSL/TLS, not SMTP */
+upgrade_tls:
  if(smtpc->state == SMTP_UPGRADETLS)
    return smtp_perform_upgrade_tls(data);

@ -1238,6 +1239,10 @@ static CURLcode smtp_statemachine(struct Curl_easy *data,

    case SMTP_STARTTLS:
      result = smtp_state_starttls_resp(data, smtpcode, smtpc->state);
+      /* During UPGRADETLS, leave the read loop as we need to connect
+       * (e.g. TLS handshake) before we continue sending/receiving. */
+      if(!result && (smtpc->state == SMTP_UPGRADETLS))
+        goto upgrade_tls;
      break;

    case SMTP_AUTH: