diff --git a/r5dev/thirdparty/curl/strcase.c b/r5dev/thirdparty/curl/strcase.c
index a74a4be5..6e581ce6 100644
--- a/r5dev/thirdparty/curl/strcase.c
+++ b/r5dev/thirdparty/curl/strcase.c
@@ -164,6 +164,16 @@ void Curl_strntoupper(char *dest, const char *src, size_t n)
   } while(*src++ && --n);
 }
 
+/* Compare case-sensitive NUL-terminated strings, taking care of possible
+ * null pointers. Return true if arguments match.
+ */
+bool Curl_safecmp(char *a, char *b)
+{
+  if(a && b)
+    return !strcmp(a, b);
+  return !a && !b;
+}
+
 /* --- public functions --- */
 
 int curl_strequal(const char *first, const char *second)
diff --git a/r5dev/thirdparty/curl/strcase.h b/r5dev/thirdparty/curl/strcase.h
index ea2abc8b..7174aedb 100644
--- a/r5dev/thirdparty/curl/strcase.h
+++ b/r5dev/thirdparty/curl/strcase.h
@@ -48,4 +48,6 @@ char Curl_raw_toupper(char in);
 void Curl_strntoupper(char *dest, const char *src, size_t n);
 char Curl_raw_toupper(char in);
 
+bool Curl_safecmp(char *a, char *b);
+
 #endif /* HEADER_CURL_STRCASE_H */
diff --git a/r5dev/thirdparty/curl/url.c b/r5dev/thirdparty/curl/url.c
index 099e919b..a68ae14d 100644
--- a/r5dev/thirdparty/curl/url.c
+++ b/r5dev/thirdparty/curl/url.c
@@ -3640,7 +3640,8 @@ ConnectionExists(struct Curl_easy *data,
         /* This protocol requires credentials per connection,
            so verify that we're using the same name and password as well */
         if(strcmp(needle->user, check->user) ||
-           strcmp(needle->passwd, check->passwd)) {
+           strcmp(needle->passwd, check->passwd) ||
+           !Curl_safecmp(needle->oauth_bearer, check->oauth_bearer)) {
           /* one of them was different */
           continue;
         }