From f545af934a17f428fd378b361e293eed1bcd835b Mon Sep 17 00:00:00 2001 From: Kawe Mazidjatari <48657826+Mauler125@users.noreply.github.com> Date: Tue, 13 Jun 2023 11:38:31 +0200 Subject: [PATCH] Fix CVE-2021-22946 Merge: curl/curl@364f174724ef11 --- r5dev/thirdparty/curl/ftp.c | 9 ++++++--- r5dev/thirdparty/curl/imap.c | 23 +++++++++-------------- r5dev/thirdparty/curl/pop3.c | 33 ++++++++++++++------------------- 3 files changed, 29 insertions(+), 36 deletions(-) diff --git a/r5dev/thirdparty/curl/ftp.c b/r5dev/thirdparty/curl/ftp.c index d481b57a..84f9db90 100644 --- a/r5dev/thirdparty/curl/ftp.c +++ b/r5dev/thirdparty/curl/ftp.c @@ -2664,9 +2664,12 @@ static CURLcode ftp_statemach_act(struct connectdata *conn) /* we have now received a full FTP server response */ switch(ftpc->state) { case FTP_WAIT220: - if(ftpcode == 230) - /* 230 User logged in - already! */ - return ftp_state_user_resp(conn, ftpcode, ftpc->state); + if(ftpcode == 230) { + /* 230 User logged in - already! Take as 220 if TLS required. */ + if(data->set.use_ssl <= CURLUSESSL_TRY || + conn->ssl[FIRSTSOCKET].use) + return ftp_state_user_resp(conn, ftpcode, ftpc->state); + } else if(ftpcode != 220) { failf(data, "Got a %03d ftp-server response when 220 was expected", ftpcode); diff --git a/r5dev/thirdparty/curl/imap.c b/r5dev/thirdparty/curl/imap.c index aa505460..8259e1ce 100644 --- a/r5dev/thirdparty/curl/imap.c +++ b/r5dev/thirdparty/curl/imap.c @@ -918,22 +918,17 @@ static CURLcode imap_state_capability_resp(struct connectdata *conn, line += wordlen; } } - else if(imapcode == 'O') { - if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) { - /* We don't have a SSL/TLS connection yet, but SSL is requested */ - if(imapc->tls_supported) - /* Switch to TLS connection now */ - result = imap_perform_starttls(conn); - else if(data->set.use_ssl == CURLUSESSL_TRY) - /* Fallback and carry on with authentication */ - result = imap_perform_authentication(conn); - else { - failf(data, "STARTTLS not supported."); - result = CURLE_USE_SSL_FAILED; - } + else if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) { + if(imapcode == 'O' && imapc->tls_supported) { + /* Switch to TLS connection now */ + result = imap_perform_starttls(conn); } - else + else if(data->set.use_ssl <= CURLUSESSL_TRY) result = imap_perform_authentication(conn); + else { + failf(data, "STARTTLS not supported."); + result = CURLE_USE_SSL_FAILED; + } } else result = imap_perform_authentication(conn); diff --git a/r5dev/thirdparty/curl/pop3.c b/r5dev/thirdparty/curl/pop3.c index 3feb3be8..7c6c5999 100644 --- a/r5dev/thirdparty/curl/pop3.c +++ b/r5dev/thirdparty/curl/pop3.c @@ -761,28 +761,23 @@ static CURLcode pop3_state_capa_resp(struct connectdata *conn, int pop3code, } } } - else if(pop3code == '+') { - if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) { - /* We don't have a SSL/TLS connection yet, but SSL is requested */ - if(pop3c->tls_supported) - /* Switch to TLS connection now */ - result = pop3_perform_starttls(conn); - else if(data->set.use_ssl == CURLUSESSL_TRY) - /* Fallback and carry on with authentication */ - result = pop3_perform_authentication(conn); - else { - failf(data, "STLS not supported."); - result = CURLE_USE_SSL_FAILED; - } - } - else - result = pop3_perform_authentication(conn); - } else { /* Clear text is supported when CAPA isn't recognised */ - pop3c->authtypes |= POP3_TYPE_CLEARTEXT; + if(pop3code != '+') + pop3c->authtypes |= POP3_TYPE_CLEARTEXT; - result = pop3_perform_authentication(conn); + if(!data->set.use_ssl || conn->ssl[FIRSTSOCKET].use) + result = pop3_perform_authentication(conn); + else if(pop3code == '+' && pop3c->tls_supported) + /* Switch to TLS connection now */ + result = pop3_perform_starttls(conn); + else if(data->set.use_ssl <= CURLUSESSL_TRY) + /* Fallback and carry on with authentication */ + result = pop3_perform_authentication(conn); + else { + failf(data, "STLS not supported."); + result = CURLE_USE_SSL_FAILED; + } } return result;