Commit 60f73c69 authored by Volker Krause's avatar Volker Krause
Browse files

Move STARTTLS setup from LoginJob to Session

This is now done immediately after opening the connection, independent
of whether there is a LoginJob at all.

BUG: 423423
parent 77a36602
Pipeline #82343 passed with stage
in 6 minutes and 24 seconds
......@@ -115,22 +115,12 @@ LoginJob::AuthMode LoginJob::usedAuthMode() const
void LoginJob::doStart()
{
Q_D(LoginJob);
if (d->sessionInternal()->negotiatedEncryption() == QSsl::UnknownProtocol && d->m_session->encryptionMode() != Session::Unencrypted) {
qFatal("LoginJob started despite session not being encrypted!");
}
const auto negotiatedEnc = d->sessionInternal()->negotiatedEncryption();
if (negotiatedEnc != QSsl::UnknownProtocol || d->m_session->encryptionMode() == Session::Unencrypted) {
// Socket already encrypted, or no encryption requested: continue with authentication
if (!d->authenticate()) {
emitResult();
}
} else if (d->m_session->encryptionMode() == Session::STARTTLS) {
if (session()->allowsTls()) {
sendCommand(QByteArrayLiteral("STARTTLS"));
} else {
qCWarning(KSMTP_LOG) << "STARTTLS not supported by the server!";
setError(KJob::UserDefinedError);
setErrorText(i18n("STARTTLS is not supported by the server, try using SSL/TLS instead."));
emitResult();
}
if (!d->authenticate()) {
emitResult();
}
}
......@@ -141,19 +131,6 @@ void LoginJob::handleResponse(const ServerResponse &r)
// Handle server errors
handleErrors(r);
// Server accepts TLS connection
if (r.isCode(220)) {
d->sessionInternal()->startSsl();
return;
}
// Available authentication mechanisms
if (r.isCode(25) && r.text().startsWith("AUTH ")) { // krazy:exclude=strings
d->sessionInternal()->setAuthenticationMethods(r.text().remove(0, QByteArray("AUTH ").count()).split(' '));
d->authenticate();
return;
}
// Send account data
if (r.isCode(334)) {
if (d->m_actualAuthMode == Plain) {
......
......@@ -258,9 +258,22 @@ void SessionPrivate::responseReceived(const ServerResponse &r)
}
if (!r.isMultiline()) {
setState(Session::NotAuthenticated);
startNext();
if (m_encryptionMode == Session::STARTTLS && m_sslVersion == QSsl::UnknownProtocol) {
if (m_allowsTls) {
m_starttlsSent = true;
sendData(QByteArrayLiteral("STARTTLS"));
} else {
qCWarning(KSMTP_LOG) << "STARTTLS not supported by the server!";
q->quit();
}
} else {
setState(Session::NotAuthenticated);
startNext();
}
}
} else if (r.isCode(220) && m_starttlsSent) { // STARTTLS accepted
m_starttlsSent = false;
startSsl();
}
}
......
......@@ -84,6 +84,7 @@ private:
bool m_ehloRejected = false;
int m_size = 0;
bool m_allowsTls = false;
bool m_starttlsSent = false;
QStringList m_authModes;
QString m_customHostname;
};
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment