From f14fabcefb45790175e209ef8ae394def4a805e9 Mon Sep 17 00:00:00 2001
From: Albert Astals Cid <aacid@kde.org>
Date: Fri, 10 Dec 2021 21:55:13 +0100
Subject: [PATCH] POP3: Fix SSL connections

We need to go into ssl before trying to read from the socket, otherwise
nothing works

BUGS: 446751
---
 resources/pop3/pop3protocol.cpp | 72 ++++++++++++++++++++-------------
 resources/pop3/pop3protocol.h   |  2 +
 2 files changed, 45 insertions(+), 29 deletions(-)

diff --git a/resources/pop3/pop3protocol.cpp b/resources/pop3/pop3protocol.cpp
index c2d01d33a..15971919e 100644
--- a/resources/pop3/pop3protocol.cpp
+++ b/resources/pop3/pop3protocol.cpp
@@ -535,6 +535,39 @@ Result POP3Protocol::loginPASS()
     return Result::pass();
 }
 
+Result POP3Protocol::startSsl()
+{
+    mSocket->ignoreSslErrors(); // Don't worry, errors are handled manually below
+    mSocket->startClientEncryption();
+    const bool encryptionStarted = mSocket->waitForEncrypted(s_connectTimeout);
+
+    const QSslCipher cipher = mSocket->sessionCipher();
+    const QList<QSslError> errors = mSocket->sslHandshakeErrors();
+    if (!encryptionStarted || !errors.isEmpty() || !mSocket->isEncrypted() || cipher.isNull() || cipher.usedBits() == 0) {
+        QString errorString = std::accumulate(errors.begin(), errors.end(), QString(), [](QString cur, const QSslError &error) {
+            if (!cur.isEmpty())
+                cur += QLatin1Char('\n');
+            cur += error.errorString();
+            return cur;
+        });
+
+        qCDebug(POP3_LOG) << "Initial SSL handshake failed. cipher.isNull() is" << cipher.isNull() << ", cipher.usedBits() is" << cipher.usedBits()
+                          << ", the socket says:" << mSocket->errorString() << "and the SSL errors are:" << errorString;
+        mContinueAfterSslError = false;
+        Q_EMIT sslError(KSslErrorUiData(mSocket));
+        if (!mContinueAfterSslError) {
+            if (errorString.isEmpty())
+                errorString = mSocket->errorString();
+            qCDebug(POP3_LOG) << "TLS setup has failed. Aborting." << errorString;
+            closeConnection();
+            return Result::fail(ERR_SSL_FAILURE, i18n("SSL/TLS error: %1", errorString));
+        }
+    } else {
+        qCDebug(POP3_LOG) << "TLS has been enabled.";
+    }
+    return Result::pass();
+}
+
 Result POP3Protocol::openConnection()
 {
     m_try_apop = mSettings.authenticationMethod() == MailTransport::Transport::EnumAuthenticationType::APOP;
@@ -560,6 +593,13 @@ Result POP3Protocol::openConnection()
             return Result::fail(mSocket->error(), errorString);
         }
 
+        if (mSettings.useSSL()) {
+            const Result res = startSsl();
+            if (!res.success) {
+                return res;
+            }
+        }
+
         mConnected = true;
 
         greeting_buf = new char[GREETING_BUF_LEN];
@@ -608,35 +648,9 @@ Result POP3Protocol::openConnection()
                                          "was unsuccessful.\nYou can "
                                          "disable TLS in the POP account settings dialog."));
             }
-        }
-        if (mSettings.useSSL() || mSettings.useTLS()) {
-            mSocket->ignoreSslErrors(); // Don't worry, errors are handled manually below
-            mSocket->startClientEncryption();
-            const bool encryptionStarted = mSocket->waitForEncrypted(s_connectTimeout);
-
-            const QSslCipher cipher = mSocket->sessionCipher();
-            const QList<QSslError> errors = mSocket->sslHandshakeErrors();
-            if (!encryptionStarted || !errors.isEmpty() || !mSocket->isEncrypted() || cipher.isNull() || cipher.usedBits() == 0) {
-                QString errorString = std::accumulate(errors.begin(), errors.end(), QString(), [](QString cur, const QSslError &error) {
-                    if (!cur.isEmpty())
-                        cur += QLatin1Char('\n');
-                    cur += error.errorString();
-                    return cur;
-                });
-
-                qCDebug(POP3_LOG) << "Initial SSL handshake failed. cipher.isNull() is" << cipher.isNull() << ", cipher.usedBits() is" << cipher.usedBits()
-                                  << ", the socket says:" << mSocket->errorString() << "and the SSL errors are:" << errorString;
-                mContinueAfterSslError = false;
-                Q_EMIT sslError(KSslErrorUiData(mSocket));
-                if (!mContinueAfterSslError) {
-                    if (errorString.isEmpty())
-                        errorString = mSocket->errorString();
-                    qCDebug(POP3_LOG) << "TLS setup has failed. Aborting." << errorString;
-                    closeConnection();
-                    return Result::fail(ERR_SSL_FAILURE, i18n("SSL/TLS error: %1", errorString));
-                }
-            } else {
-                qCDebug(POP3_LOG) << "TLS has been enabled.";
+            const Result res = startSsl();
+            if (!res.success) {
+                return res;
             }
         }
 
diff --git a/resources/pop3/pop3protocol.h b/resources/pop3/pop3protocol.h
index 9b40b334f..d01f7ab7a 100644
--- a/resources/pop3/pop3protocol.h
+++ b/resources/pop3/pop3protocol.h
@@ -127,6 +127,8 @@ private:
      */
     Q_REQUIRED_RESULT Result loginPASS();
 
+    Q_REQUIRED_RESULT Result startSsl();
+
     const Settings &mSettings;
     QSslSocket *const mSocket;
     unsigned short int m_iPort;
-- 
GitLab