http: do not treat FTPS over CONNECT as HTTPS

If we use FTPS over CONNECT, the TLS handshake for the FTPS control connection needs to be initiated in the SENDPROTOCONNECT state, not the WAITPROXYCONNECT state. Otherwise, if the TLS handshake completed without blocking, the information about the completed TLS handshake would be saved to a wrong flag. Consequently, the TLS handshake would be initiated in the SENDPROTOCONNECT state once again on the same connection, resulting in a failure of the TLS handshake. I was able to observe the failure with the NSS backend if curl ran through valgrind. Note that this commit partially reverts curl-7_21_6-52-ge34131d.
author: Kamil Dudka <kdudka@redhat.com> 2017-03-28 15:50:59 +0200
committer: Kamil Dudka <kdudka@redhat.com> 2017-03-28 17:04:16 +0200
commit: 2549831daaa3aef394f7b42e750cba1afae35642 (patch)
tree: 0ec74717a11ec74309966d950f7c95aa5636fade
parent: 452203341d6e97b8f52f9a886046d9fdb96346a9 (diff)
download: curl-2549831daaa3aef394f7b42e750cba1afae35642.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/http.c b/lib/http.c
index 0b680b2d6..22d454709 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -1369,7 +1369,7 @@ CURLcode Curl_http_connect(struct connectdata *conn, bool *done)
     /* nothing else to do except wait right now - we're not done here. */
     return CURLE_OK;
 
-  if(conn->given->flags & PROTOPT_SSL) {
+  if(conn->given->protocol & CURLPROTO_HTTPS) {
     /* perform SSL initialization */
     result = https_connecting(conn, done);
     if(result)
author	Kamil Dudka <kdudka@redhat.com>	2017-03-28 15:50:59 +0200
committer	Kamil Dudka <kdudka@redhat.com>	2017-03-28 17:04:16 +0200
commit	2549831daaa3aef394f7b42e750cba1afae35642 (patch)
tree	0ec74717a11ec74309966d950f7c95aa5636fade
parent	452203341d6e97b8f52f9a886046d9fdb96346a9 (diff)
download	curl-2549831daaa3aef394f7b42e750cba1afae35642.tar.gz